VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivní kontrola :)

https://forum.viry.cz:443/viewtopic.php?t=144815

Stránka 1 z 1

Preventivní kontrola :)

Napsal: 12 čer 2015 14:54
od spinE
Zdravim po 4-6 letech! :D Ani nevim, kdy sem tu byl naposledy, ale jsem rad ze to tu porad "vali". :))

Poprosim check, jestli se mi tam neco nevali :)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:53:40, on 12.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\PROGRA~2\DUMETE~1\DUMeter.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Users\Addic7ed\AppData\Local\Mixesoft\AppNHost\appnhost.exe
C:\Users\Addic7ed\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Users\Addic7ed\AppData\Local\MEGAsync\MEGAsync.exe
C:\Program Files\Serviio\bin\ServiioConsole.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Clover\clover.exe
E:\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://servis24.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - (no file)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pidgin] "C:\Program Files (x86)\Pidgin\pidgin.exe"
O4 - HKCU\..\Run: [WiFi Guard] "C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe" /hide
O4 - HKCU\..\Run: [appnhost] C:\Users\Addic7ed\AppData\Local\Mixesoft\AppNHost\appnhost.exe
O4 - HKCU\..\Run: [f.lux] "C:\Users\Addic7ed\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Addic7ed\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - Startup: CBC.exe
O4 - Startup: Dropbox.lnk = C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: MEGAsync.lnk = Addic7ed\AppData\Local\MEGAsync\MEGAsync.exe
O4 - Startup: Rozvrh.bat
O4 - Startup: Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe
O4 - Startup: Wunderlist.lnk = C:\Users\Addic7ed\AppData\Local\Wunderlist\Wunderlist.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{272E129D-6B87-4BEC-8058-9F06700C8832}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{272E129D-6B87-4BEC-8058-9F06700C8832}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{272E129D-6B87-4BEC-8058-9F06700C8832}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Acunetix WVS Scheduler v9 (AcuWVSSchedulerv9) - Unknown owner - C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileZillaServer - Unknown owner - G:\software\xampp\filezillaftp\filezillaserver.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11607 bytes

Re: Preventivní kontrola :)

Napsal: 12 čer 2015 17:03
od Márty84
Zdravim :)

Posledni prispevek jste mel 13. unora 2010 :D

Nicmene od te doby se toho dost zmenilo. Napriklad to, ze samotny log z HJT uz je nekolik let naprosto nedostacujici, zvlast u 64bit systemu.

Cili pokud chcete pc vycistit, dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=30&t=130787

Re: Preventivní kontrola :)

Napsal: 13 čer 2015 02:28
od spinE
Rovnez zdravim, omlouvam se ale jsem jeste trochu 'pod obraz' :))

Snad je to nyni spravne (prekrocen max. pocet znaku)

http://pastebin.com/sFkCVpCR

Re: Preventivní kontrola :)

Napsal: 13 čer 2015 08:29
od Márty84
Logfile of random's system information tool 1.10 (written by random/random)
Run by Addic7ed at 2015-06-13 03:26:37
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 33 GB (32%) free of 103 GB
Total RAM: 8173 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:26:43, on 13.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\PROGRA~2\DUMETE~1\DUMeter.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Users\Addic7ed\AppData\Local\Mixesoft\AppNHost\appnhost.exe
C:\Users\Addic7ed\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Users\Addic7ed\AppData\Local\MEGAsync\MEGAsync.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files (x86)\Clover\clover.exe
C:\Program Files\trend micro\Addic7ed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://servis24.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - (no file)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pidgin] "C:\Program Files (x86)\Pidgin\pidgin.exe"
O4 - HKCU\..\Run: [WiFi Guard] "C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe" /hide
O4 - HKCU\..\Run: [appnhost] C:\Users\Addic7ed\AppData\Local\Mixesoft\AppNHost\appnhost.exe
O4 - HKCU\..\Run: [f.lux] "C:\Users\Addic7ed\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Addic7ed\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - Startup: CBC.exe
O4 - Startup: Dropbox.lnk = C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: MEGAsync.lnk = Addic7ed\AppData\Local\MEGAsync\MEGAsync.exe
O4 - Startup: Rozvrh.bat
O4 - Startup: Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe
O4 - Startup: Wunderlist.lnk = C:\Users\Addic7ed\AppData\Local\Wunderlist\Wunderlist.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{272E129D-6B87-4BEC-8058-9F06700C8832}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{272E129D-6B87-4BEC-8058-9F06700C8832}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{272E129D-6B87-4BEC-8058-9F06700C8832}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Acunetix WVS Scheduler v9 (AcuWVSSchedulerv9) - Unknown owner - C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileZillaServer - Unknown owner - G:\software\xampp\filezillaftp\filezillaserver.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11789 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\DU Meter\DUMeterSvc.exe" /startedbyscm:E1F6D4BE-40E33354-DUMeterService
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 3bec0602-5152-49c4-89fa-cfd2cbc9416c 1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
\??\C:\Windows\system32\conhost.exe "1434643509280292334-1947492142312219664963232225886391651-183850690144170854
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-11fb4da4-94bb-4dd1-969b-2167f4885db1 -SystemEventPortName:HostProcess-c3f6b4e4-30fb-4440-bbb4-c3c491f90d79 -IoCancelEventPortName:HostProcess-0ccd5213-78be-4492-ae3e-991e73c4227b -NonStateChangingEventPortName:HostProcess-4fc071fb-bbcb-487b-b096-68a9c98cf9e8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:055687c8-d76d-4022-b35b-8030fb8b1d7d -DeviceGroupId:WpdFsGroup
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\PROGRA~2\DUMETE~1\DUMeter.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Users\Addic7ed\AppData\Roaming\Remote Control Server\Remote Control Server.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Pidgin\pidgin.exe"
"C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe" /hide
"C:\Users\Addic7ed\AppData\Local\Mixesoft\AppNHost\appnhost.exe"
"C:\Users\Addic7ed\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
\??\C:\Windows\system32\conhost.exe "363432496-184742204-1635277676-1513657093-969042466-1993186431211240952859274328
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
taskeng.exe {90E5EA99-687B-4124-91F3-D7FF8964E21C}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Users\Addic7ed\AppData\Local\MEGAsync\MEGAsync.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4316.0.1809204418\1624198323" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4316 "\\.\pipe\gecko-crash-server-pipe.4316" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe" --proxy-stub-channel=Flash7068.64D465C0.19060 --host-broker-channel=Flash7068.64D465C0.23161 --host-pid=7068 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe" --channel=6424.001DF1C4.389005175 --proxy-stub-channel=Flash7068.64D465C0.19060 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll" --host-npapi-version=28 --type=renderer
"C:\Program Files\Serviio\bin\ServiioService.exe"
"C:\Program Files\Serviio\bin\ServiioService.exe" Serviio __i4j_restart
"C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7732.0.1304415320\22180238" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44,53 --gpu-vendor-id=0x10de --gpu-device-id=0x1087 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.5286 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.1.2000736477\768223601" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.2.1669484407\1234303904" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.3.1776779750\818605970" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.5.1490785537\981594905" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.6.781715669\1210751036" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.7.88270069\174786164" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.9.336791327\1719751925" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.10.784676022\303014433" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.12.858122554\1244821054" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.13.38030217\522112069" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.14.523893761\711187367" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.15.776714460\1674266443" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.16.1090096675\1284482459" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.17.519544695\204320650" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.18.133031290\786059892" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.20.104337461\2100328263" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.21.2047698269\166761741" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.22.2036509598\221549402" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.23.1259683104\1620698343" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.24.1193942574\756494148" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.49.787299053\310803537" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Program Files (x86)\Clover\clover.exe"
"E:\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-lcd-text --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutoReloadExperiment/FlagEnabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_59/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-password-save-in-page-navigation --enable-single-click-autofill --enable-experimental-extension-apis --enable-out-of-process-pdf --device-scale-factor=1 --font-cache-shared-mem-suffix=7732 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7732.56.1190695054\713733298" /prefetch:673131151

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-947469074-1548505890-1440728058-1000Core.job - C:\Users\Addic7ed\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-947469074-1548505890-1440728058-1000UA.job - C:\Users\Addic7ed\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Addic7ed\AppData\Roaming\Mozilla\Firefox\Profiles\gg2633yt.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\Addic7ed\AppData\Roaming\Mozilla\Firefox\Profiles\gg2633yt.default\extensions\
ImagePicker@topolog.org
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-26 219296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}]
VIPRE Search Guard Helper - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-26 886488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-26 2334936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8A6CAA2-533D-4AED-9E05-8EB19A4021AB}]
ExplorerWatcher Class - C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23 201216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-26 153760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-26 710872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-26 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A924C17A-5E94-4E02-BED5-49720BA6F7FA} -

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{A924C17A-5E94-4E02-BED5-49720BA6F7FA} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-05 2741576]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-05-05 1570672]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2014-10-14 12697368]
"Remote Control Server"=C:\Users\Addic7ed\AppData\Roaming\Remote Control Server\Remote Control Server.exe [2015-03-17 5168128]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-04-07 169768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"uTorrent"=C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe [2014-04-14 398760]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785280]
"Pidgin"=C:\Program Files (x86)\Pidgin\pidgin.exe [2014-11-23 60176]
"WiFi Guard"=C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe [2014-11-10 3897040]
"appnhost"=C:\Users\Addic7ed\AppData\Local\Mixesoft\AppNHost\appnhost.exe [2014-08-08 453176]
"f.lux"=C:\Users\Addic7ed\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"DU Meter"=C:\Program Files (x86)\DU Meter\DUMeter.exe [2014-11-02 4245176]
"Dropbox Update"=C:\Users\Addic7ed\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15 134512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clock Widget (HTC Home)]
C:\Program Files (x86)\HTC Home 3\Clock.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DU Meter]
C:\Program Files (x86)\DU Meter\DUMeter.exe [2014-11-02 4245176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyLanViewer]
C:\Program Files (x86)\MyLanViewer\MyLanViewer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Twonky Server.lnk]
C:\PROGRA~2\Twonky\TWONKY~1\TWONKY~3.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Addic7ed^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe [2015-06-10 43871584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Addic7ed^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
C:\PROGRA~2\Xfire\Xfire.exe [2013-03-21 3560832]

C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CBC.exe
Dropbox.lnk - C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe
MEGAsync.lnk - C:\Users\Addic7ed\AppData\Local\MEGAsync\MEGAsync.exe
Rozvrh.bat
Serviio.lnk - C:\Program Files\Serviio\bin\ServiioConsole.exe
Wunderlist.lnk - C:\Users\Addic7ed\AppData\Local\Wunderlist\Wunderlist.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

Re: Preventivní kontrola :)

Napsal: 13 čer 2015 08:30
od Márty84
======List of files/folders created in the last 1 month======

2015-06-13 03:23:43 ----D---- C:\rsit
2015-06-13 03:23:43 ----D---- C:\Program Files\trend micro
2015-06-10 19:29:48 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 19:29:48 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 19:29:48 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 19:29:48 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 19:29:48 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 19:29:48 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 19:29:48 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 19:29:48 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 19:29:48 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 19:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 19:29:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\smss.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\relog.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\logman.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 19:29:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 19:29:47 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 19:29:47 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 19:29:47 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 19:29:43 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 19:29:43 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 19:29:43 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 19:29:43 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 19:29:43 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 19:29:43 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 19:29:43 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 19:29:43 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 19:29:07 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-06-10 19:29:07 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-06-10 19:29:07 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-06-10 19:29:07 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-06-10 19:29:07 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wuwebv.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wups2.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wups.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wudriver.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wucltux.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wuaueng.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wuauclt.exe
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wuapp.exe
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wuapi.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-06-10 19:29:07 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-06-10 15:20:46 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 15:20:46 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 15:20:45 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 15:20:45 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 15:20:45 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 15:20:45 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 15:20:45 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 15:20:45 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 15:20:44 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 15:20:44 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 15:20:43 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 15:20:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 15:20:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:20:36 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 15:20:36 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:20:36 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:20:36 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 15:20:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 15:20:35 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 15:20:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:20:35 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 15:20:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:20:35 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 15:20:35 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 15:20:34 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 15:20:34 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 15:20:34 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 15:20:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 15:20:33 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 15:20:33 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 15:20:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 15:20:33 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 15:20:33 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 15:20:33 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 15:20:33 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 15:20:33 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 15:20:33 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 15:20:32 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 15:20:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:20:32 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 15:20:32 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 15:20:32 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 15:20:32 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 15:20:31 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 15:20:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:20:31 ----A---- C:\Windows\system32\mshtml.dll
2015-06-03 14:01:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-26 14:19:21 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2015-05-26 14:19:14 ----D---- C:\ProgramData\Microsoft OneDrive
2015-05-26 13:51:52 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-05-26 13:51:52 ----D---- C:\Program Files (x86)\Microsoft Office
2015-05-26 13:46:08 ----D---- C:\Program Files\Microsoft Office 15
2015-05-26 00:56:50 ----D---- C:\Program Files\Recuva
2015-05-22 15:34:02 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-05-22 15:33:41 ----A---- C:\Windows\system32\drivers\stream.sys
2015-05-21 23:11:29 ----D---- C:\Users\Addic7ed\AppData\Roaming\ec249d2d-e85b-4179-b373-a2f22546f686
2015-05-21 23:11:28 ----D---- C:\Users\Addic7ed\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
2015-05-21 23:07:41 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-21 23:07:41 ----D---- C:\Program Files\iPod
2015-05-21 23:07:40 ----D---- C:\Program Files\iTunes
2015-05-21 23:06:36 ----D---- C:\Windows\Patches
2015-05-21 22:57:02 ----A---- C:\Windows\system32\SBRC.dat
2015-05-21 22:53:51 ----D---- C:\ProgramData\GFI
2015-05-21 22:53:41 ----D---- C:\ProgramData\Downloaded Installations
2015-05-21 12:39:33 ----D---- C:\Program Files (x86)\Clover
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-05-21 11:49:57 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvopencl.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvoglv64.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvinitx.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\NvIFR64.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvhdap64.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\NvFBC64.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvdispgenco6435286.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvdispco6435286.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvcuvid.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvcuda.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\nvcompiler.dll
2015-05-21 11:49:57 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-05-21 11:49:57 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-05-21 01:17:16 ----D---- C:\Users\Addic7ed\AppData\Roaming\dvdcss
2015-05-15 09:57:27 ----D---- C:\ProgramData\Dropbox

======List of files/folders modified in the last 1 month======

2015-06-13 03:26:37 ----D---- C:\Windows\Temp
2015-06-13 03:26:30 ----D---- C:\Users\Addic7ed\AppData\Roaming\uTorrent
2015-06-13 03:25:21 ----D---- C:\Users\Addic7ed\AppData\Roaming\.purple
2015-06-13 03:23:43 ----RD---- C:\Program Files
2015-06-13 03:20:45 ----D---- C:\Users\Addic7ed\AppData\Roaming\Skype
2015-06-13 03:20:14 ----D---- C:\Users\Addic7ed\AppData\Roaming\Dropbox
2015-06-12 17:03:12 ----D---- C:\Users\Addic7ed\AppData\Roaming\AIMP3
2015-06-12 14:58:49 ----D---- C:\Windows\rescache
2015-06-12 10:02:02 ----SD---- C:\Users\Addic7ed\AppData\Roaming\Microsoft
2015-06-12 09:53:21 ----D---- C:\Windows\system32\config
2015-06-11 19:20:44 ----D---- C:\Windows\SysWOW64
2015-06-11 19:20:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-06-11 18:23:15 ----D---- C:\Users\Addic7ed\AppData\Roaming\Xfire
2015-06-11 12:35:29 ----D---- C:\Users\Addic7ed\AppData\Roaming\vlc
2015-06-11 11:55:46 ----D---- C:\Windows\System32
2015-06-11 11:55:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-11 11:49:47 ----D---- C:\Windows\winsxs
2015-06-11 02:10:31 ----SD---- C:\Windows\system32\CompatTel
2015-06-11 02:10:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 02:10:31 ----D---- C:\Windows\system32\appraiser
2015-06-11 02:10:31 ----D---- C:\Windows\AppPatch
2015-06-11 02:10:31 ----D---- C:\Program Files\Windows Media Player
2015-06-11 02:10:31 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 02:10:30 ----D---- C:\Windows\system32\drivers
2015-06-11 02:10:30 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 02:10:30 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 02:10:29 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 02:10:29 ----D---- C:\Windows\system32\en-US
2015-06-11 02:10:29 ----D---- C:\Program Files\Internet Explorer
2015-06-11 02:10:29 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-10 19:36:16 ----D---- C:\Windows\system32\MRT
2015-06-10 19:30:41 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 19:30:02 ----SHD---- C:\System Volume Information
2015-06-10 19:29:28 ----D---- C:\Windows\system32\catroot2
2015-06-09 18:07:47 ----D---- C:\Windows\system32\NDF
2015-06-09 09:23:39 ----D---- C:\Program Files (x86)\TeamViewer
2015-06-07 16:05:46 ----D---- C:\Program Files (x86)\Steam
2015-06-05 15:46:39 ----SHD---- C:\Windows\Installer
2015-06-05 15:46:39 ----D---- C:\ProgramData\Skype
2015-06-05 15:46:39 ----D---- C:\Config.Msi
2015-06-05 14:23:24 ----D---- C:\Users\Addic7ed\AppData\Roaming\BSplayer
2015-06-05 13:53:29 ----D---- C:\Windows\system32\Tasks
2015-06-04 11:36:09 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-04 03:02:36 ----RD---- C:\Program Files (x86)
2015-06-04 00:58:51 ----D---- C:\Users\Addic7ed\AppData\Roaming\BitTorrent Sync
2015-06-04 00:05:37 ----D---- C:\Program Files (x86)\AIMP3
2015-05-27 13:07:09 ----RSD---- C:\Windows\Fonts
2015-05-27 00:01:26 ----D---- C:\Windows\Microsoft.NET
2015-05-27 00:01:22 ----RSD---- C:\Windows\assembly
2015-05-26 17:57:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-05-26 14:19:14 ----D---- C:\ProgramData
2015-05-26 13:59:48 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-05-26 13:59:48 ----D---- C:\Program Files (x86)\Common Files
2015-05-26 13:59:40 ----D---- C:\Windows\system32\DriverStore
2015-05-26 13:59:40 ----D---- C:\Windows\inf
2015-05-26 13:55:19 ----SD---- C:\ProgramData\Microsoft
2015-05-26 13:42:23 ----D---- C:\ProgramData\Microsoft Help
2015-05-26 13:42:20 ----D---- C:\Windows
2015-05-22 15:33:56 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-22 15:33:56 ----SD---- C:\Windows\system32\GWX
2015-05-22 10:23:07 ----D---- C:\Program Files\WinRAR
2015-05-22 00:39:48 ----D---- C:\Program Files (x86)\MyLanViewer
2015-05-21 23:07:41 ----D---- C:\Program Files\Common Files\Apple
2015-05-21 23:07:41 ----D---- C:\Program Files (x86)\iTunes
2015-05-21 23:07:19 ----RD---- C:\Users
2015-05-21 23:06:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-21 11:51:19 ----D---- C:\ProgramData\NVIDIA
2015-05-21 11:50:34 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-16 11:34:46 ----D---- C:\Windows\Tasks
2015-05-14 11:58:24 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-14 11:58:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 01:35:26 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-14 01:35:09 ----D---- C:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2013-11-21 115448]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 32544]
R2 uxpatch;uxpatch; \??\C:\Windows\system32\drivers\uxpatch.sys [2009-07-13 30568]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2010-11-15 121832]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2010-11-15 364520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-06-13 136408]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-05-13 195912]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-05 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2005-04-12 15872]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2005-04-12 61824]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2014-04-09 31920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [2014-09-30 20744]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20); C:\Windows\system32\DRIVERS\RtTeam620.sys [2012-07-03 58512]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2012-09-01 32400]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Sony sa0103 ADB Interface; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2005-04-12 29568]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2005-04-12 8576]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001); C:\Windows\system32\drivers\WPRO_41_2001.sys [2015-01-18 35344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcuWVSSchedulerv9;Acunetix WVS Scheduler v9; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe [2014-06-02 1615392]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-04-07 2736824]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DUMeterSvc;DU Meter Service; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2014-11-02 2385080]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-05 1152840]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-05 1884488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-05 23001928]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-12 937288]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-12-29 76888]
R2 Serviio;Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [2015-03-21 327680]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-06-01 5495056]
R2 UnsignedThemes;Unsigned Themes; C:\Windows\UnsignedThemesSvc.exe [2009-07-13 24168]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-04-07 643880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 FileZillaServer;FileZillaServer; G:\software\xampp\filezillaftp\filezillaserver.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-02 107912]
S2 chromoting;Služba Vzdálené plochy Chrome; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [2015-03-08 56648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-21 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-02 107912]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-03 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-04-28 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-04-28 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-24 836288]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Re: Preventivní kontrola :)

Napsal: 13 čer 2015 08:32
od Márty84
Log jsem si dal tady, lepe se s tim pak pracuje.


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Preventivní kontrola :)

Napsal: 19 čer 2015 14:56
od spinE
# AdwCleaner v4.206 - Log vytvořen 13/06/2015 v 19:56:05
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-09.1 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : Addic7ed - ADDIC7ED-PC
# Spuštěno z : D:\Pictures\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Conduit

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 cs)


-\\ Google Chrome v43.0.2357.124


*************************

AdwCleaner[R0].txt - [1276 bytů] - [29/04/2015 12:10:06]
AdwCleaner[R1].txt - [1334 bytů] - [29/04/2015 12:13:09]
AdwCleaner[R2].txt - [1051 bytů] - [13/06/2015 19:53:29]
AdwCleaner[S0].txt - [1294 bytů] - [29/04/2015 18:44:37]
AdwCleaner[S1].txt - [932 bytů] - [13/06/2015 19:56:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [989 bytů] ##########

bohuzel, OTL i podruhe vyhodil 'Cannot create file E:\\cmd.bat'

Re: Preventivní kontrola :)

Napsal: 19 čer 2015 18:20
od Márty84
Obcas se to stane, ze OTL tuhle chybku vyhodi :roll:

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Re: Preventivní kontrola :)

Napsal: 19 čer 2015 18:35
od spinE
OTL logfile created on: 19.6.2015 19:22:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 3,22 Gb Available Physical Memory | 40,32% Memory free
15,96 Gb Paging File | 9,38 Gb Available in Paging File | 58,78% Paging File free
Paging file location(s): e:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,61 Gb Total Space | 33,60 Gb Free Space | 33,39% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 7,50 Gb Free Space | 0,81% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 81,73 Gb Free Space | 27,42% Space Free | Partition Type: NTFS
Drive H: | 7,27 Gb Total Space | 3,50 Gb Free Space | 48,11% Space Free | Partition Type: NTFS

Computer Name: ADDIC7ED-PC | User Name: Addic7ed | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.06.13 20:03:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2015.06.04 00:05:36 | 001,441,352 | ---- | M] (AIMP DevTeam) -- C:\Program Files (x86)\AIMP3\AIMP3.exe
PRC - [2015.06.03 14:01:32 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015.06.01 13:12:22 | 005,495,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2015.05.05 23:40:25 | 002,741,576 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.05.05 23:40:14 | 001,884,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015.03.21 10:54:52 | 000,368,640 | ---- | M] () -- C:\Program Files\Serviio\bin\ServiioConsole.exe
PRC - [2015.03.21 10:54:50 | 000,327,680 | ---- | M] () -- C:\Program Files\Serviio\bin\ServiioService.exe
PRC - [2015.02.28 02:22:18 | 004,019,144 | ---- | M] (Mega Limited) -- C:\Users\Addic7ed\AppData\Local\MEGAsync\MEGAsync.exe
PRC - [2014.12.29 02:23:17 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014.11.02 15:10:48 | 002,385,080 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
PRC - [2014.11.02 14:51:58 | 004,245,176 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
PRC - [2014.08.08 18:20:22 | 000,453,176 | ---- | M] (Mixesoft Project) -- C:\Users\Addic7ed\AppData\Local\Mixesoft\AppNHost\appnhost.exe
PRC - [2014.06.02 11:57:40 | 001,615,392 | ---- | M] () -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe
PRC - [2014.04.14 00:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe
PRC - [2013.10.24 00:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Addic7ed\AppData\Local\FluxSoftware\Flux\flux.exe


========== Modules (No Company Name) ==========

MOD - [2015.06.04 00:05:36 | 001,733,120 | ---- | M] () -- C:\Program Files (x86)\AIMP3\System\Encoders\aimp_libvorbis.dll
MOD - [2015.06.04 00:05:36 | 000,467,968 | ---- | M] () -- C:\Program Files (x86)\AIMP3\System\Encoders\libFLAC.dll
MOD - [2015.06.04 00:05:36 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\OptimFROG\OptimFROG.dll
MOD - [2015.06.04 00:05:36 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\AIMP3\System\libsoxr.dll
MOD - [2015.06.04 00:05:36 | 000,160,840 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\aimp_cdda\aimp_cdda.dll
MOD - [2015.06.04 00:05:36 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\aimp_sacd\libsacd.dll
MOD - [2015.06.04 00:05:36 | 000,152,648 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll
MOD - [2015.06.04 00:05:36 | 000,059,976 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll
MOD - [2015.06.04 00:05:36 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Aorta\Aorta.dll
MOD - [2015.05.05 23:40:25 | 000,012,104 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015.03.21 10:54:52 | 000,368,640 | ---- | M] () -- C:\Program Files\Serviio\bin\ServiioConsole.exe
MOD - [2014.09.30 13:12:38 | 000,846,520 | ---- | M] () -- C:\Program Files (x86)\DU Meter\libeay32.dll
MOD - [2014.09.30 13:12:38 | 000,166,584 | ---- | M] () -- C:\Program Files (x86)\DU Meter\ssleay32.dll


========== Services (SafeList) ==========

SRV:64bit: - [2015.05.25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.05.22 20:47:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.05.05 23:40:13 | 001,152,840 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015.05.05 23:40:09 | 023,001,928 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2015.04.07 07:33:56 | 002,736,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015.03.21 10:54:50 | 000,327,680 | ---- | M] () [Auto | Running] -- C:\Program Files\Serviio\bin\ServiioService.exe -- (Serviio)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.06.03 14:01:32 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.06.01 13:12:22 | 005,495,056 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2015.05.21 23:06:40 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.05.05 23:40:14 | 001,884,488 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015.04.14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015.04.14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2015.03.24 06:22:24 | 000,836,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015.03.08 20:36:40 | 000,056,648 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe -- (chromoting)
SRV - [2015.02.18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.12.29 02:23:17 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.11.02 15:10:48 | 002,385,080 | ---- | M] (Hagel Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe -- (DUMeterSvc)
SRV - [2014.06.02 11:57:40 | 001,615,392 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe -- (AcuWVSSchedulerv9)
SRV - [2014.04.12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.03.01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009.07.13 02:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015.05.13 08:52:35 | 000,195,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2015.05.05 23:40:08 | 000,019,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015.04.14 09:37:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015.04.14 09:37:46 | 000,107,736 | ---- | M] (Malwarebytes Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2015.04.14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015.01.18 17:58:49 | 000,035,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2014.11.22 12:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.08.15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014.04.09 21:05:52 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.05.30 17:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013.03.01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2012.10.03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.09.01 01:00:02 | 000,032,400 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.07.03 14:32:00 | 000,058,512 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam620.sys -- (RTTEAMPT)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.15 15:11:20 | 000,032,544 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.15 19:05:02 | 000,364,520 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2010.11.15 19:05:00 | 000,121,832 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.12.30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.11.24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.13 02:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.07.26 16:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008.07.26 16:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV:64bit: - [2005.04.12 20:21:54 | 000,061,824 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2005.04.12 20:21:54 | 000,008,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2005.04.12 20:21:52 | 000,029,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2005.04.12 20:21:52 | 000,015,872 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2014.09.30 13:12:36 | 000,020,744 | ---- | M] (Hagel Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\DU Meter\DUMetr64.sys -- (DUMeterDrv)
DRV - [2013.11.21 11:22:10 | 000,115,448 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-947469074-1548505890-1440728058-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://servis24.cz/
IE - HKU\S-1-5-21-947469074-1548505890-1440728058-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-947469074-1548505890-1440728058-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-947469074-1548505890-1440728058-1000\..\SearchScopes\{CF80BDFB-8DAB-41A4-A041-45659107C8BE}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-947469074-1548505890-1440728058-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.3.3
FF - prefs.js..extensions.enabledAddons: ImagePicker%40topolog.org:1.9.3.1-signed
FF - prefs.js..extensions.enabledAddons: %7B77d2ed30-4cd2-11e0-b8af-0800200c9a66%7D:12.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@client.dropbox.com/Dropbox Update;version=3: C:\Users\Addic7ed\AppData\Local\Dropbox\Update\1.3.27.15\npDropboxUpdate3.dll (Dropbox, Inc.)
FF - HKCU\Software\MozillaPlugins\@client.dropbox.com/Dropbox Update;version=9: C:\Users\Addic7ed\AppData\Local\Dropbox\Update\1.3.27.15\npDropboxUpdate3.dll (Dropbox, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015.05.10 16:23:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Addic7ed\AppData\Roaming\Mozilla\Extensions
[2015.06.10 20:49:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Addic7ed\AppData\Roaming\Mozilla\Firefox\Profiles\gg2633yt.default\extensions
[2015.04.15 22:29:08 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Addic7ed\AppData\Roaming\Mozilla\Firefox\Profiles\gg2633yt.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2015.06.10 20:49:54 | 000,000,000 | ---D | M] (Image Picker) -- C:\Users\Addic7ed\AppData\Roaming\Mozilla\Firefox\Profiles\gg2633yt.default\extensions\ImagePicker@topolog.org
[2015.06.10 12:38:56 | 000,525,882 | ---- | M] () (No name found) -- C:\Users\Addic7ed\AppData\Roaming\Mozilla\Firefox\Profiles\gg2633yt.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
[2015.05.29 13:30:27 | 000,946,636 | ---- | M] () (No name found) -- C:\Users\Addic7ed\AppData\Roaming\Mozilla\Firefox\Profiles\gg2633yt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.06.03 14:01:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.06.03 14:01:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.8.8.4_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.14_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod\1.0.242_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok\0.15.6.3_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl\0.0.15_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc\3.8.0_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2015.5.28_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.5_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.4_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd\188_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall\1.7_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk\0.7.9_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbcplmecaaoedbjigmilkoigenoanakc\4.5_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgamelhnfokapndfdodnmfiningckjia\2.4_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn\1.6.5_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl\13.0.0.3_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\5.7_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof\1.17_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\19.0.5_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.8.3_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Addic7ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbjfipaakomfehpfbojmhnfobdfejgk\1.0_0\

O1 HOSTS File: ([2015.03.14 02:52:42 | 000,000,835 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (VIPRE Search Guard Helper) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll File not found
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ExplorerWatcher Class) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Remote Control Server] C:\Users\Addic7ed\AppData\Roaming\Remote Control Server\Remote Control Server.exe (Steppschuh)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000..\Run: [appnhost] C:\Users\Addic7ed\AppData\Local\Mixesoft\AppNHost\appnhost.exe (Mixesoft Project)
O4 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000..\Run: [Dropbox Update] C:\Users\Addic7ed\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000..\Run: [f.lux] C:\Users\Addic7ed\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000..\Run: [Pidgin] C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community)
O4 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000..\Run: [uTorrent] C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000..\Run: [WiFi Guard] C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe (SoftPerfect Research)
O4 - Startup: C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CBC.exe ()
O4 - Startup: C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk = C:\Users\Addic7ed\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
O4 - Startup: C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rozvrh.bat ()
O4 - Startup: C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe ()
O4 - Startup: C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wunderlist.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-947469074-1548505890-1440728058-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.37 213.46.172.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{272E129D-6B87-4BEC-8058-9F06700C8832}: DhcpNameServer = 213.46.172.37 213.46.172.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{272E129D-6B87-4BEC-8058-9F06700C8832}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.14 14:25:34 | 000,000,043 | ---- | M] () - H:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.06.13 03:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.06.13 03:23:43 | 000,000,000 | ---D | C] -- C:\rsit
[2015.06.11 11:52:51 | 000,000,000 | ---D | C] -- C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2015.06.10 19:29:48 | 003,989,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.06.10 19:29:48 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.06.10 19:29:48 | 001,255,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagtrack.dll
[2015.06.10 19:29:48 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015.06.10 19:29:48 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2015.06.10 19:29:48 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015.06.10 19:29:47 | 005,569,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.06.10 19:29:47 | 003,934,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.06.10 19:29:47 | 001,728,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015.06.10 19:29:47 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2015.06.10 19:29:47 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.06.10 19:29:47 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.06.10 19:29:47 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2015.06.10 19:29:47 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.06.10 19:29:47 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tracerpt.exe
[2015.06.10 19:29:47 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tracerpt.exe
[2015.06.10 19:29:47 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015.06.10 19:29:47 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015.06.10 19:29:47 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.06.10 19:29:47 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.06.10 19:29:47 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015.06.10 19:29:47 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015.06.10 19:29:47 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.06.10 19:29:47 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.06.10 19:29:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.06.10 19:29:47 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sechost.dll
[2015.06.10 19:29:47 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.06.10 19:29:47 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2015.06.10 19:29:47 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2015.06.10 19:29:47 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.06.10 19:29:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.06.10 19:29:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.06.10 19:29:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.06.10 19:29:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.06.10 19:29:47 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\typeperf.exe
[2015.06.10 19:29:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.06.10 19:29:47 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2015.06.10 19:29:47 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\typeperf.exe
[2015.06.10 19:29:47 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2015.06.10 19:29:47 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UtcResources.dll
[2015.06.10 19:29:47 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.06.10 19:29:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.06.10 19:29:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015.06.10 19:29:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskperf.exe
[2015.06.10 19:29:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskperf.exe
[2015.06.10 19:29:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015.06.10 19:29:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015.06.10 19:29:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015.06.10 19:29:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015.06.10 19:29:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.06.10 19:29:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.06.10 19:29:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.06.10 19:29:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.06.10 19:29:47 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.06.10 19:29:47 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.06.10 19:29:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015.06.10 19:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.06.10 19:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.06.10 19:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.06.10 19:29:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015.06.10 19:29:43 | 001,119,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.06.10 19:29:43 | 001,021,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.06.10 19:29:43 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.06.10 19:29:43 | 000,700,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.06.10 19:29:43 | 000,423,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.06.10 19:29:43 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.06.10 19:29:43 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.06.10 19:29:43 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.06.10 19:29:07 | 003,147,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.06.10 19:29:07 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.06.10 19:29:07 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.06.10 19:29:07 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.06.10 19:29:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.06.10 19:29:07 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.06.10 19:29:07 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.06.10 19:29:07 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.06.10 19:29:07 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.06.10 19:29:07 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.06.10 19:29:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.06.10 19:29:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.06.10 19:29:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.06.10 19:29:07 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.06.10 19:29:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.06.10 15:20:46 | 014,635,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2015.06.10 15:20:46 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2015.06.10 15:20:45 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2015.06.10 15:20:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2015.06.10 15:20:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2015.06.10 15:20:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2015.06.10 15:20:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2015.06.10 15:20:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2015.06.10 15:20:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2015.06.10 15:20:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2015.06.10 15:20:44 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2015.06.10 15:20:36 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.06.10 15:20:36 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.06.10 15:20:36 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.06.10 15:20:36 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.06.10 15:20:36 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.06.10 15:20:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.06.10 15:20:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.06.10 15:20:36 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.06.10 15:20:36 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.06.10 15:20:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.06.10 15:20:35 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.06.10 15:20:35 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.06.10 15:20:35 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.06.10 15:20:35 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.06.10 15:20:35 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.06.10 15:20:35 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.06.10 15:20:35 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.06.10 15:20:35 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.06.10 15:20:35 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.06.10 15:20:35 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.06.10 15:20:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.06.10 15:20:34 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.06.10 15:20:34 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.06.10 15:20:34 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.06.10 15:20:33 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.06.10 15:20:33 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.06.10 15:20:33 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.06.10 15:20:33 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.06.10 15:20:33 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.06.10 15:20:33 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.06.10 15:20:33 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.06.10 15:20:32 | 006,026,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.06.10 15:20:32 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.06.10 15:20:32 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.06.10 15:20:32 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.06.10 15:20:32 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.06.10 15:20:31 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.06.10 15:20:31 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.06.10 15:20:31 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.06.03 14:01:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.06.01 13:03:40 | 000,000,000 | ---D | C] -- C:\Users\Addic7ed\AppData\Local\GWX
[2015.05.26 14:19:21 | 000,000,000 | R--D | C] -- C:\Users\Addic7ed\OneDrive
[2015.05.26 14:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2015.05.26 14:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2015.05.26 13:59:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2015.05.26 13:51:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2015.05.26 13:51:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2015.05.26 13:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2015.05.26 13:46:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2015.05.26 00:56:51 | 000,000,000 | ---D | C] -- C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuva
[2015.05.26 00:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2015.05.22 15:34:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2015.05.22 15:33:41 | 000,069,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
[2015.05.21 23:11:29 | 000,000,000 | ---D | C] -- C:\Users\Addic7ed\AppData\Roaming\ec249d2d-e85b-4179-b373-a2f22546f686
[2015.05.21 23:11:28 | 000,000,000 | ---D | C] -- C:\Users\Addic7ed\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
[2015.05.21 23:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2015.05.21 23:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015.05.21 23:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015.05.21 23:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015.05.21 23:07:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015.05.21 23:06:36 | 000,000,000 | ---D | C] -- C:\Windows\Patches
[2015.05.21 22:57:29 | 000,000,000 | ---D | C] -- C:\Users\Addic7ed\AppData\Local\IsolatedStorage
[2015.05.21 22:53:51 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI
[2015.05.21 22:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2015.05.21 12:39:34 | 000,000,000 | ---D | C] -- C:\Users\Addic7ed\AppData\Local\Clover
[2015.05.21 12:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clover
[2015.05.21 12:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Clover
[2015.05.21 11:49:57 | 030,478,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.05.21 11:49:57 | 022,945,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.05.21 11:49:57 | 016,145,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.05.21 11:49:57 | 014,455,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.05.21 11:49:57 | 013,263,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.05.21 11:49:57 | 011,790,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.05.21 11:49:57 | 002,971,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2015.05.21 11:49:57 | 002,932,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.05.21 11:49:57 | 002,599,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015.05.21 11:49:57 | 001,898,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6435286.dll
[2015.05.21 11:49:57 | 001,557,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6435286.dll
[2015.05.21 11:49:57 | 001,099,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.05.21 11:49:57 | 001,059,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.05.21 11:49:57 | 001,050,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.05.21 11:49:57 | 000,982,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.05.21 11:49:57 | 000,974,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.05.21 11:49:57 | 000,939,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.05.21 11:49:57 | 000,195,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015.05.21 11:49:57 | 000,176,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.05.21 11:49:57 | 000,154,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.05.21 11:49:57 | 000,150,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.05.21 11:49:57 | 000,128,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.05.21 11:49:57 | 000,031,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015.05.21 01:17:16 | 000,000,000 | ---D | C] -- C:\Users\Addic7ed\AppData\Roaming\dvdcss

========== Files - Modified Within 30 Days ==========

[2015.06.19 19:24:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.06.19 19:02:57 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-947469074-1548505890-1440728058-1000UA.job
[2015.06.19 18:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.06.19 18:39:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.06.19 11:40:37 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.06.19 11:40:37 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.06.19 11:39:01 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.06.19 11:31:37 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.06.19 11:25:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.06.18 13:00:17 | 003,697,066 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.06.18 13:00:17 | 001,695,994 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.06.18 13:00:17 | 001,165,136 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.06.18 13:00:17 | 001,116,826 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.06.18 13:00:17 | 000,006,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.06.13 10:02:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-947469074-1548505890-1440728058-1000Core.job
[2015.06.11 19:20:40 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2015.06.11 19:20:40 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015.06.11 11:53:30 | 000,001,121 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015.06.11 11:49:40 | 000,457,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.06.10 19:31:57 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2015.05.29 16:15:16 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2015.05.29 16:15:16 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2015.05.25 20:24:00 | 005,569,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.05.25 20:21:21 | 001,728,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015.05.25 20:19:27 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015.05.25 20:19:27 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015.05.25 20:19:27 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015.05.25 20:19:26 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015.05.25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\diagtrack.dll
[2015.05.25 20:19:10 | 000,879,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2015.05.25 20:19:10 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.05.25 20:19:10 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.05.25 20:19:09 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.05.25 20:19:09 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sechost.dll
[2015.05.25 20:19:09 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.05.25 20:19:09 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.05.25 20:19:04 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.05.25 20:19:04 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015.05.25 20:19:02 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.05.25 20:19:02 | 001,162,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015.05.25 20:19:02 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015.05.25 20:18:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.05.25 20:18:54 | 000,879,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2015.05.25 20:18:45 | 000,404,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tracerpt.exe
[2015.05.25 20:18:45 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\typeperf.exe
[2015.05.25 20:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.05.25 20:18:32 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.05.25 20:18:30 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2015.05.25 20:18:19 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2015.05.25 20:18:11 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\diskperf.exe
[2015.05.25 20:18:08 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015.05.25 20:18:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.05.25 20:14:26 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.05.25 20:14:04 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.05.25 20:11:40 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.05.25 20:11:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.05.25 20:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.05.25 20:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.05.25 20:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.05.25 20:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.05.25 20:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.05.25 20:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.05.25 20:11:39 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.05.25 20:11:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.05.25 20:11:38 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.05.25 20:07:34 | 003,989,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.05.25 20:07:34 | 003,934,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.05.25 20:01:42 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2015.05.25 20:01:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015.05.25 20:00:44 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\typeperf.exe
[2015.05.25 20:00:40 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tracerpt.exe
[2015.05.25 20:00:28 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015.05.25 20:00:25 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2015.05.25 20:00:17 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2015.05.25 20:00:09 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\diskperf.exe
[2015.05.25 20:00:04 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.05.25 19:59:52 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015.05.25 19:57:31 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.05.25 19:57:15 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.05.25 19:55:18 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.05.25 19:55:18 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.05.25 19:55:18 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.05.25 19:55:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.05.25 19:55:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.05.25 19:55:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.05.25 19:55:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.05.25 19:55:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.05.25 19:55:17 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.05.25 19:00:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UtcResources.dll
[2015.05.25 18:50:38 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015.05.25 18:50:36 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015.05.25 18:48:25 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.05.25 18:48:25 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.05.25 18:48:25 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.05.25 18:48:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.05.23 05:15:40 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.05.23 05:15:02 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.05.23 05:14:51 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.05.23 05:13:48 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.05.23 05:08:33 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.05.23 05:06:27 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.05.23 05:05:21 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.05.23 05:05:06 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.05.23 05:04:50 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.05.23 04:52:43 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.05.23 04:49:54 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.05.23 04:48:21 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.05.23 04:37:45 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.05.23 04:37:25 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.05.23 04:14:55 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.05.22 21:16:44 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.05.22 21:01:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.05.22 21:00:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.05.22 21:00:47 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.05.22 21:00:25 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.05.22 20:59:27 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.05.22 20:52:27 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.05.22 20:52:21 | 006,026,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.05.22 20:48:50 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.05.22 20:47:49 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.05.22 20:47:34 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.05.22 20:47:12 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.05.22 20:47:03 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.05.22 20:40:17 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.05.22 20:36:15 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.05.22 20:29:31 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.05.22 20:25:02 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.05.22 20:24:10 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.05.22 20:21:18 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.05.22 20:18:41 | 000,700,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.05.22 20:18:29 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.05.22 20:18:24 | 000,423,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.05.22 20:18:22 | 001,021,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.05.22 20:18:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.05.22 20:18:21 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.05.22 20:13:03 | 001,119,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.05.22 20:07:35 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.05.22 20:06:53 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.05.22 20:05:28 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.05.22 20:05:06 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.05.22 19:26:39 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.05.22 00:59:15 | 000,001,190 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2015.05.22 00:59:13 | 000,000,438 | ---- | M] () -- C:\Windows\SysWow64\WSCConfig.xml
[2015.05.21 23:06:40 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.05.21 23:06:40 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.05.21 22:57:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SBRC.dat
[2015.05.21 15:19:52 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll

Re: Preventivní kontrola :)

Napsal: 19 čer 2015 18:35
od spinE
========== Files Created - No Company Name ==========

[2015.06.13 20:07:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.05.26 14:19:21 | 000,002,166 | ---- | C] () -- C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2015.05.22 00:59:15 | 000,001,190 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2015.05.22 00:59:13 | 000,000,438 | ---- | C] () -- C:\Windows\SysWow64\WSCConfig.xml
[2015.05.21 22:57:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SBRC.dat
[2015.05.21 11:49:57 | 042,718,864 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2015.05.21 11:49:57 | 037,741,712 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2015.04.07 02:13:40 | 000,003,584 | ---- | C] () -- C:\Users\Addic7ed\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015.03.28 19:58:45 | 000,000,046 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_urlsnooper_InstallInfo.dat
[2015.03.15 22:35:17 | 000,000,232 | ---- | C] () -- C:\Windows\SysWow64\dllhost.exe.config
[2015.03.15 01:57:18 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv7
[2015.02.24 04:36:37 | 000,000,218 | ---- | C] () -- C:\Users\Addic7ed\.recently-used.xbel
[2015.02.06 22:20:31 | 002,083,840 | ---- | C] () -- C:\Windows\SysWow64\BoL Studio.exe
[2015.02.06 22:20:30 | 005,521,408 | ---- | C] () -- C:\Windows\SysWow64\bengine.dll
[2015.02.05 00:29:05 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI
[2015.02.03 21:22:39 | 000,000,096 | ---- | C] () -- C:\Users\Addic7ed\AppData\Roaming\version2.xml
[2015.01.22 23:03:11 | 000,000,068 | ---- | C] () -- C:\Windows\my.ini
[2015.01.04 04:42:16 | 000,000,863 | ---- | C] () -- C:\Users\Addic7ed\AppData\Local\recently-used.xbel
[2014.12.29 02:11:57 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014.11.30 15:52:08 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2014.11.17 00:45:55 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.11.17 00:45:55 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.11.17 00:45:55 | 000,000,290 | ---- | C] () -- C:\Windows\game.ini
[2014.10.29 20:18:27 | 000,000,038 | -HS- | C] () -- C:\Users\Addic7ed\AppData\Local\69ff07055291669bb2b218.72821112
[2014.10.25 01:18:33 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.10.25 01:18:33 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.10.25 01:18:33 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.10.25 01:18:33 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.10.25 01:18:33 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.10.24 23:11:17 | 000,000,058 | ---- | C] () -- C:\Windows\JQHApp.dat
[2014.10.24 20:10:49 | 000,007,638 | ---- | C] () -- C:\Users\Addic7ed\AppData\Local\resmon.resmoncfg
[2014.10.24 19:39:00 | 001,559,268 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.10.24 17:45:59 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.06.19 17:34:36 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\.purple
[2015.06.19 18:08:06 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\AIMP3
[2015.02.14 18:48:49 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\BoL
[2015.06.17 17:30:22 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\BSplayer
[2014.10.28 23:06:14 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\BSplayer PRO
[2015.05.21 23:11:28 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
[2015.01.13 00:15:39 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\deskPDF Editor
[2015.03.28 19:58:45 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\DonationCoder
[2015.06.19 11:28:59 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Dropbox
[2015.05.22 00:12:47 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\ec249d2d-e85b-4179-b373-a2f22546f686
[2015.01.14 02:00:08 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\FileZilla
[2015.01.31 04:24:34 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\HD Tune Pro
[2015.03.12 00:05:16 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\iMobie
[2015.04.17 13:13:20 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Inspyder Web2Disk
[2015.01.28 22:10:18 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\IObit
[2014.12.18 20:35:20 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\IrfanView
[2014.10.29 03:49:34 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\LolClient
[2014.10.24 23:13:30 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\MangoApps
[2015.01.12 17:56:43 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\mkvtoolnix
[2015.04.08 00:32:55 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Publish Providers
[2015.03.17 22:57:33 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Remote Control Server
[2015.04.14 17:03:39 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Similarity
[2014.11.17 18:02:19 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Sony
[2014.11.17 20:14:05 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Sony Creative Software Inc
[2015.04.02 21:19:40 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\TeamViewer
[2014.12.19 03:29:05 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Trillian
[2015.03.18 01:30:10 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\TS3Client
[2015.06.19 19:27:08 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\uTorrent
[2015.04.26 17:25:45 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\WindSolutions
[2015.01.11 23:00:26 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\xrecode2

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,548 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.10.25 13:56:44 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.11.02 02:15:41 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.11.02 02:15:42 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.05.15 09:57:27 | 000,000,878 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-947469074-1548505890-1440728058-1000Core.job
[2015.05.15 09:57:27 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-947469074-1548505890-1440728058-1000UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2015.04.14 09:36:16 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\erdnt\cache64\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2015.04.14 09:36:16 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\erdnt\cache64\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[53 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015.06.19 17:34:36 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\.purple
[2015.01.21 21:20:07 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Adobe
[2015.06.19 18:08:06 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\AIMP3
[2014.12.05 18:18:01 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Apple Computer
[2015.02.14 18:48:49 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\BoL
[2015.06.17 17:30:22 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\BSplayer
[2014.10.28 23:06:14 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\BSplayer PRO
[2015.02.14 20:12:08 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\CyberLink
[2015.05.21 23:11:28 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
[2015.01.13 00:15:39 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\deskPDF Editor
[2015.03.28 19:58:45 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\DonationCoder
[2015.06.19 11:28:59 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Dropbox
[2015.06.04 00:59:57 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\dvdcss
[2015.05.22 00:12:47 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\ec249d2d-e85b-4179-b373-a2f22546f686
[2015.01.14 02:00:08 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\FileZilla
[2015.01.31 04:24:34 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\HD Tune Pro
[2015.03.12 00:05:16 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\iMobie
[2015.04.17 13:13:20 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Inspyder Web2Disk
[2015.01.28 22:10:18 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\IObit
[2014.12.18 20:35:20 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\IrfanView
[2014.10.24 20:19:28 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Logishrd
[2014.12.21 00:29:55 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Logitech
[2014.10.29 03:49:34 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\LolClient
[2014.10.24 23:51:45 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Macromedia
[2014.10.24 23:13:30 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\MangoApps
[2015.06.12 10:02:02 | 000,000,000 | --SD | M] -- C:\Users\Addic7ed\AppData\Roaming\Microsoft
[2015.01.12 17:56:43 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\mkvtoolnix
[2015.05.10 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Mozilla
[2015.04.08 00:33:20 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\NVIDIA
[2015.04.21 19:48:50 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\PSpad
[2015.04.08 00:32:55 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Publish Providers
[2015.03.17 22:57:33 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Remote Control Server
[2015.04.14 17:03:39 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Similarity
[2015.06.19 19:28:51 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Skype
[2014.11.17 18:02:19 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Sony
[2014.11.17 20:14:05 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Sony Creative Software Inc
[2015.04.02 21:19:40 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\TeamViewer
[2014.12.19 03:29:05 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Trillian
[2015.03.18 01:30:10 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\TS3Client
[2015.06.19 19:31:17 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\uTorrent
[2015.06.11 12:35:29 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\vlc
[2015.04.26 17:25:45 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\WindSolutions
[2014.12.14 00:50:07 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\WinRAR
[2015.06.11 18:23:15 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\Xfire
[2015.01.11 23:00:26 | 000,000,000 | ---D | M] -- C:\Users\Addic7ed\AppData\Roaming\xrecode2

< %APPDATA%\*.exe /s >
[2015.06.04 00:05:26 | 008,938,520 | ---- | M] (AIMP DevTeam) -- C:\Users\Addic7ed\AppData\Roaming\AIMP3\UpdateInstaller.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2015.06.10 22:36:06 | 043,871,584 | ---- | M] (Dropbox, Inc.) -- C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2015.06.10 22:36:14 | 000,165,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2015.04.21 20:16:32 | 000,049,664 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\Dropbox\bin\w9xpopen.exe
[2011.05.07 12:02:36 | 000,141,554 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CBC.exe
[2014.12.31 04:37:30 | 000,075,264 | ---- | M] (Steppschuh) -- C:\Users\Addic7ed\AppData\Roaming\Remote Control Server\Remote Control Server Updater.exe
[2015.03.17 22:57:37 | 005,168,128 | ---- | M] (Steppschuh) -- C:\Users\Addic7ed\AppData\Roaming\Remote Control Server\Remote Control Server.exe
[2014.04.14 00:00:00 | 000,042,496 | ---- | M] () -- C:\Users\Addic7ed\AppData\Roaming\uTorrent\uninstall.exe
[2014.04.14 00:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Addic7ed\AppData\Roaming\uTorrent\utorrent.exe
[2015.04.26 17:26:01 | 005,832,080 | ---- | M] (WindSolutions) -- C:\Users\Addic7ed\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
[2015.06.01 02:41:52 | 012,289,928 | ---- | M] (WindSolutions) -- C:\Users\Addic7ed\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015.06.19 18:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015.06.13 10:02:00 | 000,000,878 | ---- | M] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-947469074-1548505890-1440728058-1000Core.job
[2015.06.19 19:02:57 | 000,000,930 | ---- | M] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-947469074-1548505890-1440728058-1000UA.job
[2015.06.19 11:39:01 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.06.19 18:39:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< *crack* /s >
[2003.12.05 15:52:40 | 000,000,796 | ---- | M] () -- \GTA.San.Andreas\data\Decision\Craig\crack1.ped

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 482 bytes -> C:\ProgramData\TEMP:9A870F8B

< End of report >

Re: Preventivní kontrola :)

Napsal: 19 čer 2015 19:08
od Márty84
No par veci na vymaz tam je.


:???: Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:


:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce




18.7. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz