Kontrola - vir, lítá mi myš

Zpráva

pepis09 · #1 Příspěvek od **pepis09** » 11 pro 2017 16:06

Dobrý den,
prosím o kontorolu pc, u nb mi přestalo fungovat ovladání touchpadem, připojil jsem myš, je to lepší, ale po chvíli práce přeskakuje různě po monitoru, při spuštění videa, naběhne pouze barevná plocha.
Zazálohoval jsem data, projel ccleanerem.
Předem děkuji.
Josef

#2 Příspěvek od **Rudy** » 11 pro 2017 16:45

Zdravím!
Udělejte nejprve sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Můžete ho spustit i v nouz. režimu, tam se většina šmejdů nespouští a myš možná bude v klidu. Předem nic nemažte.

pepis09 · #3 Příspěvek od **pepis09** » 11 pro 2017 17:53

log je tady

#4 Příspěvek od **Rudy** » 11 pro 2017 18:01

Ano? Žádný nevidím.

pepis09 · #5 Příspěvek od **pepis09** » 11 pro 2017 18:51

omlouvám se tak tady
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.12.17
Čas skenování: 17:36
Logovací soubor: 620fc59c-de91-11e7-8ae1-001c25949a53.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3467
Licence: Bezplatný

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: Svetla-PC\Svetla

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 173937
Zjištěné hrozby: 5
Hrozby umístěné do karantény: 5
Uplynulý čas: 6 min, 6 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 3
PUP.Optional.WinThruster, C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft\Solvusoft Suite\Dumps, V karanténě, [7946], [461214],1.0.3467
PUP.Optional.WinThruster, C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft\Solvusoft Suite\Logs, V karanténě, [7946], [461214],1.0.3467
PUP.Optional.WinThruster, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\SOLVUSOFT\SOLVUSOFT SUITE, V karanténě, [7946], [461214],1.0.3467

Soubor: 2
PUP.Optional.WinThruster, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\SOLVUSOFT\SOLVUSOFT SUITE\LOGS\MachineId.log.txt, V karanténě, [7946], [461214],1.0.3467
PUP.Optional.Solvusoft, C:\USERS\SVETLA\DOWNLOADS\SETUP_DRIVERDOC_2016.EXE, V karanténě, [327], [331663],1.0.3467

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

#6 Příspěvek od **Rudy** » 11 pro 2017 18:58

Smažte všechny nálezy a pak dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 . Ten je ale nutno provést v normálním režimu, aby se zobrazily všechny procesy.

pepis09 · #7 Příspěvek od **pepis09** » 11 pro 2017 19:13

pepis09 · #8 Příspěvek od **pepis09** » 11 pro 2017 19:26

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2017
Ran by Svetla (administrator) on SVETLA-PC (11-12-2017 19:23:16)
Running from C:\Users\Svetla\Downloads
Loaded Profiles: Svetla (Available Profiles: Svetla)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Svetla\Downloads\FRST(1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [176128 2009-12-09] (Alps Electric Co., Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3338589338-3775306915-2918224224-1000\...\MountPoints2: {1c683249-5825-11e6-9b39-001fe2e4fc73} - F:\Lenovo_Suite.exe
HKU\S-1-5-21-3338589338-3775306915-2918224224-1000\...\MountPoints2: {3b81f226-7d8a-11e7-a0b4-001c25949a53} - F:\Lenovo_Suite.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-07-13] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2017-09-15]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\Svetla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-10-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.181 188.75.176.2 85.132.179.206 10.100.0.1
Tcpip\..\Interfaces\{64D7FAAC-C459-4FDD-93E5-511C14C72E87}: [DhcpNameServer] 192.168.3.181 188.75.176.2 85.132.179.206 10.100.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3338589338-3775306915-2918224224-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: No Name -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> No File
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File

FireFox:
========
FF DefaultProfile: 0471iz8d.default-1505453950323
FF ProfilePath: C:\Users\Svetla\AppData\Roaming\Mozilla\Firefox\Profiles\0471iz8d.default-1505453950323 [2017-12-11]
FF Homepage: Mozilla\Firefox\Profiles\0471iz8d.default-1505453950323 -> www.seznam.cz
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Svetla\AppData\Roaming\Mozilla\Firefox\Profiles\0471iz8d.default-1505453950323\features\{5f1e6b81-1544-447d-90e8-ee26c82e5176}\disable-media-wmf-nv12@mozilla.org.xpi [2017-12-09] [Lagacy]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default [2017-12-11]
CHR Extension: (Prezentace) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-27]
CHR Extension: (Dokumenty) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Disk Google) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-27]
CHR Extension: (YouTube) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-27]
CHR Extension: (Tabulky) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-27]
CHR Extension: (Avast Online Security) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-27]
CHR Extension: (Gmail) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-08-15] (Adobe Systems) [File not signed]
S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2009-08-18] () [File not signed]
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [242928 2013-08-28] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2526448 2013-08-28] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S3 jakstaVA; C:\Windows\System32\DRIVERS\jaksta_va.sys [91784 2014-12-09] (e2eSoft)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2017-12-11] (Malwarebytes)
S3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7523840 2012-01-23] (Intel Corporation)
U1 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-11 19:15 - 2017-12-11 19:15 - 001751040 _____ (Farbar) C:\Users\Svetla\Downloads\FRST(1).exe
2017-12-11 17:49 - 2017-12-11 17:49 - 000002244 _____ C:\Users\Svetla\Desktop\Malwarebytes.txt
2017-12-11 17:35 - 2017-12-11 17:35 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-12-11 17:35 - 2017-12-11 17:35 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-11 17:35 - 2017-12-11 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-11 17:34 - 2017-11-29 09:11 - 000059896 _____ C:\Windows\system32\Drivers\mbae.sys
2017-12-11 17:30 - 2017-12-11 17:32 - 083316440 _____ (Malwarebytes ) C:\Users\Svetla\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2017-12-11 15:50 - 2017-12-11 15:50 - 001107968 _____ C:\Users\Svetla\Downloads\RSIT(2).exe
2017-12-11 15:47 - 2017-12-11 15:47 - 001107968 _____ C:\Users\Svetla\Downloads\RSIT(1).exe
2017-12-10 17:57 - 2017-12-10 17:57 - 000001358 _____ C:\Users\Svetla\Desktop\Temp – zástupce.lnk
2017-11-17 10:57 - 2017-11-17 11:54 - 000000000 ____D C:\Users\Svetla\AppData\Local\IIIQF
2017-11-17 09:30 - 2017-11-17 09:30 - 000000000 _____ C:\Windows\system32\last.dump
2017-11-17 09:29 - 2017-11-17 09:29 - 008893232 _____ (AVAST Software) C:\Users\Svetla\Downloads\avastclear.exe
2017-11-17 09:09 - 2017-11-17 09:09 - 000311288 _____ (Mozilla) C:\Users\Svetla\Downloads\Firefox Installer.exe
2017-11-17 08:36 - 2017-11-17 08:36 - 000835236 _____ C:\Users\Svetla\Downloads\Metodicky-pokyn-platny-od-1-7-2014_rev-12-6-2017.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-11 19:23 - 2017-10-27 10:49 - 000009383 _____ C:\Users\Svetla\Downloads\FRST.txt
2017-12-11 19:23 - 2016-10-18 18:45 - 000000000 ____D C:\FRST
2017-12-11 19:18 - 2017-10-27 10:50 - 000022744 _____ C:\Users\Svetla\Downloads\Addition.txt
2017-12-11 17:54 - 2009-07-14 05:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-11 17:54 - 2009-07-14 05:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-11 17:50 - 2016-11-19 08:21 - 000000000 ____D C:\Users\Svetla\AppData\LocalLow\Mozilla
2017-12-11 17:46 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-11 17:35 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-12-11 17:34 - 2015-09-08 07:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-11 15:50 - 2017-10-27 11:11 - 000000000 ____D C:\Program Files\trend micro
2017-12-11 15:43 - 2015-10-22 11:19 - 000000000 ____D C:\Users\Svetla\AppData\Roaming\MPC-HC
2017-12-09 17:14 - 2017-09-15 06:26 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-09 17:14 - 2017-09-15 06:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-05 20:40 - 2015-07-10 11:18 - 001575230 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-05 20:40 - 2009-07-14 09:44 - 000665944 _____ C:\Windows\system32\perfh005.dat
2017-12-05 20:40 - 2009-07-14 09:44 - 000139608 _____ C:\Windows\system32\perfc005.dat
2017-12-04 20:28 - 2016-06-05 13:18 - 000000000 ____D C:\Users\Svetla\Documents\pepis
2017-12-02 15:03 - 2017-04-20 09:47 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-18 19:55 - 2017-02-28 13:48 - 000000000 ____D C:\FFOutput
2017-11-18 10:09 - 2017-01-28 10:58 - 000000000 ____D C:\Users\Svetla\Documents\Baronka tábor
2017-11-18 10:07 - 2015-11-27 22:37 - 000000000 ____D C:\Users\Svetla\Documents\koně
2017-11-17 11:53 - 2009-07-14 03:04 - 000000466 _____ C:\Windows\win.ini
2017-11-17 09:40 - 2016-09-09 15:03 - 000000000 ____D C:\ProgramData\AVAST Software
2017-11-17 09:10 - 2017-09-15 06:26 - 000001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-17 09:10 - 2017-09-15 06:26 - 000001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-11-17 09:06 - 2015-07-10 16:29 - 000000000 ____D C:\Users\Svetla\AppData\Roaming\Mozilla
2017-11-15 20:01 - 2016-07-09 11:47 - 000000000 ____D C:\Program Files\Google
2017-11-14 17:39 - 2015-07-10 11:21 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-11-14 17:39 - 2015-07-10 11:21 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-11-14 17:39 - 2015-07-10 11:21 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-12 07:21 - 2015-08-14 21:44 - 000000340 _____ C:\Windows\Tasks\Driver Robot.job

==================== Files in the root of some directories =======

2015-08-15 17:46 - 2017-09-07 06:37 - 000000600 _____ () C:\Users\Svetla\AppData\Roaming\winscp.rnd
2017-10-27 11:04 - 2017-10-27 11:09 - 000029696 _____ () C:\Users\Svetla\AppData\Local\MSGBOX.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-10 08:04

==================== End of FRST.txt ============================

#9 Příspěvek od **Rudy** » 11 pro 2017 19:59

Jak je na tom váš oper. systém s legalitou?

pepis09 · #10 Příspěvek od **pepis09** » 11 pro 2017 20:01

koupil jsem nb s oper. systémem vista, ale neadali k tomu inst. cd, asi po 8 letech jsem si od kamaráda koupil w 7

#11 Příspěvek od **Rudy** » 11 pro 2017 20:05

Aha. Udělejte tedy tento sken:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

pepis09 · #12 Příspěvek od **pepis09** » 12 pro 2017 04:56

otl

OTL logfile created on: 11.12.2017 20:35:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Svetla\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,98 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,77% Memory free
3,96 Gb Paging File | 2,55 Gb Available in Paging File | 64,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,82 Gb Total Space | 83,79 Gb Free Space | 60,79% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 1,83 Gb Free Space | 18,71% Space Free | Partition Type: NTFS
Drive F: | 7,55 Gb Total Space | 7,55 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: SVETLA-PC | User Name: Svetla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2017.12.11 20:35:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Svetla\Downloads\OTL(1).exe
PRC - [2017.12.11 19:15:40 | 001,751,040 | ---- | M] (Farbar) -- C:\Users\Svetla\Downloads\FRST(1).exe
PRC - [2017.12.09 09:07:22 | 000,467,408 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2017.11.29 09:11:50 | 003,515,856 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2017.11.01 08:07:10 | 004,563,920 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
PRC - [2017.09.27 11:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.06.02 18:20:04 | 001,321,296 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
PRC - [2015.07.14 07:25:43 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2015.05.09 04:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013.08.28 15:22:46 | 002,526,448 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
PRC - [2013.08.28 15:22:18 | 000,500,976 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2013.08.28 15:21:56 | 000,109,296 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2014.11.02 18:44:58 | 000,027,136 | ---- | M] () -- C:\Program Files\PSPad editor\pspshellx32.dll

========== Services (SafeList) ==========

SRV - [2017.12.09 09:07:21 | 000,175,568 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017.11.14 17:39:11 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017.11.01 08:07:10 | 004,563,920 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV - [2017.09.27 11:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016.06.02 18:20:46 | 000,273,232 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe -- (LSC.Services.SystemService)
SRV - [2015.07.16 20:39:29 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013.08.28 15:22:46 | 002,526,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2013.08.28 15:22:30 | 000,242,928 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2013.08.28 15:22:18 | 000,500,976 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2013.08.28 15:21:56 | 000,109,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.05.09 21:47:24 | 000,417,336 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2009.08.18 01:36:08 | 000,176,128 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2017.12.11 17:35:12 | 000,221,112 | ---- | M] (Malwarebytes) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2015.06.11 18:15:04 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2014.12.09 03:58:34 | 000,091,784 | ---- | M] (e2eSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jaksta_va.sys -- (jakstaVA)
DRV - [2012.01.23 13:43:06 | 007,523,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.05.09 21:47:34 | 000,015,416 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2009.12.09 13:54:46 | 000,154,672 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009.09.15 12:30:08 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009.09.15 11:36:18 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009.09.07 17:00:28 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009.08.18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2002.07.17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3338589338-3775306915-2918224224-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKU\S-1-5-21-3338589338-3775306915-2918224224-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3338589338-3775306915-2918224224-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3338589338-3775306915-2918224224-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-3338589338-3775306915-2918224224-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.search.widget.inNavBar: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2015.07.10 17:08:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svetla\AppData\Roaming\mozilla\Extensions
[2017.11.17 09:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svetla\AppData\Roaming\mozilla\SystemExtensionsDev
[2017.10.28 07:09:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svetla\AppData\Roaming\mozilla\Firefox\Profiles\0471iz8d.default-1505453950323\browser-extension-data
[2017.10.06 06:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svetla\AppData\Roaming\mozilla\Firefox\Profiles\0471iz8d.default-1505453950323\browser-extension-data\screenshots@mozilla.org
[2017.11.17 09:29:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svetla\AppData\Roaming\mozilla\Firefox\Profiles\0471iz8d.default-1505453950323\browser-extension-data\sp@avast.com
[2017.11.17 09:33:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Svetla\AppData\Roaming\mozilla\Firefox\Profiles\0471iz8d.default-1505453950323\extensions
[2017.12.09 18:06:11 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\Svetla\AppData\Roaming\mozilla\firefox\profiles\0471iz8d.default-1505453950323\features\{5f1e6b81-1544-447d-90e8-ee26c82e5176}\disable-media-wmf-nv12@mozilla.org.xpi
[2017.12.09 09:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.296_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6217.911.0.3_0\
CHR - Extension: No name found = C:\Users\Svetla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6217.911.0.5_0\

O1 HOSTS File: ([2016.10.18 18:55:50 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - No CLSID value found.
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Svetla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all by YouTube Robot - C:\Program Files\YouTubeRobot\downall.htm File not found
O8 - Extra context menu item: Download by YouTube Robot - C:\Program Files\YouTubeRobot\downlink.htm File not found
O13 - gopher Prefix: missing
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} https://eportal.cssz.cz/fas/page/active ... bff_cs.cab (FormApps Plug-in)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.181 188.75.176.2 85.132.179.206 10.100.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64D7FAAC-C459-4FDD-93E5-511C14C72E87}: DhcpNameServer = 192.168.3.181 188.75.176.2 85.132.179.206 10.100.0.1
O18 - Protocol\Handler\WSISVCUchrome - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1c683249-5825-11e6-9b39-001fe2e4fc73}\Shell - "" = AutoRun
O33 - MountPoints2\{1c683249-5825-11e6-9b39-001fe2e4fc73}\Shell\AutoRun\command - "" = F:\Lenovo_Suite.exe
O33 - MountPoints2\{3b81f226-7d8a-11e7-a0b4-001c25949a53}\Shell - "" = AutoRun
O33 - MountPoints2\{3b81f226-7d8a-11e7-a0b4-001c25949a53}\Shell\AutoRun\command - "" = F:\Lenovo_Suite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Unable to save MBR. Invalid drive designation: 0

========== Files/Folders - Created Within 30 Days ==========

[2017.12.11 17:35:12 | 000,221,112 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2017.12.11 17:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017.11.17 10:57:21 | 000,000,000 | ---D | C] -- C:\Users\Svetla\AppData\Local\IIIQF
[1 C:\Users\Svetla\Documents\*.tmp files -> C:\Users\Svetla\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2017.12.11 17:54:30 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.12.11 17:54:30 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.12.11 17:46:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.12.11 17:46:20 | 1593,282,560 | -HS- | M] () -- C:\hiberfil.sys
[2017.12.11 17:35:12 | 000,221,112 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2017.12.11 17:35:00 | 000,002,024 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.12.10 17:57:21 | 000,001,358 | ---- | M] () -- C:\Users\Svetla\Desktop\Temp – zástupce.lnk
[2017.12.05 20:40:58 | 000,665,944 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2017.12.05 20:40:58 | 000,651,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2017.12.05 20:40:58 | 000,139,608 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2017.12.05 20:40:58 | 000,120,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2017.11.29 17:57:25 | 000,075,000 | ---- | M] () -- C:\Users\Svetla\Desktop\pernicky.jpg
[2017.11.29 09:11:26 | 000,059,896 | ---- | M] () -- C:\Windows\System32\drivers\mbae.sys
[2017.11.17 09:30:20 | 000,000,000 | ---- | M] () -- C:\Windows\System32\last.dump
[2017.11.17 09:10:55 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2017.11.14 17:39:11 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2017.11.14 17:39:11 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2017.11.12 07:21:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[1 C:\Users\Svetla\Documents\*.tmp files -> C:\Users\Svetla\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017.12.11 17:35:00 | 000,002,024 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.12.11 17:34:56 | 000,059,896 | ---- | C] () -- C:\Windows\System32\drivers\mbae.sys
[2017.12.10 17:57:21 | 000,001,358 | ---- | C] () -- C:\Users\Svetla\Desktop\Temp – zástupce.lnk
[2017.11.29 17:56:01 | 000,075,000 | ---- | C] () -- C:\Users\Svetla\Desktop\pernicky.jpg
[2017.11.17 09:30:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\last.dump
[2017.10.27 11:04:51 | 000,029,696 | ---- | C] () -- C:\Users\Svetla\AppData\Local\MSGBOX.EXE
[2017.09.06 14:38:09 | 000,000,615 | ---- | C] () -- C:\Users\Svetla\mm.cfg
[2017.03.05 12:29:39 | 000,000,021 | ---- | C] () -- C:\Windows\clofghls.dll
[2017.03.05 12:16:03 | 000,000,051 | ---- | C] () -- C:\Windows\forevermopt.INI
[2016.07.09 11:37:04 | 000,829,781 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2015.08.15 17:46:11 | 000,000,600 | ---- | C] () -- C:\Users\Svetla\AppData\Roaming\winscp.rnd

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.07.10 18:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2016.10.05 19:29:15 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Apowersoft
[2015.08.14 22:11:27 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Easeware
[2016.09.17 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\FLV Downloader(xmlbar)
[2016.08.18 10:54:08 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\iSkysoft iMedia Converter Deluxe
[2015.08.15 23:51:20 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Kodi
[2016.08.15 09:01:24 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Lenovo
[2015.08.14 22:03:45 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\LSC
[2017.02.27 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\MediaInfo
[2017.12.11 15:43:21 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\MPC-HC
[2015.12.06 22:42:35 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Opera Software
[2016.09.09 15:01:35 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Profiles
[2016.09.09 05:35:34 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Replay Media Catcher 6
[2016.09.17 20:46:18 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Video Downloader(xmlbar)
[2015.08.14 22:48:15 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\WinBatch
[2016.08.18 10:54:19 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,614 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2015.08.14 21:44:21 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\Driver Robot.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 04:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2010.04.09 08:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010.04.09 08:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2015.07.14 07:26:04 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2015.07.14 07:26:04 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2014.04.05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014.07.16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2017.04.20 09:55:16 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Adobe
[2016.10.05 19:29:15 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Apowersoft
[2015.08.14 22:11:27 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Easeware
[2016.09.17 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\FLV Downloader(xmlbar)
[2015.07.10 11:14:12 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Identities
[2015.08.15 00:01:59 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\InstallShield
[2015.08.15 13:36:06 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Intel
[2016.08.18 10:54:08 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\iSkysoft iMedia Converter Deluxe
[2015.08.15 23:51:20 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Kodi
[2016.08.15 09:01:24 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Lenovo
[2015.08.14 22:03:45 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\LSC
[2015.07.10 11:21:45 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Media Center Programs
[2017.02.27 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\MediaInfo
[2017.07.27 22:57:04 | 000,000,000 | --SD | M] -- C:\Users\Svetla\AppData\Roaming\Microsoft
[2017.11.17 09:06:08 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Mozilla
[2017.12.11 15:43:21 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\MPC-HC
[2015.12.06 22:42:35 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Opera Software
[2016.09.09 15:01:35 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Profiles
[2015.11.03 21:13:40 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\PSpad
[2017.03.05 12:36:37 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Real
[2016.09.09 05:35:34 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Replay Media Catcher 6
[2017.02.09 12:46:47 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Skype
[2016.09.17 20:46:18 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\Video Downloader(xmlbar)
[2015.08.14 22:48:15 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\WinBatch
[2016.08.18 10:54:19 | 000,000,000 | ---D | M] -- C:\Users\Svetla\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

< %APPDATA%\*.exe /s >
[2015.08.14 22:20:14 | 003,409,248 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\10tz1ptd.e1v\6ax801ww.exe
[2015.08.14 22:56:59 | 001,601,024 | ---- | M] () -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\2410f2j5.mjy\MEI_Intel_v4.2.0.1008_W7-32-64.exe
[2009.07.15 11:05:34 | 000,981,528 | ---- | M] (Intel Corporation) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\2410f2j5.mjy\setup.exe
[2009.07.15 11:05:36 | 000,106,008 | ---- | M] (Intel Corporation) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\2410f2j5.mjy\x64\Difx64.exe
[2015.08.14 23:25:09 | 013,173,536 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\bchrpj05.lc3\6egx02ww.exe
[2015.08.14 23:52:50 | 014,821,048 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\bljnwdba.uxz\7zwf02ww.exe
[2015.08.15 10:40:29 | 003,409,248 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\bqm1jhbm.0uz\6ax801ww.exe
[2015.08.14 22:40:50 | 006,554,744 | ---- | M] () -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\eu4seagd.k1f\driver_cardreader_ricoh_TC00091900E.exe
[2015.08.15 08:47:24 | 000,325,912 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\gt1oznny.ywm\groi03ww.exe
[2015.08.15 07:10:46 | 001,601,024 | ---- | M] () -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\pyse34j4.54q\MEI_Intel_v4.2.0.1008_W7-32-64.exe
[2009.07.15 11:05:34 | 000,981,528 | ---- | M] (Intel Corporation) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\pyse34j4.54q\setup.exe
[2009.07.15 11:05:36 | 000,106,008 | ---- | M] (Intel Corporation) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\pyse34j4.54q\x64\Difx64.exe
[2015.08.14 23:48:07 | 000,325,912 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\uo122wzl.tce\groi03ww.exe
[2015.08.14 22:15:49 | 001,299,472 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Svetla\AppData\Roaming\Easeware\DriverEasy\drivers\x5alqifw.3f5\n19ku07w.exe
[2016.07.15 07:59:05 | 054,291,360 | ---- | M] (Lenovo) -- C:\Users\Svetla\AppData\Roaming\LSC\Local Store\LSCSetup.exe
[2016.07.15 06:58:07 | 000,310,960 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Svetla\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2017.04.29 01:36:22 | 000,251,856 | R--- | M] (Acresso Software Inc.) -- C:\Users\Svetla\AppData\Roaming\Microsoft\Installer\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}\ARPPRODUCTICON.exe
[2017.04.29 01:36:22 | 000,251,856 | R--- | M] (Acresso Software Inc.) -- C:\Users\Svetla\AppData\Roaming\Microsoft\Installer\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}\NewShortcut1_E004384A8D9148B78F6A2EE52F39EAF6.exe
[2016.03.04 19:42:41 | 000,701,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2016.03.15 20:07:03 | 000,701,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2016.06.17 13:03:22 | 000,701,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\temp\~Upg2\rnupgagent.exe
[2016.06.25 17:38:25 | 000,701,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\temp\~Upg3\rnupgagent.exe
[2016.09.19 12:14:12 | 000,701,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\temp\~Upg4\rnupgagent.exe
[2016.11.23 07:19:40 | 000,701,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\temp\~Upg5\rnupgagent.exe
[2016.12.01 07:19:48 | 000,701,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\temp\~Upg6\rnupgagent.exe
[2016.11.23 07:19:40 | 000,701,192 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe
[2016.11.23 10:19:54 | 001,356,656 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Svetla\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\stub_exe\RealTimes-RealPlayer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< %systemroot%\Tasks\*.job >
[2017.11.12 07:21:57 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< %systemroot%\system32\drivers\*.sys /3 >
[2017.12.11 17:35:12 | 000,221,112 | ---- | M] (Malwarebytes) -- C:\Windows\system32\drivers\mbamswissarmy.sys

< %systemroot%\system32\*.* /3 >
[2017.12.11 17:54:30 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.12.11 17:54:30 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2017.12.09 09:07:22 | 000,467,408 | ---- | M] (Mozilla Corporation) MD5=0F104A30231EFAC95916A7AA0781A6D5 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.07.21 01:12:30 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=C2A6A7E10E872F62F261637B67AFB248 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2016.05.18 15:15:54 | 012,842,928 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\4kvideodownloader.exe
[2016.04.06 11:50:50 | 000,046,921 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_cs.qm
[2016.04.06 11:50:50 | 000,050,015 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_de.qm
[2016.04.06 11:50:50 | 000,045,343 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_en.qm
[2016.04.06 11:50:50 | 000,049,015 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_es.qm
[2016.04.06 11:50:50 | 000,027,350 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_et.qm
[2016.04.06 11:50:52 | 000,047,125 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_fi.qm
[2016.04.06 11:50:52 | 000,050,335 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_fr.qm
[2016.04.06 11:50:52 | 000,048,570 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_hu.qm
[2016.04.06 11:50:52 | 000,048,451 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_it.qm
[2016.04.06 11:50:52 | 000,039,980 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_ja.qm
[2016.04.06 11:50:52 | 000,038,978 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_ko.qm
[2016.04.06 11:50:52 | 000,048,159 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_nl.qm
[2016.04.06 11:50:52 | 000,047,475 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_pl.qm
[2016.04.06 11:50:52 | 000,048,605 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_pt.qm
[2016.04.06 11:50:52 | 000,047,284 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_ru.qm
[2016.04.06 11:50:52 | 000,046,887 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_sv.qm
[2016.04.06 11:50:52 | 000,047,478 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_tr.qm
[2016.04.06 11:50:52 | 000,036,580 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_zh.qm
[2016.04.06 11:50:52 | 000,036,400 | ---- | M] () -- \Program Files\4KDownload\4kvideodownloader\translation\videodownloader_zh_TW.qm
[2005.06.06 11:11:30 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\cs\_media\rssloader.swf
[2005.04.08 13:01:10 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\da\_media\rssloader.swf
[2005.04.08 13:01:08 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\de\_media\rssloader.swf
[2005.06.06 11:11:30 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\el\_media\rssloader.swf
[2005.04.08 13:01:08 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2005.04.08 13:01:10 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\es\_media\rssloader.swf
[2005.04.08 13:01:10 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\fi\_media\rssloader.swf
[2005.04.08 13:01:12 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\fr\_media\rssloader.swf
[2005.06.06 11:11:32 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\hu\_media\rssloader.swf
[2005.04.08 13:01:12 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\it\_media\rssloader.swf
[2005.04.08 13:01:08 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\ja\_media\rssloader.swf
[2005.04.08 13:01:12 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\ko\_media\rssloader.swf
[2005.04.08 13:01:12 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\nl\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\no\_media\rssloader.swf
[2005.06.06 11:11:32 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\pl\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\pt\_media\rssloader.swf
[2005.06.06 11:11:34 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\ru\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\sv\_media\rssloader.swf
[2005.06.06 11:11:34 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\tr\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\zh_CN\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\zh_TW\_media\rssloader.swf
[2005.03.16 18:16:00 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2017.11.12 23:40:08 | 000,018,624 | ---- | M] () -- \Program Files\Mozilla Firefox\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.07 09:57:42 | 000,128,000 | ---- | M] () -- \Program Files\Rajče Downloader\Rajce-Downloader.exe
[2016.03.02 03:19:00 | 005,693,440 | ---- | M] () -- \Program Files\Xmlbar\FLV Downloader\FLVDownloader(xmlbar).exe
[2016.10.18 19:22:18 | 000,001,240 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download\4K Video Downloader.lnk
[2016.10.18 19:22:20 | 000,002,141 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Downloader(xmlbar)\FLV Downloader.lnk
[2016.10.18 19:22:22 | 000,001,083 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Rajče Downloader\Rajče Downloader.lnk
[2016.10.18 19:22:22 | 000,002,141 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Video Downloader(xmlbar)\Video Downloader.lnk
[2016.10.18 19:22:18 | 000,001,240 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\4K Download\4K Video Downloader.lnk
[2016.10.18 19:22:20 | 000,002,141 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\FLV Downloader(xmlbar)\FLV Downloader.lnk
[2016.10.18 19:22:22 | 000,001,083 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Rajče Downloader\Rajče Downloader.lnk
[2016.10.18 19:22:22 | 000,002,141 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Video Downloader(xmlbar)\Video Downloader.lnk
[2016.10.18 19:21:43 | 000,001,229 | ---- | M] () -- \Users\Svetla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FLV Downloader.lnk
[2014.09.01 23:00:00 | 000,047,934 | ---- | M] () -- \Users\Svetla\Documents\stránky\helena-stranky\záloha 26.1.2016\záloha wp\wp-includes\script-loader.php
[2014.09.01 23:00:00 | 000,002,747 | ---- | M] () -- \Users\Svetla\Documents\stránky\helena-stranky\záloha 26.1.2016\záloha wp\wp-includes\template-loader.php
[2014.09.01 23:00:00 | 000,003,878 | ---- | M] () -- \Users\Svetla\Documents\stránky\helena-stranky\záloha 26.1.2016\záloha wp\wp-includes\images\uploader-icons-2x.png
[2014.09.01 23:00:00 | 000,001,556 | ---- | M] () -- \Users\Svetla\Documents\stránky\helena-stranky\záloha 26.1.2016\záloha wp\wp-includes\images\uploader-icons.png
[2014.09.01 23:00:00 | 000,004,281 | ---- | M] () -- \Users\Svetla\Documents\stránky\helena-stranky\záloha 26.1.2016\záloha wp\wp-includes\js\customize-loader.js
[2014.09.01 23:00:00 | 000,002,539 | ---- | M] () -- \Users\Svetla\Documents\stránky\helena-stranky\záloha 26.1.2016\záloha wp\wp-includes\js\customize-loader.min.js
[2014.09.01 23:00:00 | 000,002,608 | ---- | M] () -- \Users\Svetla\Documents\stránky\helena-stranky\záloha 26.1.2016\záloha wp\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2015.09.19 15:27:00 | 000,050,832 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\script-loader.php
[2015.09.19 15:26:00 | 000,002,747 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\template-loader.php
[2015.09.19 15:27:00 | 000,003,542 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\images\uploader-icons-2x.png
[2015.09.19 15:27:00 | 000,001,556 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\images\uploader-icons.png
[2015.09.19 15:27:00 | 000,006,752 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\js\customize-loader.js
[2015.09.19 15:27:00 | 000,003,217 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\js\customize-loader.min.js
[2015.09.19 15:27:00 | 000,003,057 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\js\wp-emoji-loader.js
[2015.09.19 15:27:00 | 000,001,022 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\js\wp-emoji-loader.min.js
[2015.09.19 15:27:00 | 000,002,608 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\www\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2016.04.01 08:45:00 | 000,000,847 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-content\plugins\contact-form-7\images\ajax-loader.gif
[2016.04.01 08:45:00 | 000,003,915 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons-2x.png
[2016.04.01 08:45:00 | 000,001,593 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons.png
[2016.04.01 08:45:00 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\ajax-loader.gif
[2016.04.01 08:45:00 | 000,006,820 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\loader.gif
[2016.03.17 13:26:00 | 000,054,766 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\script-loader.php
[2016.03.17 13:26:00 | 000,003,137 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\template-loader.php
[2015.09.18 23:00:00 | 000,003,542 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\images\uploader-icons-2x.png
[2015.09.18 23:00:00 | 000,001,556 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\images\uploader-icons.png
[2016.03.17 13:26:00 | 000,007,052 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\js\customize-loader.js
[2015.09.18 23:00:00 | 000,003,217 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\js\customize-loader.min.js
[2016.03.17 13:26:00 | 000,004,225 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\js\wp-emoji-loader.js
[2016.03.17 13:26:00 | 000,001,327 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\js\wp-emoji-loader.min.js
[2015.09.18 23:00:00 | 000,002,608 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\ZALOHA 25.4.2016\www\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2015.11.18 00:06:00 | 000,003,915 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons-2x.png
[2015.11.18 00:06:00 | 000,001,593 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons.png
[2015.11.18 00:06:00 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\ajax-loader.gif
[2015.11.18 00:06:00 | 000,006,820 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\loader.gif
[2015.09.19 14:27:00 | 000,050,832 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\script-loader.php
[2015.09.19 14:26:00 | 000,002,747 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\template-loader.php
[2015.09.19 14:27:00 | 000,003,542 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\images\uploader-icons-2x.png
[2015.09.19 14:27:00 | 000,001,556 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\images\uploader-icons.png
[2015.09.19 14:27:00 | 000,006,752 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\js\customize-loader.js
[2015.09.19 14:27:00 | 000,003,217 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\js\customize-loader.min.js
[2015.09.19 14:27:00 | 000,003,057 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\js\wp-emoji-loader.js
[2015.09.19 14:27:00 | 000,001,022 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\js\wp-emoji-loader.min.js
[2015.09.19 14:27:00 | 000,002,608 | ---- | M] () -- \Users\Svetla\Documents\stránky\jirka\záloha 26.1.2016\ZALOHA WP\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2015.09.27 09:30:00 | 000,003,915 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons-2x.png
[2015.09.27 09:30:00 | 000,001,593 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons.png
[2015.09.27 09:31:00 | 000,000,668 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\nextgen-gallery\products\photocrati_nextgen\modules\lightbox\static\highslide\graphics\loader.gif
[2015.09.27 09:31:00 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\nextgen-gallery\products\photocrati_nextgen\modules\lightbox\static\highslide\graphics\loader.white.gif
[2015.09.27 09:31:00 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\ajax-loader.gif
[2015.09.27 09:31:00 | 000,006,820 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\loader.gif
[2016.01.26 17:32:00 | 000,003,915 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons-2x.png
[2016.01.26 17:32:00 | 000,001,593 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons.png
[2016.01.26 17:32:00 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\ajax-loader.gif
[2016.01.26 17:32:00 | 000,006,820 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-content\plugins\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\loader.gif
[2016.01.26 17:31:00 | 000,054,766 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\script-loader.php
[2016.01.26 17:31:00 | 000,003,137 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\template-loader.php
[2015.02.02 00:00:00 | 000,003,542 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\images\uploader-icons-2x.png
[2015.02.02 00:00:00 | 000,001,556 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\images\uploader-icons.png
[2016.01.26 17:31:00 | 000,007,052 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\js\customize-loader.js
[2016.01.26 17:31:00 | 000,003,217 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\js\customize-loader.min.js
[2016.01.26 17:31:00 | 000,004,185 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\js\wp-emoji-loader.js
[2016.01.26 17:31:00 | 000,001,395 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\js\wp-emoji-loader.min.js
[2015.02.02 00:00:00 | 000,002,608 | ---- | M] () -- \Users\Svetla\Documents\stránky\lenka\záloha 26.1.2016\záloha wp\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2015.01.11 00:00:00 | 000,006,001 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-content\plugins\backwpup\vendor\Guzzle\Service\AbstractConfigLoader.php
[2015.01.11 00:00:00 | 000,001,172 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-content\plugins\backwpup\vendor\Guzzle\Service\CachingConfigLoader.php
[2015.01.11 00:00:00 | 000,000,699 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-content\plugins\backwpup\vendor\Guzzle\Service\ConfigLoaderInterface.php
[2015.01.11 00:00:00 | 000,003,396 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-content\plugins\backwpup\vendor\Guzzle\Service\Builder\ServiceBuilderLoader.php
[2015.01.11 00:00:00 | 000,002,535 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-content\plugins\backwpup\vendor\Guzzle\Service\Description\ServiceDescriptionLoader.php
[2014.06.16 23:00:00 | 000,010,819 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-content\themes\cookingbook\inc\images\ajax-loader.gif
[2014.06.16 23:00:00 | 000,009,427 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-content\themes\cookingbook\inc\images\ajax-loader2.gif
[2014.06.16 23:00:00 | 000,010,819 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-content\themes\cookingbook\inc\images\img-loader.gif
[2014.08.03 23:00:00 | 000,047,934 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-includes\script-loader.php
[2014.06.16 23:00:00 | 000,002,747 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-includes\template-loader.php
[2014.08.03 23:00:00 | 000,003,878 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-includes\images\uploader-icons-2x.png
[2014.08.03 23:00:00 | 000,001,556 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-includes\images\uploader-icons.png
[2014.06.16 23:00:00 | 000,004,281 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-includes\js\customize-loader.js
[2014.06.16 23:00:00 | 000,002,539 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-includes\js\customize-loader.min.js
[2014.08.03 23:00:00 | 000,002,608 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule záloha 20.1.2016\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2014.05.30 13:43:12 | 000,006,001 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-content\plugins\backwpup\vendor\Guzzle\Service\AbstractConfigLoader.php
[2014.05.30 13:43:12 | 000,001,172 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-content\plugins\backwpup\vendor\Guzzle\Service\CachingConfigLoader.php
[2014.05.30 13:43:12 | 000,000,699 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-content\plugins\backwpup\vendor\Guzzle\Service\ConfigLoaderInterface.php
[2014.05.30 13:43:12 | 000,003,396 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-content\plugins\backwpup\vendor\Guzzle\Service\Builder\ServiceBuilderLoader.php
[2014.05.30 13:43:12 | 000,002,535 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-content\plugins\backwpup\vendor\Guzzle\Service\Description\ServiceDescriptionLoader.php
[2014.05.28 11:40:57 | 000,010,819 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-content\themes\cookingbook\inc\images\ajax-loader.gif
[2014.05.28 11:40:57 | 000,009,427 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-content\themes\cookingbook\inc\images\ajax-loader2.gif
[2014.05.28 11:40:57 | 000,010,819 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-content\themes\cookingbook\inc\images\img-loader.gif
[2013.12.08 07:28:10 | 000,045,687 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-includes\script-loader.php
[2013.10.30 14:39:10 | 000,002,747 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-includes\template-loader.php
[2012.11.30 02:18:08 | 000,003,915 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-includes\images\uploader-icons-2x.png
[2012.11.30 02:18:08 | 000,001,593 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-includes\images\uploader-icons.png
[2013.11.15 04:31:10 | 000,004,281 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-includes\js\customize-loader.js
[2013.11.13 21:45:12 | 000,002,539 | ---- | M] () -- \Users\Svetla\Documents\stránky\misule\misule4\wp-includes\js\customize-loader.min.js
[2010.06.29 14:01:25 | 000,000,668 | ---- | M] () -- \Users\Svetla\Documents\stránky\svejo\fotky\highslide\graphics\loader.gif
[2010.06.29 14:01:25 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\svejo\fotky\highslide\graphics\loader.white.gif
[2010.06.29 14:01:25 | 000,000,668 | ---- | M] () -- \Users\Svetla\Documents\stránky\svejo\rady\highslide-4.1.4\highslide\graphics\loader.gif
[2010.06.29 14:01:25 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\svejo\rady\highslide-4.1.4\highslide\graphics\loader.white.gif
[2017.09.05 14:55:05 | 000,008,154 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\plugin\hute gallery\includes\class-gallery-img-template-loader.php
[2015.11.19 08:53:58 | 000,003,915 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\plugin\nextgen-gallery.2.0.79\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons-2x.png
[2015.11.19 08:53:57 | 000,001,593 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\plugin\nextgen-gallery.2.0.79\nextgen-gallery\products\photocrati_nextgen\modules\attach_to_post\static\uploader-icons.png
[2015.11.19 08:53:45 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\plugin\nextgen-gallery.2.0.79\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\ajax-loader.gif
[2015.11.19 08:53:45 | 000,006,820 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\plugin\nextgen-gallery.2.0.79\nextgen-gallery\products\photocrati_nextgen\modules\ngglegacy\images\loader.gif
[2017.09.05 18:13:41 | 000,003,211 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\plugin\responsive image gallery\includes\admin\images\ajax-loader.gif
[2013.11.28 00:12:40 | 000,010,819 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\cookingbook\inc\images\ajax-loader.gif
[2013.11.28 00:12:40 | 000,009,427 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\cookingbook\inc\images\ajax-loader2.gif
[2013.11.28 00:12:40 | 000,010,819 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\cookingbook\inc\images\img-loader.gif
[2015.10.25 20:11:40 | 000,003,644 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\i-transform.2.1.0\i-transform\inc\includes\class-options-media-uploader.php
[2015.10.25 20:11:09 | 000,002,906 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\i-transform.2.1.0\i-transform\inc\js\media-uploader.js
[2015.10.25 20:11:35 | 000,025,339 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\i-transform.2.1.0\i-transform\inc\meta-box\img\loader.gif
[2017.01.23 20:20:25 | 000,020,983 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\jkreativ-lite\option-tree\ot-loader.php
[2017.01.23 20:20:26 | 000,013,864 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\jkreativ-lite\public\img\big-loader.gif
[2017.01.23 20:20:26 | 000,003,208 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\jkreativ-lite\public\img\loader.gif
[2015.10.27 08:55:52 | 000,000,355 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\luminescence-lite\opulus-sombre.1.3.9\opulus-sombre\nimbus\js\options_uploader.js
[2016.12.30 20:44:40 | 000,003,658 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\Shuttershot\Shuttershot\FT\plugin\options-framework\includes\class-options-media-uploader.php
[2016.12.30 20:44:40 | 000,002,906 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\šablony\Shuttershot\Shuttershot\FT\plugin\options-framework\js\media-uploader.js
[2013.12.08 07:28:10 | 000,045,687 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.8.1\wordpress\wp-includes\script-loader.php
[2013.10.30 14:39:10 | 000,002,747 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.8.1\wordpress\wp-includes\template-loader.php
[2012.11.30 02:18:08 | 000,003,915 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.8.1\wordpress\wp-includes\images\uploader-icons-2x.png
[2012.11.30 02:18:08 | 000,001,593 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.8.1\wordpress\wp-includes\images\uploader-icons.png
[2013.11.15 04:31:10 | 000,004,281 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.8.1\wordpress\wp-includes\js\customize-loader.js
[2013.11.13 21:45:12 | 000,002,539 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.8.1\wordpress\wp-includes\js\customize-loader.min.js
[2014.05.27 08:56:27 | 000,047,934 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.9.1-cs_CZ\wp-includes\script-loader.php
[2014.05.27 08:56:26 | 000,002,747 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.9.1-cs_CZ\wp-includes\template-loader.php
[2014.05.27 08:56:28 | 000,003,878 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.9.1-cs_CZ\wp-includes\images\uploader-icons-2x.png
[2014.05.27 08:56:29 | 000,001,556 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.9.1-cs_CZ\wp-includes\images\uploader-icons.png
[2014.05.27 08:56:31 | 000,004,281 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.9.1-cs_CZ\wp-includes\js\customize-loader.js
[2014.05.27 08:56:30 | 000,002,539 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.9.1-cs_CZ\wp-includes\js\customize-loader.min.js
[2014.05.27 08:56:35 | 000,002,608 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-3.9.1-cs_CZ\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2015.10.20 07:42:17 | 000,050,832 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\script-loader.php
[2015.10.20 07:42:08 | 000,002,747 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\template-loader.php
[2015.10.20 07:42:48 | 000,003,542 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\images\uploader-icons-2x.png
[2015.10.20 07:42:48 | 000,001,556 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\images\uploader-icons.png
[2015.10.20 07:42:25 | 000,006,752 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\js\customize-loader.js
[2015.10.20 07:42:26 | 000,003,217 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\js\customize-loader.min.js
[2015.10.20 07:42:28 | 000,003,057 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\js\wp-emoji-loader.js
[2015.10.20 07:42:25 | 000,001,022 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\js\wp-emoji-loader.min.js
[2015.10.20 07:42:44 | 000,002,608 | ---- | M] () -- \Users\Svetla\Documents\stránky\WORDPRESS\wp-instalace\wordpress-4.2.4-cs_CZ(1)\wordpress\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2010.06.29 14:01:25 | 000,000,668 | ---- | M] () -- \Users\Svetla\Documents\stránky\záhornice\foto\highslide\graphics\loader.gif
[2010.06.29 14:01:25 | 000,000,673 | ---- | M] () -- \Users\Svetla\Documents\stránky\záhornice\foto\highslide\graphics\loader.white.gif
[2017.12.08 06:37:03 | 000,017,108 | ---- | M] () -- \Windows\Prefetch\ADOBE GAMMA LOADER.EXE-5F005A4A.pf
[2017.11.22 17:23:14 | 000,062,016 | ---- | M] () -- \Windows\Prefetch\RAJCE-DOWNLOADER.EXE-2006CFED.pf
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2015.03.17 06:26:25 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_da-dk_d315ebeb6aa924a2.manifest
[2015.03.17 06:22:07 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_de-de_d04181276c7f793c.manifest
[2015.03.17 06:29:28 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_el-gr_78d7aeba5b94e1ca.manifest
[2015.03.17 05:50:57 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_793257205b5d8501.manifest
[2015.03.17 06:21:10 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_es-es_78fdb4045b8476a6.manifest
[2015.03.17 06:28:06 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_fi-fi_1818b8b1509e68d0.manifest
[2015.03.17 06:20:37 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_fr-fr_1bb52a034e568d08.manifest
[2015.03.17 06:31:00 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_hu-hu_6325aa4b32b65c24.manifest
[2015.03.17 06:30:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_it-it_05dd204a25887286.manifest
[2015.03.17 06:23:56 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_ja-jp_a8029f5718a38461.manifest
[2015.03.17 06:24:28 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_ko-kr_4b6c7c0c0b144b77.manifest
[2015.03.17 06:29:28 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_nb-no_33fefd40e3397733.manifest
[2015.03.17 06:30:49 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_nl-nl_323e487ee4658108.manifest
[2015.03.17 06:30:25 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_pl-pl_787aa300c987eebc.manifest
[2015.03.17 06:19:57 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_pt-br_7ace8da4c81182a0.manifest
[2015.03.17 06:30:46 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_pt-pt_7bb05d10c780f27c.manifest
[2015.03.17 06:30:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_ru-ru_c2536ed4ac6280a8.manifest
[2015.03.17 06:30:54 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_sv-se_5e4e5949a38b8b03.manifest
[2015.03.17 06:29:00 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_tr-tr_075ba39092478cf4.manifest
[2015.03.17 06:24:27 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_zh-cn_d8b8c18e427f5f13.manifest
[2015.03.17 06:19:46 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_zh-hk_d763ba1c435ad1a3.manifest
[2015.03.17 06:24:56 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_zh-tw_dcb4fee43ff03b83.manifest
[2015.03.17 06:29:54 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_43cee2b0af7fddff.manifest
[2015.03.17 06:26:24 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_da-dk_e108c2d7a5c5d9fe.manifest
[2015.03.17 06:21:52 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_de-de_de345813a79c2e98.manifest
[2015.03.17 06:29:27 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_el-gr_86ca85a696b19726.manifest
[2015.03.17 05:50:47 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_87252e0c967a3a5d.manifest
[2015.03.17 06:20:51 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_es-es_86f08af096a12c02.manifest
[2015.03.17 06:28:06 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_fi-fi_260b8f9d8bbb1e2c.manifest
[2015.03.17 06:20:19 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_fr-fr_29a800ef89734264.manifest
[2015.03.17 06:30:16 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_hu-hu_711881376dd31180.manifest
[2015.03.17 06:29:14 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_it-it_13cff73660a527e2.manifest
[2015.03.17 06:23:40 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_ja-jp_b5f5764353c039bd.manifest
[2015.03.17 06:24:08 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_ko-kr_595f52f8463100d3.manifest
[2015.03.17 06:29:27 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_nb-no_41f1d42d1e562c8f.manifest
[2015.03.17 06:29:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_nl-nl_40311f6b1f823664.manifest
[2015.03.17 06:29:30 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_pl-pl_866d79ed04a4a418.manifest
[2015.03.17 06:19:40 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_pt-br_88c16491032e37fc.manifest
[2015.03.17 06:29:56 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_pt-pt_89a333fd029da7d8.manifest
[2015.03.17 06:29:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_ru-ru_d04645c0e77f3604.manifest
[2015.03.17 06:30:10 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_sv-se_6c413035dea8405f.manifest
[2015.03.17 06:28:28 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_tr-tr_154e7a7ccd644250.manifest
[2015.03.17 06:24:09 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_zh-cn_e6ab987a7d9c146f.manifest
[2015.03.17 06:19:45 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_zh-hk_e55691087e7786ff.manifest
[2015.03.17 06:24:42 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_zh-tw_eaa7d5d07b0cf0df.manifest
[2015.03.17 06:06:16 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f63fa5199a1d9f485d69bcf3494d25b2\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_42882bfce1f0ec02.manifest
[2015.05.09 04:08:08 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2015.07.14 07:18:19 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2015.07.14 07:18:19 | 000,034,744 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd_winload.exe.mui_3bc5b827
[2015.07.14 07:18:19 | 000,030,136 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd_winresume.exe.mui_ff8b5358
[2015.07.14 07:18:29 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015.07.14 07:18:30 | 000,521,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510_winload.exe_75835076
[2015.07.14 07:18:30 | 000,455,752 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2015.02.03 04:54:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2015.01.12 23:09:15 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_35c59380747413ec.manifest
[2015.01.16 07:24:33 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_35c794147472469a.manifest
[2015.02.03 05:04:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_35b6f5ae747dfd2f.manifest
[2015.03.17 06:30:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_35dc0bc4746328a3.manifest
[2015.07.15 04:32:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_35ca6efa746fc308.manifest
[2015.07.15 19:44:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_35bf9f0e7477def9.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2015.02.03 04:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015.01.12 04:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015.01.14 07:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015.02.03 04:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015.03.17 06:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2015.07.15 04:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015.07.15 19:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2016.10.20 05:11:39 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.14 07:23:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.14 07:24:55 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.14 07:23:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.14 07:24:55 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.14 07:24:00 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.14 07:24:57 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 04:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.14 07:24:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.14 07:24:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 06:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 176 bytes -> C:\Windows\System32\Tasks\Microsoft\Windows\PLA\LSC Memory:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:E4EA859B

< End of report >

pepis09 · #13 Příspěvek od **pepis09** » 12 pro 2017 04:58

extras

OTL Extras logfile created on: 11.12.2017 20:35:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Svetla\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,98 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,77% Memory free
3,96 Gb Paging File | 2,55 Gb Available in Paging File | 64,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,82 Gb Total Space | 83,79 Gb Free Space | 60,79% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 1,83 Gb Free Space | 18,71% Space Free | Partition Type: NTFS
Drive F: | 7,55 Gb Total Space | 7,55 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: SVETLA-PC | User Name: Svetla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3338589338-3775306915-2918224224-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc.enqueue] -- "C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc.play] -- "C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00281CF0-FACB-4551-875F-FA4C1BF31223}" = rport=137 | protocol=17 | dir=out | app=system |
"{04F2264A-7F6F-4C64-B85D-17F123E608B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0EAE8280-4650-462E-88F4-927930275AC9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C84A315-ADE9-40F9-A86F-B6224B62A713}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2A44A17C-A869-44E1-81A0-E1AE9493E30B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DF59EBE-A92A-451B-A2CA-5254D14E06EA}" = rport=445 | protocol=6 | dir=out | app=system |
"{378EA47E-9B93-470F-B6A4-4AC592BED74B}" = rport=138 | protocol=17 | dir=out | app=system |
"{37E423C2-9FC5-4976-9056-613C5E1D4560}" = lport=10243 | protocol=6 | dir=in | app=system |
"{41F8FADC-F37F-441A-9CBB-E4FB688FFCA9}" = lport=137 | protocol=17 | dir=in | app=system |
"{551EFEEB-672B-49F4-9869-0BD6E38404EE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{552E7600-B423-4B19-8E67-05BB08459890}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{807883FE-DA46-4D07-BB00-0B27513C4CCC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{910970EA-BAA0-46FD-9DF6-270DDD42DD29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{966A71B0-C09A-4436-8872-DBC71231E01D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AAE10499-5027-4837-A7CA-706D3D1DDAA7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AD2C1C3A-B9E0-41B9-A342-3CCD52D46BC3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B527B208-7CF6-4FFE-AC2D-F269FC76685C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C2E75609-24C2-48C7-AC77-5B2B7BBC357A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CD89BD32-6214-40B1-8370-1893F8241626}" = rport=139 | protocol=6 | dir=out | app=system |
"{D06BF216-40E6-47FA-94B3-9F509EC162A5}" = lport=139 | protocol=6 | dir=in | app=system |
"{D389A171-D6E2-4EA7-AEB6-0AECDA345E3B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DDD1FE01-FD50-472C-AE33-888F1B72643D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF11674E-2C58-4E07-B418-B296BA63A063}" = lport=445 | protocol=6 | dir=in | app=system |
"{F6600840-ABC0-4F08-9400-EE60A4A83700}" = lport=138 | protocol=17 | dir=in | app=system |
"{FD82D1C8-208B-4B54-8F0B-1CAC4115DF08}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1FCE1E9E-433E-4972-970B-98721B56123D}" = dir=in | app=c:\program files\formatfactory\ffmodules\encoder\doc\ebookcodec.exe |
"{2C81AFF8-6C90-4DBC-A6F9-C04514A911C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46D8E378-FAF7-4931-863F-1058D881622E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5F2167BE-98DD-4790-8E8F-66F1328CFB97}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{62C7F7CD-8F22-401B-B4D3-139179455AA3}" = protocol=6 | dir=out | app=system |
"{6B5C22E9-CFC2-4451-9049-31D7317AC33D}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{79B552F1-4298-4BE5-8EA6-6DA88FAE26DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7AFCAF99-41C8-4D51-AF28-151237CB3640}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7E33E1D1-E849-46D3-94D2-D01CA0775136}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86767E1C-3921-41B2-A777-F3762704EDA6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8AA2AE1E-B0D8-492C-AC40-75F621D8E87A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F038C3F-8C71-4076-93C1-02D7025E484D}" = dir=in | app=c:\program files\formatfactory\ffmodules\package\ptinstonline.exe |
"{97B40F50-46B5-42D6-99D8-BC0E2C1D4BD3}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{9D00C7B8-F3EC-4115-99ED-04D1E68687B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9F0C1DCB-D396-4187-9D05-49B29C5FF92B}" = dir=in | app=c:\program files\formatfactory\formatfactory.exe |
"{A336F21E-3311-4D03-9455-F2A0ECF41D92}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{B18CE629-30B6-4044-869D-8EC92649DB86}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B9C2038E-403C-4376-A375-3348D0CFE14D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D245C3C3-4BA3-48B6-A70A-0AA0FAE0F04C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D668BF25-5573-4419-902B-3EB48084A4DB}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{DEB0E781-1FE7-42A2-9D8F-73E877531B49}" = dir=in | app=c:\program files\formatfactory\ffmodules\encoder\doc\ebookcodec.exe |
"{E46254B5-30B5-4EC5-9EDE-5B63890A52F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EC32F54C-646A-4683-A17B-0F795623459A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F1C64700-06F2-4303-8A64-4CDD7C4012EE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FC67450C-1035-4EB0-9476-25F9E1AB1815}" = dir=in | app=c:\program files\formatfactory\formatfactory.exe |
"{FF897C20-5BC1-4045-89C3-A8139F6E960D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{89C0638A-06DB-4B43-B4FE-9F81B8CA01DB}C:\program files\winscp\winscp.exe" = protocol=6 | dir=in | app=c:\program files\winscp\winscp.exe |
"UDP Query User{26015CD3-C565-4369-983A-8B1B83D6E1AD}C:\program files\winscp\winscp.exe" = protocol=17 | dir=in | app=c:\program files\winscp\winscp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}" = Windows Live Writer
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{124A05DC-3C47-4EEF-85CE-56D6C1CAE62B}" = Windows Live Writer
"{1334eac7-d6ef-4177-8780-05c963853cd3}" = Intel(R) PRO/Wireless Driver
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{236BB7C4-4419-42FD-0405-1E257A25E34D}" = Adobe Photoshop CS2
"{286DDBD0-6355-428F-8BD5-822CF08606EC}" = Windows Live MIME IFilter
"{2BC9C2FF-E0B7-40F9-B1A5-6F80663C301B}" = Windows Live Family Safety
"{2F952048-3220-4AC7-A206-D01EFC774BB2}" = Studio 11
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.3.1.2183
"{3AA7960E-DEAE-4D21-93BE-7B0E8EE4D0FA}_is1" = Rajče Downloader verze 1.0.0.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}" = Windows Live Mail
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{739A853C-D71F-404B-9E6A-012D3918ED57}" = Adobe AIR
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{88B9357F-0845-465F-96B9-50976FB9C6C2}" = Windows Live Messenger
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ThinkPad UltraNav Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824245926}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}" = FormApps Signing Extension
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}" = Lenovo Solution Center
"{C74DCAC0-DDB3-4135-A70C-0553BF9490BC}" = Windows Live Family Safety
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D61F48DA-627B-404E-9315-32A651B18B64}" = Intel® PROSet/Wireless WiFi Software
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}" = Windows Live Writer Resources
"{E703613B-BDAB-433E-A66A-DE0263E3D35D}" = Windows Live Messenger
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{eae5d6a4-3715-4b10-b1e4-990ad1d82e5b}" = Aplikace Intel® PROSet/Wireless
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"4K Video Downloader_is1" = 4K Video Downloader 4.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 27 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 27 NPAPI
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0405-1E257A25E34D}" = Adobe Photoshop CS2
"CNXT_MODEM_HDA_HSF" = ThinkPad Modem Adapter
"KLiteCodecPack_is1" = K-Lite Codec Pack 11.5.0 Full
"MediaInfo" = MediaInfo 0.7.92
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 57.0.2 (x86 cs)" = Mozilla Firefox 57.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Power Management Driver" = Lenovo Power Management Driver
"PSPad editor_is1" = PSPad editor
"winscp3_is1" = WinSCP 5.7.5
"Xmlbar FLVDownloader" = FLV Downloader (xmlbar) (odstranit pouze)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3338589338-3775306915-2918224224-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11.12.2017 12:47:59 | Computer Name = Svetla-PC | Source = ESENT | ID = 455
Description = Windows (3672) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0031C.log
došlo k chybě -1811.

Error - 11.12.2017 12:47:59 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 11.12.2017 12:47:59 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 11.12.2017 12:47:59 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 11.12.2017 12:47:59 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 11.12.2017 12:47:59 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 11.12.2017 12:48:01 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 11.12.2017 12:48:01 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 11.12.2017 12:48:01 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 11.12.2017 12:48:01 | Computer Name = Svetla-PC | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 11.12.2017 3:30:42 | Computer Name = Svetla-PC | Source = Service Control Manager | ID = 7000
Description = Služba AMD External Events Utility neuspěla při spuštění v důsledku
následující chyby: %%5

Error - 11.12.2017 3:30:43 | Computer Name = Svetla-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 11.12.2017 3:30:43 | Computer Name = Svetla-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 11.12.2017 8:58:30 | Computer Name = Svetla-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 11.12.2017 10:10:22 | Computer Name = Svetla-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 11.12.2017 12:46:27 | Computer Name = Svetla-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 11.12.2017 12:46:27 | Computer Name = Svetla-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 11.12.2017 12:46:27 | Computer Name = Svetla-PC | Source = Service Control Manager | ID = 7000
Description = Služba AMD External Events Utility neuspěla při spuštění v důsledku
následující chyby: %%5

Error - 11.12.2017 12:48:01 | Computer Name = Svetla-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 11.12.2017 12:48:01 | Computer Name = Svetla-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

< End of report >

#14 Příspěvek od **Rudy** » 12 pro 2017 17:34

pepis09 píše:koupil jsem nb s oper. systémem vista, ale neadali k tomu inst. cd, asi po 8 letech jsem si od kamaráda koupil w 7

Koupil? Nač tedy potřebuje váš koupený, tedy legální oper. systém nelegální aktivátor?

pepis09 · #15 Příspěvek od **pepis09** » 12 pro 2017 18:21

Já bych si nic na černo do pc nedával, koupil jsem si ty w7, tomu klukovi jsem to zaplatil, on to nainstaloval. Ale ted zjistuji, že jsem si asi nic legálního nekoupil. No co s tím, koupit nové w7?

VIRY.CZ

Kontrola - vir, lítá mi myš

Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš

Re: Kontrola - vir, lítá mi myš