Prosím o kontrolu - Sai

[Sainzik]

Prosím o kontrolu mého nově zakoupeného PC.

Zdá se mi že jsem tam omylem nainstaloval pár virů ((


předem moc děkuji.


Log RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by XDANCUMP at 2015-05-27 15:52:25
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 96 GB (41%) free of 234 GB
Total RAM: 8054 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:52:30, on 27.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\XDANCUMP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.hola.org
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E6F3810-D2B4-4B9A-8E92-734326B3914C}: NameServer = 195.27.1.1,10.0.0.138
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 12308 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 24350448
\??\C:\Windows\system32\conhost.exe "1328768021264548039440638882997177796961087566344818761150270798-1292260982
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe" --type=host --daemon-pipe=408
C:\Windows\Explorer.EXE
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
taskeng.exe {6595B361-E234-48EB-AECB-A3B7771049E5}
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe"
BtMon64.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\StikyNot.exe"

C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://www.kaspersky-help.com/?hl=en&ve ... nk=kvrtexe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3284.0.2131344221\725942343" --disable-breakpad --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,43 --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.723.2.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Disabled/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.1.1679107849\590060846" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Disabled/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.2.210284763\1355058474" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Disabled/BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.4.1334263594\1791432961" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.5.1578784008\1415058424" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.6.211997240\625297104" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.8.795143782\1643269763" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.9.821601819\1683590152" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.10.1363129269\583339189" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.13.93364461\616423731" /prefetch:673131151
taskeng.exe {50C15A46-A999-41EE-AD33-A97DA9E29E1D}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_HUPDecay_HQPRelevance_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3284.18.1499418548\789136932" /prefetch:673131151
"D:\Users\XDANCUMP\Documents\Plocha\Stažené\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-07-09 38304]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-05-10 915320]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"RESTART_STICKY_NOTES"=C:\Windows\system32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-03-21 2691480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [2012-10-16 646744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFFSum_Pro_LL2]
c:\program files (x86)\companion suite pro ll2\mffsum.exe [2010-01-08 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFPrintServer_Pro_LL2]
c:\program files (x86)\companion suite pro ll2\mfprintserver.exe [2010-01-08 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [2007-11-13 29984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files (x86)\PDF24\pdf24.exe [2014-07-04 191528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
c:\program files (x86)\scansoft\paperport\ereg\ereg.exe -r c:\programdata\scansoft\paperport\11\config\ereg\ereg.ini []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection]
c:\users\xdancump\appdata\roaming\search protection\searchprotection.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
c:\program files (x86)\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe [2006-10-25 210472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 335232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-10-26 1050072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files\toshiba\power saver\tpwrmain.exe [2010-09-28 566184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
c:\program files\zoner\photo studio 15\program32\zpstray.exe [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^XDANCUMP^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe [2015-03-05 42560368]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-26 102400]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
Bluetooth Monitor.lnk - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"MemCheckBoxInRunDlg"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-27 15:52:25 ----D---- C:\rsit
2015-05-27 15:52:25 ----D---- C:\Program Files\trend micro
2015-05-27 15:42:38 ----A---- C:\TDSSKiller.3.0.0.44_27.05.2015_15.42.38_log.txt
2015-05-24 03:24:47 ----A---- C:\ComboFix.txt
2015-05-24 03:18:50 ----D---- C:\$RECYCLE.BIN
2015-05-24 03:05:35 ----A---- C:\Windows\NIRCMD.exe
2015-05-23 04:03:58 ----D---- C:\Program Files (x86)\globalUpdate
2015-05-23 04:03:36 ----D---- C:\Program Files (x86)\Seznam.cz
2015-05-23 04:03:34 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Mozilla
2015-05-23 04:03:21 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Seznam.cz
2015-05-23 04:01:53 ----D---- C:\Users\XDANCUMP\AppData\Roaming\SSN
2015-05-19 00:40:53 ----D---- C:\Program Files (x86)\Red Giant Link
2015-05-19 00:40:23 ----D---- C:\ProgramData\goodasnew
2015-05-09 16:07:12 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Apple Computer
2015-05-09 16:00:36 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Canon_Inc_IC
2015-05-09 15:59:30 ----D---- C:\ProgramData\Canon_Inc_IC
2015-05-08 21:42:56 ----D---- C:\Program Files (x86)\QuickTime
2015-05-08 21:41:24 ----D---- C:\ProgramData\Apple
2015-05-08 21:41:24 ----D---- C:\Program Files (x86)\Apple Software Update
2015-05-08 02:33:52 ----D---- C:\Twixtor5AEManual
2015-05-08 02:33:51 ----D---- C:\Twixtor5AE
2015-05-08 00:39:46 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Red Giant
2015-05-08 00:39:39 ----D---- C:\ProgramData\Red Giant
2015-05-08 00:39:27 ----D---- C:\Program Files (x86)\Red Giant
2015-05-08 00:38:16 ----D---- C:\ProgramData\RedGiant
2015-05-01 19:18:06 ----A---- C:\TDSSKiller.3.0.0.44_01.05.2015_19.18.06_log.txt
2015-05-01 19:17:15 ----A---- C:\Windows\zip.exe
2015-05-01 19:17:15 ----A---- C:\Windows\SWSC.exe
2015-05-01 19:17:15 ----A---- C:\Windows\SWREG.exe
2015-05-01 19:17:15 ----A---- C:\Windows\sed.exe
2015-05-01 19:17:15 ----A---- C:\Windows\PEV.exe
2015-05-01 19:17:15 ----A---- C:\Windows\MBR.exe
2015-05-01 19:17:15 ----A---- C:\Windows\grep.exe
2015-05-01 19:17:07 ----D---- C:\Qoobox
2015-04-28 14:01:41 ----D---- C:\ProgramData\Steam

======List of files/folders modified in the last 1 month======

2015-05-27 15:52:27 ----D---- C:\Windows\temp
2015-05-27 15:52:25 ----RD---- C:\Program Files
2015-05-27 15:46:27 ----D---- C:\Windows\system32\drivers
2015-05-27 15:42:28 ----D---- C:\Users\XDANCUMP\AppData\Roaming\uTorrent
2015-05-27 13:49:01 ----AD---- C:\Windows
2015-05-27 12:20:58 ----D---- C:\WarThunder
2015-05-24 21:02:36 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-24 03:27:03 ----D---- C:\Windows\inf
2015-05-24 03:23:18 ----D---- C:\Windows\system32\Tasks
2015-05-24 03:23:17 ----D---- C:\Windows\Tasks
2015-05-24 03:18:55 ----A---- C:\Windows\system.ini
2015-05-24 03:18:50 ----D---- C:\Windows\erdnt
2015-05-24 03:18:48 ----D---- C:\Windows\system32\drivers\etc
2015-05-24 03:16:50 ----D---- C:\ProgramData
2015-05-24 03:16:23 ----D---- C:\Windows\SysWOW64
2015-05-24 03:13:25 ----D---- C:\Windows\SYSWOW64\drivers
2015-05-24 03:13:25 ----D---- C:\Windows\AppPatch
2015-05-24 03:13:24 ----D---- C:\Program Files (x86)\Common Files
2015-05-24 03:07:12 ----D---- C:\Windows\Prefetch
2015-05-24 03:06:11 ----SHD---- C:\System Volume Information
2015-05-23 17:36:54 ----D---- C:\Windows\system32\config
2015-05-23 05:15:07 ----D---- C:\Windows\AutoKMS
2015-05-23 04:47:18 ----D---- C:\Windows\system32\catroot2
2015-05-23 04:46:19 ----D---- C:\Windows\Resources
2015-05-23 04:11:28 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-23 04:09:12 ----D---- C:\Windows\System32
2015-05-23 04:09:02 ----SHD---- C:\Windows\Installer
2015-05-23 04:09:02 ----D---- C:\Config.Msi
2015-05-23 04:08:24 ----RD---- C:\Program Files (x86)
2015-05-23 04:08:22 ----D---- C:\Program Files (x86)\Adobe Media Player
2015-05-20 18:37:05 ----D---- C:\Windows\ModemLogs
2015-05-20 18:36:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-20 17:30:29 ----D---- C:\TipCars
2015-05-19 14:14:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-19 04:27:54 ----D---- C:\Users\XDANCUMP\AppData\Roaming\FileZilla
2015-05-14 20:43:09 ----D---- C:\Program Files\CCleaner
2015-05-12 02:19:53 ----D---- C:\Program Files (x86)\Shutdown Timer
2015-05-09 16:53:53 ----D---- C:\Program Files (x86)\Canon
2015-05-09 16:13:15 ----D---- C:\Windows\SoftwareDistribution
2015-05-08 21:43:21 ----D---- C:\Program Files\Internet Explorer
2015-05-08 00:37:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-06 23:48:09 ----D---- C:\Windows\Logs
2015-04-28 18:25:07 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Adobe
2015-04-28 18:09:49 ----D---- C:\Program Files\Adobe
2015-04-28 18:07:41 ----RSD---- C:\Windows\Fonts
2015-04-28 18:06:58 ----D---- C:\Program Files\Common Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-25 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-25 28008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-08-10 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-06-20 834544]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-28 283200]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-27 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-26 195584]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-04-23 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-03-31 724536]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-08-25 128200]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-02 32496]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 292024]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2011-07-12 19904]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S1 cpuidlep;CpuIdle Pro System Driver; C:\Windows\system32\drivers\cpuidlep.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-27 6659072]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2015-02-06 21712]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2008-09-26 133632]
S3 FaxLffv2;Companion Suite Pro LL2 Modem Driver; C:\Windows\System32\Drivers\FaxLffv2.sys [2008-06-19 31232]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-09-10 98160]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2012-04-13 85384]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-04-03 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-04-03 27760]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-08-06 14136]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 115328]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2013-11-17 164736]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2014-03-19 77592]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2014-03-19 13080]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2014-03-19 76568]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
S3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-25 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys [2015-03-24 19952]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-12-02 250984]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 204568]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-12-25 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-17 171600]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-26 202752]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 chromoting;Služba Vzdálené plochy Chrome; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [2015-03-08 56648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-09-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-09-24 107832]
R2 SplashtopRemoteService;Splashtop® Remote Service; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2014-03-24 790880]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-03-30 5448464]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-10-26 124368]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 198064]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2012-09-05 66560]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-08 569024]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 489384]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20 268464]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Sainzik]

info:

info.txt logfile of random's system information tool 1.10 2015-05-27 15:52:32

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A460B290E00008020210007DF130C000800000020030000DF140C07FEFFFF002803000080901C00FEFFFF07FEFFFF00A8931C00B0A41D0000000000000000000000000000000055AA

======Uninstall list======

-->C:\PROGRA~3\INSTAL~2\{D3E88~1\Setup.exe /remove /q0
-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\CONEXANT\cAudioFilterAgent\SETUP64.EXE -U -IcAudioFilterAgent -SM=cAudioFilterAgent64.exe,16
-->C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
-->C:\Program Files\TOSHIBA\TVAP\setup.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{BC741628-0AFC-405C-8946-DD46D1005A0A}
Adobe After Effects CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{4817D846-700B-474E-A31B-80892B3E92E3}"
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{34927EBC-98D4-4D53-98BE-510DF5999F50}
Adobe Creative Cloud-->"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Adobe Flash Player 16 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_257_ActiveX.exe -maintain activex
Adobe Flash Player 16 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -maintain plugin
Adobe Flash Player 17 PPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe -maintain pepperplugin
Adobe Flash Professional CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}"
Adobe Help Manager-->msiexec /qb /x {AF37176A-78CA-545B-34EF-8B6A21514DD1}
Adobe Help Manager-->MsiExec.exe /I{AF37176A-78CA-545B-34EF-8B6A21514DD1}
Adobe Illustrator CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{4869414E-7AEA-4C8E-BE1C-8D40977FD517}"
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Photoshop CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}"
Adobe Photoshop Elements 11-->msiexec /i {1D181764-DCD0-41B8-AA7B-0A599F027A72} NOT_STANDALONE=1
Adobe Photoshop Lightroom 5.3 64-bit-->MsiExec.exe /I{2DD71ACB-552D-402C-9529-7906ACB95C30}
Adobe Reader XI (11.0.11) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001802114130}
Adobe SVG Viewer 3.0-->C:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Apple Application Support-->MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0005 -removeonly
ATI Catalyst Install Manager-->msiexec /q/x{61D4B846-49F8-2639-A4EB-977875265F37} REBOOT=ReallySuppress
Balíček ovladače systému Windows - FTDI USB Device Driver Package (03/30/2010 2.06.02)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\INSTAL~1.EXE /u C:\Windows\System32\DriverStore\FileRepository\usbdevicedrv.inf_amd64_neutral_4fbb6d3ac28135c6\usbdevicedrv.inf
Bamboo Dock-->C:\Program Files (x86)\Bamboo Dock\uninst.exe
Bamboo Dock-->msiexec /qb /x {90DFD61B-8224-00C6-3D69-A983B60A394E}
Bamboo Dock-->MsiExec.exe /I{90DFD61B-8224-00C6-3D69-A983B60A394E}
Bluetooth Monitor 4-->C:\Program Files (x86)\InstallShield Installation Information\{61539202-097E-487E-9237-B291AB56D54C}\setup.exe -runfromtemp -l0x0009 -removeonly
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Broadcom 802.11 Network Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver"
Canon IJ Network Scanner Selector EX-->"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini
Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon MG5300 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series /L0x0005
Canon MP Navigator EX 5.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 5.0\uninst.ini
Castle Link-->MsiExec.exe /X{C7774A58-8B24-4E19-A92D-E887A8FD67A1}
Catalyst Control Center - Branding-->MsiExec.exe /I{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
Common Desktop Agent-->MsiExec.exe /X{031A0E14-0413-4C97-9772-2639B782F46F}
Companion Suite Pro LL2 Drivers-->MsiExec.exe /X{4ACE3E86-78B6-43A1-B104-E3F3006FC576}
Companion Suite Pro LL2-->MsiExec.exe /x {ABDB5A8F-A163-4FD7-A8AE-E2695ACFEA90} /qb
Conexant Audio Driver For AMD HDMI Codec-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA_HDMI\UIU64h.exe -U -Iamdhdmiw.INF
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -IBERCC2wa.INF
CorelDRAW Graphics Suite X3-->MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
CPUID CPU-Z 1.72-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
Crack Microsoft Office 2010 2.2.3-->C:\Program Files (x86)\Microsoft\%ProductName\Uninstall.exe
CZ-->MsiExec.exe /I{CCF7074B-BE72-44E1-9CAC-3FFAC582C692}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Driver USBDEVICEDRV (1.00.009)-->C:\PROGRA~2\USBDEV~1\Driver\UNWISE.EXE C:\PROGRA~2\USBDEV~1\Driver\INSTALL.LOG
Ema Config-->"C:\Program Files (x86)\EMA\unins000.exe"
FileZilla Client 3.10.2-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe
FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Helicon Remote 3.2.7.0-->"C:\Program Files (x86)\Helicon Software\Helicon Remote\unins000.exe"
Chrome Remote Desktop Host-->MsiExec.exe /I{A1A724F3-F1A6-479C-AE98-208946717E2B}
Imagenomic Noiseware 5.0.2 Plug-in (build 5020)-->C:\Program Files (x86)\Imagenomic\Noiseware Plug-in\uninst.exe
Imagenomic Portraiture 2.3 Plug-in (build 2308)-->C:\Program Files (x86)\Imagenomic\Portraiture 2 Plug-in\uninst.exe
Incomedia WebSite X5 v11 - Professional-->"C:\Program Files (x86)\WebSite X5 v11 - Professional\unins000.exe"
inSSIDer 3-->MsiExec.exe /X{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Java 8 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218045F0}
K-Lite Mega Codec Pack 10.1.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Logitech Gaming Software 5.10-->MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1}
Malwarebytes Anti-Malware verze 2.1.6.1022-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Microsoft .NET Framework 4.5 CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.5 CSY Language Pack-->MsiExec.exe /X{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}
Microsoft .NET Framework 4.5-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5-->MsiExec.exe /X{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
Microsoft Office Access 2003 Runtime-->MsiExec.exe /I{901C0405-6000-11D3-8CFE-0150048383C9}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Compact 4.0 x64 ENU-->MsiExec.exe /X{8424B163-D1E0-48B7-88A2-C7A61767B3D7}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005-->"C:\ProgramData\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Migration System Updater RBP-->C:\Users\XDANCUMP\AppData\Local\MigsUpdater\uninst.exe
Movie maker pro Windows 7 cz version for Windows-->"C:\Program Files (x86)\Movie maker pro Windows 7 cz\unins000.exe"
MSVCRT Redists-->MsiExec.exe /I{AB085680-FE98-11E1-A232-F04DA23A5C58}
MSVCRT Redists-->MsiExec.exe /I{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Network Print Monitor for Windows 2000/XP/2003/Vista-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Network Print Monitor\Uninst.isu"
Nik Collection-->C:\Program Files\Google\Nik Collection\Uninstall Nik Collection.exe
Noiseware Professional Plug-in-->MsiExec.exe /I{7C515D87-2DCD-422B-B993-3FE8A71B3DDB}
NVIDIA Photoshop Plug-ins 64 bit-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}\setup.exe" -l0x9
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
O2 Mobilni internet-->C:\Program Files (x86)\O2 Mobilni internet\uninst.exe
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDF Settings CS6-->MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
PDF24 Creator 6.7.0-->"C:\Program Files (x86)\PDF24\unins000.exe"
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
PSE11 STI Installer-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{98CE8819-87AA-4814-8167-ADDDD513485F}"
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
QuickTime 7-->MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
Rapture3D 2.3.22 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Red Giant Link-->"C:\ProgramData\Red Giant\uninstall\Link\unins000.exe"
rFactor-->"C:\Program Files (x86)\rFactor\uninstall.exe" "/U:C:\Program Files (x86)\rFactor\Uninstall\uninstall.xml"
RivaTuner v2.23-->"C:\Program Files (x86)\RivaTuner v2.23\uninstall.exe"
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Samsung Easy Document Creator-->"C:\Program Files (x86)\Samsung\Easy Document Creator\uninstall.exe"
Samsung Easy Printer Manager-->C:\Program Files (x86)\Samsung\Easy Printer Manager\uninst.exe /app_ipn:"C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe" /oem:Samsung /oem_ac:EPM /oem_aims:no
Samsung M2070 Series-->"C:\Program Files (x86)\Samsung\Samsung M2070 Series\Setup\Setup.exe" /R
Samsung Printer Live Update-->C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller\uninstall.exe
Samsung Scan Process Machine-->C:\Program Files (x86)\Common Files\Scan Process Machine\uninstall.exe
Samsung SCX-3400 Series-->"C:\Program Files (x86)\Samsung\Samsung SCX-3400 Series\Setup\Setup.exe" /R
SAMSUNG USB Driver for Mobile Phones-->C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe
ScanSoft PaperPort 11-->MsiExec.exe /I{D7659F54-7502-4312-AA24-F103C92C26F5}
SIW version 2011.10.29-->"C:\Program Files (x86)\SIW\unins000.exe"
SNS Upload for Easy Document Creator-->MsiExec.exe /I{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}
Splashtop Streamer-->MsiExec.exe /X{B7C5EA94-B96A-41F5-BE95-25D78B486678}
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TAudioConverter verze 0.9.7-->"C:\Program Files (x86)\TAudioConverter\unins000.exe"
TeamViewer 10-->C:\Program Files (x86)\TeamViewer\uninstall.exe
Topaz Adjust 5-->C:\Program Files (x86)\Topaz Labs\Topaz Adjust 5\uninst.exe
Topaz B&W Effects-->C:\Program Files (x86)\Topaz Labs\Topaz BW 2\uninst.exe
Topaz Clean 3-->C:\Program Files (x86)\Topaz Labs\Topaz Clean 3\uninst.exe
Topaz DeJpeg 4-->C:\Program Files (x86)\Topaz Labs\Topaz DeJpeg 4\uninst.exe
Topaz DeNoise 5-->C:\Program Files (x86)\Topaz Labs\Topaz DeNoise 5\uninst.exe
Topaz Detail 3-->C:\Program Files (x86)\Topaz Labs\Topaz Detail 3\uninst.exe
Topaz Fusion Express 2-->C:\Program Files (x86)\Topaz Labs\Topaz Fusion Express 2\uninst.exe
Topaz InFocus-->C:\Program Files (x86)\Topaz Labs\Topaz InFocus\uninst.exe
Topaz Lens Effects-->C:\Program Files (x86)\Topaz Labs\Topaz Lens Effects\uninst.exe
Topaz ReMask 3-->C:\Program Files (x86)\Topaz Labs\Topaz ReMask 3\uninst.exe
Topaz Simplify 4-->C:\Program Files (x86)\Topaz Labs\Topaz Simplify 4\uninst.exe
Toshiba Assist-->C:\Program Files (x86)\InstallShield Installation Information\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA Bulletin Board-->"C:\Program Files (x86)\InstallShield Installation Information\{C14518AF-1A0F-4D39-8011-69BAA01CD380}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA Bulletin Board-->MsiExec.exe /X{C14518AF-1A0F-4D39-8011-69BAA01CD380}
TOSHIBA ConfigFree-->MsiExec.exe /X{E0FAA369-B0E3-48B8-9447-4873103B0012}
TOSHIBA Face Recognition-->"C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /X{F67FA545-D8E5-4209-86B1-AEE045D1003F}
TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}\setup.exe" -l0x5
TOSHIBA Media Controller Plug-in-->MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
TOSHIBA Media Controller-->C:\Program Files (x86)\InstallShield Installation Information\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA Online Product Information-->C:\Program Files (x86)\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA ReelTime-->MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{073B89C3-BA88-41B5-965F-B35A88EAE838}\setup.exe" -l0x5
TOSHIBA TEMPRO-->MsiExec.exe /X{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}
TOSHIBA Value Added Package-->C:\Program Files\TOSHIBA\TVAP\Setup.exe
TOSHIBA Web Camera Application-->C:\Program Files (x86)\InstallShield Installation Information\{5E6F6CF3-BACC-4144-868C-E14622C658F3}\setup.exe -runfromtemp -l0x0005 -removeonly
Trapcode Suite v12.1.7-->"C:\Program Files (x86)\Red Giant\unins000.exe"
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
Visual FoxPro ODBC Driver-->MsiExec.exe /X{31821EFE-1B31-4744-9FB0-208F92BD7168}
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Výstraha HDD/SSD TOSHIBA-->C:\Program Files (x86)\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0405
Výstraha HDD/SSD TOSHIBA-->C:\Program Files (x86)\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0405
Wacom-->C:\Program Files\Tablet\Pen\32\Remove.exe /u
War Thunder Launcher 1.0.1.502-->"C:\WarThunder\unins000.exe"
WebTablet FB Plugin 32 bit-->"C:\Program Files (x86)\TabletPlugins\fbWTPUninstall.exe"
WebTablet FB Plugin 64 bit-->"C:\Program Files\TabletPlugins\fbWTPUninstall.exe"
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30)-->C:\PROGRA~1\DIFX\862E75C35EC9FF84\dpinst-amd64.exe /u C:\Windows\System32\DriverStore\FileRepository\ftdibus.inf_amd64_neutral_0a3c2df775f027fe\ftdibus.inf
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30)-->C:\PROGRA~1\DIFX\862E75C35EC9FF84\dpinst-amd64.exe /u C:\Windows\System32\DriverStore\FileRepository\ftdiport.inf_amd64_neutral_0174995d0b71bf25\ftdiport.inf
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )-->C:\PROGRA~1\DIFX\B60D1297D6D5E54C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\gpwfbp.inf_amd64_neutral_dc6d708d189777c6\gpwfbp.inf
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )-->C:\PROGRA~1\DIFX\B60D1297D6D5E54C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\gpwfbp2.inf_amd64_neutral_f8b5093722857a8f\gpwfbp2.inf
Windows Movie Maker-->C:\Program Files\Movie Maker\uninst.exe
WinPatrol-->C:\PROGRA~3\INSTAL~2\{6A206~1\Setup.exe /remove /q0
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
Xilisoft HD Video Converter 6-->C:\Program Files (x86)\Xilisoft\HD Video Converter 6\Uninstall.exe
XTuning Flash Tool verze 2015.1-->"C:\Program Files (x86)\_XFLASH\unins000.exe"
Zoner Photo Studio 15-->"C:\Program Files\Zoner\Photo Studio 15\unins000.exe"

======System event log======

Computer Name: Dandy
Event Code: 10114
Message: Reflektor UMDF se nepodařilo spustit, protože služba WUDFPf nebyla nalezena. Tato služba může být spouštěna později během spouštění systému. Systém Windows se v takovém případě pokusí zařízení znovu spustit.
Record Number: 703382
Source Name: Microsoft-Windows-DriverFrameworks-UserMode
Time Written: 20150416183756.611518-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Dandy
Event Code: 7036
Message: Stav služby Služba Výčet přenosných zařízení byl změněn na: Spuštěno
Record Number: 703381
Source Name: Service Control Manager
Time Written: 20150416183756.568516-000
Event Type: Informace
User:

Computer Name: Dandy
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Zastaveno
Record Number: 703380
Source Name: Service Control Manager
Time Written: 20150416175930.966501-000
Event Type: Informace
User:

Computer Name: Dandy
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 703379
Source Name: Microsoft-Windows-Eventlog
Time Written: 20150416174709.812379-000
Event Type: Informace
User: DANDY\XDANCUMP

Computer Name: Dandy
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 703378
Source Name: Microsoft-Windows-Eventlog
Time Written: 20150416174709.734379-000
Event Type: Informace
User: DANDY\XDANCUMP

=====Application event log=====

Computer Name: Dandy
Event Code: 1036
Message: Instalační služba systému Windows provedla instalaci aktualizace. Název produktu: Adobe Acrobat XI Pro. Verze produktu: 11.0.10. Jazyk produktu: 1029. Výrobce: Adobe Systems. Název aktualizace: Adobe Acrobat XI (11.0.10). Stav instalace (úspěch nebo chyba): 1603.
Record Number: 140672
Source Name: MsiInstaller
Time Written: 20150416221218.000000-000
Event Type: Informace
User: DANDY\XDANCUMP

Computer Name: Dandy
Event Code: 1024
Message: Aktualizaci Adobe Acrobat XI (11.0.10) produktu Adobe Acrobat XI Pro nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127
Record Number: 140671
Source Name: MsiInstaller
Time Written: 20150416221218.000000-000
Event Type: Chyba
User: DANDY\XDANCUMP

Computer Name: Dandy
Event Code: 11328
Message: Produkt: Adobe Acrobat XI Pro -- Chyba 1328.Chyba při aplikování opravy na soubor C:\Config.Msi\PT7C89.tmp. Asi byl aktualizován jinými prostředky a nelze ho již upravovat touto opravou. Více informací získáte od dodavatele opravy. System Error: -1072807676
Record Number: 140670
Source Name: MsiInstaller
Time Written: 20150416221134.000000-000
Event Type: Chyba
User: DANDY\XDANCUMP

Computer Name: Dandy
Event Code: 1040
Message: Probíhá zahajování transakce Instalační služby systému Windows: {AC76BA86-1033-FFFF-7760-000000000006}. ID procesu klienta: 5392
Record Number: 140669
Source Name: MsiInstaller
Time Written: 20150416221034.000000-000
Event Type: Informace
User: DANDY\XDANCUMP

Computer Name: Dandy
Event Code: 0
Message:
Record Number: 140668
Source Name: gupdate
Time Written: 20150416184556.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Dandy
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 71879
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150416221216.474061-000
Event Type: Úspěšný audit
User:

Computer Name: Dandy
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DANDY$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x230
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 71878
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150416221216.474061-000
Event Type: Úspěšný audit
User:

Computer Name: Dandy
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 71877
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150416221034.517229-000
Event Type: Úspěšný audit
User:

Computer Name: Dandy
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DANDY$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x230
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 71876
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150416221034.517229-000
Event Type: Úspěšný audit
User:

Computer Name: Dandy
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-1553764949-2249715022-3334135275-1000
Název účtu: XDANCUMP
Název domény: DANDY
ID přihlášení: 0x2f410
Record Number: 71875
Source Name: Microsoft-Windows-Eventlog
Time Written: 20150416174709.500379-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64;C:\Program Files (x86)\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Sainzik]

bohuzel mi to píše nějakou chybu cca po 10ti minutách scanu.

[Sainzik]

tu přikládám PRTSC

[Márty84]

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

[Sainzik]

OTL.txt

OTL logfile created on: 28.5.2015 12:46:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XDANCUMP\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,87 Gb Total Physical Memory | 5,37 Gb Available Physical Memory | 68,33% Memory free
19,66 Gb Paging File | 16,99 Gb Available in Paging File | 86,43% Paging File free
Paging file location(s): c:\pagefile.sys 12081 12081 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 228,52 Gb Total Space | 93,28 Gb Free Space | 40,82% Space Free | Partition Type: NTFS
Drive D: | 237,15 Gb Total Space | 100,39 Gb Free Space | 42,33% Space Free | Partition Type: NTFS

Computer Name: DANDY | User Name: XDANCUMP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.05.27 20:09:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XDANCUMP\Desktop\OTL.exe
PRC - [2015.05.22 22:22:08 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.03.30 10:59:06 | 005,448,464 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2015.03.08 20:36:40 | 000,056,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
PRC - [2014.12.19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.09.24 21:38:04 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2014.09.24 21:37:48 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014.03.24 15:07:36 | 000,790,880 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012.10.09 01:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012.09.17 06:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2011.08.08 13:43:58 | 000,690,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2011.08.08 13:36:58 | 000,087,960 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2011.05.09 16:06:02 | 002,750,376 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2010.09.06 16:18:00 | 000,746,384 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2010.05.20 20:00:00 | 000,275,984 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtAvAC.exe
PRC - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.21 22:46:36 | 000,091,464 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe
PRC - [2009.04.03 18:17:00 | 000,447,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2015.05.22 22:22:06 | 001,281,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
MOD - [2015.05.22 22:22:05 | 000,080,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
MOD - [2015.03.02 22:30:12 | 000,039,384 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.08.19 21:12:17 | 000,656,664 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2013.11.26 11:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.09.28 12:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010.04.26 22:49:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.02.05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.05.20 18:36:21 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.04.14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015.04.14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2015.03.30 10:59:06 | 005,448,464 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2015.03.08 20:36:40 | 000,056,648 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe -- (chromoting)
SRV - [2014.12.19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.09.24 21:38:04 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014.09.24 21:37:48 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.03.24 15:07:36 | 000,790,880 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2014.02.08 02:02:50 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.09.17 06:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012.09.05 06:23:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Stopped] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011.04.01 17:42:56 | 000,198,064 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010.10.26 13:59:10 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2010.10.22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015.04.14 09:37:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015.04.14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014.09.10 14:19:12 | 000,098,160 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2014.08.06 12:15:50 | 000,102,200 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2014.08.06 12:15:50 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2014.08.06 12:15:50 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2014.03.19 02:24:38 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2014.03.19 02:24:36 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2014.03.19 02:24:34 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2014.02.25 18:27:38 | 000,140,576 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2014.01.22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.12.25 05:02:31 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.12.25 05:02:31 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.12.02 10:59:27 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2013.12.02 10:58:04 | 000,032,496 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013.11.17 20:20:12 | 000,164,736 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2013.08.25 19:36:13 | 000,128,200 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2013.08.25 19:35:32 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.08.25 19:35:32 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013.08.20 07:02:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.07.05 10:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.06.20 12:48:59 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013.04.10 11:38:18 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2013.04.03 20:33:35 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2013.04.03 20:33:35 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012.09.28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.10 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.04.28 01:05:23 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.04.23 03:35:14 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.04.13 12:05:02 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.28 15:51:44 | 000,033,872 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2011.08.05 10:24:26 | 000,292,024 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2011.08.02 16:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.07.12 21:08:02 | 000,019,904 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.27 15:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2010.11.29 11:47:00 | 000,082,224 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.11 10:27:00 | 000,050,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2010.08.30 10:48:00 | 000,094,528 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2010.04.27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010.04.27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010.04.27 05:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.04.27 05:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.26 22:17:26 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.26 11:48:00 | 000,063,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV:64bit: - [2010.03.31 14:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010.03.10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.05 11:11:30 | 000,720,952 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDMI64.sys -- (CnxtHdmiAudService)
DRV:64bit: - [2010.01.30 00:04:32 | 000,055,808 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XMLDIUSB.sys -- (XMLDIUSB)
DRV:64bit: - [2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.02 12:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.24 11:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009.07.14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.07 08:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009.06.22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.17 12:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.09.26 18:02:46 | 000,133,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2008.09.26 18:02:36 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2008.06.19 00:42:46 | 000,031,232 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FaxLffv2.sys -- (FaxLffv2)
DRV - [2015.03.24 23:03:04 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys -- (RivaTuner64)
DRV - [2015.02.07 20:19:00 | 000,004,484 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\cpuidlep.sys -- (cpuidlep)
DRV - [2015.02.06 22:13:51 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\..\SearchScopes,DefaultScope = {E733165D-CBCF-4FDA-883E-ADEF965B476C}
IE - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: File not found
FF - HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt


========== Chrome ==========

CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.8_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.6.0_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl\0.0.15_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\42.0.2311.37_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.34_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_1\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.3.0_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_1\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\phpbpckgofmlhfpbakbfbkiopngnpigh\3.4_0\
CHR - Extension: No name found = C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2015.05.24 03:18:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\..Trusted Domains: hola.org ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\..Trusted Domains: vodafone.cz ([prm] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.45.2)
O16 - DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 1.8.0_40)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0121672D-156A-4D26-BFF4-B321E87FB458}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E6F3810-D2B4-4B9A-8E92-734326B3914C}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E6F3810-D2B4-4B9A-8E92-734326B3914C}: NameServer = 195.27.1.1,10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C40E758-CEAA-4B2A-8F42-BF52D2F947A9}: DhcpNameServer = 217.77.165.81 217.77.161.131
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (c:\Windows\SysWOW64\guard32.dll) - c:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.CFHD - CFHD.dll (CineForm Inc.)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.CFHD - C:\Windows\SysWow64\CFHD.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.05.27 20:09:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\XDANCUMP\Desktop\OTL.exe
[2015.05.27 15:52:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.05.27 15:52:25 | 000,000,000 | ---D | C] -- C:\rsit
[2015.05.24 03:18:50 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2015.05.24 03:05:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2015.05.23 04:03:58 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Local\globalUpdate
[2015.05.23 04:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2015.05.23 04:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2015.05.23 04:03:34 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Roaming\Mozilla
[2015.05.23 04:03:26 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Local\Geckofx
[2015.05.23 04:03:21 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Roaming\Seznam.cz
[2015.05.23 04:01:53 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Roaming\SSN
[2015.05.19 00:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Giant Link
[2015.05.19 00:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\goodasnew
[2015.05.09 16:07:12 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Roaming\Apple Computer
[2015.05.09 16:04:31 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Local\CANON_INC
[2015.05.09 16:00:36 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Roaming\Canon_Inc_IC
[2015.05.09 15:59:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon_Inc_IC
[2015.05.09 15:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon_Inc_IC
[2015.05.08 21:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2015.05.08 21:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2015.05.08 21:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2015.05.08 21:41:27 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Local\Apple
[2015.05.08 21:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2015.05.08 21:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2015.05.08 02:33:52 | 000,000,000 | ---D | C] -- C:\Twixtor5AEManual
[2015.05.08 02:33:51 | 000,000,000 | ---D | C] -- C:\Twixtor5AE
[2015.05.08 00:39:46 | 000,000,000 | ---D | C] -- C:\Users\XDANCUMP\AppData\Roaming\Red Giant
[2015.05.08 00:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Red Giant
[2015.05.08 00:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
[2015.05.08 00:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Giant
[2015.05.08 00:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\RedGiant
[2015.05.01 19:17:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2015.05.01 19:17:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2015.05.01 19:17:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2015.04.28 14:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam

========== Files - Modified Within 30 Days ==========

[2015.05.28 12:48:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.05.28 12:42:06 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.05.28 12:41:54 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.05.27 23:02:13 | 001,589,570 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.05.27 23:02:13 | 000,671,140 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.05.27 23:02:13 | 000,656,316 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.05.27 23:02:13 | 000,142,222 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.05.27 23:02:13 | 000,122,658 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.05.27 22:00:55 | 000,338,331 | ---- | M] () -- C:\Users\XDANCUMP\Desktop\Bez názvu-2.jpg
[2015.05.27 20:09:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XDANCUMP\Desktop\OTL.exe
[2015.05.27 16:50:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.05.24 21:07:50 | 000,019,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.05.24 21:07:50 | 000,019,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.05.24 21:02:17 | 2038,845,439 | -HS- | M] () -- C:\hiberfil.sys
[2015.05.24 03:18:48 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015.05.24 01:02:01 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2015.05.23 19:28:58 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.05.21 22:33:22 | 000,000,132 | ---- | M] () -- C:\Users\XDANCUMP\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2015.05.20 18:36:20 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.05.20 18:36:20 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.04.30 15:06:22 | 006,913,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2015.05.27 22:00:54 | 000,338,331 | ---- | C] () -- C:\Users\XDANCUMP\Desktop\Bez názvu-2.jpg
[2015.05.27 20:13:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.05.20 18:36:21 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2015.05.08 21:41:24 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2015.05.01 19:17:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2015.05.01 19:17:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2015.05.01 19:17:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2015.05.01 19:17:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2015.05.01 19:17:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2015.04.28 18:09:53 | 000,001,194 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
[2015.04.28 18:08:27 | 000,001,090 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
[2015.04.16 02:39:37 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-DANDY-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2015.04.16 02:11:10 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-DANDY-Windows-7-Ultimate-(64-bit).dat
[2015.03.24 21:46:21 | 000,000,128 | -H-- | C] () -- C:\Users\XDANCUMP\XDANCUMP.user
[2015.03.09 23:30:14 | 000,005,487 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\BYAIAMUF
[2015.03.09 23:22:52 | 000,000,132 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\Adobe Formát AIFF CS5 – předvolby
[2015.03.06 22:45:48 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2015.03.06 22:45:37 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2015.03.06 22:45:37 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2015.02.07 20:19:00 | 000,004,484 | ---- | C] () -- C:\Windows\SysWow64\drivers\cpuidlep.sys
[2014.11.19 23:22:38 | 000,000,132 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2014.11.17 01:08:07 | 000,000,031 | ---- | C] () -- C:\Windows\bluevoda.ini
[2014.10.11 19:46:26 | 000,000,952 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2014.10.08 12:43:45 | 000,152,896 | R--- | C] () -- C:\Windows\Wiainst64.exe
[2014.09.24 21:37:56 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.09.24 21:37:48 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2014.09.24 21:37:48 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.09.01 12:46:52 | 000,334,016 | ---- | C] () -- C:\Windows\SysWow64\WOFLT09.DLL
[2014.09.01 12:46:52 | 000,222,928 | ---- | C] () -- C:\Windows\SysWow64\WOBAS09.DLL
[2014.09.01 12:22:49 | 000,000,029 | ---- | C] () -- C:\Windows\SestDLL.ini
[2014.09.01 12:21:46 | 000,000,777 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2014.06.19 13:33:59 | 000,000,024 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\temp.ini
[2014.06.02 00:04:18 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2014.05.19 17:36:20 | 000,538,126 | --S- | C] () -- C:\Windows\SysWow64\libcurl-4.dll
[2014.05.19 17:36:20 | 000,192,512 | --S- | C] () -- C:\Windows\SysWow64\libidn-11.dll
[2014.05.19 17:36:20 | 000,133,632 | --S- | C] () -- C:\Windows\SysWow64\librtmp.dll
[2014.05.19 17:36:20 | 000,100,864 | --S- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2014.01.31 23:20:27 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo.dll
[2013.12.11 04:09:39 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.12.11 04:09:39 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.12.11 04:09:39 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.12.11 04:09:36 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.11.28 22:24:52 | 000,000,000 | -H-- | C] () -- C:\Windows\msds.dat
[2013.11.18 03:35:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\Screen Savers
[2013.11.18 03:35:38 | 000,000,000 | ---- | C] () -- C:\ProgramData\StartupItems
[2013.11.18 03:35:38 | 000,000,000 | ---- | C] () -- C:\ProgramData\Sci-Fi
[2013.11.18 03:26:59 | 000,000,000 | ---- | C] () -- C:\ProgramData\manual
[2013.11.02 03:05:06 | 000,000,017 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Local\resmon.resmoncfg
[2013.11.01 22:40:10 | 000,000,037 | -HS- | C] () -- C:\Users\XDANCUMP\AppData\Local\70149b02515b3bb20dd492.47983420
[2013.10.02 13:07:44 | 001,571,160 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2013.09.27 11:22:34 | 000,000,000 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\programs
[2013.09.27 00:32:17 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2013.09.26 01:02:42 | 000,000,112 | ---- | C] () -- C:\Windows\nastaveni.ini
[2013.07.18 14:32:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.07.18 14:32:34 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013.07.18 14:32:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013.07.18 14:32:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013.07.18 14:32:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013.06.28 13:08:46 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\Ssdevm.dll
[2013.05.28 20:39:39 | 000,000,174 | ---- | C] () -- C:\Windows\ESTIMATE-SETTING.INI
[2013.05.28 20:39:39 | 000,000,160 | ---- | C] () -- C:\Windows\ALIGN-SETTING.INI
[2013.05.28 20:39:39 | 000,000,106 | ---- | C] () -- C:\Windows\LIMIT-SETTING.INI
[2013.05.15 22:43:03 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013.05.15 22:42:09 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013.05.15 22:42:09 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013.05.15 22:42:09 | 000,000,000 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\Scripts Menu
[2013.05.15 22:42:09 | 000,000,000 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\Screen Saver
[2013.05.15 22:41:38 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2013.05.15 22:41:38 | 000,000,000 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\Speech Enhancer
[2012.12.26 06:21:56 | 000,000,565 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\myMPQ.ini
[2012.12.26 00:07:44 | 000,000,673 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Roaming\MPQEditor.ini
[2012.11.16 03:22:29 | 000,000,546 | ---- | C] () -- C:\Users\XDANCUMP\AppData\Local\CastleLinkProps.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.05.19 12:01:33 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2014.05.19 12:01:33 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014.03.05 19:10:08 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\.minecraft
[2015.02.07 19:37:07 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\.rFactor
[2013.03.24 03:04:10 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\AnvSoft
[2014.10.06 21:21:05 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Canon
[2015.05.09 16:00:36 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Canon_Inc_IC
[2012.11.16 03:21:20 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Castle Creations
[2014.07.24 14:43:58 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014.12.18 20:18:40 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2015.04.23 18:45:09 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\DAEMON Tools Lite
[2015.04.02 23:55:11 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Delphi
[2015.03.26 03:59:59 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Dropbox
[2015.05.19 04:27:54 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\FileZilla
[2014.11.21 21:58:44 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\FileZilla Server
[2012.12.10 18:25:09 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\HTC
[2013.10.08 18:37:47 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\IsolatedStorage
[2013.12.15 03:36:05 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Juniper Networks
[2015.02.06 23:57:05 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\MAXON
[2013.12.05 20:44:00 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Milestone
[2013.12.11 04:10:38 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\MPC-HC
[2014.04.18 22:40:46 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\No Company Name
[2013.12.03 14:19:59 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\PDAppFlex
[2013.06.10 01:33:42 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Publish Providers
[2015.05.08 00:39:46 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Red Giant
[2015.03.21 20:06:57 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Samsung
[2012.07.23 12:46:05 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\ScanSoft
[2015.05.23 04:08:59 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Seznam.cz
[2015.05.23 04:09:03 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\SSN
[2012.06.17 02:22:02 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014.12.15 15:21:02 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\TAC
[2015.04.15 02:42:44 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\TeamViewer
[2012.04.23 04:33:24 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\toshiba
[2014.11.08 02:02:30 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Tunngle
[2015.05.27 23:32:22 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\uTorrent
[2015.03.23 19:31:04 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Wacom
[2015.03.23 19:31:40 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\wacomid-desktop-launcher
[2015.03.23 19:31:40 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2013.01.02 06:12:39 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Wargaming.net
[2012.04.23 02:51:37 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\WinBatch
[2015.04.16 02:55:56 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\WinPatrol
[2015.04.03 00:00:33 | 000,000,000 | -HSD | M] -- C:\Users\XDANCUMP\AppData\Roaming\wyUpdate AU
[2013.03.24 20:20:54 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Xilisoft
[2013.05.23 20:33:28 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,616 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.23 04:02:50 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.09.03 19:59:48 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.03 19:59:49 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.05.20 18:36:21 | 000,000,892 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\erdnt\cache86\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2015.04.14 09:36:16 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2013.12.25 04:57:23 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.12.23 01:22:32 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013.12.23 01:22:32 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.12.23 01:22:32 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.12.23 01:22:32 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2013.12.25 04:57:23 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2015.04.14 09:36:16 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

< >

< %systemroot%*.* /U /s >
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[14 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\eec4a6393e352ad9b957ffffb3108750\*.tmp files -> C:\Windows\SoftwareDistribution\Download\eec4a6393e352ad9b957ffffb3108750\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.03.05 19:10:08 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\.minecraft
[2015.02.07 19:37:07 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\.rFactor
[2015.04.28 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Adobe
[2014.04.06 16:15:58 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Adobe Mini Bridge CS5
[2012.05.06 20:35:36 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Ahead
[2013.03.24 03:04:10 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\AnvSoft
[2015.05.09 16:07:12 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Apple Computer
[2012.04.23 02:53:38 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\ATI
[2014.10.06 21:21:05 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Canon
[2015.05.09 16:00:36 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Canon_Inc_IC
[2012.11.16 03:21:20 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Castle Creations
[2014.07.24 14:43:58 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014.12.18 20:18:40 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2014.10.11 19:46:22 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Corel
[2015.04.23 18:45:09 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\DAEMON Tools Lite
[2015.04.02 23:55:11 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Delphi
[2015.03.26 03:59:59 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Dropbox
[2015.05.19 04:27:54 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\FileZilla
[2014.11.21 21:58:44 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\FileZilla Server
[2012.05.04 14:25:26 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\FLEXnet
[2013.12.09 12:22:12 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Google
[2012.04.23 15:20:53 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\HP
[2012.07.22 20:35:01 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\HpUpdate
[2012.12.10 18:25:09 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\HTC
[2012.04.23 02:44:07 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Identities
[2012.04.23 02:54:45 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\InstallShield
[2013.10.08 18:37:47 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\IsolatedStorage
[2013.12.15 03:36:05 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Juniper Networks
[2014.10.04 22:28:35 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Logishrd
[2014.10.04 22:32:09 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Logitech
[2012.04.23 03:58:56 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Macromedia
[2013.12.08 05:33:46 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Malwarebytes
[2015.02.06 23:57:05 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\MAXON
[2009.07.14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Media Center Programs
[2015.02.05 03:49:42 | 000,000,000 | --SD | M] -- C:\Users\XDANCUMP\AppData\Roaming\Microsoft
[2013.12.05 20:44:00 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Milestone
[2015.05.23 04:03:34 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Mozilla
[2013.12.11 04:10:38 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\MPC-HC
[2014.04.18 22:40:46 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\No Company Name
[2013.12.03 14:19:59 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\PDAppFlex
[2013.06.10 01:33:42 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Publish Providers
[2015.05.08 00:39:46 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Red Giant
[2015.03.21 20:06:57 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Samsung
[2012.07.23 12:46:05 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\ScanSoft
[2015.05.23 04:08:59 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Seznam.cz
[2015.05.23 04:09:03 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\SSN
[2012.06.17 02:22:02 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014.12.15 15:21:02 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\TAC
[2015.04.15 02:42:44 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\TeamViewer
[2012.04.23 04:33:24 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\toshiba
[2014.11.08 02:02:30 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Tunngle
[2015.05.27 23:32:22 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\uTorrent
[2015.03.20 18:48:34 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\vlc
[2015.03.23 19:31:04 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Wacom
[2015.03.23 19:31:40 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\wacomid-desktop-launcher
[2015.03.23 19:31:40 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2013.01.02 06:12:39 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Wargaming.net
[2012.04.23 02:51:37 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\WinBatch
[2015.04.16 02:55:56 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\WinPatrol
[2012.04.23 02:48:28 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\WinRAR
[2015.03.23 19:29:54 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\WTablet
[2015.04.03 00:00:33 | 000,000,000 | -HSD | M] -- C:\Users\XDANCUMP\AppData\Roaming\wyUpdate AU
[2013.03.24 20:20:54 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Xilisoft
[2013.05.23 20:33:28 | 000,000,000 | ---D | M] -- C:\Users\XDANCUMP\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2015.03.05 00:27:30 | 042,560,368 | ---- | M] (Dropbox, Inc.) -- C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2015.03.05 00:30:14 | 000,262,760 | ---- | M] (Dropbox, Inc.) -- C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2015.03.05 00:27:34 | 000,257,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2015.04.29 22:10:14 | 000,054,432 | ---- | M] (Adobe Systems Inc.) -- C:\Users\XDANCUMP\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.09.27 00:35:18 | 000,061,440 | R--- | M] (Acresso Software Inc.) -- C:\Users\XDANCUMP\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
[2014.10.11 19:45:35 | 000,010,134 | R--- | M] () -- C:\Users\XDANCUMP\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
[2014.10.11 19:45:35 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\XDANCUMP\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2015.05.14 00:58:17 | 001,694,560 | ---- | M] (BitTorrent Inc.) -- C:\Users\XDANCUMP\AppData\Roaming\uTorrent\uTorrent.exe
[2015.05.14 00:57:53 | 001,694,560 | ---- | M] (BitTorrent Inc.) -- C:\Users\XDANCUMP\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015.05.24 01:02:01 | 000,000,892 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
[2015.05.28 12:41:54 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015.05.27 16:50:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.05.28 12:50:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2005.03.08 11:30:56 | 000,092,827 | ---- | M] () -- \Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\Custom Data\Bumpmap\Cracks.cpt
[2005.03.08 11:30:58 | 000,016,068 | ---- | M] () -- \Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\Custom Data\Canvas\cracks2c.pcx
[2005.03.08 11:31:08 | 000,010,560 | ---- | M] () -- \Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\Custom Data\Tiles\CRACKS2M.CPT
[2014.12.16 12:58:15 | 000,061,044 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\458_Italia\stonechip_windowcrack_evo.wav
[2014.12.16 13:02:54 | 000,061,044 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\DTM_2013\SHARED\stonechip_windowcrack.wav
[2014.12.16 13:07:13 | 000,061,044 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\GT_SHIFT2\stonechip_windowcrack.wav
[2014.12.16 13:07:13 | 000,061,044 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\GT_SHIFT2\stonechip_windowcrack_SMC.wav
[2014.12.16 13:07:33 | 000,061,142 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\GT_SHIFT2\458_Italia\stonechip_windowcrack_MGT.wav
[2014.12.16 13:08:09 | 000,061,044 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\GT_SHIFT2\BMW_Z4GT3\stonechip_windowcrack_SMC.wav
[2014.12.16 13:11:00 | 000,049,296 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\HISTORICFIAGT\911TCUP\stonechip_windowcrack.wav
[2014.12.16 13:16:54 | 000,061,044 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\Misc\Stone\stonechip_windowcrack_evo.wav
[2014.12.16 13:27:34 | 000,061,044 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\Shift_Street\Misc\Stone\stonechip_windowcrack_evo.wav
[2014.12.16 13:28:12 | 000,061,142 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\simco_megane\stonechip_windowcrack_MGT.wav
[2014.12.16 13:30:03 | 000,061,044 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Sounds\Zonda_R\SHARED\stonechip_windowcrack.wav
[2012.03.02 05:24:04 | 001,159,409 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS6\Support Files\Presets\Image - Special Effects\Cracked Tiles.ffx
[2013.01.31 04:27:49 | 000,196,662 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins\Flaming_Pear\SuperBladePro 1.80\Environments and Textures\crackle.bmp
[2012.08.31 03:37:44 | 001,674,383 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\11.0\Photo Creations\backgrounds\BG_Creamcrackled.jpg
[2012.08.31 03:37:44 | 000,001,557 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\11.0\Photo Creations\backgrounds\BG_Creamcrackled.metadata.xml
[2012.08.31 03:37:44 | 000,004,481 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\11.0\Photo Creations\backgrounds\BG_Creamcrackled.thumbnail.jpg
[2012.08.31 03:37:44 | 001,674,383 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\11.0\Photo Creations\backgrounds\BG_Creamcrackled.jpg
[2012.08.31 03:37:44 | 000,001,557 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\11.0\Photo Creations\backgrounds\BG_Creamcrackled.metadata.xml
[2012.08.31 03:37:44 | 000,004,481 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\11.0\Photo Creations\backgrounds\BG_Creamcrackled.thumbnail.jpg
[2015.03.21 21:06:29 | 000,092,595 | ---- | M] () -- \Users\XDANCUMP\AppData\Roaming\uTorrent\Adobe Illustrator CS6 + Crack.1.torrent
[2015.03.21 21:01:12 | 000,092,510 | ---- | M] () -- \Users\XDANCUMP\AppData\Roaming\uTorrent\Adobe Illustrator CS6 + Crack.torrent
[2015.01.04 19:17:20 | 000,019,105 | ---- | M] () -- \Users\XDANCUMP\AppData\Roaming\uTorrent\Windows 8.1 + crack.1.torrent
[2015.01.04 19:17:20 | 000,019,105 | ---- | M] () -- \Users\XDANCUMP\AppData\Roaming\uTorrent\Windows 8.1 + crack.2.torrent
[2015.01.04 19:17:20 | 000,019,105 | ---- | M] () -- \Users\XDANCUMP\AppData\Roaming\uTorrent\Windows 8.1 + crack.torrent

< *keygen* /s >

< *AntiWPA* /s >

[Sainzik]

část 2/2

< *loader* /s >
[2011.06.10 00:52:42 | 005,299,048 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 02:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 02:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.03.13 13:18:28 | 003,297,128 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 11:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 11:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.02.23 01:05:38 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\AIR3.2\frameworks\projects\air\ApplicationUpdater\src\ApplicationUpdater\air\update\events\DownloadErrorEvent.as
[2012.02.23 01:05:36 | 000,006,153 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\AIR3.2\frameworks\projects\air\ApplicationUpdater\src\ApplicationUpdater\air\update\net\FileDownloader.as
[2012.02.23 01:05:38 | 000,010,395 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\AIR3.2\frameworks\projects\air\ApplicationUpdater\src\ApplicationUpdater\air\update\ui\EmbeddedUILoader.as
[2012.03.30 17:19:56 | 000,044,219 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\ActionScript 3.0\projects\Flash\src\fl\display\ProLoader.as
[2012.03.30 17:19:56 | 000,027,387 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\ActionScript 3.0\projects\Flash\src\fl\display\ProLoaderInfo.as
[2012.03.30 17:19:56 | 000,000,951 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\ActionScript 3.0\projects\Flash\src\fl\events\ProLoaderRSLPreloaderSandboxEvent.as
[2012.03.30 17:19:56 | 000,018,626 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\ActionScript 3.0\projects\Flash\src\fl\rsl\RSLPreloader.as
[2012.03.30 17:19:56 | 000,010,604 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\ActionScript 3.0\rsls\loader_animation.fla
[2012.03.30 17:19:56 | 000,001,253 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\ActionScript 3.0\rsls\loader_animation.swf
[2012.03.30 17:19:56 | 000,027,163 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\Component Source\ActionScript 3.0\User Interface\fl\containers\UILoader.as
[2012.03.30 17:19:56 | 000,044,966 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\Components\User Interface\Loader.swc
[2012.03.30 17:20:02 | 000,000,544 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\First Run\Classes\FP7\MovieClipLoader.as
[2012.03.30 17:20:02 | 000,000,544 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\First Run\Classes\FP8\MovieClipLoader.as
[2012.03.30 17:20:02 | 000,000,576 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\First Run\Classes\FP9\MovieClipLoader.as
[2012.03.30 17:20:02 | 000,010,454 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\First Run\Classes\mx\controls\Loader.as
[2012.03.30 19:25:32 | 000,033,181 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\cs_CZ\Configuration\Templates\Sample Files\Preloader for External File.fla
[2012.03.30 19:25:32 | 000,036,801 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\cs_CZ\Configuration\Templates\Sample Files\Preloader for SWF.fla
[2012.09.17 06:39:16 | 003,296,336 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\PhotoDownloader.exe
[2014.04.18 22:58:42 | 000,000,025 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\PhotoDownloader.ini
[2012.08.31 03:32:08 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.08.31 03:34:50 | 000,000,273 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\apd\shared_assets\locales\cs_CZ\Photodownloader.ini
[2012.08.31 03:32:14 | 000,002,232 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\Assets\bitmaps\main_window\C_LoadError.PNG
[2012.09.17 06:37:58 | 000,113,232 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\MXF_SDK_MetaMetadata_BinaryLoader_4.3.4.dll
[2012.09.17 06:38:04 | 000,203,856 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\MXF_SDK_MetaMetadata_XSDLoader2_4.3.4.dll
[2012.09.17 06:38:10 | 000,152,144 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\MXF_SDK_MetaMetadata_XSDLoader_4.3.4.dll
[2012.08.31 03:32:58 | 000,002,713 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 11 Organizer\Mozilla\components\uriloader.xpt
[2012.02.22 23:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 23:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 23:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2007.06.27 20:03:00 | 000,177,448 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2013.09.13 19:51:30 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.12.30 01:54:29 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.03.24 21:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2005.11.10 14:28:10 | 000,126,976 | ---- | M] () -- \Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\Programs\PCULoader.exe
[2015.02.13 13:10:14 | 000,000,972 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_about.fen
[2015.02.13 13:10:14 | 000,000,686 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2015.02.13 13:10:14 | 000,000,770 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_debug.fen
[2015.02.13 13:10:14 | 000,000,848 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_download.fen
[2015.02.13 13:10:14 | 000,003,021 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_filestatus.fen
[2015.02.13 13:10:14 | 000,000,676 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2015.02.13 13:10:14 | 000,002,534 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2015.02.13 13:10:14 | 000,002,336 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_onboard.fen
[2015.02.13 13:10:14 | 000,001,386 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_options.fen
[2015.02.13 13:10:14 | 000,001,330 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2015.02.13 13:10:14 | 000,002,541 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2015.02.13 13:10:14 | 000,002,131 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_prefs.fen
[2015.02.13 13:10:14 | 000,000,934 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2015.02.13 13:10:14 | 000,001,057 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2015.02.13 13:10:14 | 000,001,116 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2015.02.13 13:10:14 | 000,002,181 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_welcome.fen
[2006.01.11 10:23:00 | 000,151,552 | ---- | M] () -- \Program Files (x86)\Network Print Monitor\Loader.dll
[2009.05.31 04:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 04:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2015.05.19 00:40:25 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Red Giant Link\_win32sysloader.pyd
[2013.10.04 05:37:43 | 000,000,349 | ---- | M] () -- \Program Files (x86)\rFactor\GameData\Vehicles\Shelby\1969GT500\Toploader4speed_Gears.ini
[2014.12.10 03:28:04 | 000,001,701 | ---- | M] () -- \Program Files (x86)\Steam\friends\broadcastuploaderrornotification.res
[2014.11.11 20:48:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2010.09.06 04:23:54 | 000,120,320 | ---- | M] () -- \Program Files (x86)\Xilisoft\HD Video Converter 6\vcloader.exe
[2010.09.13 08:45:02 | 000,005,932 | ---- | M] () -- \Program Files (x86)\Xilisoft\HD Video Converter 6\plugins\loader.avsi
[2012.03.24 02:01:06 | 000,115,712 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS6\Support Files\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.03.24 02:01:06 | 000,225,280 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS6\Support Files\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.03.24 02:01:06 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS6\Support Files\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012.03.13 12:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 10:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.03.16 00:17:30 | 000,115,712 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.03.16 00:17:30 | 000,225,280 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.03.16 00:17:30 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.12.02 16:33:02 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.3\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.22.dll
[2013.12.02 16:33:02 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.3\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.22.dll
[2013.12.02 16:33:02 | 000,148,480 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.3\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.22.dll
[2010.03.24 21:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.03.05 10:11:10 | 000,432,128 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2013.03.05 13:03:44 | 000,443,904 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2013.03.05 12:34:20 | 000,192,512 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2014.03.13 17:11:18 | 000,103,936 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2014.03.13 17:11:24 | 000,017,920 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2014.03.13 17:12:08 | 000,020,480 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program64\WICLoader.exe
[2014.03.26 18:17:36 | 000,509,324 | ---- | M] () -- \Temp\dwnld\HTTP\www.webdownloader.cz\webdownloader.zip
[2012.03.30 17:20:02 | 000,000,544 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP7\MovieClipLoader.as
[2012.03.30 17:20:02 | 000,000,544 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP8\MovieClipLoader.as
[2012.03.30 17:20:02 | 000,000,576 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP9\MovieClipLoader.as
[2012.03.30 17:20:02 | 000,010,454 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\controls\Loader.as
[2015.04.05 13:48:02 | 000,001,928 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl\0.0.15_0\loader.gif
[2015.04.01 13:03:02 | 000,004,541 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\42.0.2311.37_0\wcs_loader.js
[2014.08.13 13:14:30 | 000,009,418 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.34_0\img\gifloader.gif
[2015.05.28 12:46:35 | 000,027,448 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.12.23 01:23:04 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 20:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 20:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 20:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 20:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 20:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013.12.21 20:59:43 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.12.21 20:59:43 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.12.21 20:59:43 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.12.21 20:59:43 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.12.21 20:59:43 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 20:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.12.23 01:23:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2013.03.28 03:01:12 | 000,000,135 | ---- | M] () -- \Windows\AutoKMS.ini
[2015.03.11 00:56:41 | 000,000,715 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2015.05.23 04:48:31 | 000,047,457 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log

< *activator* /s >
[2012.03.30 17:20:02 | 000,002,319 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\First Run\Classes\mx\skins\halo\ActivatorSkin.as
[2012.03.30 17:20:02 | 000,001,806 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS6\Common\First Run\Classes\mx\skins\sample\ActivatorSkin.as
[2012.03.30 17:20:02 | 000,002,319 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\skins\halo\ActivatorSkin.as
[2012.03.30 17:20:02 | 000,001,806 | ---- | M] () -- \Users\XDANCUMP\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\skins\sample\ActivatorSkin.as

< *serial* /s >
[2014.05.14 00:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.11.04 19:31:05 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.04.10 11:37:28 | 000,236,032 | ---- | M] () -- \Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\W2PSerializer.dll
[2012.03.25 04:50:58 | 000,439,440 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\boost_serialization.dll
[2013.01.31 04:26:31 | 000,000,054 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins\Flaming_Pear\Flexify 2.73\Serial.txt
[2014.05.14 00:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.11.04 19:31:50 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.05.21 18:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 18:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2015.02.23 23:09:28 | 000,014,316 | ---- | M] () -- \Users\XDANCUMP\AppData\Roaming\uTorrent\Serial (Bad) Weddings (2014).torrent
[2009.07.26 20:39:28 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.12.22 00:38:36 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.22 00:39:46 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.12.22 00:42:37 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.22 00:44:52 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2014.07.14 20:37:55 | 000,304,640 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\873837befa260d32cd0b3ce811b96efb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.07.14 20:37:55 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\873837befa260d32cd0b3ce811b96efb\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.07.14 20:38:09 | 002,785,280 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll
[2014.07.14 20:38:09 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll.aux
[2014.07.14 20:51:40 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\15ecbb8a1ddca366bda70718005521a1\System.Xml.Serialization.ni.dll
[2014.07.14 20:51:40 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\15ecbb8a1ddca366bda70718005521a1\System.Xml.Serialization.ni.dll.aux
[2014.07.14 20:43:46 | 000,373,248 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\cab4c46773a123bd72b938cc405aed46\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.07.14 20:43:46 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\cab4c46773a123bd72b938cc405aed46\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.07.14 20:45:23 | 003,599,872 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\9ffb83b70cc1fa28d2fd02956cf0c831\System.Runtime.Serialization.ni.dll
[2014.07.14 20:45:23 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\9ffb83b70cc1fa28d2fd02956cf0c831\System.Runtime.Serialization.ni.dll.aux
[2014.07.14 20:48:04 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\b2db45296eabfd00db1920158f3f5eb5\System.Xml.Serialization.ni.dll
[2014.07.14 20:48:04 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\b2db45296eabfd00db1920158f3f5eb5\System.Xml.Serialization.ni.dll.aux
[2012.07.09 02:42:12 | 000,027,760 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012.07.09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012.07.09 02:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.07.09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2012.07.09 00:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.07.09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012.07.09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 00:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2012.07.09 02:42:12 | 000,027,760 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 02:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 00:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012.09.27 21:44:46 | 000,027,824 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 02:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.26 20:39:19 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.26 20:36:24 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.26 20:39:19 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2009.07.26 20:36:24 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.26 20:39:30 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 04:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009.07.26 20:36:23 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.26 20:39:32 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 04:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.12.21 20:58:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.12.21 20:58:05 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.26 20:40:31 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 07:37:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009.07.26 20:36:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.26 20:40:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 07:37:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.26 20:36:48 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.20 07:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.20 07:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.26 20:38:37 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 04:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 20:39:28 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.26 20:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.26 20:39:19 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.26 20:36:24 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:BF3D62E7
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:DB60730C
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:2B600C25
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:B0177106
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:7980A5DB

< End of report >

[Sainzik]

Extras:

OTL Extras logfile created on: 28.5.2015 12:46:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XDANCUMP\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,87 Gb Total Physical Memory | 5,37 Gb Available Physical Memory | 68,33% Memory free
19,66 Gb Paging File | 16,99 Gb Available in Paging File | 86,43% Paging File free
Paging file location(s): c:\pagefile.sys 12081 12081 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 228,52 Gb Total Space | 93,28 Gb Free Space | 40,82% Space Free | Partition Type: NTFS
Drive D: | 237,15 Gb Total Space | 100,39 Gb Free Space | 42,33% Space Free | Partition Type: NTFS

Computer Name: DANDY | User Name: XDANCUMP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{063C29C0-E94F-4F06-BCD3-CCF77A6DC562}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0DD4A8AF-A9AD-4A5B-821C-F2A7DBCBC43F}" = lport=135 | protocol=6 | dir=in | name=elsawinrpc |
"{0E7606B7-96BF-49D6-A2EC-4F5CCC0EF5D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1700D956-FEC4-4E60-8EA1-59C28A1FE84A}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1A35D4B1-5AE2-441E-B61C-EE664229541D}" = lport=10244 | protocol=6 | dir=in | app=system |
"{1A46DD3A-80A7-4F84-8D45-C1DE42B95588}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1B9D1857-FB3E-4474-8B2D-DC515A396F11}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{201EBF63-0198-4C83-B844-6DE4D8CACCB0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2719A66F-05D9-4329-BE1E-4748B6F44CBE}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2C1D2C0B-0558-4A6F-8D92-514440AFB2BD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2DF3D5D8-1FC0-4F0A-B39D-F16A1953B3DD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2EAF75D6-09F1-4D71-A5EC-F2B8620595CC}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{2F32B3C8-B9E4-4AED-8B65-537F99B652A7}" = lport=137 | protocol=17 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{42E875D5-D3EE-474E-983E-1771EF038E01}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{52029356-F446-44E5-9EBF-9FB4E07F9DFC}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{5F507DEE-A5D8-4550-8115-6D8C9E54CDB8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{66DF68F9-4E13-4327-9238-D9D7C1833540}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{6A9419ED-3895-48A6-82EB-4B0CB726593D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72E838D6-8752-4DD4-AE19-7B9FC392AA2A}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{7E6A147D-9A53-4D60-8262-EC69CAD1E81D}" = lport=54010 | protocol=6 | dir=in | name=samsung allshare slideshow service |
"{83DB246F-AFFD-428A-B18B-AF15C384186B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{882EC07D-8B2C-4F42-8BAC-AECF6E046880}" = lport=3390 | protocol=6 | dir=in | app=system |
"{8C06FA8C-3BCA-4FA8-9C43-0528EBA4838C}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{8D0B182A-176A-4B57-BB24-CA9CDEFF3279}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{931C13A7-B01F-43F3-B689-6822D0B8A091}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{979A5EE3-C0FA-488F-965E-6D1A17B8BD7F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98B7922C-E08F-4389-A2FA-8324FDDA431F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BE70DD0-972F-40E2-8014-DC55661CC192}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9C003061-66FC-4282-8EDA-0DCEF40A4F12}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{9E849814-238E-466B-9A6D-B8449BE0AE39}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{9EB2F682-4AAE-4987-A915-7BC19DECCB25}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A28E11CE-7426-4B02-AC82-1B904DE7ED76}" = lport=3390 | protocol=6 | dir=in | app=system |
"{A8B0ACE3-99A1-4009-B2AD-F0BBCB61770B}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{A9CADBA9-40E5-49A3-BD1C-98BA07C91BCA}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{AAB50AFC-CBBE-42A9-B0EC-4A76AB9696B4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AECC0A5C-EA69-43F0-ADDD-00D98E4D2A39}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B1AC28AC-25D1-4748-A470-882992109FEF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BB8F1493-0172-4481-B157-F003C5E6DBEC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BE26391D-2F97-4BBE-81C4-D8A68592DE3B}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{BE2FD500-E33D-404F-89DF-E721DF3181B6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{C0507DC0-1DC1-43AC-96BD-A10D2A7A095F}" = lport=10244 | protocol=6 | dir=in | app=system |
"{C19654BA-324B-49AC-BAC1-3B60194D0353}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CC4DF7EA-AD3D-4E64-A75D-570306458496}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{CCF10071-1EC6-47EC-9CA2-BD0DD2612E68}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D772F124-D822-4CC5-BF85-400A29F355DE}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D9B34947-A1BF-4008-A1FB-AA27286A7333}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E5C2D60F-F87F-4619-8E8C-4A644A9AFB10}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{E74D0A17-14F2-41A0-BFB4-7C2F9CE71DFB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFB2034C-C1A1-41A1-A041-FB19C0D66EF4}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{F3115AE3-F37A-4CCF-9051-F0456AA988C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FCD7B55D-5943-433C-BBA3-C79C6E81D297}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD33A3F4-2832-4B7D-843F-527A56B66D06}" = lport=7852 | protocol=6 | dir=in | name=war thunder |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0136C1FF-7507-4977-B6CA-D639EA4E0255}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{01E9A6C3-AAF9-43E1-8F20-D19DDC772B2E}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\uninstall.exe |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{02D8E030-6828-4B97-B754-C887F027B873}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{0496BDBC-82A6-49FE-9D74-BDF6821975B8}" = protocol=17 | dir=in | app=c:\users\xdancump\appdata\roaming\utorrent\utorrent.exe |
"{0772F781-5059-462D-9092-0F919CB65C50}" = dir=in | app=c:\program files (x86)\google\chrome remote desktop\42.0.2311.39\remoting_host.exe |
"{0B2C37EA-403A-4408-9187-E52691FE64D1}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{1052812F-4492-4D90-BC02-18D81DB861AE}" = dir=in | app=%programfiles% (x86)\website x5 v11 - professional\imupdate.exe |
"{12C61820-07D9-41D3-B3F2-0419FA5C0E2F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{13D3016A-63E8-4F80-8774-D6611DE8DB74}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\slm2070\scancdlm\scancdlm.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{150B738C-09FF-4712-93E5-96E328EFD9F7}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{150E9FD8-3F11-436A-BAA5-B0BC9FB1E47D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{179C3327-1025-42D1-9DB5-9E03B9D35589}" = protocol=17 | dir=in | app=c:\users\xdancump\appdata\roaming\dropbox\bin\dropbox.exe |
"{1BEA4511-A3CD-4E2E-8F54-7D65AED01242}" = dir=in | app=%programfiles% (x86)\website x5 v11 - professional\imregister.exe |
"{20A575D4-A8F4-420A-BEF0-DF249C88BC3D}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{230E7579-0A7A-44CC-B03E-24F797798B47}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{23396B10-884F-4BE4-956E-8C16FA3672FB}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2494D452-695D-482A-9BF0-044C5324F3D1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{25B48B6E-82E1-4B8C-86F8-36199694DFE3}" = dir=out | app=%programfiles% (x86)\website x5 v11 - professional\imregister.exe |
"{25EE70CB-9633-42C2-8D15-2FB2923074C2}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{274426A6-04CA-4C9A-BDF1-C6DF07ABE313}" = protocol=17 | dir=in | app=c:\users\xdancump\appdata\roaming\utorrent\utorrent.exe |
"{2EB071C2-F6C2-415B-B0B3-8CDBC344F479}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy document creator\edc.exe |
"{30DBB3C9-C632-4199-89B2-10859FA2C0B7}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{3797EB1E-85FD-477F-ACEA-9634C59EFFA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{382773FA-F0A9-48FB-B59F-14ED7953D6CE}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{38F062AE-AFCA-4FDD-8285-D92CA2432EE5}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{3DDFEF86-F81C-4FD9-B2FE-45906A34A15E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{41236672-60A1-4B93-8E16-7FAE02103D24}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{41429DCF-B913-4A0C-909C-D534E9377879}" = protocol=6 | dir=in | app=c:\users\xdancump\appdata\roaming\utorrent\utorrent.exe |
"{4161F051-0641-4C8C-B9C0-6CD4410C1DBF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{4242C5FF-08E9-4544-8D3F-9C6BFA5E5D07}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{4334CBBD-EACE-4DB3-978F-D1941912FC19}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46C32E75-0CE0-43DC-A61E-E7CCF4539458}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{46F42441-2E46-4B52-B746-26C20AF64256}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{4823DEF7-2D95-467F-8198-964C8159B6EB}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{488D1E54-1A29-416F-B968-D29C28F20D98}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{488D4452-5CDE-43C0-977E-99BA4F0F3294}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4B73E21A-2EF0-4F9A-9ED5-07AF7D9EB0E1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{4DE7AD48-29A5-4535-AF1D-0C3F5BC849F0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50E4E375-93B2-4657-8815-298EA4E978AF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{51185D66-1C1D-4688-8F50-63377F93D0BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54A06E40-67B8-4E79-A3C8-EB01878C5A25}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{55E91DC8-6655-4F3E-9028-E063DEDE14EF}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{57404B4E-54FA-4A08-804F-422D635F9F38}" = protocol=17 | dir=in | app=c:\users\xdancump\appdata\roaming\dropbox\bin\dropbox.exe |
"{59C1DAB8-6A2F-4A1A-AC34-95DC3B812CBA}" = protocol=6 | dir=in | app=c:\warthunder\bpreport.exe |
"{5B79008C-35E9-4081-9104-8ECF94B34EFD}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{5BEDD907-FD4C-473F-B180-07F80705A113}" = dir=in | app=e:\setup\hpznui40.exe |
"{5CBD3502-143E-40E8-B9EB-5082C0187C9F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{5F3FF333-DB6E-43A6-897C-F610757ED583}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{5FDC2C43-340C-4339-8C73-7CEA0E690004}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{61D6353B-3C47-4B63-A253-4BC8DA769659}" = protocol=17 | dir=in | app=c:\users\xdancump\appdata\local\microsoft\skydrive\skydrive.exe |
"{61E11B13-4C21-4C63-9885-9DEEE07CCDC2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{662E2081-1076-4782-AD3C-97B5E614F567}" = dir=in | app=c:\program files (x86)\companion suite pro ll2\mfservices.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A4A2B16-18E4-49AE-AAD8-3B46FD9EBEE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B681A79-1552-4D10-BD46-F52111FA6E41}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\slm2070\scancdlm\scancdlm.exe |
"{6BDA7F36-6E35-4A5C-AE17-13B75A9E839B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6CC85781-6B88-42E5-B8A1-D6F8B043D770}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{7120787E-B0E9-459C-9DC9-21EE38F7F0DE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{715C92FB-4FED-4195-B9D7-13F6A5EE1AE2}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{72643260-5992-4BE2-9C81-75CB1B48CE09}" = dir=in | app=%programfiles% (x86)\website x5 v11 - professional\websitex5.exe |
"{73B0BC51-3A5B-4699-8848-6368B8CE9EE8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73E315F7-128A-444A-9E31-A5092AE9A3F3}" = protocol=6 | dir=in | app=c:\users\xdancump\appdata\local\microsoft\skydrive\skydrive.exe |
"{74FA1DCB-05AC-4F53-96CD-FDD62A817C95}" = protocol=17 | dir=in | app=c:\warthunder\bpreport.exe |
"{7564A491-ED65-4922-9FB8-1E4E28F7244F}" = protocol=6 | dir=out | app=system |
"{78E75FE8-F4AF-4F62-83FF-C0D9D93C92A6}" = protocol=17 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{7EDF3996-62F1-4300-B6B7-FEC86FE81928}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{7FA7336B-F98D-467D-ABA5-DFEFEED0C140}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{85DE26E0-AB7C-47E7-AE34-355C67798473}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{868D8702-228A-443A-BA78-9BC7449C89F0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8802AE9C-E6C3-4482-858F-70D94439AFFC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{891A11A4-AB66-4EA6-9951-D439DBF4D3DC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8C470A5C-A9B7-4385-9E93-D2010FCF07A5}" = protocol=6 | dir=in | app=c:\users\xdancump\appdata\roaming\dropbox\bin\dropbox.exe |
"{97B814DC-EC3F-40D3-81E3-910092DC8FA9}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{9FC7C4E3-E0FC-43C1-A298-46ABDEA18614}" = dir=out | app=%programfiles% (x86)\website x5 v11 - professional\imupdate.exe |
"{A53018DD-D64F-4E1F-9012-2D8A9288E939}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB0629EF-15A7-45E8-9142-9E654CF2C270}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AEDF99BA-4D68-4CAA-B9DC-22CEB51209F2}" = protocol=6 | dir=in | app=c:\users\xdancump\appdata\roaming\utorrent\utorrent.exe |
"{B2AA66D2-82CB-4DFE-83B2-94600AEAC9F8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B6A00A0F-EF11-44D3-AE57-C3368D67B9C6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BBE6FE52-5C7A-4BDB-85A2-14CB2325EE33}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BDF1B465-41E5-4695-9E7F-751738EC53B1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{C2572037-9DD2-444A-9C5D-FD50624FE30D}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{C5350527-E7CB-42E0-8414-74A674A2CB88}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{C610F4DB-2F1B-4CF7-B7B2-869EF7FC4F6D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{C95BFA65-A504-4CB9-97C5-BAB9B6EC700B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CC71D63E-D60D-4402-9835-96F59D12C35D}" = protocol=6 | dir=in | app=c:\warthunder\launcher.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CF0062B6-9AFC-45F2-AF23-64535F81C205}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D27AB3E4-7BB5-4BE0-BFBB-F78C08C9CB97}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{D3120641-C28C-4ED4-8C66-749970F59C00}" = protocol=6 | dir=in | app=c:\users\xdancump\appdata\roaming\dropbox\bin\dropbox.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D3E5E7D2-EB99-4ABA-A46C-DD89833DBC96}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{D6EE9376-F7B2-4513-87AB-AD1CACB56B87}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DA879468-0FFC-4DD6-9A91-F18DB74CE5D6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{DBDA3EE4-0422-4279-AEE9-1DC15139B6E5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{E23FBAE1-9709-4289-BEAD-648780D33A84}" = protocol=17 | dir=in | app=c:\warthunder\launcher.exe |
"{E2E780B3-3406-4AAB-B6B0-C7EE0FA3830E}" = dir=out | app=%programfiles% (x86)\website x5 v11 - professional\websitex5.exe |
"{E3EC474D-DB26-413B-AE12-739330771E7A}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\uninstall.exe |
"{E4C7BF7C-5D91-4234-B5A3-31B1EF0D45F9}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{E7FFC601-7FBE-4E12-A0BB-A92DD09CBF30}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy document creator\edc.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9617761-F414-4E07-8D59-C5200B4ADE07}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F535D0E6-085F-470B-9197-1AB10CF578EC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F6E14EFA-35FF-465C-A5A3-0E1C3ECB8A1D}" = protocol=6 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FEE5C80E-2B2D-4D40-B806-D7D2DF9EFA6F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{30B280A9-44B1-4AC9-A25C-7EAB3DA44317}D:\users\xdancump\documents\plocha\rfactor 2015\rfactor.exe" = protocol=6 | dir=in | app=d:\users\xdancump\documents\plocha\rfactor 2015\rfactor.exe |
"TCP Query User{6C06A2C4-8C6C-4D29-A6A0-2F426CCC05DB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{6D9E7D1F-A5A7-41E3-8232-3CB526B5C3CF}C:\program files\java\jre7\launch4j-tmp\vracingdisplayserver.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\vracingdisplayserver.exe |
"UDP Query User{90CBCE91-C939-4C61-8B87-62DA694C9F54}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{BC603776-8997-483E-B17E-A780CF5B2AD9}D:\users\xdancump\documents\plocha\rfactor 2015\rfactor.exe" = protocol=17 | dir=in | app=d:\users\xdancump\documents\plocha\rfactor 2015\rfactor.exe |
"UDP Query User{C464C82C-767C-4954-A059-D29E6A7D7CDE}C:\program files\java\jre7\launch4j-tmp\vracingdisplayserver.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\vracingdisplayserver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{2DD71ACB-552D-402C-9529-7906ACB95C30}" = Adobe Photoshop Lightroom 5.3 64-bit
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61D4B846-49F8-2639-A4EB-977875265F37}" = ATI Catalyst Install Manager
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8424B163-D1E0-48B7-88A2-C7A61767B3D7}" = Microsoft SQL Server Compact 4.0 x64 ENU
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89505FE0-A07E-928A-42F4-DA1B2788C01B}" = ccc-utility64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BC741628-0AFC-405C-8946-DD46D1005A0A}" = 64 Bit HP CIO Components Installer
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"049CFE17644794A5F6E1EF943A516E1065F244E7" = Balíček ovladače systému Windows - FTDI USB Device Driver Package (03/30/2010 2.06.02)
"0B624A43DD66DBF5CF3EDFA9741A364E688062A4" = Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
"1F64724E4D591A125651B4B68C84B9CCE9619004" = Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
"22CCD58B53472BE3FCAFF05631111C4062959A43" = Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30)
"BD00013670D26C16E19F284BF8E15DAF813497C7" = Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30)
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_AUDIO_HDA_HDMI" = Conexant Audio Driver For AMD HDMI Codec
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.72
"Defraggler" = Defraggler
"ImagenomicNoisewarePlugin" = Imagenomic Noiseware 5.0.2 Plug-in (build 5020)
"ImagenomicPortraiturePlugin" = Imagenomic Portraiture 2.3 Plug-in (build 2308)
"Pen Tablet Driver" = Wacom
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"Windows Movie Maker" = Windows Movie Maker
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04B9F1A8-CC3B-CCF8-71B6-1ABFE4E00590}" = CCC Help Korean
"{04DE4606-6C76-A25C-BD13-646479CE1A5C}" = CCC Help Russian
"{058E65E2-AFC2-8974-43A2-1EA5A4A53471}" = ccc-core-static
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06A81056-303F-A212-191D-35310DE5759F}" = CCC Help English
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AA381AC-7BBB-5B29-836C-5E13BB91154A}" = CCC Help Hungarian
"{0DDCEDBA-8C17-CC50-7448-9131F3EF7517}" = Catalyst Control Center Localization All
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1" = Red Giant Link
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{162E46EB-F7C6-4B01-2384-349980B3F1BF}" = Catalyst Control Center Core Implementation
"{16622EEF-D159-3EB8-0EE3-F01B98317CED}" = CCC Help Swedish
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1C0526C4-478A-9066-F37A-E58F08A21FE9}" = Catalyst Control Center Graphics Full New
"{1D181764-DCD0-41B8-AA7B-0A599F027A72}" = Adobe Photoshop Elements 11
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F1E9571-0EA2-7AA3-647B-16698BED9CF4}" = CCC Help Danish
"{1FDB8BA3-9E5F-369F-C2A2-AA4AD06F0640}" = CCC Help French
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{24642C6B-1F1F-362F-6A7F-14C75C9EE603}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{313B4B6B-61B3-5F70-647B-E6285A9D81DF}" = CCC Help Spanish
"{31821EFE-1B31-4744-9FB0-208F92BD7168}" = Visual FoxPro ODBC Driver
"{3264BE02-6AC0-96B3-A212-392A850D58CA}" = CCC Help German
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34927EBC-98D4-4D53-98BE-510DF5999F50}" = Adobe AIR
"{35FC8349-C27B-4680-ABF1-88F7FE893586}_is1" = TAudioConverter verze 0.9.7
"{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}" = TOSHIBA TEMPRO
"{3CB58AB7-6750-F510-F055-27FA68D77472}" = CCC Help Dutch
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43A1DFB2-540E-46A6-B41E-B5099368BF75}_is1" = Incomedia WebSite X5 v11 - Professional
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ACE3E86-78B6-43A1-B104-E3F3006FC576}" = Companion Suite Pro LL2 Drivers
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53007195-C491-23E9-D420-EDAB61E57609}" = CCC Help Polish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5833EB1F-F1FD-DA8E-B2BA-C23E58BB0C65}" = Catalyst Control Center Graphics Full Existing
"{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}" = NVIDIA Photoshop Plug-ins 64 bit
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61539202-097E-487E-9237-B291AB56D54C}" = Bluetooth Monitor 4
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{684A4D63-85B1-B566-381E-91C3F5F80E4B}_is1" = Movie maker pro Windows 7 cz version for Windows
"{68A8941B-6E97-B11C-1B10-C3370E4CC885}" = Catalyst Control Center Graphics Previews Common
"{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}" = WinPatrol
"{6B59A12B-D448-E129-28E9-57D1E2E5F7BB}" = CCC Help Chinese Traditional
"{6CDB6681-B777-4DAD-412E-7933B9296850}" = CCC Help Greek
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B81F6BB-7C9C-E66F-9989-42EEB1076F84}" = Catalyst Control Center InstallProxy
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{7C515D87-2DCD-422B-B993-3FE8A71B3DDB}" = Noiseware Professional Plug-in
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 6.7.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85010422-4932-6A9E-C222-A994DA299C81}" = CCC Help Portuguese
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{901C0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{98CE8819-87AA-4814-8167-ADDDD513485F}" = PSE11 STI Installer
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9BE8E5-2263-3EFA-FDD1-11F6E267EEF9}" = CCC Help Norwegian
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6210BC-CF1C-E637-C74D-28612585CAD9}" = CCC Help Chinese Standard
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A1A724F3-F1A6-479C-AE98-208946717E2B}" = Chrome Remote Desktop Host
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}" = inSSIDer 3
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{ABDB5A8F-A163-4FD7-A8AE-E2695ACFEA90}" = Companion Suite Pro LL2
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.11) - Czech
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AFE6E077-E0A3-2993-0913-8DEEADF4E2DE}" = CCC Help Italian
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}" = SNS Upload for Easy Document Creator
"{B7C5EA94-B96A-41F5-BE95-25D78B486678}" = Splashtop Streamer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA28817B-738A-9284-D3D6-E973982AEF3B}" = Catalyst Control Center Graphics Previews Vista
"{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}" = Adobe Flash Professional CS6
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C58362EF-CABB-B475-065B-FD07C0D49770}" = CCC Help Czech
"{C7774A58-8B24-4E19-A92D-E887A8FD67A1}" = Castle Link
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CCF7074B-BE72-44E1-9CAC-3FFAC582C692}" = CZ
"{CF097717-F174-4144-954A-FBC4BF301029}" = Nero 7 Ultra Edition
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{D432AD16-2F8C-0022-E2F1-E27DCB5F6949}" = CCC Help Japanese
"{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}" = Elements 11 Organizer
"{D7659F54-7502-4312-AA24-F103C92C26F5}" = ScanSoft PaperPort 11
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1" = Trapcode Suite v12.1.7
"{E0FAA369-B0E3-48B8-9447-4873103B0012}" = TOSHIBA ConfigFree
"{E616437B-CE55-B463-ED6B-408E29A073CB}" = CCC Help Finnish
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E718AAF4-CB80-9649-347E-C9A9803BE6D0}" = CCC Help Thai
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.502
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F5EB2C27-3F16-01B6-BA56-316BC0F8CA87}" = Catalyst Control Center Graphics Light
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 17 PPAPI
"Adobe Photoshop Elements 11" = Adobe Photoshop Elements 11
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Bamboo Dock" = Bamboo Dock
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crack Microsoft Office 2010 2.2.3" = Crack Microsoft Office 2010 2.2.3
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver USBDEVICEDRV (1.00.009)" = Driver USBDEVICEDRV (1.00.009)
"Ema Config_is1" = Ema Config
"FileZilla Client" = FileZilla Client 3.10.2
"Google Chrome" = Google Chrome
"HeliconRemote_is1" = Helicon Remote 3.2.7.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"IT9130 DriverInstaller_11.9.2.1" = IT9130 Driver v11.9.2.1
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.1.5
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.1.6.1022
"Migration System Updater RBP" = Migration System Updater RBP
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"Network Print Monitor" = Network Print Monitor for Windows 2000/XP/2003/Vista
"Nik Collection" = Nik Collection
"O2 Mobilni internet" = O2 Mobilni internet
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"rFactor" = rFactor
"RivaTuner" = RivaTuner v2.23
"Samsung Easy Document Creator" = Samsung Easy Document Creator
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung M2070 Series" = Samsung M2070 Series
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Scan Process Machine" = Samsung Scan Process Machine
"Samsung SCX-3400 Series" = Samsung SCX-3400 Series
"Steam" = Steam
"TeamViewer" = TeamViewer 10
"Topaz Adjust 5" = Topaz Adjust 5
"Topaz BW Effects 2" = Topaz B&W Effects
"Topaz Clean 3" = Topaz Clean 3
"Topaz DeJpeg 4" = Topaz DeJpeg 4
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz Detail 3" = Topaz Detail 3
"Topaz Fusion Express 2" = Topaz Fusion Express 2
"Topaz InFocus" = Topaz InFocus
"Topaz Lens Effects" = Topaz Lens Effects
"Topaz ReMask 3" = Topaz ReMask 3
"Topaz Simplify 4" = Topaz Simplify 4
"View User Guide" = Zobrazit uživatelskou příručku
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinRAR archiver" = WinRAR
"Xilisoft HD Video Converter 6" = Xilisoft HD Video Converter 6
"XTUNING_Flash_is1" = XTuning Flash Tool verze 2015.1

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SkyDriveSetup.exe" = Microsoft SkyDrive
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.4.2015 18:14:18 | Computer Name = Dandy | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TosBtAvAC.exe, verze: 7.10.4820.1, časové
razítko: 0x4bf4f85a Název chybujícího modulu: TosBtAvAC.exe, verze: 7.10.4820.1,
časové razítko: 0x4bf4f85a Kód výjimky: 0xc0000005 Posun chyby: 0x0000778c ID chybujícího
procesu: 0xac8 Čas spuštění chybující aplikace: 0x01d07e826aca7e94 Cesta k chybující
aplikaci: C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe Cesta
k chybujícímu modulu: C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
ID
zprávy: 3f89e0d9-eacf-11e4-adc0-00266c799531

Error - 28.4.2015 10:35:02 | Computer Name = Dandy | Source = Application Error | ID = 1000
Description = Název chybující aplikace: explorer.exe, verze: 6.1.7601.17514, časové
razítko: 0x4ce7a144 Název chybujícího modulu: EXPLORERFRAME.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7c6a8 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000fa711
ID
chybujícího procesu: 0xa38 Čas spuštění chybující aplikace: 0x01d0808435c44704 Cesta
k chybující aplikaci: C:\Windows\explorer.exe Cesta k chybujícímu modulu: C:\Windows\system32\EXPLORERFRAME.dll
ID
zprávy: c0c9fd27-edb3-11e4-acda-00266c799531

Error - 4.5.2015 13:27:44 | Computer Name = Dandy | Source = chromoting | ID = 3
Description = Přístup klienta zamítnut: dan.cumpelik@gmail.com/chromotingB632FED1.

Error - 4.5.2015 13:27:52 | Computer Name = Dandy | Source = chromoting | ID = 3
Description = Přístup klienta zamítnut: dan.cumpelik@gmail.com/chromoting534D7EA7.

Error - 8.5.2015 18:39:17 | Computer Name = Dandy | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17514, časové
razítko: 0x4ce7a144 Název chybujícího modulu: wpdshserviceobj.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7cab1 Kód výjimky: 0xc0000005 Posun chyby: 0x000000000000ca75
ID
chybujícího procesu: 0xacc Čas spuštění chybující aplikace: 0x01d085a24da5cf01 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\system32\wpdshserviceobj.dll
ID
zprávy: 0eb69e67-f5d3-11e4-b367-00266c799531

Error - 18.5.2015 18:09:36 | Computer Name = Dandy | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_SysMain, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: sysmain.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7c9db Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000055e99
ID
chybujícího procesu: 0x8c0 Čas spuštění chybující aplikace: 0x01d091692932a3a5 Cesta
k chybující aplikaci: C:\Windows\system32\svchost.exe Cesta k chybujícímu modulu:
c:\windows\system32\sysmain.dll ID zprávy: 914a3db8-fdaa-11e4-8df9-00266c799531

Error - 19.5.2015 8:12:54 | Computer Name = Dandy | Source = RasClient | ID = 20227
Description =

Error - 22.5.2015 8:30:28 | Computer Name = Dandy | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TosBtAvAC.exe, verze: 7.10.4820.1, časové
razítko: 0x4bf4f85a Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247,
časové razítko: 0x521ea8e7 Kód výjimky: 0xc0000005 Posun chyby: 0x00032f24 ID chybujícího
procesu: 0x1060 Čas spuštění chybující aplikace: 0x01d091dba492f0e9 Cesta k chybující
aplikaci: C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe Cesta
k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 53af52fc-007e-11e5-aea6-00266c799531

Error - 22.5.2015 22:04:21 | Computer Name = Dandy | Source = MsiInstaller | ID = 11309
Description =

Error - 26.5.2015 9:25:34 | Computer Name = Dandy | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Selhalo načtení automatické aktualizace kořenového certifikátu jiného
výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 0F069E.crt>.
Došlo k chybě Daná operace se vrátila, protože vypršel časový limit. .

[ System Events ]
Error - 24.5.2015 15:03:20 | Computer Name = Dandy | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 25.5.2015 16:09:37 | Computer Name = Dandy | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 25.5.2015 16:16:46 | Computer Name = Dandy | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 27.5.2015 6:00:05 | Computer Name = Dandy | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 27.5.2015 9:41:56 | Computer Name = Dandy | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.

Error - 27.5.2015 9:43:35 | Computer Name = Dandy | Source = Service Control Manager | ID = 7034
Description = Služba Nalpeiron Licensing Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 27.5.2015 16:51:35 | Computer Name = Dandy | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.

Error - 27.5.2015 16:53:30 | Computer Name = Dandy | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.

Error - 27.5.2015 17:04:33 | Computer Name = Dandy | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.

Error - 27.5.2015 17:06:28 | Computer Name = Dandy | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.


< End of report >

[Márty84]

Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Sainzik]

legalita v poradku. koupil jsem si tento notebook z jedné reklamky od známého i včetně spousty licencí dobrý kup. a nebudu jej ani formátovat jen pročistím, proto jsem se obrátil na Vás na profesionály

[Sainzik]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 28.5.2015
Čas skenování: 21:04:25
Protokol: ii.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.28.06
Databáze rootkitů: v2015.05.24.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: XDANCUMP

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1027889
Uplynulý čas: 4 hod, 36 min, 1 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 30
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll, , [cc3a5544b9d17db927d2af3aab5736ca],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll, , [3dc955446e1c44f28c6de70246bcc53b],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\adobe.photoshop.cs6-patch.exe, , [29dd0495068493a30c894b8b5da3c13f],
PUP.Optional.OpenCandy, D:\Users\XDANCUMP\AppData\Roaming\uTorrent\updates\3.4.0_30596.exe, , [52b4e3b6157571c54818aedcd92c7c84],
TheftMarker.Crude, D:\Users\XDANCUMP\Desktop\INCOMEDIA WEBSITE X5 PROFESIONAL 11.0.1.12.MULTILINGUAL\Template Packs\Incomedia WebSite X5 Template Pack 901\crd.exe, , [6e98d4c5f79348ee04c1c4fc5da50ff1],
TheftMarker.Crude, D:\Users\XDANCUMP\Desktop\INCOMEDIA WEBSITE X5 PROFESIONAL 11.0.1.12.MULTILINGUAL\Template Packs\Incomedia WebSite X5 Template Pack 902\crd.exe, , [43c31287b3d785b16065eed242c03cc4],
TheftMarker.Crude, D:\Users\XDANCUMP\Desktop\INCOMEDIA WEBSITE X5 PROFESIONAL 11.0.1.12.MULTILINGUAL\Template Packs\Incomedia WebSite X5 Template Pack 903\crd.exe, , [f511d7c2b1d9a2946a5bc2fe976be61a],
TheftMarker.Crude, D:\Users\XDANCUMP\Desktop\INCOMEDIA WEBSITE X5 PROFESIONAL 11.0.1.12.MULTILINGUAL\Template Packs\Incomedia WebSite.X5 Template Pack 904\crd.exe, , [c6406435fa90d3634580dee29072f30d],
PUP.HackTool.HotKeysHook, D:\Users\XDANCUMP\Documents\Plocha\rFactorEMU.rar, , [cc3aedacc7c3072f619b505d08fdc33d],
PUP.HackTool.HotKeysHook, D:\Users\XDANCUMP\Documents\Plocha\rFactor 2015\vudibix\vudibix2.exe, , [12f4dabfdab05ed842ba6c4109fc22de],
Malware.Tool, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\1- WinRAR 3.80 Beta 5 (Extra)\RAR Slayer v1.1.exe, , [8c7a2a6f81090f27321e3b7d0101b34d],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Buena Software Au Naturel 1.1.1\Buena Software Au Naturel 1.1.1.rar, , [e81e6732c3c76ec8378bcfb27e82d52b],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Buena Software Swatch Buckler 1.0.1\Buena Software Swatch Buckler 1.0.1.rar, , [1cea32671377ed49348e96eb8d73cd33],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Panopticum Animatext 3D 1.0 for WinXP\Panopticum Animatext 3D 1.0 for WinXP.rar, , [a95dd4c56a20a88e685a82ff48b8d927],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Trapcode Starglow 1.0.3\Trapcode Starglow 1.0.3.rar, , [22e4a9f06624c86eccf6572a11ef9769],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Fnordware PowerPicker 1.01\Fnordware PowerPicker 1.01.rar, , [3cca207929611d199929d2af4db3639d],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Panopticum Animatext 3D 1.0 for 9xMENT2K\Panopticum Animatext 3D 1.0 for 9xMENT2K.rar, , [c83e1089c4c6a3939b27c4bd53ad3fc1],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Panopticum Curtains 1.02\Panopticum Curtains 1.02.rar, , [749286135634a98d2999542d946cdf21],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Panopticum Custom Speed2 v.1.0\Panopticum Custom Speed2 v.1.0.rar, , [e81ef6a34b3fdc5a0db584fd639dda26],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Panopticum IcePattern 1.0\Panopticum IcePattern 1.0.rar, , [49bd7821f1994de92e945d24e41cbd43],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Panopticum Water 1.0\Panopticum Water 1.0.rar, , [b74fd2c7880281b5507279089d63df21],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Profound Effects Useful Assistants 1.0\Profound Effects Useful Assistants 1.0.rar, , [50b607923951e94d269c8ef3748c847c],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Profound Effects Useful Things 1.5\Profound Effects Useful Things 1.5.rar, , [ba4cb5e4e7a3c76fe7dbb1d09b65bd43],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\StageTools MovingPicture 4.4 AE\StageTools MovingPicture 4.4 AE.rar, , [12f44f4a01895ed8d2f07d04ba468c74],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Trapcode 3D Stroke 2.0.4\Trapcode 3D Stroke 2.0.4.rar, , [7d89089192f859dda81a572a2ed2fa06],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Trapcode Lux 1.0.1\Trapcode Lux 1.0.1.rar, , [34d28f0ae1a9bc7aa2200f7239c71ce4],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Trapcode Particular 1.0.1\Trapcode Particular 1.0.1.rar, , [3ec83861c2c8f73f437fbec319e74ab6],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Trapcode Shine 1.0.6\Trapcode Shine 1.0.6.rar, , [74925940c8c255e10eb4602116ea7b85],
Malware.Packer.Gen, D:\Users\XDANCUMP\Documents\Plocha\uTorrent\Adobe After Effects - Plugins MegaPack only [RH]\Adobe After Effects Plugins MegaPack\Trapcode SoundKeys 1.1.2\Trapcode SoundKeys 1.1.2.rar, , [6d996a2f5e2c4beb9d25572a37c96d93],
PUP.Optional.LuckySearches.A, C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Dobré: (), Špatné: ({"browser":{"show_home_button":true},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"h","commands":{},"content_settings":[],"creation_flags":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076822934967834","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Objevte skvÄ?lA© aplikace, hry, rozA!A­A?enA­ a motivy prohlA­A3eÄ?e Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Obchod Chrome","permissions":["webstorePrivate","management","system.cpu","system.display","system.memory","system.network","system.storage"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\web_store","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"aknpkdffaafgjchaibgeefbgmgeghloj":{"active_permissions":{"api":["unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076877132179791","lastpingday":"13077269996826338","location":1,"manifest":{"app":{"launch":{"container":"tab","urls":["http://chrome.angrybirds.com"],"web_url":"http://chrome.angrybirds.com"}},"current_locale":"cs","default_locale":"en","description":"PtA!ci! Praky! Destrukce! PeA?A­! ZA!bava!","icons":{"128":"128.png","16":"16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6PeQTq1pwDNiqFlcp7UsUUUJQBsjUBcSiboI/+WSmsE93IF5xyd3e6erYAPW7DRBdrCJVDqPW0kv0APgTaCGOhVTBjvYO/1IbBBX86j+1pE58f4slTybPxklVQw04gXEkxe2fLBFriVf1bH20b+X9tagRS+6oqz2glinagc7FVwIDAQAB","manifest_version":2,"name":"Angry Birds","offline_enabled":true,"permissions":["unlimitedStorage"],"update_url":"https://clients2.google.com/service/upd ... ons":{"api":["contextMenus","tabs"],"explicit_host":["http://api.mywot.com/*","http://www.myw ... mywot.com/*"],"manifest_permissions":[],"scriptable_host":["http://*/*","http://www.mywot.com/*","https://*/*","https://www.mywot.com/*"]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["contextMenus","tabs"],"explicit_host":["http://api.mywot.com/*","http://www.myw ... mywot.com/*"],"manifest_permissions":[],"scriptable_host":["http://*/*","http://www.mywot.com/*","https://*/*","https://www.mywot.com/*"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076877126635370","lastpingday":"13077269996826338","location":1,"manifest":{"background":{"page":"background.html"},"browser_action":{"default_icon":"skin/fusion/19_19/default.png","default_popup":"ratingwindow.html","default_title":"WOT"},"content_scripts":[{"all_frames":true,"exclude_matches":["http://www.mywot.com/*","https://www.mywot.com/*"],"js":["wot.js","content/common.js","content/i-warning.js","content/url.js","content/popup.js","content/search.js","content/welcome_tips.js","content/surveys.js"],"matches":["http://*/*","https://*/*"],"run_at":"document_start"},{"all_frames":true,"js":["wot.js","content/common.js","content/my.js","content/settings.js"],"matches":["http://www.mywot.com/*","https://www.mywot.com/*"],"run_at":"document_start"}],"content_security_policy":"style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; script-src 'self' https://ssl.google-analytics.com; object-src 'self'; img-src *","current_locale":"cs","default_locale":"en","description":"NA!stroj WOT vA!m ukA!A3e, kterA1m strA!nkA!m mA—A3ete dA—vÄ?A?ovat na zA!kladÄ? zkuA!enostA­ miliA3nA— uA3ivatelA— po celA©m svÄ?tÄ?.","icons":{"128":"skin/fusion/icons/128.png","16":"skin/fusion/icons/16.png","32":"skin/fusion/icons/32.png","48":"skin/fusion/icons/48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+5gqgUc6+WAXv9isVvOB2+4QJN0yG+hT5PVVqmA+rMdbj6/849Rbj7BilvSKC1w8S8rKMP0O+xp5g+qrmegkobz7HXvZUM2zYADWwQZOmPzh8I/wjeSHQHgBpq9DXCXdtkiq5bMuQqZH+g2+xP5dtBt8jvanbdXoFrvtYm2dOoQIDAQAB","manifest_version":2,"minimum_chrome_version":"18","name":"WOT","options_page":"options.html","permissions":["tabs","contextMenus","http://www.mywot.com/*","http://api.myw ... mywot.com/*"],"update_url":"https://clients2.google.com/service/upd ... _resources":["content/warning.html","widgets/surveys.html","skin/include/popup.css","skin/include/warning.css","skin/include/welcometips.css","skin/fusion/logo.png","skin/b/logo.png","skin/b/confidence_150dpi.png","skin/b/donuts_150.png","skin/b/bubl_speech_c_150.png","skin/b/bubl_speech_l_150.png","skin/b/bubl_speech_r_150.png","skin/b/ws/robot.png","skin/b/ws/list_c.png","skin/b/ws/list_l.png","skin/b/ws/list_r.png","skin/b/accessible/donuts_150.png","skin/b/welcometips/wt_intro_0.png","skin/b/welcometips/wt_intro_top.png","skin/b/welcometips/wt_left_corner.png","skin/b/welcometips/wt_left_corner_2.png","skin/fusion/accessible/16_16/plain/r0.png","skin/fusion/accessible/16_16/plain/r1.png","skin/fusion/accessible/16_16/plain/r2.png","skin/fusion/accessible/16_16/plain/r3.png","skin/fusion/accessible/16_16/plain/r4.png","skin/fusion/accessible/16_16/plain/r5.png","skin/fusion/16_16/plain/lock.png","skin/fusion/16_16/plain/locked.png","skin/fusion/16_16/plain/r0.png","skin/fusion/16_16/plain/r1.png","skin/fusion/16_16/plain/r2.png","skin/fusion/16_16/plain/r3.png","skin/fusion/16_16/plain/r4.png","skin/fusion/16_16/plain/r5.png","skin/fusion/16_16/plain/rx.png"]},"path":"bhmmomiinigofkjcapegjjndpbikblnp\\2.6.0_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076877130297096","lastpingday":"13077269996826338","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"http://www.youtube.com/?feature=ytca"}, ... benÄ?jA!A­ komunita online videa na svÄ?tÄ?.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"http://clients2.google.com/service/upda ... pp"},"urls":["*://www.google.com/search","*://www.google. ... com/imgres"]},"current_locale":"cs","default_locale":"en","description":"NejrychlejA!A­ zpA—sob, jak hledat na webu.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","manifest_version":2,"name":"VyhledA!vA!nA­ Google","permissions":[],"update_url":"http://clients2.google.com/service/upda ... ons":{"api":["bookmarks","bookmarkManagerPrivate","metricsPrivate","systemPrivate","tabs"],"explicit_host":["chrome://favicon/*","chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822934965667","location":5,"manifest":{"chrome_url_overrides":{"bookmarks":"main.html"},"content_security_policy":"object-src 'none'; script-src chrome://resources 'self'","description":"Bookmark Manager","icons":{},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+eN9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB","manifest_version":2,"name":"Bookmark Manager","permissions":["bookmarks","bookmarkManagerPrivate","metricsPrivate","systemPrivate","tabs","chrome://favicon/","chrome://resources/"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\bookmark_manager","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"ejidjjhkpiempkbhmpbfngldlkglhimk":{"active_permissions":{"api":["background","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"n","commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","notifications","unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076877129296216","lastpingday":"13077269996826338","location":1,"manifest":{"app":{"launch":{"web_url":"https://mail.google.com/mail/mu/?mui=ca"},"urls":["https://mail.google.com/mail/mu/"]},"current_locale":"cs","default_locale":"en","description":"Gmail Offline","icons":{"128":"icon_128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChT6oJaykFTd2csfmkFZi3Q3b+wqIQMQe3zW627AgjqOrsS8yh95obKydJgcZm7OBnyF4qp/MbUE6Ilc7fKD1VJNpzX7AL4qloY+GPH64hA/YRByF5SkLtxoGrPNXOoVXpDlr5alAhbcH959BiDMBSomoEC1o9AE9PxzbptJKsjwIDAQAB","manifest_version":2,"name":"Gmail Offline","offline_enabled":true,"permissions":["unlimitedStorage","notifications","background"],"update_url":"https://clients2.google.com/service/upd ... licit_host":["chrome://settings-frame/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["app.runtime.onLaunched"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822934971606","location":5,"manifest":{"app":{"background":{"scripts":["settings_app.js"]}},"description":"Settings","display_in_launcher":false,"icons":{"128":"settings_app_icon_128.png","16":"settings_app_icon_16.png","32":"settings_app_icon_32.png","48":"settings_app_icon_48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB","manifest_version":2,"name":"Settings","permissions":["chrome://settings-frame/"],"version":"0.2"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\settings_app","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"fdpohaocaechififmbbbbbknoalclacl":{"active_permissions":{"api":["activeTab"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["activeTab"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076877129562109","lastpingday":"13077269996826338","location":1,"manifest":{"browser_action":{"default_icon":"icon.png","default_popup":"popup.html"},"description":"Screen capture your current page in entirety and reliably!","icons":{"128":"icon128.png","16":"icon16.png","48":"icon48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDb5HGR8sO9jYpfNylXdnXNSzoeHaAdsBOpy5hiYEulgI5SOnkg1Zc93AZIlGUIJBODr3P3PGq4oAoyNr42loQP/IEaCPLLYxvB4516SLoJgSTF4DOASLampO1b5ji7WPSxweur8sUYSz9BNYs6/Exdwdg+54JRWJ8IOo8WZMibXwIDAQAB","manifest_version":2,"name":"Full Page Screen Capture","permissions":["activeTab"],"update_url":"https://clients2.google.com/service/upd ... ons":{"api":["clipboardRead","clipboardWrite","contextMenus","fileSystem","fileSystem.write","app.window.fullscreen","identity","nativeMessaging","app.window.fullscreen.overrideEsc",{"socket":["tcp-connect:*:*","tcp-listen:*:*","udp-bind:*:*","udp-send-to:*:*","udp-multicast-membership","resolve-host","network-state"]},"storage","webConnectable"],"explicit_host":["https://*.talkgadget.google.com/*","https://accounts.google.com/*","https://relay.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"app_launcher_ordinal":"zm","commands":{},"content_settings":[],"creation_flags":9,"events":["app.runtime.onLaunched","contextMenus.onClicked","runtime.onSuspend","runtime.onSuspendCanceled"],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["clipboardRead","clipboardWrite","contextMenus","fileSystem","fileSystem.write","app.window.fullscreen","identity","nativeMessaging","app.window.fullscreen.overrideEsc",{"socket":["tcp-connect:*:*","tcp-listen:*:*","udp-bind:*:*","udp-send-to:*:*","udp-multicast-membership","resolve-host","network-state"]},"storage","webConnectable"],"explicit_host":["https://*.talkgadget.google.com/*","https://accounts.google.com/*","https://relay.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076877131297965","lastpingday":"13077269996826338","location":1,"manifest":{"app":{"background":{"page":"background.html"}},"current_locale":"cs","default_locale":"en","description":"PA?istupujte k jinA1m poÄ?A­taÄ?A—m nebo umoA3nÄ?te dalA!A­mu uA3ivateli pA?istupovat k vaA!emu poÄ?A­taÄ?i bezpeÄ?nÄ? pA?es internet.","externally_connectable":{"matches":["https://*.google.com/hangouts*"]},"icons":{"128":"chromoting128.webp","16":"chromoting16.webp","48":"chromoting48.webp"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgVjdI82ic/GxyyEX5ZlBOqfzQqq05XkHH6LXn4i5IMKbBLfd8Pr7nlmedbSoWkWnG70JMqgFP44HmNeXHob1DXxZxJoQ1/u9bH6fpibmLNrbQ606EnaCyzuz+PkztQxGtuvqzZRFVYE745hi6MnVWfYIii3+NgS2zDdjqZGFmgQIDAQAB","manifest_version":2,"minimum_chrome_version":"32","name":"VzdA!lenA! plocha Chrome","oauth2":{"client_id":"45833509441-41flc5qj3bha53cs0luji5vt7e4n8i4f.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/chromoting https://www.googleapis.com/auth/googletalk https://www.googleapis.com/auth/userinfo#email"]},"optional_permissions":["\u003Call_urls>"],"permissions":["https://accounts.google.com/*","https:/ ... fileSystem":["write"]},"fullscreen","identity","contextMenus","overrideEscFullscreen",{"socket":["tcp-connect","tcp-listen","udp-send-to","udp-bind","udp-multicast-membership","resolve-host","network-state"]}],"sandbox":{"pages":["wcs_sandbox.html"]},"update_url":"https://clients2.google.com/service/upd ... ons":{"api":["feedbackPrivate"],"explicit_host":["chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["feedbackPrivate.onFeedbackRequested","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822934970688","location":5,"manifest":{"app":{"background":{"scripts":["js/event_handler.js"]},"content_security_policy":"default-src 'none'; script-src 'self' chrome://resources; style-src 'unsafe-inline' *; img-src *; media-src 'self'"},"description":"User feedback extension","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"32":"images/icon32.png","64":"images/icon64.png"},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMZElzFX2J1g1nRQ/8S3rg/1CjFyDltWOxQg+9M8aVgNVxbutEWFQz+oQzIP9BB67mJifULgiv12ToFKsae4NpEUR8sPZjiKDIHumc6pUdixOm8SJ5Rs16SMR6+VYxFUjlVW+5CA3IILptmNBxgpfyqoK0qRpBDIhGk1KDEZ4zqQIDAQAB","manifest_version":2,"name":"Feedback","permissions":["feedbackPrivate","chrome://resources/"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\feedback","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"gighmmpiobklfepjocnamgkkbiglidom":{"active_permissions":{"api":["alarms","contextMenus","idle","notifications","storage","tabs","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["http://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.autorevue.cz/*","*://*.doupe.cz/*","*://*.e15.cz/*","*://*.getadblock.com/*","*://*.mail.live.com/*","*://*.mastertoons.com/*","*://*.mobilmania.cz/*","*://*.sportrevue.cz/*","*://*.youtube.com/*","*://*.zive.cz/*","http://*/*","https://*/*"]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["alarms","contextMenus","idle","notifications","storage","tabs","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["http://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.autorevue.cz/*","*://*.doupe.cz/*","*://*.e15.cz/*","*://*.getadblock.com/*","*://*.mail.live.com/*","*://*.mastertoons.com/*","*://*.mobilmania.cz/*","*://*.sportrevue.cz/*","*://*.youtube.com/*","*://*.zive.cz/*","http://*/*","https://*/*"]},"incognito":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13077144288771645","lastpingday":"13077269996826338","location":1,"manifest":{"background":{"scripts":["punycode.min.js","jquery/jquery.min.js","port.js","functions.js","stats.js","survey.js","filtering/domainset.js","filtering/filteroptions.js","filtering/filtertypes.js","filtering/filterset.js","filtering/myfilters.js","filtering/filternormalizer.js","idlehandler.js","search/search-plus-one.js","dropbox-datastores.js","gab_question.js","background.js"]},"browser_action":{"default_icon":{"19":"img/icon19.png","38":"img/icon38.png"},"default_popup":"button/popup.html","default_title":"AdBlock - kliknÄ?te pro podrobnosti"},"content_scripts":[{"all_frames":true,"js":["bandaids.js"],"matches":["*://*.mail.live.com/*","*://*.mastertoons.com/*","*://*.getadblock.com/*","*://*.mobilmania.cz/*","*://*.zive.cz/*","*://*.doupe.cz/*","*://*.e15.cz/*","*://*.sportrevue.cz/*","*://*.autorevue.cz/*","*://*.youtube.com/*"],"run_at":"document_start"},{"all_frames":true,"js":["port.js","functions.js","filtering/filteroptions.js","adblock_start_common.js","adblock_start_chrome.js"],"matches":["http://*/*","https://*/*"],"run_at":"document_start"},{"all_frames":false,"js":["uiscripts/blacklisting/rightclick_hook.js","notificationoverlay.js"],"matches":["http://*/*","https://*/*"],"run_at":"document_end"}],"content_security_policy":"default-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src *; frame-src 'self' https://chromeadblock.com https://getadblock.com","current_locale":"cs","default_locale":"en","description":"NejpopulA!rnÄ?jA!A­ rozA!A­A?enA­ pro Chrome s vA­ce neA3 40 miliony uA3ivateli! Blokujeme reklamy na celA©m webu.","icons":{"128":"img/icon128.png","16":"img/icon16.png","48":"img/icon48.png"},"incognito":"spanning","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZWWNkerYNFB0SIg87WwcrcniMYkCqxLz4OB3CLNoogUUsHN+Rk9vRB7o3Jjc4shlz2LBvAbtPbrGkU+NK9Hc3ubVydzpnoRDEl1RKz3GhqKFkECvTyAxrsKainXH+4Ni2+K7bg1U0tLoQMPJ9f3ieYLIwXeHh9+lYXQi6soq0pwIDAQAB","manifest_version":2,"minimum_chrome_version":"23","name":"AdBlock","optional_permissions":["management"],"options_page":"options/index.html","permissions":["http://*/*","https://*/*","contextMenus","tabs","idle","webRequest","webRequestBlocking","webNavigation","alarms","storage","notifications"],"update_url":"https://clients2.google.com/service/upd ... _resources":["img/icon24.png","img/icon48.png","jquery/css/images/ui-bg_inset-hard_100_fcfdfd_1x100.png","jquery/css/images/ui-icons_056b93_256x240.png","jquery/css/images/ui-icons_d8e7f3_256x240.png","jquery/css/jquery-ui.custom.css","jquery/css/override-page.css","chrome_oauth_receiver.html"]},"path":"gighmmpiobklfepjocnamgkkbiglidom\\2.34_0","preferences":{},"regular_only_preferences":{},"state":1,"uninstall_url":"https://getadblock.com/uninstall/?u=tf2 ... ons":{"api":["activeTab","bookmarks","bookmarkManagerPrivate","fileSystem","fileSystem.write","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","webConnectable"],"explicit_host":["*://*.google.com/*","chrome://favicon/*"],"manifest_permissions":[{"chrome_ui_overrides":true}]},"commands":{"_execute_page_action":{"suggested_key":"Ctrl+D"}},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["activeTab","bookmarks","bookmarkManagerPrivate","fileSystem","fileSystem.write","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","webConnectable"],"explicit_host":["*://*.google.com/*","chrome://favicon/*"],"manifest_permissions":[{"chrome_ui_overrides":true}]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822951259257","lastpingday":"13077269996826338","location":10,"manifest":{"background":{"persistent":true,"scripts":["bootstrap.js","background_compiled.js"]},"chrome_ui_overrides":{"bookmarks_ui":{"remove_bookmark_shortcut":true,"remove_button":true}},"chrome_url_overrides":{"bookmarks":"bookmarks.html"},"commands":{"_execute_page_action":{"description":"Stars popup","suggested_key":{"default":"Ctrl+D"}}},"content_security_policy":"script-src 'self' https://*.google.com https://*.gstatic.com; object-src 'self'","current_locale":"cs","default_locale":"en","description":"Bookmark Manager","externally_connectable":{"matches":["*://*.google.com/*"]},"icons":{"16":"icons/bookmarks16.png","32":"icons/bookmarks32.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDO1rEc7Du17LBzIOf1nXMC4JM4suAzgaswHRjJhaE4/fNIXxrTjqaDH5tpU7huX8RdVyuu3zggdP36mpqhLYNzCf9fgnvhZEGpsXYqedWXapQ4nrVca4Xg5SB8/K7oRS+dnMwwxYjED434qTyfiSiJoXVo7MXa+qBckMQ6Wf0t0QIDAQAB","manifest_version":2,"minimum_chrome_version":"42","name":"Bookmark Manager","oauth2":{"client_id":"610799782257-avhfi6rijk0n02t94linmllq54ool5kf.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/chromesync"]},"page_action":{"default_icon":{"19":"icons/collected19.png"},"default_title":"Star Page"},"permissions":["activeTab","bookmarks","bookmarkManagerPrivate","chrome://favicon/","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","*://*.google.com/*",{"fileSystem":["write"]}],"update_url":"https://clients2.google.com/service/upd ... ons":{"api":["cryptotokenPrivate","externally_connectable.all_urls","hid","tabs","u2fDevices","usb",{"usbDevices":[{"interfaceId":-1,"productId":529,"vendorId":4176}]},"webConnectable"],"explicit_host":["http://*/*","https://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822935064859","location":5,"manifest":{"background":{"persistent":false,"scripts":["util.js","b64.js","sha256.js","countdown.js","countdowntimer.js","devicestatuscodes.js","approvedorigins.js","errorcodes.js","gnubbycodetypes.js","webrequest.js","gnubbymsgtypes.js","messagetypes.js","factoryregistry.js","closeable.js","requesthelper.js","webrequestsender.js","enroller.js","requestqueue.js","signer.js","origincheck.js","textfetcher.js","appid.js","watchdog.js","cryptotokenorigincheck.js","cryptotokenapprovedorigins.js","gnubbydevice.js","hidgnubbydevice.js","usbgnubbydevice.js","gnubbies.js","gnubby.js","gnubby-u2f.js","gnubbyfactory.js","singlesigner.js","multiplesigner.js","generichelper.js","inherits.js","individualattest.js","devicefactoryregistry.js","usbhelper.js","usbenrollhandler.js","usbsignhandler.js","usbgnubbyfactory.js","googlecorpindividualattest.js","cryptotokenbackground.js"]},"description":"CryptoToken Component Extension","externally_connectable":{"accepts_tls_channel_id":true,"ids":["fjajfjhkeibgmiggdfehjplbhmfkialk"],"matches":["\u003Call_urls>"]},"incognito":"split","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7zRobvA+AVlvNqkHSSVhh1sEWsHSqz4oR/XptkDe/Cz3+gW9ZGumZ20NCHjaac8j1iiesdigp8B1LJsd/2WWv2Dbnto4f8GrQ5MVphKyQ9WJHwejEHN2K4vzrTcwaXqv5BSTXwxlxS/mXCmXskTfryKTLuYrcHEWK8fCHb+0gvr8b/kvsi75A1aMmb6nUnFJvETmCkOCPNX5CHTdy634Ts/x0fLhRuPlahk63rdf7agxQv5viVjQFk+tbgv6aa9kdSd11Js/RZ9yZjrFgHOBWgP4jTBqud4+HUglrzu8qynFipyNRLCZsaxhm+NItTyNgesxLdxZcwOz56KD1Q4IQIDAQAB","manifest_version":2,"name":"CryptoTokenExtension","permissions":["hid","u2fDevices","usb","cryptotokenPrivate","externally_connectable.all_urls","tabs","https://*/*","http://*/*",{"usbDevices":[{"productId":529,"vendorId":4176}]}],"version":"0.9.22"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\cryptotoken","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"lneaknkopdijkpnocmklfnjbeapigfbh":{"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"z","commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076877132634338","lastpingday":"13077269996826338","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"http://maps.google.com/"},"web_content" ... iption":"S Mapami Google si mA—A3ete najA­t informace o mA­stnA­ch firmA!ch, vyhledat trasy a podA­vat se na snA­mky z ulic po celA©m svÄ?tÄ?.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDImj66obcYjjgtmZ/nIbA608jzwGRrqDjiH7gNNpPduLahRnHzHHLcyz9uaYjP4FL9yB8qXD8W93aQiFPCKetiSB/1Im+SF50AxT+JgZ99QtMbjt+s89WQ4C82J0cUtnXXwFq1zZwpqyrHrNYwHFgRUEQ+Y7XlyaJ4B/+rhlyVCQIDAQAB","manifest_version":2,"name":"Mapy Google","update_url":"http://clients2.google.com/service/upda ... ons":{"api":["cloudPrintPrivate"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076822934966890","location":5,"manifest":{"app":{"launch":{"web_url":"https://www.google.com/cloudprint"},"urls":["https://www.google.com/cloudprint/enabl ... _connector"]},"description":"Cloud Print","display_in_launcher":false,"icons":{},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqOhnwk4+HXVfGyaNsAQdU/js1Na56diW08oF1MhZiwzSnJsEaeuMN9od9q9N4ZdK3o1xXOSARrYdE+syV7Dl31nf6qz3A6K+D5NHe6sSB9yvYlIiN37jdWdrfxxE0pRYEVYZNTe3bzq3NkcYJlOdt1UPcpJB+isXpAGUKUvt7EQIDAQAB","name":"Cloud Print","permissions":["cloudPrintPrivate"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\cloud_print","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mfffpogegjflfpflabcdkioaeobkgjik":{"active_permissions":{"api":["webRequest","webRequestBlocking"],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["\u003Call_urls>"]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076877082698829","location":5,"manifest":{"background":{"scripts":["channel.js","background.js"]},"content_scripts":[{"all_frames":true,"js":["channel.js","saml_injected.js"],"matches":["\u003Call_urls>"],"run_at":"document_start"}],"content_security_policy":"default-src 'self'; script-src 'self'; frame-src 'self' http: https:; style-src 'self'","description":"GAIA Component Extension","incognito":"split","key":"MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC4L17nAfeTd6Xhtx96WhQ6DSr8KdHeQmfzgCkieKLCgUkWdwB9G1DCuh0EPMDn1MdtSwUAT7xE36APEzi0X/UpKjOVyX8tCC3aQcLoRAE0aJAvCcGwK7qIaQaczHmHKvPC2lrRdzSoMMTC5esvHX+ZqIBMi123FOL0dGW6OPKzIwIBIw==","manifest_version":2,"name":"GaiaAuthExtension","permissions":["\u003Call_urls>","webRequest","webRequestBlocking"],"version":"0.0.1","web_accessible_resources":["main.css","main.html","main.js","offline.css","offline.html","offline.js","success.html","success.js","util.js"]},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\gaia_auth","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mgndgikekgjfcpckkfioiadnlibdjbkf":{"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"u","commands":{},"content_settings":[],"creation_flags":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076822934968804","location":5,"manifest":{"app":{"launch":{"web_url":"http://THIS-WILL-BE-REPLACED"}},"description":"RychlA1, jednoduchA1 a bezpeÄ?nA1 webovA1 prohlA­A3eÄ? vytvoA?enA1 pro modernA­ web","display_in_launcher":true,"display_in_new_tab_page":false,"icons":{"128":"product_logo_128.png","16":"product_logo_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNuYLEQ1QPMcc5HfWI/9jiEf6FdJWqEtgRmIeI7qtjPLBM5oje+Ny2E2mTAhou5qdJiO2CHWdU1DQXY2F7Zu2gZaKZgHLfK4WimHxUT5Xd9/aro/R9PCzjguM1BLusiWYc9xlj1IsZpyiN1hcjU7SCnBhv1feQlv2WSB5KRiXwhQIDAQAB","name":"Chrome","version":"0.1"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\chrome_app","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mhjfbmdgcfjbbpaeojofohoefgiehjai":{"active_permissions":{"api":[],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["chrome://print/*"]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822934974555","location":5,"manifest":{"content_scripts":[{"js":["content_script.js"],"matches":["chrome://print/*"]}],"content_security_policy":"script-src 'self' chrome://resources; object-src *; plugin-types application/x-google-chrome-pdf","description":"","incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN6hM0rsDYGbzQPQfOygqlRtQgKUXMfnSjhIBL7LnReAVBEd7ZmKtyN2qmSasMl4HZpMhVe2rPWVVwBDl6iyNE/Kok6E6v6V3vCLGsOpQAuuNVye/3QxzIldzG/jQAdWZiyXReRVapOhZtLjGfywCvlWq7Sl/e3sbc0vWybSDI2QIDAQAB","manifest_version":2,"mime_types":["application/pdf"],"mime_types_handler":"index.html","name":"Chrome PDF Viewer","offline_enabled":true,"permissions":["\u003Call_urls>"],"version":"1","web_accessible_resources":["index.html","index.html"]},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\pdf","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"neajdppkdcdipfabeoofebfddakdcjhd":{"active_permissions":{"api":["systemPrivate","ttsEngine"],"explicit_host":["https://www.google.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["ttsEngine.onPause","ttsEngine.onResume","ttsEngine.onSpeak","ttsEngine.onStop"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822934973581","location":5,"manifest":{"background":{"persistent":false,"scripts":["tts_extension.js"]},"description":"Component extension providing speech via the Google network text-to-speech service.","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GSbNUMGygqQTNDMFGIjZNcwXsHLzkNkHjWbuY37PbNdSDZ4VqlVjzbWqODSe+MjELdv5Keb51IdytnoGYXBMyqKmWpUrg+RnKvQ5ibWr4MW9pyIceOIdp9GrzC1WZGgTmZismYR3AjaIpufZ7xDdQQv+XrghPWCkdVqLN+qZDA1HU+DURznkMICiDDSH2sU0egm9UbWfS218bZqzKeQDiC3OnTPlaxcbJtKUuupIm5knjze3Wo9Ae9poTDMzKgchg0VlFCv3uqox+wlD8sjXBoyBCCK9HpImdVAF1a7jpdgiUHpPeV/26oYzM9/grltwNR3bzECQgSpyXp0eyoegwIDAQAB","manifest_version":2,"name":"Google Network Speech","permissions":["systemPrivate","ttsEngine","https://www.google.com/"],"tts_engine":{"voices":[{"event_types":["start","end","error"],"gender":"female","lang":"en-US","remote":true,"voice_name":"Google US English"},{"event_types":["start","end","error"],"gender":"male","lang":"en-GB","remote":true,"voice_name":"Google UK English Male"},{"event_types":["start","end","error"],"gender":"female","lang":"en-GB","remote":true,"voice_name":"Google UK English Female"},{"event_types":["start","end","error"],"gender":"female","lang":"es-ES","remote":true,"voice_name":"Google EspaA±ol"},{"event_types":["start","end","error"],"gender":"female","lang":"fr-FR","remote":true,"voice_name":"Google FranA§ais"},{"event_types":["start","end","error"],"gender":"female","lang":"it-IT","remote":true,"voice_name":"Google Italiano"},{"event_types":["start","end","error"],"gender":"female","lang":"de-DE","remote":true,"voice_name":"Google Deutsch"},{"event_types":["start","end","error"],"gender":"female","lang":"ja-JP","remote":true,"voice_name":"Google a?Ya?¬äoo"},{"event_types":["start","end","error"],"gender":"female","lang":"ko-KR","remote":true,"voice_name":"Google í??eµ­i?˜"},{"event_types":["start","end","error"],"gender":"female","lang":"zh-CN","remote":true,"voice_name":"Google 中a?1ç??"}]},"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\network_speech_synthesis","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["alarms","desktopCapture","processes","webConnectable","webrtcAudioPrivate","webrtcLoggingPrivate","system.cpu"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822934969731","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["https://*.google.com/hangouts*","*://localhost/*"]},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Google+ Hangouts","permissions":["alarms","desktopCapture","processes","system.cpu","webrtcAudioPrivate","webrtcLoggingPrivate"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\hangout_services","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nmmhkkegccagdldgiimedpiccmgmieda":{"ack_external":true,"active_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/* ... eapis.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":137,"events":["app.runtime.onLaunched","runtime.onConnectExternal"],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/* ... eapis.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822952885481","lastpingday":"13077269996826338","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"cs","default_locale":"en","description":"PenÄ?A3enka Google pro digitA!lnA­ zboA3A­","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"PenÄ?A3enka Google","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra" ... e.readonly"]},"permissions":["identity","webview","https://wallet.google.com/","https://wa ... eapis.com/*"],"update_url":"https://clients2.google.com/service/upd ... ons":{"api":["alarms","background","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"granted_permissions":{"api":["alarms","background","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076822934972551","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","h ... /googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"phpbpckgofmlhfpbakbfbkiopngnpigh":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076877132910110","lastpingday":"13077269996826338","location":1,"manifest":{"description":"Black Google Chrome theme by Everplex Media. There is a Neon Green line at the top of the current tab.","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU3qfdZU0BKVhqaiFxilkM74yZOUC0yQQL44S3FpCpxJ/JLOT/69DAA9VSFT73K81DpU7EnXviRChR5HxmkWDc9iO6GfuHTFTC4xCmRBveV2QVAC8CNrRLfU7Bqt0KqvRgcpspB9qN5WXo/E/TddsDHpBhOW6xtFaNTsj7XhQ8eQIDAQAB","name":"Black Black Chrome Theme Neon Green Highlight","theme":{"colors":{"bookmark_text":[170,170,170],"button_background":[220,220,220,0],"control_background":[75,193,0],"cws_background":[0,0,0],"frame":[0,0,0,0],"frame_inactive":[0,0,0],"frame_incognito":[0,0,0],"frame_incognito_inactive":[0,0,0],"ntp_attribution_text":[75,193,0],"ntp_background":[0,0,0],"ntp_header":[75,193,0],"ntp_link":[75,193,0],"ntp_link_underline":[75,193,0],"ntp_section":[75,193,0],"ntp_section_link":[75,193,0],"ntp_section_link_underline":[75,193,0],"ntp_section_text":[75,193,0],"ntp_text":[210,210,210],"tab_background_text":[170,170,170],"tab_text":[210,210,210],"theme_ntp_attribution_text":[75,193,0],"toolbar":[0,0,0]},"images":{"theme_button_background":"images/theme_frame_overlay.png","theme_frame":"images/theme_frame.png","theme_frame_inactive":"images/theme_frame.png","theme_frame_incognito":"images/theme_frame.png","theme_frame_incognito_inactive":"images/theme_frame.png","theme_frame_overlay":"images/theme_frame_overlay.png","theme_frame_overlay_inactive":"images/theme_frame_overlay.png","theme_ntp_attribution":"images/theme_ntp_attribution.png","theme_ntp_background":"images/theme_ntp_background.png","theme_tab_background":"images/theme_tab_background.png","theme_tab_background_incognito":"images/theme_tab_background.png","theme_tab_background_v":"images/theme_ntp_attribution.png","theme_toolbar":"images/theme_toolbar.png","theme_window_control_background":"images/theme_window_control_background.png"},"properties":{"ntp_background_alignment":"bottom","ntp_background_repeat":"repeat","ntp_logo_alternate":"0"},"tints":{"background_tab":[0,0,0],"buttons":[0,0,0.6],"frame":[0,0,0],"frame_inactive":[0,0,0],"frame_incognito":[0,0,0],"frame_incognito_inactive":[0,0,0]}},"update_url":"http://clients2.google.com/service/upda ... ons":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"w","commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076877134980278","lastpingday":"13077269996826338","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"cs","default_locale":"en","description":"RychlA1 e-mail s moA3nostA­ vyhledA!vA!nA­ a menA!A­m mnoA3stvA­m spamu.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/upda ... artup_urls":["http://www.luckysearches.com/?type=hp&t ... 3B7HD6JDLX"]},"sync":{"remaining_rollback_tries":0}}), ,[7e8873262c5e0c2a0cc7a1ca0bfb718f]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Vsechny nalezy doporucuji odstranit, nebo hodit do karanteny. Po restartu pc udelejte novy test (staci Sken hrozeb - mel by byt kratsi). Napiste vysledek testu a podle nej zvolim dalsi postup.

[Sainzik]

jdu na to děkuji prozatím

[Márty84]

OK, smele do toho