Prosím o pomoc

Zpráva

fanous · #1 Příspěvek od **fanous** » 10 dub 2016 17:06

Dobrý den,
mám problém s počítačem. Běží pomalu a několikrát jsem měl BSOD s tím, že problém prý dělá msrpc.sys
Log je zde

Logfile of random's system information tool 1.10 (written by random/random)
Run by Bublifuk at 2016-04-10 18:04:52
Microsoft Windows 7 Ultimate
System drive C: has 15 GB (21%) free of 72 GB
Total RAM: 8188 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:00, on 10.4.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Bublifuk.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Bublifuk\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - Startup: Dropbox.lnk = Bublifuk\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EOS Utility.lnk = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Unknown owner - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8201 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\SysWOW64\nlssrv32.exe
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
Ati2evxx.exe -Client
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-702618f0-3726-4f44-9256-b403c849ee34 -SystemEventPortName:HostProcess-6b9a877d-4ece-4dec-a731-d726b21ab38e -IoCancelEventPortName:HostProcess-00524d63-3cab-4932-8f47-61f1cbc7ce49 -NonStateChangingEventPortName:HostProcess-96b63955-0ce4-41f8-b5f7-13e73e581932 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:646c6a23-deb9-4d38-9e0d-1e2fd3b49ce8
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe" /AutoStartUp
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.112 --handshake-handle=0xe0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4716 --on-initialized-event-handle=544 --parent-handle=552 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1072.0.1556982551\355806010" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,9,11,25,54 --gpu-vendor-id=0x1002 --gpu-device-id=0x724b --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.593.100.0 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.1.54672650\1107508123" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.2.1776641177\294955326" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.4.1598407251\332372657" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1072.6.668398282\1679405073" --ppapi-flash-args --lang=cs --device-scale-factor=1 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.14.960841974\910646565" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.18.1873579873\1467873514" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.20.1512449580\1805995539" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.27.4991328\663675225" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.28.1909643687\551827644" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.29.449323171\1503480126" /prefetch:1
"C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE"

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.32.1347808176\971310116" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.35.523001237\607177323" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1072.36.367739645\922484723" /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Bublifuk\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3778296720-2450441648-3328822754-1000Core.job - C:\Users\Bublifuk\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3778296720-2450441648-3328822754-1000UA.job - C:\Users\Bublifuk\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-22 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 4220304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-25 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-22 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-25 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26 500936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"=C:\Users\Bublifuk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-23 7139256]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-11 61440]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]

C:\Users\Bublifuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\Dropbox.exe
EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 4220304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-04-10 18:04:52 ----D---- C:\rsit
2016-04-10 18:04:52 ----D---- C:\Program Files\trend micro
2016-04-10 17:48:17 ----A---- C:\Windows\system32\roboot64.exe
2016-04-10 17:48:14 ----D---- C:\Users\Bublifuk\AppData\Roaming\Solvusoft
2016-04-10 11:53:14 ----D---- C:\Program Files\Google
2016-04-10 11:53:13 ----D---- C:\Program Files (x86)\GUM3C2C.tmp
2016-04-10 10:38:40 ----D---- C:\Users\Bublifuk\AppData\Roaming\GHISLER
2016-04-10 10:38:40 ----D---- C:\totalcmd
2016-04-10 10:38:40 ----A---- C:\Windows\UC.PIF
2016-04-10 10:38:40 ----A---- C:\Windows\RAR.PIF
2016-04-10 10:38:40 ----A---- C:\Windows\PKZIP.PIF
2016-04-10 10:38:40 ----A---- C:\Windows\PKUNZIP.PIF
2016-04-10 10:38:40 ----A---- C:\Windows\LHA.PIF
2016-04-10 10:38:40 ----A---- C:\Windows\ARJ.PIF
2016-04-09 12:04:48 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2016-04-09 12:03:52 ----D---- C:\ProgramData\RogueKiller
2016-04-09 11:49:16 ----SHD---- C:\$RECYCLE.BIN
2016-04-09 11:49:09 ----A---- C:\ComboFix.txt
2016-04-09 11:36:49 ----D---- C:\Windows\Minidump
2016-03-23 19:04:51 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-03-22 19:32:30 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-22 19:32:20 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-04-10 18:04:54 ----D---- C:\Windows\Temp
2016-04-10 18:04:52 ----RD---- C:\Program Files
2016-04-10 18:02:10 ----D---- C:\Users\Bublifuk\AppData\Roaming\TeamViewer
2016-04-10 17:57:55 ----D---- C:\Windows\Tasks
2016-04-10 17:57:55 ----D---- C:\Windows\system32\Tasks
2016-04-10 17:57:54 ----RD---- C:\Program Files (x86)
2016-04-10 17:48:17 ----D---- C:\Windows\System32
2016-04-10 17:45:56 ----D---- C:\Users\Bublifuk\AppData\Roaming\Dropbox
2016-04-10 17:23:52 ----D---- C:\Program Files\Common Files\Adobe
2016-04-10 17:21:50 ----SHD---- C:\Windows\Installer
2016-04-10 17:21:50 ----D---- C:\Config.Msi
2016-04-10 16:56:21 ----D---- C:\Windows\Prefetch
2016-04-10 16:46:38 ----D---- C:\Windows\winsxs
2016-04-10 16:46:16 ----D---- C:\Windows\system32\config
2016-04-10 16:45:29 ----D---- C:\Program Files (x86)\Adobe
2016-04-10 12:15:37 ----D---- C:\Windows\inf
2016-04-10 12:15:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-10 11:54:46 ----D---- C:\ProgramData\Google
2016-04-10 11:46:11 ----D---- C:\Windows\system32\LogFiles
2016-04-10 10:38:40 ----AD---- C:\Windows
2016-04-09 12:18:23 ----D---- C:\ProgramData
2016-04-09 12:04:48 ----D---- C:\Windows\system32\drivers
2016-04-09 11:49:12 ----D---- C:\Qoobox
2016-04-09 11:47:43 ----A---- C:\Windows\system.ini
2016-04-09 11:44:43 ----D---- C:\Windows\SYSWOW64\drivers
2016-04-09 11:44:43 ----D---- C:\Windows\SysWOW64
2016-04-09 11:44:43 ----D---- C:\Windows\AppPatch
2016-04-09 11:44:42 ----D---- C:\Program Files (x86)\Common Files
2016-04-09 09:14:27 ----D---- C:\Users\Bublifuk\AppData\Roaming\DC++
2016-04-07 19:11:05 ----D---- C:\Users\Bublifuk\AppData\Roaming\vlc
2016-04-06 20:54:48 ----D---- C:\Windows\system32\catroot2
2016-04-03 21:44:24 ----D---- C:\Users\Bublifuk\AppData\Roaming\PTGui
2016-04-01 23:32:15 ----D---- C:\ProgramData\CanonIJPLM
2016-03-31 20:48:16 ----SD---- C:\Users\Bublifuk\AppData\Roaming\Microsoft
2016-03-31 20:44:05 ----D---- C:\Windows\system32\drivers\UMDF
2016-03-23 19:04:45 ----D---- C:\ProgramData\AVAST Software
2016-03-23 19:04:45 ----D---- C:\Program Files\AVAST Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-22 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-22 287016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-03-23 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-03-22 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-22 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-22 463744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dvdfabio;dvdfabio; \??\C:\Windows\system32\drivers\dvdfabio.sys [2014-08-29 12704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-22 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-22 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-03-22 165344]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 5352960]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\Windows\system32\DRIVERS\libusb0.sys [2011-05-17 44480]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 vdrive;vdrive; C:\Windows\system32\DRIVERS\vdrive.sys [2014-08-29 44960]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 cpuz138;cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys []
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 rt61x64;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr6164.sys [2010-04-07 446304]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-02-09 2020056]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-22 237096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2014-01-20 70768]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 337776]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-12-14 6889232]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-25 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 10 dub 2016 17:08

Zdravím!
Jak je na tom váš oper. systém s legalitou?

fanous · #3 Příspěvek od **fanous** » 10 dub 2016 17:09

Měl by být legální

#4 Příspěvek od **Rudy** » 10 dub 2016 17:19

Měl, nebo je? Udělejte násedující sken:

OTL:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

fanous · #5 Příspěvek od **fanous** » 10 dub 2016 18:09

První log - Extras.txt

OTL Extras logfile created on: 10.4.2016 18:32:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bublifuk\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,28 Gb Available Physical Memory | 66,02% Memory free
15,99 Gb Paging File | 12,97 Gb Available in Paging File | 81,08% Paging File free
Paging file location(s): h:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,05 Gb Total Space | 14,60 Gb Free Space | 20,84% Space Free | Partition Type: NTFS
Drive D: | 461,58 Gb Total Space | 152,54 Gb Free Space | 33,05% Space Free | Partition Type: NTFS
Drive E: | 374,79 Gb Total Space | 249,25 Gb Free Space | 66,50% Space Free | Partition Type: NTFS
Drive H: | 25,09 Gb Total Space | 16,22 Gb Free Space | 64,67% Space Free | Partition Type: NTFS

Computer Name: BUBLINA | User Name: Bublifuk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- "C:\Program Files (x86)\Opera\Launcher.exe" -noautoupdate -- "%1"
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- "C:\Program Files (x86)\Opera\Launcher.exe" -noautoupdate -- "%1"

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05BD17E4-0689-4EC7-9A49-2DAFE9EFF63F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0F144A6A-FE01-4576-8C08-0B9B5582060C}" = lport=139 | protocol=6 | dir=in | app=system |
"{10C5122A-6211-42FF-88FF-1E851E3C8C5C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{18E53825-EA5A-411C-8DE0-3B94FAC126BA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F22341D-C6A8-45E7-84C5-D3B67ED604CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23638164-C2D8-415F-B8E0-5AB5EE818EE7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2C84C6AA-A41F-4E31-BF90-B4FCCEF5F9FC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{3EC68BE1-1C7E-4DBC-A325-3F6542452CB2}" = rport=137 | protocol=17 | dir=out | app=system |
"{46D3AAFD-140A-4F32-A154-07B3D4D8E0E0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48DDCB22-04BE-460D-A3FA-ED2F50B04E81}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{72931DBD-A9F8-4CFE-B7EC-90339B110D49}" = rport=138 | protocol=17 | dir=out | app=system |
"{784EF8CC-70ED-406B-A1EB-773B474ADC6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{853F07A4-BA8A-4691-A139-8A1E63FE74FE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9006173C-3675-41F5-8896-02480DC87777}" = lport=138 | protocol=17 | dir=in | app=system |
"{92EBB47C-2382-4F39-A3F3-421FF298398E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B85BCC35-8E19-4B4B-91C2-3767D57947D2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BC271170-DCA3-4DEE-9D87-334F54BDD322}" = lport=445 | protocol=6 | dir=in | app=system |
"{C451368B-31F3-4B01-BDFF-29BFC6C75871}" = rport=139 | protocol=6 | dir=out | app=system |
"{D68AFD59-CEEF-4A77-B0BC-AD69B2FEEE82}" = rport=445 | protocol=6 | dir=out | app=system |
"{D9A25DCF-028B-4E5E-AA56-1225E1E093B8}" = lport=137 | protocol=17 | dir=in | app=system |
"{DB132015-1D31-4AB8-97F0-C13AEC12B1DE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E62B615E-0DDD-4C4E-8CFD-9811D9319E45}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC9CAE8F-E4B5-48EA-ADF5-D29B3210C415}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D70AD92-CD2A-4BC0-B6DA-8C7219152A45}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{18A68F82-1571-4D30-BB54-4D1FAFB7FD9C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{1D48269E-682A-48CD-A36C-4A933536CD85}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\eos utility\eosupnpsv.exe |
"{305B65A2-0C5E-4F5F-97D5-91AC4CC5253E}" = protocol=6 | dir=in | app=c:\users\bublifuk\appdata\roaming\dropbox\bin\dropbox.exe |
"{361BB048-56BC-45DE-B8E4-E3F41A3E2F39}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{474ED279-5934-4F0C-B1DC-B33686786574}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{494EDADF-163E-4849-9314-761A36E3A524}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{496D341E-5DAE-482A-B651-CD43A65FD427}" = dir=in | app=%programfiles%\adobe\adobe photoshop cc 2015\photoshop.exe |
"{6151DCEA-8981-40D1-8FE8-281043E3EE24}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6196B09C-B095-4316-BB8C-F878CCD64D4E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6B594901-BD58-4813-8162-EE8BBAEC895B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{76670F20-ECAC-468A-BB30-F7CFCFEDCA95}" = protocol=6 | dir=out | app=system |
"{7A50F69C-28F9-4728-A91D-5F1D878D3BD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82F0A661-F44B-4E27-9A72-2C0367A7A834}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\eos utility\eosupnpsv.exe |
"{91F4EBF1-247A-491C-9313-ECC23803B194}" = protocol=6 | dir=in | app=c:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe |
"{92759125-9027-434A-98D9-376A6C6E0E9B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{970B0222-B2DF-4105-A80D-AAF781244074}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9BD9B3CB-5F42-4E0C-868B-95100DF3C05D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A3B89C05-E79C-4810-86F4-F11DAD8B0A19}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{AB13641C-20E6-46F5-A1B9-993770A9789C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABFF7E42-4DAF-4308-849C-57C2BFC7EE3C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ACA09B44-F6D6-4804-ACB3-F749875BC08A}" = protocol=17 | dir=in | app=c:\users\bublifuk\appdata\roaming\dropbox\bin\dropbox.exe |
"{B15AADE8-AE4D-4425-B652-8D3B9129BAF9}" = dir=in | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\core\pdapp.exe |
"{B26C671A-0612-4974-830E-AB8DD9BEECC5}" = dir=out | app=%programfiles%\adobe\adobe photoshop cc 2015\photoshop.exe |
"{BB219079-16A1-4E3C-AD2B-12F98B42B16C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BCC5A3C4-E123-4F12-8550-5EBDEC8B6EAC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3D87356-D6D0-45B5-AB1C-0BFA0BF86EB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D14457AE-9647-4FF9-9B6C-76CBFC5622D3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{D83DAAA1-7C9B-4725-88B7-5B9FCBC5F67B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{DB280567-082A-45BF-98B1-69C0B3607401}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F358352A-FB6F-4F4B-B40B-B2C5319AFCD1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F96E57D9-EB5A-4EC9-A5EC-3209FEA39D9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F98A802F-EB58-4E2C-826A-F20CC6CE5290}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1A65F319-3B5A-4D63-B2CD-0ABA97199DAB}C:\users\bublifuk\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bublifuk\appdata\local\akamai\netsession_win.exe |
"TCP Query User{541E90A2-12CE-4D94-BFBB-0847C4334F23}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"TCP Query User{55BCA379-CBF5-497A-A1E9-AE5FBD07E2FE}C:\program files\onone software\perfect effects 8\perfect effects 8.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect effects 8\perfect effects 8.exe |
"TCP Query User{915629FB-8B7F-4687-A7EC-143D8D03717C}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"TCP Query User{E63F3D6A-7D2B-4D8E-94BF-3B2D8C3AC712}C:\users\bublifuk\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bublifuk\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2134162B-47A3-4648-81C8-F7C7A2DD5332}C:\users\bublifuk\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bublifuk\appdata\local\akamai\netsession_win.exe |
"UDP Query User{262FD660-812B-4608-827E-EC3CE3870DE3}C:\users\bublifuk\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bublifuk\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2A3A410A-1784-4FDC-B9E1-FA46DD700236}C:\program files\onone software\perfect effects 8\perfect effects 8.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect effects 8\perfect effects 8.exe |
"UDP Query User{32425BDB-354D-4C42-9E60-344F6616603F}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"UDP Query User{7B97E389-152D-44CE-A042-B1DE0B7D5931}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{4DC318F5-1640-4417-A218-912ED9905FAA}" = Corel Graphics - Windows Shell Extension
"_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}" = CorelDRAW Graphics Suite X7 (64-Bit)
"{06B60360-9DBD-4593-90A0-FD237F0845A2}" = Topaz DeNoise 5 (64-bit)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{13179AB2-69FD-459B-800F-81865A501AD4}" = CorelDRAW Graphics Suite X7 - IPM T (x64)
"{1A73168F-5983-46A6-AAAB-FD83BC231E02}" = CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64)
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}" = Adobe Photoshop Lightroom 5.7 64-bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}" = Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS
"{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}" = CorelDRAW Graphics Suite X7 - Draw (x64)
"{2C91CB9D-323D-43E5-A433-229B71CFB773}" = CorelDRAW Graphics Suite X7 - Capture (x64)
"{2F884A17-E051-3DB7-B093-6274C98740F6}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩
"{36B98E65-CA52-348C-9ED7-77B926A16C2D}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3B4AE1A9-C026-4D08-8004-DA9A85A411A4}" = Corel Graphics - Windows Shell Extension 32 Bit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4DC318F5-1640-4417-A218-912ED9905FAA}" = Corel Graphics - Windows Shell Extension
"{5162E418-BB43-4C8F-ACD6-069645EF98C3}" = CorelDRAW Graphics Suite X7 - Custom Data (x64)
"{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}" = CorelDRAW Graphics Suite X7 - FontNav (x64)
"{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}" = CorelDRAW Graphics Suite X7 - VBA (x64)
"{5707EC26-AA9F-32C6-B7C1-347A3482CEC0}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support
"{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}" = CorelDRAW Graphics Suite X7 - Setup Files (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{73A36613-1F8F-3D94-B28A-4CC0E3CAECB5}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA
"{73A64813-E631-3807-8E78-BA679EDA09A8}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack
"{83646B67-A878-4E95-BB4B-AF4A6E61F28C}" = CGS17_Setup_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}" = CorelDRAW Graphics Suite X7 - Common (x64)
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{966996DC-D67C-40E3-8BD4-31FA0F093571}" = CorelDRAW Graphics Suite X7 - VideoBrowser (x64)
"{9D00A8DA-650F-21C6-E787-78756733F15F}" = ATI Catalyst Install Manager
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BA14C6F7-A633-3E88-831B-FCC197A5A17D}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français
"{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026
"{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}" = CorelDRAW Graphics Suite X7 - Connect (x64)
"{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}" = CorelDRAW Graphics Suite X7 - Redist (x64)
"{C922F325-DD52-4E22-B204-431A06E63E51}" = CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64)
"{CD56C9B9-FB98-372B-8BC7-FDA312CD2511}" = Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D10A5CFA-FE33-4F06-AE37-554604F00A52}" = CorelDRAW Graphics Suite X7 - Filters (x64)
"{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}" = CorelDRAW Graphics Suite X7 - Writing Tools (x64)
"{DCCD0EF6-DFCF-4D31-B71D-2AAC24C6AB16}" = CorelDRAW Graphics Suite X7 - CZ (x64)
"{DDDF762A-2D1D-36A3-9B70-70BD62B4EDCF}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN
"{E237254B-36A1-3D27-815E-B37C13BE0796}" = Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB
"{E5A509B4-D9B1-4FD9-B3EF-EDB216AA8651}" = ccc-utility64
"{EF44BCCD-13F9-4974-862C-CCFAF43EE082}" = CorelDRAW Graphics Suite X7 - IPM Content (x64)
"{FB501A6E-CA6D-36DA-8860-17F0E6D89155}" = Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件
"DVDFab Virtual Drive_is1" = DVDFab Virtual Drive
"PhotomatixPro5x64_is1" = Photomatix Pro version 5.0.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{03077B58-6ACF-32CA-B42A-EAA458C295A1}" = Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 8.1.1
"{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{0FE6DE07-8CBA-3F73-86B4-51B91E506D24}" = Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{18435829-4E75-4CD1-9796-A62DBBAE2ED7}" = DeepSkyStacker
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83218040F0}" = Java 8 Update 40
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{2DD336BD-D504-4AD7-AA03-201114C24495}" = NWZ-W270S WALKMAN Guide
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3371699A-C1EF-3AC3-B094-D338191FA6E9}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{4908C75E-E5E2-43F7-B1DF-023CBA831029}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{5950473A-825B-3019-AF86-55F2F9A95FCB}" = Microsoft Visual Studio Tools for Applications 2012 Finalizer
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}" = Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7259BDDA-D888-309D-ADE1-84AA0CB24FE9}" = Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74d0e5db-b326-4dae-a6b2-445b9de1836e}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
"{793C2BF7-A4FE-4608-91C9-9282C5801C21}" = Adobe Photoshop CC 2015
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{859C7535-6862-3867-B97E-816795E8AB65}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack
"{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"{89ca2a32-2b52-4595-8dfd-6fe4757958d0}" = Microsoft Visual Studio Tools for Applications 2012
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{955E1388-E1F1-320A-A018-24616ED60F95}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026
"{A3EB1DE3-9D3F-34C2-BDE6-5A8A4B98CC37}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B8FD8F53-7E58-3DE5-A8FC-CB2B5CCF38CE}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}" = LEGO® The Lord of the Rings™
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAAC553D-EE02-32D2-9F7E-FBC5C22E4C08}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket
"{CF06B8C4-F6FC-3A4B-ADD0-04A1CAC3DD86}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support
"{D2437C5C-2D8C-40D2-8059-689AD7239FA3}" = Intel(R) C++ Redistributables for Windows* on Intel(R) 64
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{e46eca4f-393b-40df-9f49-076faf788d83}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"Avast" = Avast Free Antivirus
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"DC++" = DC++ 0.843
"Digital Photo Professional 4 (x64)" = Canon Utilities Digital Photo Professional 4
"EOS Lens Registration Tool" = Canon Utilities EOS Lens Registration Tool
"EOS Utility 2" = Canon Utilities EOS Utility 2
"EOS Utility 3" = Canon Utilities EOS Utility 3
"EOS Web Service Registration Tool" = Canon Utilities EOS Web Service Registration Tool
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.10.0
"InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Nik Collection" = Nik Collection
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 33.0.1990.115" = Opera Stable 33.0.1990.115
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Psaní všemi deseti_is1" = Psaní všemi deseti 1.5
"PTGui" = PTGui Pro 9.0
"Registrace uživatele zařízení Canon MG5200 series" = Registrace uživatele zařízení Canon MG5200 series
"SafeZone 1.48.2066.44" = SafeZone Stable 1.48.2066.44
"TeamViewer" = TeamViewer 11
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz DeNoise 5 (64-bit)" = Topaz DeNoise 5 (64-bit)
"Topaz Star Effects" = Topaz Star Effects
"Topaz Star Effects (64-bit)" = Topaz Star Effects (64-bit)
"Totalcmd" = Total Commander (Remove or Repair)
"Verbatim GREEN BUTTON_is1" = Verbatim GREEN BUTTON 1.68
"Verbatim Product Update_is1" = Verbatim Product Update 1.06
"VLC media player" = VLC media player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.4.2016 6:16:14 | Computer Name = Bublina | Source = EventSystem | ID = 4621
Description =

Error - 10.4.2016 12:26:37 | Computer Name = Bublina | Source = Application Hang | ID = 1002
Description = Program OTL.exe verze 3.2.69.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: f44 Čas
spuštění: 01d193450be0b6f4 Čas ukončení: 4 Cesta k aplikaci: C:\Users\Bublifuk\Downloads\OTL.exe

ID
hlášení:

[ System Events ]
Error - 10.4.2016 5:07:02 | Computer Name = Bublina | Source = DCOM | ID = 10010
Description =

Error - 10.4.2016 5:17:54 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WerSvc bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:18:24 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WerSvc bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:18:38 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WPDBusEnum bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:18:54 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WerSvc bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:19:08 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby SysMain bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:19:24 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WerSvc bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:24:09 | Computer Name = Bublina | Source = DCOM | ID = 10010
Description =

Error - 10.4.2016 6:12:33 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby avast! Antivirus bylo dosaženo
časového limitu (30000 ms).

Error - 10.4.2016 11:43:17 | Computer Name = Bublina | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:40:17, ?10.?4.?2016) bylo neočekávané.

< End of report >

fanous · #6 Příspěvek od **fanous** » 10 dub 2016 18:09

První log - Extras.txt

OTL Extras logfile created on: 10.4.2016 18:32:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bublifuk\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,28 Gb Available Physical Memory | 66,02% Memory free
15,99 Gb Paging File | 12,97 Gb Available in Paging File | 81,08% Paging File free
Paging file location(s): h:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,05 Gb Total Space | 14,60 Gb Free Space | 20,84% Space Free | Partition Type: NTFS
Drive D: | 461,58 Gb Total Space | 152,54 Gb Free Space | 33,05% Space Free | Partition Type: NTFS
Drive E: | 374,79 Gb Total Space | 249,25 Gb Free Space | 66,50% Space Free | Partition Type: NTFS
Drive H: | 25,09 Gb Total Space | 16,22 Gb Free Space | 64,67% Space Free | Partition Type: NTFS

Computer Name: BUBLINA | User Name: Bublifuk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- "C:\Program Files (x86)\Opera\Launcher.exe" -noautoupdate -- "%1"
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- "C:\Program Files (x86)\Opera\Launcher.exe" -noautoupdate -- "%1"

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05BD17E4-0689-4EC7-9A49-2DAFE9EFF63F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0F144A6A-FE01-4576-8C08-0B9B5582060C}" = lport=139 | protocol=6 | dir=in | app=system |
"{10C5122A-6211-42FF-88FF-1E851E3C8C5C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{18E53825-EA5A-411C-8DE0-3B94FAC126BA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F22341D-C6A8-45E7-84C5-D3B67ED604CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23638164-C2D8-415F-B8E0-5AB5EE818EE7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2C84C6AA-A41F-4E31-BF90-B4FCCEF5F9FC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{3EC68BE1-1C7E-4DBC-A325-3F6542452CB2}" = rport=137 | protocol=17 | dir=out | app=system |
"{46D3AAFD-140A-4F32-A154-07B3D4D8E0E0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48DDCB22-04BE-460D-A3FA-ED2F50B04E81}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{72931DBD-A9F8-4CFE-B7EC-90339B110D49}" = rport=138 | protocol=17 | dir=out | app=system |
"{784EF8CC-70ED-406B-A1EB-773B474ADC6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{853F07A4-BA8A-4691-A139-8A1E63FE74FE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9006173C-3675-41F5-8896-02480DC87777}" = lport=138 | protocol=17 | dir=in | app=system |
"{92EBB47C-2382-4F39-A3F3-421FF298398E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B85BCC35-8E19-4B4B-91C2-3767D57947D2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BC271170-DCA3-4DEE-9D87-334F54BDD322}" = lport=445 | protocol=6 | dir=in | app=system |
"{C451368B-31F3-4B01-BDFF-29BFC6C75871}" = rport=139 | protocol=6 | dir=out | app=system |
"{D68AFD59-CEEF-4A77-B0BC-AD69B2FEEE82}" = rport=445 | protocol=6 | dir=out | app=system |
"{D9A25DCF-028B-4E5E-AA56-1225E1E093B8}" = lport=137 | protocol=17 | dir=in | app=system |
"{DB132015-1D31-4AB8-97F0-C13AEC12B1DE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E62B615E-0DDD-4C4E-8CFD-9811D9319E45}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC9CAE8F-E4B5-48EA-ADF5-D29B3210C415}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D70AD92-CD2A-4BC0-B6DA-8C7219152A45}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{18A68F82-1571-4D30-BB54-4D1FAFB7FD9C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{1D48269E-682A-48CD-A36C-4A933536CD85}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\eos utility\eosupnpsv.exe |
"{305B65A2-0C5E-4F5F-97D5-91AC4CC5253E}" = protocol=6 | dir=in | app=c:\users\bublifuk\appdata\roaming\dropbox\bin\dropbox.exe |
"{361BB048-56BC-45DE-B8E4-E3F41A3E2F39}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{474ED279-5934-4F0C-B1DC-B33686786574}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{494EDADF-163E-4849-9314-761A36E3A524}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{496D341E-5DAE-482A-B651-CD43A65FD427}" = dir=in | app=%programfiles%\adobe\adobe photoshop cc 2015\photoshop.exe |
"{6151DCEA-8981-40D1-8FE8-281043E3EE24}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6196B09C-B095-4316-BB8C-F878CCD64D4E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6B594901-BD58-4813-8162-EE8BBAEC895B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{76670F20-ECAC-468A-BB30-F7CFCFEDCA95}" = protocol=6 | dir=out | app=system |
"{7A50F69C-28F9-4728-A91D-5F1D878D3BD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82F0A661-F44B-4E27-9A72-2C0367A7A834}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\eos utility\eosupnpsv.exe |
"{91F4EBF1-247A-491C-9313-ECC23803B194}" = protocol=6 | dir=in | app=c:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe |
"{92759125-9027-434A-98D9-376A6C6E0E9B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{970B0222-B2DF-4105-A80D-AAF781244074}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9BD9B3CB-5F42-4E0C-868B-95100DF3C05D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A3B89C05-E79C-4810-86F4-F11DAD8B0A19}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{AB13641C-20E6-46F5-A1B9-993770A9789C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABFF7E42-4DAF-4308-849C-57C2BFC7EE3C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ACA09B44-F6D6-4804-ACB3-F749875BC08A}" = protocol=17 | dir=in | app=c:\users\bublifuk\appdata\roaming\dropbox\bin\dropbox.exe |
"{B15AADE8-AE4D-4425-B652-8D3B9129BAF9}" = dir=in | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\core\pdapp.exe |
"{B26C671A-0612-4974-830E-AB8DD9BEECC5}" = dir=out | app=%programfiles%\adobe\adobe photoshop cc 2015\photoshop.exe |
"{BB219079-16A1-4E3C-AD2B-12F98B42B16C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BCC5A3C4-E123-4F12-8550-5EBDEC8B6EAC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3D87356-D6D0-45B5-AB1C-0BFA0BF86EB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D14457AE-9647-4FF9-9B6C-76CBFC5622D3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{D83DAAA1-7C9B-4725-88B7-5B9FCBC5F67B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{DB280567-082A-45BF-98B1-69C0B3607401}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F358352A-FB6F-4F4B-B40B-B2C5319AFCD1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F96E57D9-EB5A-4EC9-A5EC-3209FEA39D9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F98A802F-EB58-4E2C-826A-F20CC6CE5290}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1A65F319-3B5A-4D63-B2CD-0ABA97199DAB}C:\users\bublifuk\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bublifuk\appdata\local\akamai\netsession_win.exe |
"TCP Query User{541E90A2-12CE-4D94-BFBB-0847C4334F23}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"TCP Query User{55BCA379-CBF5-497A-A1E9-AE5FBD07E2FE}C:\program files\onone software\perfect effects 8\perfect effects 8.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect effects 8\perfect effects 8.exe |
"TCP Query User{915629FB-8B7F-4687-A7EC-143D8D03717C}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"TCP Query User{E63F3D6A-7D2B-4D8E-94BF-3B2D8C3AC712}C:\users\bublifuk\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bublifuk\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2134162B-47A3-4648-81C8-F7C7A2DD5332}C:\users\bublifuk\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bublifuk\appdata\local\akamai\netsession_win.exe |
"UDP Query User{262FD660-812B-4608-827E-EC3CE3870DE3}C:\users\bublifuk\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bublifuk\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2A3A410A-1784-4FDC-B9E1-FA46DD700236}C:\program files\onone software\perfect effects 8\perfect effects 8.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect effects 8\perfect effects 8.exe |
"UDP Query User{32425BDB-354D-4C42-9E60-344F6616603F}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"UDP Query User{7B97E389-152D-44CE-A042-B1DE0B7D5931}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{4DC318F5-1640-4417-A218-912ED9905FAA}" = Corel Graphics - Windows Shell Extension
"_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}" = CorelDRAW Graphics Suite X7 (64-Bit)
"{06B60360-9DBD-4593-90A0-FD237F0845A2}" = Topaz DeNoise 5 (64-bit)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{13179AB2-69FD-459B-800F-81865A501AD4}" = CorelDRAW Graphics Suite X7 - IPM T (x64)
"{1A73168F-5983-46A6-AAAB-FD83BC231E02}" = CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64)
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}" = Adobe Photoshop Lightroom 5.7 64-bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}" = Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS
"{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}" = CorelDRAW Graphics Suite X7 - Draw (x64)
"{2C91CB9D-323D-43E5-A433-229B71CFB773}" = CorelDRAW Graphics Suite X7 - Capture (x64)
"{2F884A17-E051-3DB7-B093-6274C98740F6}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩
"{36B98E65-CA52-348C-9ED7-77B926A16C2D}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3B4AE1A9-C026-4D08-8004-DA9A85A411A4}" = Corel Graphics - Windows Shell Extension 32 Bit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4DC318F5-1640-4417-A218-912ED9905FAA}" = Corel Graphics - Windows Shell Extension
"{5162E418-BB43-4C8F-ACD6-069645EF98C3}" = CorelDRAW Graphics Suite X7 - Custom Data (x64)
"{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}" = CorelDRAW Graphics Suite X7 - FontNav (x64)
"{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}" = CorelDRAW Graphics Suite X7 - VBA (x64)
"{5707EC26-AA9F-32C6-B7C1-347A3482CEC0}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support
"{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}" = CorelDRAW Graphics Suite X7 - Setup Files (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{73A36613-1F8F-3D94-B28A-4CC0E3CAECB5}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA
"{73A64813-E631-3807-8E78-BA679EDA09A8}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack
"{83646B67-A878-4E95-BB4B-AF4A6E61F28C}" = CGS17_Setup_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}" = CorelDRAW Graphics Suite X7 - Common (x64)
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{966996DC-D67C-40E3-8BD4-31FA0F093571}" = CorelDRAW Graphics Suite X7 - VideoBrowser (x64)
"{9D00A8DA-650F-21C6-E787-78756733F15F}" = ATI Catalyst Install Manager
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BA14C6F7-A633-3E88-831B-FCC197A5A17D}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français
"{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026
"{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}" = CorelDRAW Graphics Suite X7 - Connect (x64)
"{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}" = CorelDRAW Graphics Suite X7 - Redist (x64)
"{C922F325-DD52-4E22-B204-431A06E63E51}" = CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64)
"{CD56C9B9-FB98-372B-8BC7-FDA312CD2511}" = Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D10A5CFA-FE33-4F06-AE37-554604F00A52}" = CorelDRAW Graphics Suite X7 - Filters (x64)
"{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}" = CorelDRAW Graphics Suite X7 - Writing Tools (x64)
"{DCCD0EF6-DFCF-4D31-B71D-2AAC24C6AB16}" = CorelDRAW Graphics Suite X7 - CZ (x64)
"{DDDF762A-2D1D-36A3-9B70-70BD62B4EDCF}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN
"{E237254B-36A1-3D27-815E-B37C13BE0796}" = Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB
"{E5A509B4-D9B1-4FD9-B3EF-EDB216AA8651}" = ccc-utility64
"{EF44BCCD-13F9-4974-862C-CCFAF43EE082}" = CorelDRAW Graphics Suite X7 - IPM Content (x64)
"{FB501A6E-CA6D-36DA-8860-17F0E6D89155}" = Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件
"DVDFab Virtual Drive_is1" = DVDFab Virtual Drive
"PhotomatixPro5x64_is1" = Photomatix Pro version 5.0.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{03077B58-6ACF-32CA-B42A-EAA458C295A1}" = Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 8.1.1
"{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{0FE6DE07-8CBA-3F73-86B4-51B91E506D24}" = Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{18435829-4E75-4CD1-9796-A62DBBAE2ED7}" = DeepSkyStacker
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83218040F0}" = Java 8 Update 40
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{2DD336BD-D504-4AD7-AA03-201114C24495}" = NWZ-W270S WALKMAN Guide
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3371699A-C1EF-3AC3-B094-D338191FA6E9}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{4908C75E-E5E2-43F7-B1DF-023CBA831029}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{5950473A-825B-3019-AF86-55F2F9A95FCB}" = Microsoft Visual Studio Tools for Applications 2012 Finalizer
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}" = Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7259BDDA-D888-309D-ADE1-84AA0CB24FE9}" = Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74d0e5db-b326-4dae-a6b2-445b9de1836e}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
"{793C2BF7-A4FE-4608-91C9-9282C5801C21}" = Adobe Photoshop CC 2015
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{859C7535-6862-3867-B97E-816795E8AB65}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack
"{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"{89ca2a32-2b52-4595-8dfd-6fe4757958d0}" = Microsoft Visual Studio Tools for Applications 2012
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{955E1388-E1F1-320A-A018-24616ED60F95}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026
"{A3EB1DE3-9D3F-34C2-BDE6-5A8A4B98CC37}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B8FD8F53-7E58-3DE5-A8FC-CB2B5CCF38CE}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}" = LEGO® The Lord of the Rings™
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAAC553D-EE02-32D2-9F7E-FBC5C22E4C08}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket
"{CF06B8C4-F6FC-3A4B-ADD0-04A1CAC3DD86}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support
"{D2437C5C-2D8C-40D2-8059-689AD7239FA3}" = Intel(R) C++ Redistributables for Windows* on Intel(R) 64
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{e46eca4f-393b-40df-9f49-076faf788d83}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"Avast" = Avast Free Antivirus
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"DC++" = DC++ 0.843
"Digital Photo Professional 4 (x64)" = Canon Utilities Digital Photo Professional 4
"EOS Lens Registration Tool" = Canon Utilities EOS Lens Registration Tool
"EOS Utility 2" = Canon Utilities EOS Utility 2
"EOS Utility 3" = Canon Utilities EOS Utility 3
"EOS Web Service Registration Tool" = Canon Utilities EOS Web Service Registration Tool
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.10.0
"InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Nik Collection" = Nik Collection
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 33.0.1990.115" = Opera Stable 33.0.1990.115
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Psaní všemi deseti_is1" = Psaní všemi deseti 1.5
"PTGui" = PTGui Pro 9.0
"Registrace uživatele zařízení Canon MG5200 series" = Registrace uživatele zařízení Canon MG5200 series
"SafeZone 1.48.2066.44" = SafeZone Stable 1.48.2066.44
"TeamViewer" = TeamViewer 11
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz DeNoise 5 (64-bit)" = Topaz DeNoise 5 (64-bit)
"Topaz Star Effects" = Topaz Star Effects
"Topaz Star Effects (64-bit)" = Topaz Star Effects (64-bit)
"Totalcmd" = Total Commander (Remove or Repair)
"Verbatim GREEN BUTTON_is1" = Verbatim GREEN BUTTON 1.68
"Verbatim Product Update_is1" = Verbatim Product Update 1.06
"VLC media player" = VLC media player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.4.2016 6:16:14 | Computer Name = Bublina | Source = EventSystem | ID = 4621
Description =

Error - 10.4.2016 12:26:37 | Computer Name = Bublina | Source = Application Hang | ID = 1002
Description = Program OTL.exe verze 3.2.69.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: f44 Čas
spuštění: 01d193450be0b6f4 Čas ukončení: 4 Cesta k aplikaci: C:\Users\Bublifuk\Downloads\OTL.exe

ID
hlášení:

[ System Events ]
Error - 10.4.2016 5:07:02 | Computer Name = Bublina | Source = DCOM | ID = 10010
Description =

Error - 10.4.2016 5:17:54 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WerSvc bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:18:24 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WerSvc bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:18:38 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WPDBusEnum bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:18:54 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WerSvc bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:19:08 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby SysMain bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:19:24 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WerSvc bylo dosaženo časového
limitu (30000 ms).

Error - 10.4.2016 5:24:09 | Computer Name = Bublina | Source = DCOM | ID = 10010
Description =

Error - 10.4.2016 6:12:33 | Computer Name = Bublina | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby avast! Antivirus bylo dosaženo
časového limitu (30000 ms).

Error - 10.4.2016 11:43:17 | Computer Name = Bublina | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:40:17, ?10.?4.?2016) bylo neočekávané.

< End of report >

fanous · #7 Příspěvek od **fanous** » 10 dub 2016 18:10

Druhý log - olt.txt

OTL logfile created on: 10.4.2016 18:32:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bublifuk\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,28 Gb Available Physical Memory | 66,02% Memory free
15,99 Gb Paging File | 12,97 Gb Available in Paging File | 81,08% Paging File free
Paging file location(s): h:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,05 Gb Total Space | 14,60 Gb Free Space | 20,84% Space Free | Partition Type: NTFS
Drive D: | 461,58 Gb Total Space | 152,54 Gb Free Space | 33,05% Space Free | Partition Type: NTFS
Drive E: | 374,79 Gb Total Space | 249,25 Gb Free Space | 66,50% Space Free | Partition Type: NTFS
Drive H: | 25,09 Gb Total Space | 16,22 Gb Free Space | 64,67% Space Free | Partition Type: NTFS

Computer Name: BUBLINA | User Name: Bublifuk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016.04.10 18:21:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bublifuk\Downloads\OTL.exe
PRC - [2016.04.06 12:05:03 | 000,874,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016.03.23 19:09:01 | 007,139,256 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016.03.22 19:32:18 | 000,237,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016.03.12 02:19:08 | 025,577,864 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2016.02.09 07:39:16 | 002,020,056 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
PRC - [2016.02.02 16:04:06 | 000,252,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
PRC - [2015.12.14 17:43:10 | 006,889,232 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2015.12.14 00:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.05.14 10:52:48 | 001,575,936 | ---- | M] (Canon INC.) -- C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
PRC - [2014.01.20 15:56:46 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2016.04.06 12:04:39 | 001,675,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
MOD - [2016.04.06 12:04:27 | 000,086,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
MOD - [2016.03.22 19:32:20 | 000,113,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016.03.22 19:32:19 | 000,480,760 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016.03.22 19:32:19 | 000,133,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016.03.12 02:18:48 | 000,024,904 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
MOD - [2016.03.12 02:18:48 | 000,022,352 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
MOD - [2016.03.12 02:18:48 | 000,021,840 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
MOD - [2016.03.12 02:18:48 | 000,021,832 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
MOD - [2016.03.12 02:18:48 | 000,020,800 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
MOD - [2016.03.12 02:18:46 | 000,023,376 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
MOD - [2016.03.12 02:18:46 | 000,021,824 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
MOD - [2016.03.12 02:18:46 | 000,020,800 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
MOD - [2016.03.12 02:18:46 | 000,019,776 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
MOD - [2016.03.12 02:18:44 | 000,381,752 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
MOD - [2016.03.12 02:18:44 | 000,020,800 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
MOD - [2016.03.12 02:18:42 | 000,019,760 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
MOD - [2016.03.12 02:18:38 | 003,928,880 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
MOD - [2016.03.12 02:18:36 | 000,223,544 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
MOD - [2016.03.12 02:18:34 | 000,546,096 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
MOD - [2016.03.12 02:18:34 | 000,357,680 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
MOD - [2016.03.12 02:18:34 | 000,158,008 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
MOD - [2016.03.12 02:18:34 | 000,132,912 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
MOD - [2016.03.12 02:18:34 | 000,042,808 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
MOD - [2016.03.12 02:18:32 | 001,971,504 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
MOD - [2016.03.12 02:18:32 | 000,531,248 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
MOD - [2016.03.12 02:18:32 | 000,207,672 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
MOD - [2016.03.12 02:18:28 | 001,826,096 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
MOD - [2016.03.12 02:18:26 | 000,052,024 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
MOD - [2016.03.12 02:18:26 | 000,024,392 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
MOD - [2016.03.12 02:18:24 | 000,084,792 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
MOD - [2016.03.12 02:18:24 | 000,038,696 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\fastpath.pyd
MOD - [2016.03.12 02:18:22 | 000,026,456 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
MOD - [2016.03.12 02:18:10 | 001,682,760 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
MOD - [2016.03.12 02:18:10 | 000,020,816 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
MOD - [2016.03.12 02:18:10 | 000,020,808 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
MOD - [2016.03.12 02:18:08 | 000,117,056 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
MOD - [2016.03.12 02:18:08 | 000,020,280 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
MOD - [2016.02.23 20:25:10 | 000,697,304 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2016.02.23 20:23:20 | 001,631,184 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2016.02.23 20:23:18 | 000,017,864 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2016.02.23 20:21:44 | 000,036,296 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\librsync.dll
MOD - [2016.02.23 20:21:16 | 000,350,152 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\winxpgui.pyd
MOD - [2016.02.23 20:21:16 | 000,028,616 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32ts.pyd
MOD - [2016.02.23 20:21:14 | 000,114,640 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32security.pyd
MOD - [2016.02.23 20:21:14 | 000,048,592 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32service.pyd
MOD - [2016.02.23 20:21:14 | 000,043,472 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32process.pyd
MOD - [2016.02.23 20:21:14 | 000,024,016 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32profile.pyd
MOD - [2016.02.23 20:21:12 | 000,175,560 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32gui.pyd
MOD - [2016.02.23 20:21:12 | 000,124,880 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32file.pyd
MOD - [2016.02.23 20:21:12 | 000,057,808 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
MOD - [2016.02.23 20:21:12 | 000,030,160 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32pipe.pyd
MOD - [2016.02.23 20:21:10 | 000,105,928 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32api.pyd
MOD - [2016.02.23 20:21:10 | 000,024,528 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32event.pyd
MOD - [2016.02.23 20:21:10 | 000,024,016 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
MOD - [2016.02.23 20:21:10 | 000,020,936 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\mmapfile.pyd
MOD - [2016.02.23 20:20:22 | 000,112,592 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
MOD - [2016.02.23 20:20:20 | 000,240,584 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\jpegtran.pyd
MOD - [2016.02.23 20:20:20 | 000,083,912 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\sip.pyd
MOD - [2016.02.23 20:20:18 | 000,019,408 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\faulthandler.pyd
MOD - [2016.02.23 20:19:36 | 000,134,608 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\_elementtree.pyd
MOD - [2016.02.23 20:19:36 | 000,034,768 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
MOD - [2016.02.23 20:19:34 | 000,692,688 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\unicodedata.pyd
MOD - [2016.02.23 20:19:34 | 000,134,088 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\pyexpat.pyd
MOD - [2016.02.23 20:19:34 | 000,093,640 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\_ctypes.pyd
MOD - [2016.02.23 20:19:34 | 000,018,376 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\select.pyd
MOD - [2016.02.23 20:19:32 | 000,392,144 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\pythoncom27.dll
MOD - [2016.02.23 20:19:32 | 000,116,688 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\pywintypes27.dll
MOD - [2016.01.04 19:45:21 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015.04.03 18:34:31 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c0f61f9b73571f26b6e0e0757bc5f460\CustomMarshalers.ni.dll
MOD - [2015.03.31 20:54:11 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2015.03.31 20:54:11 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\003d2d74243cab7e412d36416bbf0a3d\Accessibility.ni.dll
MOD - [2015.03.31 20:53:54 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2015.03.31 20:53:43 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2015.03.31 20:53:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2015.03.31 20:53:39 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2015.03.31 20:53:33 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
MOD - [2014.05.14 10:51:02 | 000,503,808 | ---- | M] () -- C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.06.10 23:22:50 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

========== Services (SafeList) ==========

SRV:64bit: - [2016.03.22 19:32:18 | 000,237,096 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.04.30 17:33:52 | 000,337,776 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2010.02.11 07:29:30 | 000,952,320 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016.02.09 07:39:16 | 002,020,056 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService)
SRV - [2015.12.14 17:43:10 | 006,889,232 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2015.12.14 00:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.03.25 18:28:56 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.01.20 15:56:46 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2012.07.09 01:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2016.03.23 19:04:45 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2016.03.22 19:33:28 | 001,070,904 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2016.03.22 19:33:28 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswmonflt.sys -- (aswMonFlt)
DRV:64bit: - [2016.03.22 19:33:17 | 000,463,744 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2016.03.22 19:33:00 | 000,287,016 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswvmm.sys -- (aswVmm)
DRV:64bit: - [2016.03.22 19:32:25 | 000,165,344 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2016.03.22 19:32:25 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2016.03.22 19:32:25 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2016.03.22 19:32:24 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.08.29 17:57:50 | 000,044,960 | ---- | M] (DVDFab Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vdrive.sys -- (vdrive)
DRV:64bit: - [2014.08.29 17:57:50 | 000,012,704 | ---- | M] (DVDFab Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvdfabio.sys -- (dvdfabio)
DRV:64bit: - [2013.09.30 17:26:50 | 000,019,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.09.30 17:26:48 | 000,012,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2011.05.17 16:44:46 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2010.04.07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2010.02.11 09:42:54 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{789B989B-014A-4367-B8ED-B2A7E466982E}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016.03.23 18:58:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.03.23 18:58:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016.03.23 18:58:02 | 000,000,000 | ---D | M]

[2015.02.28 19:39:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bublifuk\AppData\Roaming\Mozilla\Extensions
[2015.02.28 19:39:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bublifuk\AppData\Roaming\Mozilla\Extensions\prism@developer.mozilla.org

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.6_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.6_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.242_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2016.04.10 10:45:41 | 000,001,043 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Dropbox Update] C:\Users\Bublifuk\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bublifuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bublifuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.77.1.1 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13ACB68B-8A35-4FF6-8E71-EE91C267F28D}: DhcpNameServer = 10.77.1.1 10.77.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.ACDV - File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2016.04.10 18:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016.04.10 18:04:52 | 000,000,000 | ---D | C] -- C:\rsit
[2016.04.10 17:48:17 | 000,021,624 | ---- | C] (solvusoft) -- C:\Windows\SysNative\roboot64.exe
[2016.04.10 17:48:14 | 000,000,000 | ---D | C] -- C:\Users\Bublifuk\AppData\Roaming\Solvusoft
[2016.04.10 17:20:42 | 000,000,000 | ---D | C] -- C:\Users\Bublifuk\AppData\Local\ElevatedDiagnostics
[2016.04.10 16:45:00 | 000,000,000 | ---D | C] -- C:\Users\Bublifuk\AppData\Local\ACCCx3_6_0_248
[2016.04.10 11:53:14 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2016.04.10 10:38:40 | 000,000,000 | ---D | C] -- C:\totalcmd
[2016.04.10 10:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
[2016.04.10 10:38:40 | 000,000,000 | ---D | C] -- C:\Users\Bublifuk\AppData\Roaming\GHISLER
[2016.04.10 10:07:27 | 000,000,000 | ---D | C] -- C:\Users\Bublifuk\Desktop\Schválit
[2016.04.09 12:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016.04.09 11:49:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.04.09 11:38:59 | 000,000,000 | ---D | C] -- C:\Users\Bublifuk\Desktop\Nová složka
[2016.04.09 11:36:49 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2016.03.23 19:04:51 | 000,037,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2016.03.22 19:58:20 | 000,000,000 | ---D | C] -- C:\Users\Bublifuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2016.03.22 19:32:30 | 000,398,152 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2016.03.22 19:32:20 | 000,052,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[3 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2016.04.10 18:34:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.04.10 18:09:34 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016.04.10 17:52:24 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3778296720-2450441648-3328822754-1000UA.job
[2016.04.10 17:48:26 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.04.10 17:48:26 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.04.10 17:45:18 | 000,000,505 | ---- | M] () -- C:\Users\Bublifuk\Desktop\Síťová připojení – zástupce.lnk
[2016.04.10 17:43:34 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016.04.10 17:43:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.04.10 17:38:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.04.10 16:24:38 | 000,001,480 | ---- | M] () -- C:\Users\Bublifuk\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2016.04.10 12:15:37 | 001,580,126 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016.04.10 12:15:37 | 000,667,424 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016.04.10 12:15:37 | 000,652,990 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016.04.10 12:15:37 | 000,140,602 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016.04.10 12:15:37 | 000,121,392 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016.04.10 08:54:39 | 016,853,790 | ---- | M] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_2_2015_pdf.pdf
[2016.04.10 08:54:21 | 013,440,563 | ---- | M] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_3pdf.pdf
[2016.04.10 08:54:09 | 017,118,600 | ---- | M] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_4pdf.pdf
[2016.04.10 08:53:51 | 014,647,526 | ---- | M] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_1pdf.pdf
[2016.04.10 08:53:37 | 014,060,534 | ---- | M] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_5pdf.pdf
[2016.04.10 08:45:49 | 012,118,844 | ---- | M] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_2pdf.pdf
[2016.04.09 12:04:48 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2016.04.09 11:36:27 | 326,931,804 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2016.04.09 09:42:18 | 000,002,188 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.04.07 19:52:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3778296720-2450441648-3328822754-1000Core.job
[2016.04.03 20:46:16 | 000,020,480 | ---- | M] () -- C:\Users\Bublifuk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016.03.31 21:30:11 | 000,000,075 | ---- | M] () -- C:\Users\Bublifuk\Desktop\Canon TS-E 24mm-3.5 - Bazar - PALADIX foto-on-line - PALADIX foto-on-line.url
[2016.03.31 20:44:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_EhStorPwdDrv_01_09_00.Wdf
[2016.03.23 19:04:45 | 000,037,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2016.03.22 19:59:01 | 000,001,147 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2016.03.22 19:33:28 | 001,070,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2016.03.22 19:33:28 | 000,107,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswmonflt.sys
[2016.03.22 19:33:17 | 000,463,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2016.03.22 19:33:00 | 000,287,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys
[2016.03.22 19:32:25 | 000,398,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2016.03.22 19:32:25 | 000,165,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2016.03.22 19:32:25 | 000,074,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2016.03.22 19:32:25 | 000,037,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2016.03.22 19:32:24 | 000,103,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2016.03.22 19:32:20 | 000,052,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[3 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2016.04.10 18:34:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.04.10 17:45:18 | 000,000,505 | ---- | C] () -- C:\Users\Bublifuk\Desktop\Síťová připojení – zástupce.lnk
[2016.04.10 17:23:53 | 000,000,933 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
[2016.04.10 17:09:57 | 000,001,539 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
[2016.04.10 16:46:52 | 000,001,230 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
[2016.04.10 10:38:40 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2016.04.10 10:38:40 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2016.04.10 10:38:40 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2016.04.10 10:38:40 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2016.04.10 10:38:40 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2016.04.10 10:38:40 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2016.04.10 08:54:21 | 016,853,790 | ---- | C] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_2_2015_pdf.pdf
[2016.04.10 08:54:05 | 013,440,563 | ---- | C] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_3pdf.pdf
[2016.04.10 08:53:49 | 017,118,600 | ---- | C] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_4pdf.pdf
[2016.04.10 08:53:34 | 014,647,526 | ---- | C] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_1pdf.pdf
[2016.04.10 08:53:21 | 014,060,534 | ---- | C] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_5pdf.pdf
[2016.04.10 08:45:31 | 012,118,844 | ---- | C] () -- C:\Users\Bublifuk\Desktop\LEGO_Club_Magazine_Red_Brick_2pdf.pdf
[2016.04.09 12:04:48 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2016.04.09 11:36:27 | 326,931,804 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2016.03.31 20:44:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_EhStorPwdDrv_01_09_00.Wdf
[2016.03.23 19:05:01 | 000,001,042 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[2015.08.15 18:20:48 | 000,000,160 | ---- | C] () -- C:\Windows\ALIGN-SETTING.INI
[2015.08.15 18:20:48 | 000,000,149 | ---- | C] () -- C:\Windows\ESTIMATE-SETTING.INI
[2015.08.15 18:20:48 | 000,000,106 | ---- | C] () -- C:\Windows\LIMIT-SETTING.INI
[2015.02.22 16:52:16 | 000,000,132 | ---- | C] () -- C:\Users\Bublifuk\AppData\Roaming\Formát PNG Adobe CC – předvolby
[2015.01.20 21:11:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2015.01.20 21:11:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2015.01.20 21:11:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2015.01.20 21:11:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2015.01.20 21:11:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2015.01.06 19:26:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.12.25 00:01:09 | 000,020,480 | ---- | C] () -- C:\Users\Bublifuk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.12.22 20:22:28 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2014.12.22 18:40:21 | 000,001,480 | ---- | C] () -- C:\Users\Bublifuk\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2014.12.17 22:50:45 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.12.17 23:40:42 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\ACD Systems
[2014.12.18 21:22:40 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Alien Skin
[2015.03.07 12:48:46 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Autodesk
[2014.12.17 22:32:01 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\AVAST Software
[2015.09.05 11:08:20 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\calibre
[2014.12.23 10:34:53 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Canon
[2014.12.22 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Canon_Inc_IC
[2016.04.09 09:14:27 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\DC++
[2016.04.10 17:45:56 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Dropbox
[2016.04.10 10:38:40 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\GHISLER
[2015.04.25 09:16:37 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\HDRsoft
[2015.11.29 15:24:30 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Levenhuk
[2015.08.15 19:44:59 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Nebulosity4
[2015.11.29 15:24:12 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\onOne Software
[2015.11.29 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Opera Software
[2016.04.03 21:44:24 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\PTGui
[2014.12.28 13:56:22 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Samsung
[2016.02.27 10:50:14 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Seznam.cz
[2016.04.10 17:57:53 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Solvusoft
[2015.12.24 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Sony
[2016.04.10 18:02:10 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\TeamViewer
[2016.02.21 19:58:22 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Warner Bros. Interactive Entertainment

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,568 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.12.17 22:24:33 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.12.17 22:24:35 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.03.25 18:29:00 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015.06.18 19:42:18 | 000,000,878 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3778296720-2450441648-3328822754-1000Core.job
[2015.06.18 19:42:21 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3778296720-2450441648-3328822754-1000UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\erdnt\cache86\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\erdnt\cache86\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\erdnt\cache64\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\erdnt\cache64\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache86\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\erdnt\cache64\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\erdnt\cache64\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
[26 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.12.17 23:40:42 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\ACD Systems
[2016.02.08 18:18:41 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Adobe
[2015.03.11 19:32:44 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Ahead
[2014.12.18 21:22:40 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Alien Skin
[2015.01.06 19:36:05 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\ATI
[2015.03.07 12:48:46 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Autodesk
[2014.12.17 22:32:01 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\AVAST Software
[2015.09.05 11:08:20 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\calibre
[2014.12.23 10:34:53 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Canon
[2014.12.22 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Canon_Inc_IC
[2014.12.18 00:31:21 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Corel
[2016.04.09 09:14:27 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\DC++
[2016.04.10 17:45:56 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Dropbox
[2016.01.07 19:31:01 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\dvdcss
[2016.04.10 10:38:40 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\GHISLER
[2015.02.09 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Google
[2015.04.25 09:16:37 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\HDRsoft
[2014.12.17 22:12:20 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Identities
[2015.11.29 15:24:30 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Levenhuk
[2014.12.17 23:45:31 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Macromedia
[2009.07.14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Media Center Programs
[2016.03.31 20:48:16 | 000,000,000 | --SD | M] -- C:\Users\Bublifuk\AppData\Roaming\Microsoft
[2015.02.28 19:39:20 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Mozilla
[2015.08.15 19:44:59 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Nebulosity4
[2015.11.29 15:24:12 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\onOne Software
[2015.11.29 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Opera Software
[2016.04.03 21:44:24 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\PTGui
[2014.12.28 13:56:22 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Samsung
[2016.02.27 10:50:14 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Seznam.cz
[2016.04.10 17:57:53 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Solvusoft
[2015.12.24 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Sony
[2016.04.10 18:02:10 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\TeamViewer
[2016.04.07 19:11:05 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\vlc
[2016.02.21 19:58:22 | 000,000,000 | ---D | M] -- C:\Users\Bublifuk\AppData\Roaming\Warner Bros. Interactive Entertainment

< %APPDATA%\*.exe /s >
[2016.03.12 02:19:08 | 025,577,864 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2016.03.12 02:19:26 | 000,173,032 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2016.02.23 20:23:42 | 000,018,392 | ---- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe
[2016.03.12 02:18:50 | 000,029,992 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\driver_amd64\dbxsvc.exe
[2016.03.12 02:18:52 | 000,029,480 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Users\Bublifuk\AppData\Roaming\Dropbox\bin\driver_x86\dbxsvc.exe
[2015.01.06 19:32:25 | 000,010,134 | R--- | M] () -- C:\Users\Bublifuk\AppData\Roaming\Microsoft\Installer\{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}\ARPPRODUCTICON.exe
[2014.12.10 11:50:14 | 000,061,760 | ---- | M] (Samsung) -- C:\Users\Bublifuk\AppData\Roaming\Samsung\Kies3.0\FirmwareUpdateTemp\AGENT\AdminDelegator_Kies3.exe
[2014.12.10 11:50:18 | 000,089,408 | ---- | M] (Samsung) -- C:\Users\Bublifuk\AppData\Roaming\Samsung\Kies3.0\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2014.12.10 11:50:20 | 000,078,144 | ---- | M] (Samsung) -- C:\Users\Bublifuk\AppData\Roaming\Samsung\Kies3.0\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2014.12.10 11:50:24 | 000,845,120 | ---- | M] (Samsung) -- C:\Users\Bublifuk\AppData\Roaming\Samsung\Kies3.0\FirmwareUpdateTemp\AGENT\Kies3PDLR.exe
[2014.12.10 11:47:38 | 001,104,384 | ---- | M] (Samsung) -- C:\Users\Bublifuk\AppData\Roaming\Samsung\Kies3.0\FirmwareUpdateTemp\AGENT\NTMsg.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2016.04.10 18:38:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016.04.07 19:52:00 | 000,000,878 | ---- | M] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3778296720-2450441648-3328822754-1000Core.job
[2016.04.10 18:53:18 | 000,000,930 | ---- | M] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3778296720-2450441648-3328822754-1000UA.job
[2016.04.10 17:43:34 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016.04.10 18:09:34 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2016.04.08 22:12:46 | 000,065,859 | ---- | M] () -- C:\Windows\system32\generic_uninstaller.log

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Dropbox Update" = "C:\Users\Bublifuk\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c -- [2015.06.18 19:42:17 | 000,134,512 | ---- | M] (Dropbox, Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.07.14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016.04.06 12:05:03 | 000,874,648 | ---- | M] (Google Inc.) MD5=06FAA58219BF8B6D1BC25C2783763E11 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016.04.10 18:34:03 | 000,000,512 | ---- | M] () MD5=319B4768DD19014E961541B6C041D5D7 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.03.15 00:05:22 | 000,017,870 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X7\Custom Data\Canvas\cracks2c.bmp

< *keygen* /s >

< *loader* /s >
[2014.07.25 16:02:18 | 001,170,208 | ---- | M] () -- \NVIDIA\DisplayDriver\340.52\Win8_WinVista_Win7_64\English\GFExperience\ExtensionLoader.dll
[2010.05.21 22:59:20 | 001,612,256 | ---- | M] () -- \Program Files (x86)\ACD Systems\ACDSee\12.0\PlugIns\CX_Ftpuploader.apl
[2006.11.09 23:31:32 | 000,163,840 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.07.01 12:01:54 | 000,691,928 | ---- | M] () -- \Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1\loader.exe
[2014.07.25 16:02:18 | 001,170,208 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2015.05.11 10:34:24 | 000,000,251 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\extensions\com.adobe.preview\PSLoader\loader.html
[2015.05.29 02:35:04 | 000,105,672 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_BinaryLoader_4.4.33_vs10.dll
[2015.05.29 02:35:04 | 000,202,952 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_XSDLoader2_4.4.33_vs10.dll
[2015.05.29 02:35:06 | 000,154,824 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_XSDLoader_4.4.33_vs10.dll
[2014.11.08 19:09:16 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.7\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.22.dll
[2014.11.08 19:09:16 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.7\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.22.dll
[2014.11.08 19:09:16 | 000,148,480 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.7\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.22.dll
[2016.03.22 19:32:18 | 000,087,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2016.03.22 19:32:18 | 000,103,016 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2016.03.22 19:32:13 | 000,059,104 | ---- | M] () -- \Program Files\AVAST Software\Avast\ie_loader.exe
[2016.03.22 19:32:20 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\avast.vc140.crt\amd64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.22 19:32:20 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.22 19:32:14 | 000,066,808 | ---- | M] () -- \Program Files\AVAST Software\Avast\x64\ie_loader.exe
[2016.02.01 12:20:02 | 001,755,262 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\1.48.2066.44\resources\bundled_extensions\video-downloader.crx
[2016.02.01 12:20:02 | 001,755,262 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2015.05.11 10:34:02 | 000,001,683 | ---- | M] () -- \Program Files\Common Files\Adobe\Plug-Ins\CC\Generator\preview.generate\node_modules\ws\examples\fileapi\public\uploader.js
[2010.10.07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.06.04 05:27:36 | 000,013,648 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\ReflectionLoader.dll
[2016.02.23 20:21:16 | 000,014,800 | ---- | M] () -- \Users\Bublifuk\AppData\Roaming\Dropbox\bin\_win32sysloader.pyd
[2016.02.23 20:09:46 | 000,004,328 | ---- | M] () -- \Users\Bublifuk\AppData\Roaming\Dropbox\bin\QtQuick\Controls\Private\TableViewItemDelegateLoader.qml
[2016.02.23 20:09:46 | 000,004,726 | ---- | M] () -- \Users\Bublifuk\AppData\Roaming\Dropbox\bin\QtQuick\Controls\Private\TreeViewItemDelegateLoader.qml
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014.03.15 01:15:08 | 000,013,648 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\8A0F87196F6B7AD4DA3613C74C78F5B4\17.0.0\reflectionloader.dll
[2010.11.20 13:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 15:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\fe6e9e7840acaadec5a70941ba6ff546\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2016.03.22 19:32:32 | 000,019,136 | ---- | M] () -- \Windows\winsxs\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.23506.0_none_545784f92070b665\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.04.05 17:24:58 | 000,019,136 | ---- | M] () -- \Windows\winsxs\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_53c8344321b452ba\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 20:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 20:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 20:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 20:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 20:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2015.03.31 20:40:12 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2015.03.31 20:40:12 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2015.03.31 20:40:12 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2015.03.31 20:40:12 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2015.03.31 20:40:12 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 20:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2016.03.22 19:32:32 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23506.0_none_9c04bbd034ecdf6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.04.05 17:24:57 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

#8 Příspěvek od **Rudy** » 10 dub 2016 19:18

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:

:OTL
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.6_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.6_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.242_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Bublifuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:files
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

fanous · #9 Příspěvek od **fanous** » 10 dub 2016 19:27

Po restartu to vypsalo:

Files\Folders moved on Reboot...
C:\Users\Bublifuk\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323180454.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323180455.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323180500.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\adobegc.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#10 Příspěvek od **Rudy** » 10 dub 2016 19:36

Smazáno.

K té BSOD: neměnil jste v poslední době některý kus hardwaru, nebo neinstaloval jste nějaký nový sw?

fanous · #11 Příspěvek od **fanous** » 10 dub 2016 19:44

Moc děkuji.
K BSOD - nic jsem neměnil. Jen to dělalo při spuštění Photoshopu.
Jen mě napadlo, že jsem měl připojený externí disk.

#12 Příspěvek od **Rudy** » 10 dub 2016 20:57

fanous píše:Po restartu to vypsalo:

Files\Folders moved on Reboot...
C:\Users\Bublifuk\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323180454.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323180455.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323180500.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\adobegc.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Nesmazalo to pouze některé dočasné soubory. Nic se neděje.

Bez toho připojeného disku se to nestane?

VIRY.CZ

Prosím o pomoc

Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc