Zdravím, notebook šlape přiměřeně svému věku, chtěl bych vás však poprosit o preventivní kontrolu. Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Acer at 2015-12-26 14:11:09
Microsoft Windows 7 Ultimate
System drive C: has 13 GB (21%) free of 60 GB
Total RAM: 3062 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:11:26, on 26.12.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Acer\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Acer\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Acer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\system32\Msdxm6.ocx
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1933283459-4233979245-4030782100-1145\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'winpostgr')
O4 - HKUS\S-1-5-21-1933283459-4233979245-4030782100-1145\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'winpostgr')
O4 - Startup: MS Office Tools.lnk = D:\Program Files\Game Maker 6.1\Osa9.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: WinStromService (Service1) - FlexiBee Systems s.r.o. - C:\Program Files\WinStrom\winstromservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WinStrom-PostgreSQL - PostgreSQL Global Development Group - C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe
--
End of file - 10464 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-26 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-12-14 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-26 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2009-03-08 520192]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\Windows\system32\Msdxm6.ocx [2000-04-21 844048]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-03-08 1130504]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-14 7021880]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-17 157456]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"Spotify Web Helper"=C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-12-22 2346096]
"Spotify"=C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe [2015-12-22 8316528]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-12-08 6602152]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Acer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MS Office Tools.lnk - D:\Program Files\Game Maker 6.1\Osa9.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-26 14:11:10 ----D---- C:\Program Files\trend micro
2015-12-26 14:11:09 ----D---- C:\rsit
2015-12-26 13:22:34 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-12-26 13:21:56 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-12-26 13:21:56 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-12-26 13:21:56 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-12-26 13:21:55 ----D---- C:\ProgramData\Malwarebytes
2015-12-26 13:21:55 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-12-26 13:08:35 ----D---- C:\Program Files\Common Files\Java
2015-12-26 13:08:23 ----D---- C:\Users\Acer\AppData\Roaming\Sun
2015-12-26 13:01:01 ----D---- C:\Program Files\iPod
2015-12-26 13:01:00 ----D---- C:\Program Files\iTunes
2015-12-26 12:56:07 ----D---- C:\Program Files\Bonjour
2015-12-26 12:54:59 ----SHD---- C:\Config.Msi
2015-12-22 10:58:48 ----D---- C:\Users\Acer\AppData\Roaming\Opera Software
2015-12-14 17:12:28 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-14 17:11:43 ----A---- C:\Windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2015-12-26 14:11:12 ----D---- C:\Windows\Temp
2015-12-26 14:11:10 ----D---- C:\Program Files
2015-12-26 14:05:41 ----D---- C:\Windows\system32\config
2015-12-26 14:02:53 ----D---- C:\Users\Acer\AppData\Roaming\Spotify
2015-12-26 13:50:48 ----D---- C:\winstrom-data
2015-12-26 13:50:29 ----D---- C:\Windows
2015-12-26 13:50:11 ----D---- C:\Windows\system32\drivers
2015-12-26 13:50:11 ----D---- C:\Windows\schemas
2015-12-26 13:49:18 ----D---- C:\Windows\system32\catroot
2015-12-26 13:21:55 ----HD---- C:\ProgramData
2015-12-26 13:11:21 ----D---- C:\Users\Acer\AppData\Roaming\uTorrent
2015-12-26 13:11:21 ----D---- C:\Users\Acer\AppData\Roaming\Inkscape
2015-12-26 13:11:14 ----D---- C:\Windows\inf
2015-12-26 13:09:48 ----D---- C:\ProgramData\Oracle
2015-12-26 13:09:14 ----SHD---- C:\Windows\Installer
2015-12-26 13:09:03 ----D---- C:\Windows\System32
2015-12-26 13:08:35 ----D---- C:\Program Files\Common Files
2015-12-26 13:07:45 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-12-26 13:07:29 ----D---- C:\Program Files\Java
2015-12-26 13:03:41 ----D---- C:\Users\Acer\AppData\Roaming\Apple Computer
2015-12-26 13:01:00 ----D---- C:\Program Files\Common Files\Apple
2015-12-26 13:00:44 ----D---- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-12-26 12:55:43 ----D---- C:\Windows\system32\DriverStore
2015-12-26 12:55:07 ----D---- C:\Windows\system32\Tasks
2015-12-26 12:55:04 ----D---- C:\Program Files\Apple Software Update
2015-12-25 22:45:01 ----D---- C:\Users\Acer\AppData\Roaming\vlc
2015-12-23 14:41:29 ----D---- C:\Program Files\Common Files\Adobe
2015-12-23 14:41:28 ----D---- C:\Program Files\Adobe
2015-12-23 14:41:11 ----D---- C:\ProgramData\Adobe
2015-12-23 10:57:42 ----D---- C:\Program Files\Opera
2015-12-20 21:00:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-17 20:25:14 ----SHD---- C:\System Volume Information
2015-12-16 18:42:44 ----D---- C:\Users\Acer\AppData\Roaming\Mozilla
2015-12-15 18:00:04 ----D---- C:\Windows\system32\catroot2
2015-12-13 08:03:18 ----D---- C:\Windows\Prefetch
2015-12-12 21:28:19 ----RSD---- C:\Windows\Fonts
2015-12-04 22:54:10 ----D---- C:\Windows\Tasks
2015-12-03 17:25:11 ----D---- C:\Program Files\Common Files\AV
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-14 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-14 209432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-14 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-14 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-19 436360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-14 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-19 81168]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-14 117712]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-08 21000]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 23256]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2009-03-08 30720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2009-03-08 290816]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-03-13 717296]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 51928]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-12-14 226440]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 390416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-09-09 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2015-09-25 214520]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 Service1;WinStromService; C:\Program Files\WinStrom\winstromservice.exe [2014-12-05 586752]
R2 WinStrom-PostgreSQL;WinStrom-PostgreSQL; C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe [2014-03-18 76800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-17 541456]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-08-05 77944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivní kontrolu
Zdravim 
Odinstalujte Spybota, program je zastaraly.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Odinstalujte Spybota, program je zastaraly. Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu
Během scanu nastala chyba, viz obrázek:
Dal jsem OK a stále se scanuje adresář, který je na obrázku Scanning HKEY_CURRENT_USER\Software\Microsoft...
Dal jsem OK a stále se scanuje adresář, který je na obrázku Scanning HKEY_CURRENT_USER\Software\Microsoft...
Re: Prosím o preventivní kontrolu
Obcas se to stane, ze OTL tuhle chybku vyhodi 
Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem
Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /sPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu
Tentokrát už v pořádku.
OTL.txt:
OTL logfile created on: 26.12.2015 18:48:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Acer\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 33,08% Memory free
5,98 Gb Paging File | 3,68 Gb Available in Paging File | 61,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 12,02 Gb Free Space | 20,55% Space Free | Partition Type: NTFS
Drive D: | 174,29 Gb Total Space | 11,43 Gb Free Space | 6,56% Space Free | Partition Type: NTFS
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015.12.26 15:43:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
PRC - [2015.12.26 13:07:45 | 000,191,072 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre1.8.0_66\bin\java.exe
PRC - [2015.12.22 10:07:41 | 008,316,528 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
PRC - [2015.12.22 10:07:41 | 002,346,096 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
PRC - [2015.12.22 10:07:41 | 001,033,328 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyCrashService.exe
PRC - [2015.12.14 17:11:48 | 007,021,880 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2015.12.14 17:11:40 | 000,226,440 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2015.12.11 04:54:14 | 000,741,704 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2015.12.08 20:23:58 | 006,602,152 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015.10.28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.12.05 09:08:24 | 000,586,752 | ---- | M] (FlexiBee Systems s.r.o.) -- C:\Program Files\WinStrom\WinStromService.exe
PRC - [2014.03.18 07:04:32 | 004,287,488 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\WinStrom\pgsql\9.3\bin\postgres.exe
PRC - [2014.03.18 07:04:32 | 000,076,800 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.03.08 22:11:55 | 001,130,504 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007.06.27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2015.12.22 10:07:50 | 050,679,920 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Spotify\libcef.dll
MOD - [2015.12.22 10:07:42 | 001,882,224 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Spotify\libGLESv2.dll
MOD - [2015.12.22 10:07:42 | 000,082,544 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Spotify\libEGL.dll
MOD - [2015.12.17 18:39:08 | 001,040,144 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2015.12.14 17:11:51 | 040,539,648 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2015.12.14 17:11:42 | 000,469,008 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\ffl2.dll
MOD - [2015.12.14 17:11:42 | 000,103,888 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\log.dll
MOD - [2015.12.14 17:11:40 | 000,125,512 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
MOD - [2015.12.11 04:54:11 | 001,583,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
MOD - [2015.12.11 04:54:09 | 000,081,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\47.0.2526.106\libegl.dll
MOD - [2015.12.08 20:25:34 | 000,047,616 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1029.dll
MOD - [2015.08.24 14:58:14 | 000,039,384 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2014.01.20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.01.27 16:12:07 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2015.12.14 17:11:40 | 000,226,440 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015.10.28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.10.05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.12.11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.12.05 09:08:24 | 000,586,752 | ---- | M] (FlexiBee Systems s.r.o.) [Auto | Running] -- C:\Program Files\WinStrom\WinStromService.exe -- (Service1)
SRV - [2014.08.05 20:35:53 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2014.03.18 07:04:32 | 000,076,800 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe -- (WinStrom-PostgreSQL)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2015.12.19 14:33:29 | 000,436,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2015.12.19 14:33:29 | 000,081,168 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2015.12.14 17:11:55 | 000,209,432 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.12.14 17:11:55 | 000,117,712 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2015.12.14 17:11:54 | 000,081,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2015.12.14 17:11:54 | 000,049,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.12.14 17:11:54 | 000,024,016 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.12.14 17:11:27 | 000,794,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2015.10.05 09:50:16 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015.10.05 09:50:04 | 000,023,256 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.03.13 20:07:41 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.03.08 21:52:56 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2009.02.24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 26 04 EA AB 2B A0 C9 01 [binary data]
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Acer\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Acer\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015.12.14 17:26:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2015.12.14 17:11:59 | 000,000,000 | ---D | M]
[2015.07.26 16:43:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\3.1.15511.1147_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\2.1.2_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.7_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [Spotify] C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [Spotify Web Helper] C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [SpybotPostWindows10UpgradeReInstall] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1145..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MS Office Tools.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5C518B3-C1B6-4AA3-90F1-45D67FD3B8EF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8868595-13EA-4CE7-BBC6-438ABA788626}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015.12.26 15:43:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2015.12.26 14:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.12.26 14:11:09 | 000,000,000 | ---D | C] -- C:\rsit
[2015.12.26 13:22:34 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.12.26 13:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015.12.26 13:21:56 | 000,094,936 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015.12.26 13:21:56 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015.12.26 13:21:56 | 000,023,256 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2015.12.26 13:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015.12.26 13:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.12.26 13:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2015.12.26 13:08:23 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Sun
[2015.12.26 13:08:22 | 000,000,000 | ---D | C] -- C:\Users\Acer\.oracle_jre_usage
[2015.12.26 13:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015.12.26 13:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015.12.26 13:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015.12.26 12:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2015.12.22 10:59:16 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\Opera Software
[2015.12.22 10:58:48 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Opera Software
[2015.12.20 19:43:20 | 000,000,000 | ---D | C] -- C:\Users\Acer\Desktop\K odeslání
[2015.12.14 17:12:28 | 000,322,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015.12.14 17:11:43 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[1 C:\Users\Acer\Desktop\*.tmp files -> C:\Users\Acer\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015.12.26 18:52:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.12.26 18:49:16 | 000,007,933 | ---- | M] () -- C:\Users\Acer\AppData\Local\recently-used.xbel
[2015.12.26 18:42:30 | 000,329,460 | ---- | M] () -- C:\Users\Acer\Desktop\o2-M2M-SIM-Karte-300dpi.jpg
[2015.12.26 18:17:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job
[2015.12.26 17:59:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.12.26 15:46:16 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.12.26 15:46:16 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.12.26 15:43:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2015.12.26 15:38:13 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.12.26 15:37:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.12.26 15:37:55 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2015.12.26 15:35:32 | 000,000,079 | ---- | M] () -- C:\Windows\wininit.ini
[2015.12.26 13:22:55 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.12.26 13:22:02 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.12.26 13:07:45 | 000,095,840 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015.12.26 13:02:02 | 000,001,713 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.12.20 21:00:45 | 008,817,278 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015.12.20 21:00:45 | 007,969,976 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015.12.20 21:00:44 | 023,417,668 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2015.12.20 21:00:44 | 008,210,758 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2015.12.19 14:33:29 | 000,436,360 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2015.12.19 14:33:29 | 000,081,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswmonflt.sys
[2015.12.14 17:11:55 | 000,209,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2015.12.14 17:11:55 | 000,117,712 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2015.12.14 17:11:54 | 000,081,728 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2015.12.14 17:11:54 | 000,049,776 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2015.12.14 17:11:54 | 000,024,016 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2015.12.14 17:11:43 | 000,322,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015.12.14 17:11:43 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.12.14 17:11:27 | 000,794,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2015.12.13 16:32:07 | 000,006,492 | ---- | M] () -- C:\Users\Acer\Desktop\kresba.svg
[2015.12.13 08:02:20 | 000,479,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.12.09 22:16:50 | 000,557,096 | ---- | M] () -- C:\Users\Acer\Desktop\Michal Soldán, DiS. – Podnikatelský záměr na založení reklamní agentury.pdf
[2015.12.07 23:12:28 | 000,556,693 | ---- | M] () -- C:\Users\Acer\Desktop\Tisk.pdf
[2015.12.06 22:22:24 | 000,555,428 | ---- | M] () -- C:\Users\Acer\Desktop\BP 6.12..pdf
[2015.12.04 18:12:21 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job
[1 C:\Users\Acer\Desktop\*.tmp files -> C:\Users\Acer\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015.12.26 18:49:16 | 000,007,933 | ---- | C] () -- C:\Users\Acer\AppData\Local\recently-used.xbel
[2015.12.26 18:42:29 | 000,329,460 | ---- | C] () -- C:\Users\Acer\Desktop\o2-M2M-SIM-Karte-300dpi.jpg
[2015.12.26 15:51:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.12.26 15:35:12 | 000,000,079 | ---- | C] () -- C:\Windows\wininit.ini
[2015.12.26 13:22:02 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.12.26 13:02:02 | 000,001,713 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.12.23 14:41:36 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.12.22 10:59:03 | 000,001,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 34.lnk
[2015.12.12 21:28:39 | 000,006,492 | ---- | C] () -- C:\Users\Acer\Desktop\kresba.svg
[2015.12.09 22:16:43 | 000,557,096 | ---- | C] () -- C:\Users\Acer\Desktop\Michal Soldán, DiS. – Podnikatelský záměr na založení reklamní agentury.pdf
[2015.12.07 23:12:23 | 000,556,693 | ---- | C] () -- C:\Users\Acer\Desktop\Tisk.pdf
[2015.12.06 22:22:19 | 000,555,428 | ---- | C] () -- C:\Users\Acer\Desktop\BP 6.12..pdf
[2014.12.04 18:30:35 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2014.09.09 15:08:50 | 000,137,464 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2014.09.09 15:08:33 | 000,214,520 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2014.09.09 15:07:15 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2014.09.09 14:44:35 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2011.11.21 18:45:25 | 000,004,096 | -H-- | C] () -- C:\Users\Acer\AppData\Local\keyfile3.drm
[2010.03.24 18:26:25 | 000,003,584 | ---- | C] () -- C:\Users\Acer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002.08.29 16:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Acer\AppData\Roaming\MafiaSetup.exe
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.10.05 15:33:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.anki
[2012.09.16 19:01:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.matplotlib
[2015.09.18 19:12:33 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.winstrom
[2009.12.08 20:27:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Ableton
[2014.07.17 13:44:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Audacity
[2014.08.05 20:40:03 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Autodesk
[2011.04.26 08:16:49 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\AutoHideIP
[2014.01.06 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\AVAST Software
[2011.05.30 08:18:18 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\BitTorrent
[2014.09.21 15:23:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\calibre
[2009.03.13 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite
[2013.01.27 15:39:23 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\EuroTalk
[2015.09.28 08:43:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\FileZilla
[2012.05.27 17:45:54 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\gtk-2.0
[2015.12.26 13:11:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Inkscape
[2011.11.10 11:08:15 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\klavaro
[2009.04.16 12:24:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\LangSoft
[2011.06.17 13:47:19 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\MotionDSP
[2013.05.02 20:58:25 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Need for Speed World
[2012.03.31 14:39:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\OpenOffice.org
[2009.03.10 17:14:34 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Opera
[2015.12.22 10:58:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Opera Software
[2015.08.25 21:08:00 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SignCut
[2015.12.26 18:59:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Spotify
[2014.08.09 17:17:05 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Sublime Text 2
[2011.05.19 07:36:39 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SuperHideIP
[2015.04.03 16:30:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\TeamViewer
[2011.05.18 15:31:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Thinstall
[2011.05.18 07:00:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Trillian
[2015.03.21 19:35:58 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Unity
[2015.12.26 13:11:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\uTorrent
[2012.06.15 09:10:45 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\wordtester
[2009.10.02 15:32:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\YoudaGames
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,536 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.03.02 09:45:19 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job
[2010.03.02 09:45:20 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job
[2014.09.20 09:15:50 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.09.20 09:15:51 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2015.10.05 09:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2015.10.05 09:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.10.05 15:33:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.anki
[2012.09.16 19:01:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.matplotlib
[2015.09.18 19:12:33 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.winstrom
[2009.12.08 20:27:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Ableton
[2014.11.24 17:08:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Adobe
[2011.06.10 06:08:36 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Ahead
[2015.12.26 13:03:41 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Apple Computer
[2014.07.17 13:44:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Audacity
[2014.08.05 20:40:03 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Autodesk
[2011.04.26 08:16:49 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\AutoHideIP
[2014.01.06 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\AVAST Software
[2011.05.30 08:18:18 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\BitTorrent
[2014.09.21 15:23:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\calibre
[2009.03.13 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite
[2014.01.12 15:07:29 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\dvdcss
[2013.01.27 15:39:23 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\EuroTalk
[2015.09.28 08:43:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\FileZilla
[2012.05.27 17:45:54 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\gtk-2.0
[2009.03.08 21:20:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Identities
[2015.12.26 13:11:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Inkscape
[2009.03.08 22:40:10 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\InstallShield
[2011.11.10 11:08:15 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\klavaro
[2009.04.16 12:24:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\LangSoft
[2009.03.08 23:24:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Media Center Programs
[2015.03.21 14:56:57 | 000,000,000 | --SD | M] -- C:\Users\Acer\AppData\Roaming\Microsoft
[2011.06.17 13:47:19 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\MotionDSP
[2015.12.16 18:42:44 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Mozilla
[2011.10.05 08:14:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Mozilla-Cache
[2013.05.02 20:58:25 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Need for Speed World
[2012.03.31 14:39:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\OpenOffice.org
[2009.03.10 17:14:34 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Opera
[2015.12.22 10:58:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Opera Software
[2014.08.02 18:27:41 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\PSpad
[2015.08.25 21:08:00 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SignCut
[2014.12.19 17:20:18 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Skype
[2015.12.26 19:06:13 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Spotify
[2014.08.09 17:17:05 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Sublime Text 2
[2015.12.26 13:08:23 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Sun
[2011.05.19 07:36:39 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SuperHideIP
[2015.04.03 16:30:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\TeamViewer
[2011.05.18 15:31:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Thinstall
[2011.05.18 07:00:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Trillian
[2015.03.21 19:35:58 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Unity
[2015.12.26 13:11:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\uTorrent
[2015.12.26 18:04:29 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\vlc
[2012.06.15 09:10:45 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\wordtester
[2009.10.02 15:32:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\YoudaGames
< %APPDATA%\*.exe /s >
[2002.08.29 16:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Acer\AppData\Roaming\MafiaSetup.exe
[2015.12.22 10:07:41 | 008,316,528 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
[2015.12.22 10:07:41 | 001,033,328 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyCrashService.exe
[2015.12.22 10:07:41 | 000,189,040 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2015.12.22 10:07:41 | 002,346,096 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
[2015.12.22 10:07:50 | 000,074,352 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Spotify\wow_helper.exe
[2015.12.10 18:58:36 | 002,026,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\uTorrent.exe
[2014.04.29 19:04:50 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014.05.10 14:48:20 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014.10.25 16:40:27 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe
[2014.10.26 12:57:25 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe
[2014.12.10 16:06:30 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe
[2015.01.18 20:00:39 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe
[2015.05.09 14:11:47 | 001,441,104 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.3_40097.exe
[2015.05.29 15:49:28 | 001,694,560 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe
[2015.09.20 21:13:53 | 001,774,432 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.5_41073.exe
[2015.12.10 18:58:36 | 002,026,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.5_41372.exe
[2015.09.24 17:03:34 | 000,336,896 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.5_41073\utorrentie.exe
[2015.12.10 21:19:16 | 000,336,896 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2015.12.26 15:38:13 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.12.26 18:59:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.12.26 18:17:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job
[2015.12.04 18:12:21 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2015.12.26 13:22:55 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\Windows\system32\drivers\MBAMSwissArmy.sys
< %systemroot%\system32\*.* /3 >
[2015.12.26 15:46:16 | 000,016,944 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.12.26 15:46:16 | 000,016,944 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.12.26 13:07:45 | 000,095,840 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge.dll
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
[2002.05.30 17:16:22 | 000,013,160 | ---- | M] () -- \Program Files\Firefly Studios\Stronghold Crusader\gm\cracks.gm1
[2012.05.05 14:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2014.06.18 23:46:44 | 000,114,899 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
[2014.08.05 19:49:54 | 000,023,130 | ---- | M] () -- \Users\Acer\AppData\Roaming\uTorrent\Autocad.2007.Crack-included.1.torrent
[2014.08.03 19:38:32 | 000,023,130 | ---- | M] () -- \Users\Acer\AppData\Roaming\uTorrent\Autocad.2007.Crack-included.torrent
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2015.12.14 17:11:39 | 000,072,440 | ---- | M] () -- \Program Files\Alwil Software\Avast5\aswWrcIELoader32.exe
[2015.12.14 17:11:24 | 000,060,128 | ---- | M] () -- \Program Files\Alwil Software\Avast5\ie_loader.exe
[2014.08.29 08:51:26 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2014.08.29 08:51:26 | 000,008,704 | R--- | M] () -- \Program Files\Calibre2\DLLs\pythoncomloader27.dll
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2015.12.17 18:39:16 | 000,060,688 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\YSLoader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.05.04 22:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 08:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2014.06.18 23:46:44 | 000,003,614 | ---- | M] () -- \Program Files\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2014.06.18 23:46:44 | 000,030,804 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2014.06.18 23:46:44 | 000,027,898 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2014.06.18 23:46:44 | 000,042,058 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2014.06.18 23:46:44 | 000,023,145 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2014.06.18 23:46:44 | 000,028,692 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2014.06.18 23:46:44 | 000,034,496 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2014.06.18 23:46:44 | 000,022,435 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2014.06.18 23:46:44 | 000,036,528 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2014.06.18 23:46:44 | 000,026,252 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2014.06.18 23:46:44 | 000,020,063 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2014.06.18 23:46:44 | 000,024,412 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2014.06.18 23:46:44 | 000,029,401 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2014.06.18 23:46:44 | 000,019,399 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2014.06.18 23:46:44 | 000,025,270 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2014.06.18 23:46:44 | 000,042,114 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2014.06.18 23:46:44 | 000,018,909 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2014.06.18 23:46:44 | 000,032,958 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2014.06.18 23:46:44 | 000,001,847 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2014.06.18 23:46:44 | 000,057,685 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2014.06.18 23:46:44 | 000,029,336 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2014.06.18 23:46:44 | 000,001,341 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2014.06.18 23:46:44 | 000,028,643 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2014.06.18 23:46:44 | 000,055,918 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2014.06.18 23:46:44 | 000,038,308 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2014.06.18 23:46:44 | 000,001,949 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2014.06.18 23:46:44 | 000,007,779 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2014.06.18 23:46:44 | 000,017,301 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2014.06.18 23:46:44 | 000,015,416 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2014.06.18 23:46:44 | 000,015,832 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2014.06.18 23:46:44 | 000,038,937 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2014.06.18 23:46:44 | 000,014,300 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2014.06.18 23:46:44 | 000,017,550 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2011.01.17 15:21:04 | 000,006,263 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.03.31 14:37:47 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 16:00:08 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.03.31 14:37:55 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 11:24:20 | 000,003,689 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2014.12.07 11:12:31 | 000,002,810 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2015.12.03 13:26:06 | 000,003,605 | ---- | M] () -- \Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\img\loader.gif
[2015.09.18 15:18:24 | 000,002,405 | ---- | M] () -- \Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.7_0\content\frame_loader.js
[2015.09.18 15:18:24 | 000,001,223 | ---- | M] () -- \Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.7_0\js\main\cache_loader.js
[2014.10.24 08:42:10 | 000,072,638 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.10.24 08:42:10 | 000,003,032 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\loader.png
[2014.10.24 08:42:10 | 000,006,012 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.10.24 08:42:10 | 000,021,956 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.10.24 08:42:10 | 000,009,772 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2008.12.01 15:37:58 | 000,003,719 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\img\loader.gif
[2011.07.25 00:39:48 | 000,011,314 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\img\admin\ajax-loader-big.gif
[2009.11.09 14:41:38 | 000,000,673 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\img\admin\ajax-loader.gif
[2011.07.21 10:34:44 | 000,000,847 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\img\admin\jquery-treeview\ajax-loader.gif
[2011.07.22 15:15:38 | 000,011,314 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\install\img\ajax-loader.gif
[2011.07.22 15:15:38 | 000,000,109 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\install\img\bg_loaderSpace.png
[2011.05.23 08:11:44 | 000,001,720 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\js\cropper\loader.js
[2011.11.29 08:44:14 | 000,003,719 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\modules\carriercompare\loader.gif
[2011.06.01 15:01:46 | 000,000,847 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\modules\mondialrelay\images\loader.gif
[2011.01.24 14:27:20 | 000,001,849 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\modules\shopimporter\img\ajax-loader.gif
[2011.04.07 11:09:20 | 000,004,176 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\modules\twenga\ajax-loader.gif
[2011.03.02 15:50:00 | 000,003,208 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\themes\prestashop\img\ajax-loader.gif
[2011.05.23 08:11:44 | 000,000,910 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\tools\swift\Swift\ClassLoader.php
[2008.12.01 16:37:58 | 000,003,719 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\img\loader.gif
[2011.07.25 00:39:48 | 000,011,314 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\img\admin\ajax-loader-big.gif
[2009.11.09 15:41:38 | 000,000,673 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\img\admin\ajax-loader.gif
[2011.07.21 10:34:44 | 000,000,847 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\img\admin\jquery-treeview\ajax-loader.gif
[2011.07.22 15:15:38 | 000,011,314 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\install\img\ajax-loader.gif
[2011.07.22 15:15:38 | 000,000,109 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\install\img\bg_loaderSpace.png
[2011.05.23 08:11:44 | 000,001,720 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\js\cropper\loader.js
[2011.11.29 09:44:14 | 000,003,719 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\modules\carriercompare\loader.gif
[2011.06.01 15:01:46 | 000,000,847 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\modules\mondialrelay\images\loader.gif
[2011.01.24 15:27:20 | 000,001,849 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\modules\shopimporter\img\ajax-loader.gif
[2011.04.07 11:09:20 | 000,004,176 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\modules\twenga\ajax-loader.gif
[2011.03.02 16:50:00 | 000,003,208 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\themes\prestashop\img\ajax-loader.gif
[2011.05.23 08:11:44 | 000,000,910 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\tools\swift\Swift\ClassLoader.php
[2012.02.23 10:09:22 | 000,003,208 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Šablony\blackink1.8\themes\blackink\img\ajax-loader.gif
[2014.12.07 11:12:31 | 000,002,810 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2009.03.08 23:16:28 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2010.04.01 12:54:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.01.12 06:54:44 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 03:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 03:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009.07.14 03:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.12.14 22:04:24 | 000,000,847 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\contact-form-7\images\ajax-loader.gif
[2014.12.14 19:50:52 | 000,041,729 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\frontend-uploader.php
[2014.12.14 19:50:52 | 000,004,185 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-de_DE.mo
[2014.12.14 19:50:52 | 000,015,965 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-de_DE.po
[2014.12.14 19:50:52 | 000,000,703 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-en_EN.pot
[2014.12.14 19:50:52 | 000,004,915 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-es_ES.mo
[2014.12.14 19:50:52 | 000,015,537 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-es_ES.po
[2014.12.14 19:50:52 | 000,008,167 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fa_IR.mo
[2014.12.14 19:50:52 | 000,017,051 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fa_IR.po
[2014.12.14 19:50:52 | 000,002,853 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fr_CA.mo
[2014.12.14 19:50:52 | 000,015,398 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fr_CA.po
[2014.12.14 19:50:52 | 000,003,502 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fr_FR.mo
[2014.12.14 19:50:52 | 000,015,701 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fr_FR.po
[2014.12.14 19:50:52 | 000,004,603 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-nb_NO.mo
[2014.12.14 19:50:52 | 000,015,468 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-nb_NO.po
[2014.12.14 19:50:52 | 000,008,189 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-nl_NL.mo
[2014.12.14 19:50:52 | 000,017,159 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-nl_NL.po
[2014.12.14 19:50:52 | 000,007,769 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-pt_BR.mo
[2014.12.14 19:50:52 | 000,022,457 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-pt_BR.po
[2014.12.14 19:50:52 | 000,006,818 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-ru_RU.mo
[2014.12.14 19:50:52 | 000,018,492 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-ru_RU.po
[2014.12.14 19:50:52 | 000,000,602 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader.mo
[2014.12.14 19:50:52 | 000,009,388 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader.pot
[2014.12.14 19:50:52 | 000,000,953 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\css\frontend-uploader.css
[2014.12.14 19:50:52 | 000,000,120 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\js\frontend-uploader.js
[2014.12.14 19:50:52 | 000,012,839 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\php\class-frontend-uploader-wp-media-list-table.php
[2014.12.14 19:50:52 | 000,005,092 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\php\class-frontend-uploader-wp-posts-list-table.php
[2014.12.14 19:50:52 | 000,005,667 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\php\frontend-uploader-settings.php
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\dark_rounded\loader.gif
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\dark_square\loader.gif
[2014.12.06 21:32:40 | 000,006,331 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\default\loader.gif
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\facebook\loader.gif
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\light_rounded\loader.gif
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\light_square\loader.gif
[2014.09.03 07:33:16 | 000,048,161 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\script-loader.php
[2013.10.30 15:39:10 | 000,002,747 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\template-loader.php
[2014.02.13 09:03:14 | 000,003,878 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\images\uploader-icons-2x.png
[2014.02.13 09:03:14 | 000,001,556 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\images\uploader-icons.png
[2014.08.08 23:10:15 | 000,006,318 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\js\customize-loader.js
[2014.07.08 18:04:15 | 000,002,980 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\js\customize-loader.min.js
[2013.12.29 00:53:15 | 000,002,608 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2015.08.14 19:38:06 | 000,013,545 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\jetpack\modules\shortcodes\img\slideshow-loader.gif
[2015.08.24 20:18:13 | 000,000,553 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\assets\images\icons\loader.svg
[2015.08.24 20:18:17 | 000,002,308 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\includes\class-wc-autoloader.php
[2015.08.24 20:18:17 | 000,003,081 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\includes\class-wc-template-loader.php
[2015.08.22 17:22:15 | 000,000,762 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\wysija-newsletters\core\autoloader.php
[2015.08.22 17:22:19 | 000,016,642 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\wysija-newsletters\helpers\backloader.php
[2015.08.23 14:08:56 | 000,053,847 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\script-loader.php
[2015.08.23 14:08:56 | 000,002,826 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\template-loader.php
[2014.10.28 23:02:22 | 000,003,542 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\images\uploader-icons-2x.png
[2014.02.13 09:03:14 | 000,001,556 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\images\uploader-icons.png
[2015.03.25 18:26:26 | 000,006,752 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\customize-loader.js
[2015.03.25 18:26:26 | 000,003,217 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\customize-loader.min.js
[2015.05.06 02:35:26 | 000,003,057 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\wp-emoji-loader.js
[2015.05.06 02:35:26 | 000,001,022 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\wp-emoji-loader.min.js
[2013.12.29 00:53:15 | 000,002,608 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2013.03.30 12:29:00 | 000,008,192 | ---- | M] () -- \xampp\mailtodisk\_win32sysloader.pyd
[2012.04.16 18:30:20 | 000,068,096 | ---- | M] () -- \xampp\MercuryMail\loader.exe
[2012.10.16 17:45:46 | 000,015,791 | ---- | M] () -- \xampp\perl\lib\AutoLoader.pm
[2013.03.12 15:01:48 | 000,025,696 | ---- | M] () -- \xampp\perl\lib\DynaLoader.pm
[2013.03.04 17:16:22 | 000,017,377 | ---- | M] () -- \xampp\perl\lib\SelfLoader.pm
[2013.03.12 15:00:00 | 000,010,589 | ---- | M] () -- \xampp\perl\lib\XSLoader.pm
[2013.03.04 17:16:22 | 000,000,490 | ---- | M] () -- \xampp\perl\lib\Locale\Maketext\GutsLoader.pm
[2005.04.28 02:55:32 | 000,005,746 | ---- | M] () -- \xampp\perl\vendor\lib\Class\Loader.pm
[2001.05.02 05:01:04 | 000,000,648 | ---- | M] () -- \xampp\perl\vendor\lib\Class\LoaderTest.pm
[2012.07.13 20:57:02 | 000,024,325 | ---- | M] () -- \xampp\perl\vendor\lib\YAML\Loader.pm
[2012.04.16 16:30:20 | 000,004,896 | ---- | M] () -- \xampp\php\pear\Crypt\RSA\MathLoader.php
[2013.06.18 09:26:21 | 000,006,565 | ---- | M] () -- \xampp\php\pear\PEAR\Autoloader.php
[2013.06.18 09:26:21 | 000,066,585 | ---- | M] () -- \xampp\php\pear\PEAR\Downloader.php
[2013.06.18 15:16:52 | 000,005,511 | ---- | M] () -- \xampp\php\pear\PHPUnit\Runner\StandardTestSuiteLoader.php
[2013.06.18 15:16:52 | 000,002,806 | ---- | M] () -- \xampp\php\pear\PHPUnit\Runner\TestSuiteLoader.php
[2013.06.18 15:16:52 | 000,003,814 | ---- | M] () -- \xampp\php\pear\PHPUnit\Util\Fileloader.php
[2013.06.18 09:31:55 | 000,004,609 | ---- | M] () -- \xampp\php\pear\PHPUnit2\Runner\StandardTestSuiteLoader.php
[2013.06.18 09:31:55 | 000,003,186 | ---- | M] () -- \xampp\php\pear\PHPUnit2\Runner\TestSuiteLoader.php
[2013.06.18 09:31:56 | 000,003,767 | ---- | M] () -- \xampp\php\pear\PHPUnit2\Util\Fileloader.php
[2013.06.18 15:16:48 | 000,000,334 | ---- | M] () -- \xampp\php\pear\Symfony\Component\Yaml\autoloader.php
[2014.10.31 17:35:25 | 000,000,673 | ---- | M] () -- \xampp\phpMyAdmin\doc\html\_static\ajax-loader.gif
[2014.09.26 13:14:00 | 000,020,993 | ---- | M] () -- \xampp\tomcat\webapps\docs\class-loader-howto.html
[2014.09.26 13:14:02 | 000,017,721 | ---- | M] () -- \xampp\tomcat\webapps\docs\config\loader.html
< *minodlogin* /s >
< *tnod* /s >
[2014.10.11 13:06:08 | 000,001,655 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\WebInspectorUI\Images\DOMTextNode.svg
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.04.11 00:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.08.25 16:14:36 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.12.11 09:25:46 | 000,278,281 | ---- | M] () -- \Program Files\WinStrom\lib\serializer-2.7.1.jar
[2014.12.15 18:56:38 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2014.3.15\serializer-2.7.1.jar
[2015.01.24 10:35:40 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.1.9\serializer-2.7.1.jar
[2015.03.30 16:52:37 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.2.10\serializer-2.7.1.jar
[2015.02.25 18:58:36 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.2.5\serializer-2.7.1.jar
[2015.02.03 17:41:08 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.2\serializer-2.7.1.jar
[2015.04.01 15:52:16 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.3.0\serializer-2.7.1.jar
[2015.04.02 15:34:15 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.3.1\serializer-2.7.1.jar
[2015.06.12 16:37:58 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.3.3\serializer-2.7.1.jar
[2015.06.29 16:58:57 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.3.5\serializer-2.7.1.jar
[2015.09.18 15:18:24 | 000,025,075 | ---- | M] () -- \Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.7_0\content\HtmlSerializer.js
[2011.05.23 08:11:44 | 000,002,013 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\js\jquery\jquery.serialScroll-1.2.2-min.js
[2008.12.01 15:37:58 | 000,000,258 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\themes\prestashop\img\icon\serial_scroll_left.gif
[2008.12.01 15:37:58 | 000,000,259 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\themes\prestashop\img\icon\serial_scroll_right.gif
[2011.05.23 08:11:44 | 000,002,013 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\js\jquery\jquery.serialScroll-1.2.2-min.js
[2008.12.01 16:37:58 | 000,000,258 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\themes\prestashop\img\icon\serial_scroll_left.gif
[2008.12.01 16:37:58 | 000,000,259 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\themes\prestashop\img\icon\serial_scroll_right.gif
[2012.02.23 10:09:22 | 000,000,258 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Šablony\blackink1.8\themes\blackink\img\icon\serial_scroll_left.gif
[2012.02.23 10:09:22 | 000,000,259 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Šablony\blackink1.8\themes\blackink\img\icon\serial_scroll_right.gif
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.07.14 05:43:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009.07.14 05:43:05 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009.07.14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2011.01.21 00:09:37 | 000,000,783 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\js\jquery\jquery.serialize-object.js
[2015.08.24 20:18:14 | 000,013,241 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\assets\js\jquery-serializejson\jquery.serializejson.js
[2015.08.24 20:18:14 | 000,004,353 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\assets\js\jquery-serializejson\jquery.serializejson.min.js
[2011.01.21 00:09:37 | 000,000,783 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\jquery\jquery.serialize-object.js
[2010.06.03 18:33:26 | 000,002,032 | ---- | M] () -- \xampp\perl\vendor\lib\SOAP\Deserializer.pod
[2011.08.15 22:28:44 | 000,013,279 | ---- | M] () -- \xampp\perl\vendor\lib\SOAP\Serializer.pod
[2012.04.16 16:30:20 | 000,040,836 | ---- | M] () -- \xampp\php\pear\XML\Serializer.php
[2012.04.16 16:30:20 | 000,029,989 | ---- | M] () -- \xampp\php\pear\XML\Unserializer.php
[2014.10.31 17:35:25 | 000,003,035 | ---- | M] () -- \xampp\phpMyAdmin\js\jquery\src\jquery\serialize.js
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:890CC2F3
< End of report >
OTL.txt:
OTL logfile created on: 26.12.2015 18:48:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Acer\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 33,08% Memory free
5,98 Gb Paging File | 3,68 Gb Available in Paging File | 61,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 12,02 Gb Free Space | 20,55% Space Free | Partition Type: NTFS
Drive D: | 174,29 Gb Total Space | 11,43 Gb Free Space | 6,56% Space Free | Partition Type: NTFS
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015.12.26 15:43:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
PRC - [2015.12.26 13:07:45 | 000,191,072 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre1.8.0_66\bin\java.exe
PRC - [2015.12.22 10:07:41 | 008,316,528 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
PRC - [2015.12.22 10:07:41 | 002,346,096 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
PRC - [2015.12.22 10:07:41 | 001,033,328 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyCrashService.exe
PRC - [2015.12.14 17:11:48 | 007,021,880 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2015.12.14 17:11:40 | 000,226,440 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2015.12.11 04:54:14 | 000,741,704 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2015.12.08 20:23:58 | 006,602,152 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015.10.28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.12.05 09:08:24 | 000,586,752 | ---- | M] (FlexiBee Systems s.r.o.) -- C:\Program Files\WinStrom\WinStromService.exe
PRC - [2014.03.18 07:04:32 | 004,287,488 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\WinStrom\pgsql\9.3\bin\postgres.exe
PRC - [2014.03.18 07:04:32 | 000,076,800 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.03.08 22:11:55 | 001,130,504 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007.06.27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2015.12.22 10:07:50 | 050,679,920 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Spotify\libcef.dll
MOD - [2015.12.22 10:07:42 | 001,882,224 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Spotify\libGLESv2.dll
MOD - [2015.12.22 10:07:42 | 000,082,544 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Spotify\libEGL.dll
MOD - [2015.12.17 18:39:08 | 001,040,144 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2015.12.14 17:11:51 | 040,539,648 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2015.12.14 17:11:42 | 000,469,008 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\ffl2.dll
MOD - [2015.12.14 17:11:42 | 000,103,888 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\log.dll
MOD - [2015.12.14 17:11:40 | 000,125,512 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
MOD - [2015.12.11 04:54:11 | 001,583,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
MOD - [2015.12.11 04:54:09 | 000,081,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\47.0.2526.106\libegl.dll
MOD - [2015.12.08 20:25:34 | 000,047,616 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1029.dll
MOD - [2015.08.24 14:58:14 | 000,039,384 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2014.01.20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.01.27 16:12:07 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2015.12.14 17:11:40 | 000,226,440 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015.10.28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.10.05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.12.11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.12.05 09:08:24 | 000,586,752 | ---- | M] (FlexiBee Systems s.r.o.) [Auto | Running] -- C:\Program Files\WinStrom\WinStromService.exe -- (Service1)
SRV - [2014.08.05 20:35:53 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2014.03.18 07:04:32 | 000,076,800 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe -- (WinStrom-PostgreSQL)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2015.12.19 14:33:29 | 000,436,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2015.12.19 14:33:29 | 000,081,168 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2015.12.14 17:11:55 | 000,209,432 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.12.14 17:11:55 | 000,117,712 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2015.12.14 17:11:54 | 000,081,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2015.12.14 17:11:54 | 000,049,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.12.14 17:11:54 | 000,024,016 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.12.14 17:11:27 | 000,794,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2015.10.05 09:50:16 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015.10.05 09:50:04 | 000,023,256 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.03.13 20:07:41 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.03.08 21:52:56 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2009.02.24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 26 04 EA AB 2B A0 C9 01 [binary data]
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Acer\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Acer\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015.12.14 17:26:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2015.12.14 17:11:59 | 000,000,000 | ---D | M]
[2015.07.26 16:43:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\3.1.15511.1147_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\2.1.2_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.7_0\
CHR - Extension: No name found = C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [Spotify] C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [Spotify Web Helper] C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000..\Run: [SpybotPostWindows10UpgradeReInstall] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1933283459-4233979245-4030782100-1145..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MS Office Tools.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5C518B3-C1B6-4AA3-90F1-45D67FD3B8EF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8868595-13EA-4CE7-BBC6-438ABA788626}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015.12.26 15:43:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2015.12.26 14:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.12.26 14:11:09 | 000,000,000 | ---D | C] -- C:\rsit
[2015.12.26 13:22:34 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.12.26 13:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015.12.26 13:21:56 | 000,094,936 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015.12.26 13:21:56 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015.12.26 13:21:56 | 000,023,256 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2015.12.26 13:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015.12.26 13:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.12.26 13:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2015.12.26 13:08:23 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Sun
[2015.12.26 13:08:22 | 000,000,000 | ---D | C] -- C:\Users\Acer\.oracle_jre_usage
[2015.12.26 13:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015.12.26 13:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015.12.26 13:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015.12.26 12:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2015.12.22 10:59:16 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\Opera Software
[2015.12.22 10:58:48 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Opera Software
[2015.12.20 19:43:20 | 000,000,000 | ---D | C] -- C:\Users\Acer\Desktop\K odeslání
[2015.12.14 17:12:28 | 000,322,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015.12.14 17:11:43 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[1 C:\Users\Acer\Desktop\*.tmp files -> C:\Users\Acer\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015.12.26 18:52:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.12.26 18:49:16 | 000,007,933 | ---- | M] () -- C:\Users\Acer\AppData\Local\recently-used.xbel
[2015.12.26 18:42:30 | 000,329,460 | ---- | M] () -- C:\Users\Acer\Desktop\o2-M2M-SIM-Karte-300dpi.jpg
[2015.12.26 18:17:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job
[2015.12.26 17:59:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.12.26 15:46:16 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.12.26 15:46:16 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.12.26 15:43:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2015.12.26 15:38:13 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.12.26 15:37:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.12.26 15:37:55 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2015.12.26 15:35:32 | 000,000,079 | ---- | M] () -- C:\Windows\wininit.ini
[2015.12.26 13:22:55 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.12.26 13:22:02 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.12.26 13:07:45 | 000,095,840 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015.12.26 13:02:02 | 000,001,713 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.12.20 21:00:45 | 008,817,278 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015.12.20 21:00:45 | 007,969,976 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015.12.20 21:00:44 | 023,417,668 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2015.12.20 21:00:44 | 008,210,758 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2015.12.19 14:33:29 | 000,436,360 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2015.12.19 14:33:29 | 000,081,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswmonflt.sys
[2015.12.14 17:11:55 | 000,209,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2015.12.14 17:11:55 | 000,117,712 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2015.12.14 17:11:54 | 000,081,728 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2015.12.14 17:11:54 | 000,049,776 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2015.12.14 17:11:54 | 000,024,016 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2015.12.14 17:11:43 | 000,322,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015.12.14 17:11:43 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.12.14 17:11:27 | 000,794,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2015.12.13 16:32:07 | 000,006,492 | ---- | M] () -- C:\Users\Acer\Desktop\kresba.svg
[2015.12.13 08:02:20 | 000,479,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.12.09 22:16:50 | 000,557,096 | ---- | M] () -- C:\Users\Acer\Desktop\Michal Soldán, DiS. – Podnikatelský záměr na založení reklamní agentury.pdf
[2015.12.07 23:12:28 | 000,556,693 | ---- | M] () -- C:\Users\Acer\Desktop\Tisk.pdf
[2015.12.06 22:22:24 | 000,555,428 | ---- | M] () -- C:\Users\Acer\Desktop\BP 6.12..pdf
[2015.12.04 18:12:21 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job
[1 C:\Users\Acer\Desktop\*.tmp files -> C:\Users\Acer\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015.12.26 18:49:16 | 000,007,933 | ---- | C] () -- C:\Users\Acer\AppData\Local\recently-used.xbel
[2015.12.26 18:42:29 | 000,329,460 | ---- | C] () -- C:\Users\Acer\Desktop\o2-M2M-SIM-Karte-300dpi.jpg
[2015.12.26 15:51:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.12.26 15:35:12 | 000,000,079 | ---- | C] () -- C:\Windows\wininit.ini
[2015.12.26 13:22:02 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.12.26 13:02:02 | 000,001,713 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.12.23 14:41:36 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.12.22 10:59:03 | 000,001,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 34.lnk
[2015.12.12 21:28:39 | 000,006,492 | ---- | C] () -- C:\Users\Acer\Desktop\kresba.svg
[2015.12.09 22:16:43 | 000,557,096 | ---- | C] () -- C:\Users\Acer\Desktop\Michal Soldán, DiS. – Podnikatelský záměr na založení reklamní agentury.pdf
[2015.12.07 23:12:23 | 000,556,693 | ---- | C] () -- C:\Users\Acer\Desktop\Tisk.pdf
[2015.12.06 22:22:19 | 000,555,428 | ---- | C] () -- C:\Users\Acer\Desktop\BP 6.12..pdf
[2014.12.04 18:30:35 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2014.09.09 15:08:50 | 000,137,464 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2014.09.09 15:08:33 | 000,214,520 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2014.09.09 15:07:15 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2014.09.09 14:44:35 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2011.11.21 18:45:25 | 000,004,096 | -H-- | C] () -- C:\Users\Acer\AppData\Local\keyfile3.drm
[2010.03.24 18:26:25 | 000,003,584 | ---- | C] () -- C:\Users\Acer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002.08.29 16:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Acer\AppData\Roaming\MafiaSetup.exe
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.10.05 15:33:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.anki
[2012.09.16 19:01:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.matplotlib
[2015.09.18 19:12:33 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.winstrom
[2009.12.08 20:27:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Ableton
[2014.07.17 13:44:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Audacity
[2014.08.05 20:40:03 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Autodesk
[2011.04.26 08:16:49 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\AutoHideIP
[2014.01.06 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\AVAST Software
[2011.05.30 08:18:18 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\BitTorrent
[2014.09.21 15:23:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\calibre
[2009.03.13 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite
[2013.01.27 15:39:23 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\EuroTalk
[2015.09.28 08:43:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\FileZilla
[2012.05.27 17:45:54 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\gtk-2.0
[2015.12.26 13:11:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Inkscape
[2011.11.10 11:08:15 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\klavaro
[2009.04.16 12:24:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\LangSoft
[2011.06.17 13:47:19 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\MotionDSP
[2013.05.02 20:58:25 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Need for Speed World
[2012.03.31 14:39:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\OpenOffice.org
[2009.03.10 17:14:34 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Opera
[2015.12.22 10:58:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Opera Software
[2015.08.25 21:08:00 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SignCut
[2015.12.26 18:59:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Spotify
[2014.08.09 17:17:05 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Sublime Text 2
[2011.05.19 07:36:39 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SuperHideIP
[2015.04.03 16:30:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\TeamViewer
[2011.05.18 15:31:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Thinstall
[2011.05.18 07:00:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Trillian
[2015.03.21 19:35:58 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Unity
[2015.12.26 13:11:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\uTorrent
[2012.06.15 09:10:45 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\wordtester
[2009.10.02 15:32:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\YoudaGames
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,536 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.03.02 09:45:19 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job
[2010.03.02 09:45:20 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job
[2014.09.20 09:15:50 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.09.20 09:15:51 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2015.10.05 09:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2015.10.05 09:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.10.05 15:33:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.anki
[2012.09.16 19:01:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.matplotlib
[2015.09.18 19:12:33 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.winstrom
[2009.12.08 20:27:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Ableton
[2014.11.24 17:08:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Adobe
[2011.06.10 06:08:36 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Ahead
[2015.12.26 13:03:41 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Apple Computer
[2014.07.17 13:44:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Audacity
[2014.08.05 20:40:03 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Autodesk
[2011.04.26 08:16:49 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\AutoHideIP
[2014.01.06 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\AVAST Software
[2011.05.30 08:18:18 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\BitTorrent
[2014.09.21 15:23:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\calibre
[2009.03.13 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite
[2014.01.12 15:07:29 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\dvdcss
[2013.01.27 15:39:23 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\EuroTalk
[2015.09.28 08:43:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\FileZilla
[2012.05.27 17:45:54 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\gtk-2.0
[2009.03.08 21:20:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Identities
[2015.12.26 13:11:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Inkscape
[2009.03.08 22:40:10 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\InstallShield
[2011.11.10 11:08:15 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\klavaro
[2009.04.16 12:24:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\LangSoft
[2009.03.08 23:24:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Media Center Programs
[2015.03.21 14:56:57 | 000,000,000 | --SD | M] -- C:\Users\Acer\AppData\Roaming\Microsoft
[2011.06.17 13:47:19 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\MotionDSP
[2015.12.16 18:42:44 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Mozilla
[2011.10.05 08:14:12 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Mozilla-Cache
[2013.05.02 20:58:25 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Need for Speed World
[2012.03.31 14:39:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\OpenOffice.org
[2009.03.10 17:14:34 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Opera
[2015.12.22 10:58:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Opera Software
[2014.08.02 18:27:41 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\PSpad
[2015.08.25 21:08:00 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SignCut
[2014.12.19 17:20:18 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Skype
[2015.12.26 19:06:13 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Spotify
[2014.08.09 17:17:05 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Sublime Text 2
[2015.12.26 13:08:23 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Sun
[2011.05.19 07:36:39 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\SuperHideIP
[2015.04.03 16:30:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\TeamViewer
[2011.05.18 15:31:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Thinstall
[2011.05.18 07:00:06 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Trillian
[2015.03.21 19:35:58 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Unity
[2015.12.26 13:11:21 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\uTorrent
[2015.12.26 18:04:29 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\vlc
[2012.06.15 09:10:45 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\wordtester
[2009.10.02 15:32:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\YoudaGames
< %APPDATA%\*.exe /s >
[2002.08.29 16:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Acer\AppData\Roaming\MafiaSetup.exe
[2015.12.22 10:07:41 | 008,316,528 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
[2015.12.22 10:07:41 | 001,033,328 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyCrashService.exe
[2015.12.22 10:07:41 | 000,189,040 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2015.12.22 10:07:41 | 002,346,096 | ---- | M] (Spotify Ltd) -- C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
[2015.12.22 10:07:50 | 000,074,352 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Spotify\wow_helper.exe
[2015.12.10 18:58:36 | 002,026,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\uTorrent.exe
[2014.04.29 19:04:50 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014.05.10 14:48:20 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014.10.25 16:40:27 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe
[2014.10.26 12:57:25 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe
[2014.12.10 16:06:30 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe
[2015.01.18 20:00:39 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe
[2015.05.09 14:11:47 | 001,441,104 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.3_40097.exe
[2015.05.29 15:49:28 | 001,694,560 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe
[2015.09.20 21:13:53 | 001,774,432 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.5_41073.exe
[2015.12.10 18:58:36 | 002,026,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.5_41372.exe
[2015.09.24 17:03:34 | 000,336,896 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.5_41073\utorrentie.exe
[2015.12.10 21:19:16 | 000,336,896 | ---- | M] (BitTorrent Inc.) -- C:\Users\Acer\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2015.12.26 15:38:13 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.12.26 18:59:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.12.26 18:17:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job
[2015.12.04 18:12:21 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2015.12.26 13:22:55 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\Windows\system32\drivers\MBAMSwissArmy.sys
< %systemroot%\system32\*.* /3 >
[2015.12.26 15:46:16 | 000,016,944 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.12.26 15:46:16 | 000,016,944 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.12.26 13:07:45 | 000,095,840 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge.dll
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
[2002.05.30 17:16:22 | 000,013,160 | ---- | M] () -- \Program Files\Firefly Studios\Stronghold Crusader\gm\cracks.gm1
[2012.05.05 14:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2014.06.18 23:46:44 | 000,114,899 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
[2014.08.05 19:49:54 | 000,023,130 | ---- | M] () -- \Users\Acer\AppData\Roaming\uTorrent\Autocad.2007.Crack-included.1.torrent
[2014.08.03 19:38:32 | 000,023,130 | ---- | M] () -- \Users\Acer\AppData\Roaming\uTorrent\Autocad.2007.Crack-included.torrent
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2015.12.14 17:11:39 | 000,072,440 | ---- | M] () -- \Program Files\Alwil Software\Avast5\aswWrcIELoader32.exe
[2015.12.14 17:11:24 | 000,060,128 | ---- | M] () -- \Program Files\Alwil Software\Avast5\ie_loader.exe
[2014.08.29 08:51:26 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2014.08.29 08:51:26 | 000,008,704 | R--- | M] () -- \Program Files\Calibre2\DLLs\pythoncomloader27.dll
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2015.12.17 18:39:16 | 000,060,688 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\YSLoader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.05.04 22:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 08:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2014.06.18 23:46:44 | 000,003,614 | ---- | M] () -- \Program Files\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2014.06.18 23:46:44 | 000,030,804 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2014.06.18 23:46:44 | 000,027,898 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2014.06.18 23:46:44 | 000,042,058 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2014.06.18 23:46:44 | 000,023,145 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2014.06.18 23:46:44 | 000,028,692 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2014.06.18 23:46:44 | 000,034,496 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2014.06.18 23:46:44 | 000,022,435 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2014.06.18 23:46:44 | 000,036,528 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2014.06.18 23:46:44 | 000,026,252 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2014.06.18 23:46:44 | 000,020,063 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2014.06.18 23:46:44 | 000,024,412 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2014.06.18 23:46:44 | 000,029,401 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2014.06.18 23:46:44 | 000,019,399 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2014.06.18 23:46:44 | 000,025,270 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2014.06.18 23:46:44 | 000,042,114 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2014.06.18 23:46:44 | 000,018,909 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2014.06.18 23:46:44 | 000,032,958 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2014.06.18 23:46:44 | 000,001,847 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2014.06.18 23:46:44 | 000,057,685 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2014.06.18 23:46:44 | 000,029,336 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2014.06.18 23:46:44 | 000,001,341 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2014.06.18 23:46:44 | 000,028,643 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2014.06.18 23:46:44 | 000,055,918 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2014.06.18 23:46:44 | 000,038,308 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2014.06.18 23:46:44 | 000,001,949 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2014.06.18 23:46:44 | 000,007,779 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2014.06.18 23:46:44 | 000,017,301 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2014.06.18 23:46:44 | 000,015,416 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2014.06.18 23:46:44 | 000,015,832 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2014.06.18 23:46:44 | 000,038,937 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2014.06.18 23:46:44 | 000,014,300 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2014.06.18 23:46:44 | 000,017,550 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2011.01.17 15:21:04 | 000,006,263 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.03.31 14:37:47 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 16:00:08 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.03.31 14:37:55 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 11:24:20 | 000,003,689 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2014.12.07 11:12:31 | 000,002,810 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2015.12.03 13:26:06 | 000,003,605 | ---- | M] () -- \Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\img\loader.gif
[2015.09.18 15:18:24 | 000,002,405 | ---- | M] () -- \Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.7_0\content\frame_loader.js
[2015.09.18 15:18:24 | 000,001,223 | ---- | M] () -- \Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.7_0\js\main\cache_loader.js
[2014.10.24 08:42:10 | 000,072,638 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.10.24 08:42:10 | 000,003,032 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\loader.png
[2014.10.24 08:42:10 | 000,006,012 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.10.24 08:42:10 | 000,021,956 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.10.24 08:42:10 | 000,009,772 | ---- | M] () -- \Users\Acer\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2008.12.01 15:37:58 | 000,003,719 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\img\loader.gif
[2011.07.25 00:39:48 | 000,011,314 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\img\admin\ajax-loader-big.gif
[2009.11.09 14:41:38 | 000,000,673 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\img\admin\ajax-loader.gif
[2011.07.21 10:34:44 | 000,000,847 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\img\admin\jquery-treeview\ajax-loader.gif
[2011.07.22 15:15:38 | 000,011,314 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\install\img\ajax-loader.gif
[2011.07.22 15:15:38 | 000,000,109 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\install\img\bg_loaderSpace.png
[2011.05.23 08:11:44 | 000,001,720 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\js\cropper\loader.js
[2011.11.29 08:44:14 | 000,003,719 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\modules\carriercompare\loader.gif
[2011.06.01 15:01:46 | 000,000,847 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\modules\mondialrelay\images\loader.gif
[2011.01.24 14:27:20 | 000,001,849 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\modules\shopimporter\img\ajax-loader.gif
[2011.04.07 11:09:20 | 000,004,176 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\modules\twenga\ajax-loader.gif
[2011.03.02 15:50:00 | 000,003,208 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\themes\prestashop\img\ajax-loader.gif
[2011.05.23 08:11:44 | 000,000,910 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\tools\swift\Swift\ClassLoader.php
[2008.12.01 16:37:58 | 000,003,719 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\img\loader.gif
[2011.07.25 00:39:48 | 000,011,314 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\img\admin\ajax-loader-big.gif
[2009.11.09 15:41:38 | 000,000,673 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\img\admin\ajax-loader.gif
[2011.07.21 10:34:44 | 000,000,847 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\img\admin\jquery-treeview\ajax-loader.gif
[2011.07.22 15:15:38 | 000,011,314 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\install\img\ajax-loader.gif
[2011.07.22 15:15:38 | 000,000,109 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\install\img\bg_loaderSpace.png
[2011.05.23 08:11:44 | 000,001,720 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\js\cropper\loader.js
[2011.11.29 09:44:14 | 000,003,719 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\modules\carriercompare\loader.gif
[2011.06.01 15:01:46 | 000,000,847 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\modules\mondialrelay\images\loader.gif
[2011.01.24 15:27:20 | 000,001,849 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\modules\shopimporter\img\ajax-loader.gif
[2011.04.07 11:09:20 | 000,004,176 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\modules\twenga\ajax-loader.gif
[2011.03.02 16:50:00 | 000,003,208 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\themes\prestashop\img\ajax-loader.gif
[2011.05.23 08:11:44 | 000,000,910 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\tools\swift\Swift\ClassLoader.php
[2012.02.23 10:09:22 | 000,003,208 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Šablony\blackink1.8\themes\blackink\img\ajax-loader.gif
[2014.12.07 11:12:31 | 000,002,810 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2009.03.08 23:16:28 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2010.04.01 12:54:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.01.12 06:54:44 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 03:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 03:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009.07.14 03:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.12.14 22:04:24 | 000,000,847 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\contact-form-7\images\ajax-loader.gif
[2014.12.14 19:50:52 | 000,041,729 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\frontend-uploader.php
[2014.12.14 19:50:52 | 000,004,185 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-de_DE.mo
[2014.12.14 19:50:52 | 000,015,965 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-de_DE.po
[2014.12.14 19:50:52 | 000,000,703 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-en_EN.pot
[2014.12.14 19:50:52 | 000,004,915 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-es_ES.mo
[2014.12.14 19:50:52 | 000,015,537 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-es_ES.po
[2014.12.14 19:50:52 | 000,008,167 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fa_IR.mo
[2014.12.14 19:50:52 | 000,017,051 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fa_IR.po
[2014.12.14 19:50:52 | 000,002,853 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fr_CA.mo
[2014.12.14 19:50:52 | 000,015,398 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fr_CA.po
[2014.12.14 19:50:52 | 000,003,502 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fr_FR.mo
[2014.12.14 19:50:52 | 000,015,701 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-fr_FR.po
[2014.12.14 19:50:52 | 000,004,603 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-nb_NO.mo
[2014.12.14 19:50:52 | 000,015,468 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-nb_NO.po
[2014.12.14 19:50:52 | 000,008,189 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-nl_NL.mo
[2014.12.14 19:50:52 | 000,017,159 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-nl_NL.po
[2014.12.14 19:50:52 | 000,007,769 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-pt_BR.mo
[2014.12.14 19:50:52 | 000,022,457 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-pt_BR.po
[2014.12.14 19:50:52 | 000,006,818 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-ru_RU.mo
[2014.12.14 19:50:52 | 000,018,492 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader-ru_RU.po
[2014.12.14 19:50:52 | 000,000,602 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader.mo
[2014.12.14 19:50:52 | 000,009,388 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\languages\frontend-uploader.pot
[2014.12.14 19:50:52 | 000,000,953 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\css\frontend-uploader.css
[2014.12.14 19:50:52 | 000,000,120 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\js\frontend-uploader.js
[2014.12.14 19:50:52 | 000,012,839 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\php\class-frontend-uploader-wp-media-list-table.php
[2014.12.14 19:50:52 | 000,005,092 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\php\class-frontend-uploader-wp-posts-list-table.php
[2014.12.14 19:50:52 | 000,005,667 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\plugins\frontend-uploader\lib\php\frontend-uploader-settings.php
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\dark_rounded\loader.gif
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\dark_square\loader.gif
[2014.12.06 21:32:40 | 000,006,331 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\default\loader.gif
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\facebook\loader.gif
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\light_rounded\loader.gif
[2014.12.06 21:32:40 | 000,002,545 | ---- | M] () -- \xampp\htdocs\buttons\wp-content\themes\my-contrastica-under-construction\media\images\prettyPhoto\light_square\loader.gif
[2014.09.03 07:33:16 | 000,048,161 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\script-loader.php
[2013.10.30 15:39:10 | 000,002,747 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\template-loader.php
[2014.02.13 09:03:14 | 000,003,878 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\images\uploader-icons-2x.png
[2014.02.13 09:03:14 | 000,001,556 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\images\uploader-icons.png
[2014.08.08 23:10:15 | 000,006,318 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\js\customize-loader.js
[2014.07.08 18:04:15 | 000,002,980 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\js\customize-loader.min.js
[2013.12.29 00:53:15 | 000,002,608 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2015.08.14 19:38:06 | 000,013,545 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\jetpack\modules\shortcodes\img\slideshow-loader.gif
[2015.08.24 20:18:13 | 000,000,553 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\assets\images\icons\loader.svg
[2015.08.24 20:18:17 | 000,002,308 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\includes\class-wc-autoloader.php
[2015.08.24 20:18:17 | 000,003,081 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\includes\class-wc-template-loader.php
[2015.08.22 17:22:15 | 000,000,762 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\wysija-newsletters\core\autoloader.php
[2015.08.22 17:22:19 | 000,016,642 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\wysija-newsletters\helpers\backloader.php
[2015.08.23 14:08:56 | 000,053,847 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\script-loader.php
[2015.08.23 14:08:56 | 000,002,826 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\template-loader.php
[2014.10.28 23:02:22 | 000,003,542 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\images\uploader-icons-2x.png
[2014.02.13 09:03:14 | 000,001,556 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\images\uploader-icons.png
[2015.03.25 18:26:26 | 000,006,752 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\customize-loader.js
[2015.03.25 18:26:26 | 000,003,217 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\customize-loader.min.js
[2015.05.06 02:35:26 | 000,003,057 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\wp-emoji-loader.js
[2015.05.06 02:35:26 | 000,001,022 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\wp-emoji-loader.min.js
[2013.12.29 00:53:15 | 000,002,608 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2013.03.30 12:29:00 | 000,008,192 | ---- | M] () -- \xampp\mailtodisk\_win32sysloader.pyd
[2012.04.16 18:30:20 | 000,068,096 | ---- | M] () -- \xampp\MercuryMail\loader.exe
[2012.10.16 17:45:46 | 000,015,791 | ---- | M] () -- \xampp\perl\lib\AutoLoader.pm
[2013.03.12 15:01:48 | 000,025,696 | ---- | M] () -- \xampp\perl\lib\DynaLoader.pm
[2013.03.04 17:16:22 | 000,017,377 | ---- | M] () -- \xampp\perl\lib\SelfLoader.pm
[2013.03.12 15:00:00 | 000,010,589 | ---- | M] () -- \xampp\perl\lib\XSLoader.pm
[2013.03.04 17:16:22 | 000,000,490 | ---- | M] () -- \xampp\perl\lib\Locale\Maketext\GutsLoader.pm
[2005.04.28 02:55:32 | 000,005,746 | ---- | M] () -- \xampp\perl\vendor\lib\Class\Loader.pm
[2001.05.02 05:01:04 | 000,000,648 | ---- | M] () -- \xampp\perl\vendor\lib\Class\LoaderTest.pm
[2012.07.13 20:57:02 | 000,024,325 | ---- | M] () -- \xampp\perl\vendor\lib\YAML\Loader.pm
[2012.04.16 16:30:20 | 000,004,896 | ---- | M] () -- \xampp\php\pear\Crypt\RSA\MathLoader.php
[2013.06.18 09:26:21 | 000,006,565 | ---- | M] () -- \xampp\php\pear\PEAR\Autoloader.php
[2013.06.18 09:26:21 | 000,066,585 | ---- | M] () -- \xampp\php\pear\PEAR\Downloader.php
[2013.06.18 15:16:52 | 000,005,511 | ---- | M] () -- \xampp\php\pear\PHPUnit\Runner\StandardTestSuiteLoader.php
[2013.06.18 15:16:52 | 000,002,806 | ---- | M] () -- \xampp\php\pear\PHPUnit\Runner\TestSuiteLoader.php
[2013.06.18 15:16:52 | 000,003,814 | ---- | M] () -- \xampp\php\pear\PHPUnit\Util\Fileloader.php
[2013.06.18 09:31:55 | 000,004,609 | ---- | M] () -- \xampp\php\pear\PHPUnit2\Runner\StandardTestSuiteLoader.php
[2013.06.18 09:31:55 | 000,003,186 | ---- | M] () -- \xampp\php\pear\PHPUnit2\Runner\TestSuiteLoader.php
[2013.06.18 09:31:56 | 000,003,767 | ---- | M] () -- \xampp\php\pear\PHPUnit2\Util\Fileloader.php
[2013.06.18 15:16:48 | 000,000,334 | ---- | M] () -- \xampp\php\pear\Symfony\Component\Yaml\autoloader.php
[2014.10.31 17:35:25 | 000,000,673 | ---- | M] () -- \xampp\phpMyAdmin\doc\html\_static\ajax-loader.gif
[2014.09.26 13:14:00 | 000,020,993 | ---- | M] () -- \xampp\tomcat\webapps\docs\class-loader-howto.html
[2014.09.26 13:14:02 | 000,017,721 | ---- | M] () -- \xampp\tomcat\webapps\docs\config\loader.html
< *minodlogin* /s >
< *tnod* /s >
[2014.10.11 13:06:08 | 000,001,655 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\WebInspectorUI\Images\DOMTextNode.svg
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.04.11 00:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.08.25 16:14:36 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.12.11 09:25:46 | 000,278,281 | ---- | M] () -- \Program Files\WinStrom\lib\serializer-2.7.1.jar
[2014.12.15 18:56:38 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2014.3.15\serializer-2.7.1.jar
[2015.01.24 10:35:40 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.1.9\serializer-2.7.1.jar
[2015.03.30 16:52:37 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.2.10\serializer-2.7.1.jar
[2015.02.25 18:58:36 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.2.5\serializer-2.7.1.jar
[2015.02.03 17:41:08 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.2\serializer-2.7.1.jar
[2015.04.01 15:52:16 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.3.0\serializer-2.7.1.jar
[2015.04.02 15:34:15 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.3.1\serializer-2.7.1.jar
[2015.06.12 16:37:58 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.3.3\serializer-2.7.1.jar
[2015.06.29 16:58:57 | 000,278,281 | ---- | M] () -- \Users\Acer\.winstrom\cache\2015.3.5\serializer-2.7.1.jar
[2015.09.18 15:18:24 | 000,025,075 | ---- | M] () -- \Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.7_0\content\HtmlSerializer.js
[2011.05.23 08:11:44 | 000,002,013 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\js\jquery\jquery.serialScroll-1.2.2-min.js
[2008.12.01 15:37:58 | 000,000,258 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\themes\prestashop\img\icon\serial_scroll_left.gif
[2008.12.01 15:37:58 | 000,000,259 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.0\prestashop\themes\prestashop\img\icon\serial_scroll_right.gif
[2011.05.23 08:11:44 | 000,002,013 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\js\jquery\jquery.serialScroll-1.2.2-min.js
[2008.12.01 16:37:58 | 000,000,258 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\themes\prestashop\img\icon\serial_scroll_left.gif
[2008.12.01 16:37:58 | 000,000,259 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Prestashop - instalační balíček\prestashop_1.4.7.3\prestashop\themes\prestashop\img\icon\serial_scroll_right.gif
[2012.02.23 10:09:22 | 000,000,258 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Šablony\blackink1.8\themes\blackink\img\icon\serial_scroll_left.gif
[2012.02.23 10:09:22 | 000,000,259 | ---- | M] () -- \Users\Acer\Desktop\Project Manhatthan\X\Bizz\Prestashop\Šablony\blackink1.8\themes\blackink\img\icon\serial_scroll_right.gif
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.07.14 05:43:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009.07.14 05:43:05 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009.07.14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2011.01.21 00:09:37 | 000,000,783 | ---- | M] () -- \xampp\htdocs\buttons\wp-includes\js\jquery\jquery.serialize-object.js
[2015.08.24 20:18:14 | 000,013,241 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\assets\js\jquery-serializejson\jquery.serializejson.js
[2015.08.24 20:18:14 | 000,004,353 | ---- | M] () -- \xampp\htdocs\hustle\wp-content\plugins\woocommerce\assets\js\jquery-serializejson\jquery.serializejson.min.js
[2011.01.21 00:09:37 | 000,000,783 | ---- | M] () -- \xampp\htdocs\hustle\wp-includes\js\jquery\jquery.serialize-object.js
[2010.06.03 18:33:26 | 000,002,032 | ---- | M] () -- \xampp\perl\vendor\lib\SOAP\Deserializer.pod
[2011.08.15 22:28:44 | 000,013,279 | ---- | M] () -- \xampp\perl\vendor\lib\SOAP\Serializer.pod
[2012.04.16 16:30:20 | 000,040,836 | ---- | M] () -- \xampp\php\pear\XML\Serializer.php
[2012.04.16 16:30:20 | 000,029,989 | ---- | M] () -- \xampp\php\pear\XML\Unserializer.php
[2014.10.31 17:35:25 | 000,003,035 | ---- | M] () -- \xampp\phpMyAdmin\js\jquery\src\jquery\serialize.js
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:890CC2F3
< End of report >
Re: Prosím o preventivní kontrolu
Extras.txt:
OTL Extras logfile created on: 26.12.2015 18:48:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Acer\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 33,08% Memory free
5,98 Gb Paging File | 3,68 Gb Available in Paging File | 61,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 12,02 Gb Free Space | 20,55% Space Free | Partition Type: NTFS
Drive D: | 174,29 Gb Total Space | 11,43 Gb Free Space | 6,56% Space Free | Partition Type: NTFS
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012CB1AB-11A9-4DAF-AB22-BA8B5D25E09D}" = rport=445 | protocol=6 | dir=out | app=system |
"{0850270B-C400-41A5-A4E5-9BC5595EAF91}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D2AF269-C856-44E4-8D8C-079728CB6D49}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{10AE43C4-A215-422C-8F65-EF28C039E7F3}" = rport=139 | protocol=6 | dir=out | app=system |
"{15586602-E6FD-4CD0-B02E-78B31B01A5D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1695A3E9-4A14-4823-B6AB-87E1EADF01CC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2AABFD78-5425-4222-994A-72ACE8FF5C78}" = lport=139 | protocol=6 | dir=in | app=system |
"{2CF49C2D-645C-422E-A4D5-EFC676B660EA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2DDA6DAB-C58E-4B21-9BCD-8B9D7C91232B}" = rport=138 | protocol=17 | dir=out | app=system |
"{2F69DD57-A318-454C-B6CD-3C1549B9EA67}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B10C0AA-51A7-4C29-9041-5A63EA880BB0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68806D0F-784D-496B-A36F-4828B7099727}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6DE127C0-C665-4A6D-A322-048C87D632D1}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D64FF2D-0462-4A84-9A02-71EA557CFBF6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{82D8C4C7-4893-41BB-9C54-3E732B8E91C7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{869C45F6-9F3F-4E96-BE45-C9D3C5F459E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8970A36E-855A-4897-BD93-9ED1C230F0DE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{A5902883-6D7B-441F-9DFD-7E7466D2DEF8}" = lport=137 | protocol=17 | dir=in | app=system |
"{A78D5686-C944-425B-95B1-F6FD0EB2ACFB}" = lport=445 | protocol=6 | dir=in | app=system |
"{CB8B3F65-8778-4907-BA2A-8D38EF090019}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D55EA329-855F-4556-8900-DEA2D4A3C204}" = rport=137 | protocol=17 | dir=out | app=system |
"{E50D9536-2444-40B6-9E0E-84F9FBA6B2D4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EA53BB15-8D9E-47F2-8D61-83AB73CF0741}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0687A819-6B36-4F9B-975F-E520B01E51DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D7088D7-72B6-4DC8-ADE4-4C9891925F6A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{30E7C4D8-B26F-4B32-9AAF-231AAD684057}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3330A6D5-6EFD-42A2-94E6-33BEABBB2AEA}" = protocol=6 | dir=out | app=system |
"{339E4677-6256-4E8B-9AF0-4C7C02B6821D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36488D2D-3A07-4CDB-8904-CE829A83D5BF}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{3B115B77-A62A-4B63-B2FF-0B09B44DB76E}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{3EEB9B1B-D128-4ACB-AC6A-DF31683FC6AC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4EF889FE-8794-448C-AC30-E4C7886A6F93}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4F2DD59B-8632-4BE0-9858-2685D5FD7B5D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5DCE7AFF-6D3A-4338-A228-D97BC411963C}" = protocol=17 | dir=in | app=c:\users\acer\appdata\roaming\utorrent\utorrent.exe |
"{64125329-F9BD-46D4-B6AA-E3585DA95859}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6648A6A3-403A-415F-8138-69121F993F38}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{667526A6-B747-4062-9DFB-87512A2ACFB8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{7F7DF18D-50E2-4F50-B007-988E35E2F6B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8DCCEE59-ED49-419F-BD5C-BBD4A8598C1D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{90941E3E-E1B6-4E26-BC2F-1C5627E52C55}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9ECC3684-A304-4449-B64D-55C294A597DD}" = protocol=6 | dir=in | app=c:\users\acer\appdata\roaming\utorrent\utorrent.exe |
"{A19A2EDF-31BD-46C6-9481-1D641F7A4E17}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A1AC3BEA-EA16-4D12-B8D0-5A9B2440E11E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A6A37EED-327B-45BA-8E77-E22E473932BE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AA974D76-DC8E-4EDF-AD11-2F4646274A1A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AE58BF65-E484-41A1-9D5F-4684CB7838F1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BEEBC623-4CC3-44A2-95E3-0D2FB9995E1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC2FA121-03FB-4524-B056-AD88CE36B38C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1010766-CFFF-462A-B6D7-A3D74948404B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1D676D8-4E57-47F8-B6B0-2147EBED64D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E22DBC4F-94AD-484C-A64A-71F906FBE212}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E5D599E3-41BE-41F5-A57B-3FBC5850C2CA}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{EEB73095-0FF4-4FA8-BF77-1A878697F863}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1D42798-C82B-458D-B0CD-F304E80DE27D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F794D6C7-9277-46CC-9AA5-C900C9E97A08}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{061406DE-F400-4C6E-9024-0EFDEDA208BE}G:\portable\bittorrent v7.2.1 build 25302\bittorrent v7.2.1 build 25302\bittorrent.exe" = protocol=6 | dir=in | app=g:\portable\bittorrent v7.2.1 build 25302\bittorrent v7.2.1 build 25302\bittorrent.exe |
"TCP Query User{4292D157-A8DD-4E3B-B496-F88E8CEBAF1E}C:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe |
"TCP Query User{53D66F39-C646-4C4D-B0B6-9994051D643C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{6969AD09-7038-45A1-8356-F76A994DE9EB}I:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=i:\xampp\apache\bin\httpd.exe |
"TCP Query User{75FF635D-E30A-4F79-94AB-AE841F63D6C8}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{7BDC1995-7C61-4735-A58D-35F7E9A8DBB4}C:\program files\java\jre1.8.0_25\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_25\bin\java.exe |
"TCP Query User{804FFD4F-8F78-413D-972A-CC0840D62B22}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{8C4ECBFB-3D86-40D8-91F6-D3D087137F74}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{8EA311A4-826C-4B3F-9001-98BE342AA121}I:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=i:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{95E27D0D-1F34-441C-A528-05A0348D053B}C:\users\acer\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\acer\appdata\roaming\spotify\spotify.exe |
"TCP Query User{AC6B3C10-91A9-4B02-AFDC-A954706BA7D6}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{0343023D-ABC3-4A51-BE89-869B572DAE9D}G:\portable\bittorrent v7.2.1 build 25302\bittorrent v7.2.1 build 25302\bittorrent.exe" = protocol=17 | dir=in | app=g:\portable\bittorrent v7.2.1 build 25302\bittorrent v7.2.1 build 25302\bittorrent.exe |
"UDP Query User{042E6B33-18F0-41AC-B828-12DA8486382B}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{156A59E1-14F8-4862-8A24-944E4B26CCBC}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{26D52A40-C8B6-4CB2-91E9-97596571C8F9}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{4AF02D07-9EC5-4158-AED9-DA509F0AC0E2}C:\users\acer\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\acer\appdata\roaming\spotify\spotify.exe |
"UDP Query User{BB47E310-A93F-479C-B7F4-BB5400AA1383}C:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe |
"UDP Query User{CDD4082A-6E47-4CA9-BF04-F6EE7FDADD88}I:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=i:\xampp\apache\bin\httpd.exe |
"UDP Query User{D8140C64-5C4A-44C8-B658-59F0203CB7C9}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{E7614D5E-EE6F-480E-BCD0-A69F858F18C9}C:\program files\java\jre1.8.0_25\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_25\bin\java.exe |
"UDP Query User{F4B43F29-0FFE-4D11-AC38-F8760128957A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FD42DAB4-14AB-46C7-A706-6E6A16CD41FB}I:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=i:\xampp\mysql\bin\mysqld.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F83218066F0}" = Java 8 Update 66
"{2C741651-87E0-4479-9703-6DD0D7988B84}" = iTunes
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69402281-8050-417B-93D8-9C2DB46C9DDC}" = calibre
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}" = Podpora aplikací Apple (32bitová)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}" = Apple Mobile Device Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824161310}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D168AAD0-6686-47C1-B599-CDD4888B9D1A}" = Bonjour
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{F9B579C2-D854-300A-BE62-A09EB9D722E4}" = Google Talk Plugin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}" = Apple Software Update
"1428935726_is1" = STAR WARS™ Jedi Knight™ - Jedi Academy™
"7-Zip" = 7-Zip 9.21beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity_is1" = Audacity 2.0.5
"avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"Defraggler" = Defraggler
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"FileZilla Client" = FileZilla Client 3.13.1
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Inkscape" = Inkscape 0.48.5
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"LAME_is1" = LAME v3.99.3 (for Windows)
"LManager" = Launch Manager
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.0.1024
"Opera 12.17.1863" = Opera 12.17
"Opera 34.0.2036.25" = Opera Stable 34.0.2036.25
"PSPad editor_is1" = PSPad editor
"ShockwaveFlash" = Macromedia Flash Player 8
"Sublime Text 2_is1" = Sublime Text 2.0.2
"VLC media player" = VLC media player
"WinStrom 10" = ABRA FlexiBee
"xampp" = XAMPP
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.12.2015 8:51:54 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 26.12.2015 8:51:54 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 26.12.2015 8:51:54 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 26.12.2015 10:38:13 | Computer Name = Acer-PC | Source = PostgreSQL | ID = 0
Description =
Error - 26.12.2015 10:38:36 | Computer Name = Acer-PC | Source = Log4j | ID = 4096
Description = 6997 [main] ERROR cz.winstrom.service.CsLicenseHelper - License 1
was not read, START will be used temporarily (this call only)!
Error - 26.12.2015 10:51:20 | Computer Name = Acer-PC | Source = MsiInstaller | ID = 1024
Description =
[ Media Center Events ]
Error - 3.7.2009 6:28:38 | Computer Name = Acer-PC | Source = MCUpdate | ID = 0
Description = 12:28:37 - Chyba při připojování k Internetu 12:28:38 - Nelze kontaktovat
server..
Error - 25.8.2009 5:44:47 | Computer Name = Acer-PC | Source = MCUpdate | ID = 0
Description = 11:44:47 - Chyba při připojování k Internetu 11:44:47 - Nelze kontaktovat
server..
Error - 11.9.2009 14:14:52 | Computer Name = Acer-PC | Source = MCUpdate | ID = 0
Description = 20:14:52 - Chyba při připojování k Internetu 20:14:52 - Nelze kontaktovat
server..
[ OSession Events ]
Error - 23.4.2013 11:45:45 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 27
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.4.2013 15:16:28 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 41
seconds with 0 seconds of active time. This session ended with a crash.
Error - 15.5.2014 13:24:55 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 64
seconds with 60 seconds of active time. This session ended with a crash.
Error - 26.10.2014 9:04:08 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 438
seconds with 0 seconds of active time. This session ended with a crash.
Error - 28.12.2014 8:19:04 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 296
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9.8.2015 10:53:52 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5399
seconds with 1740 seconds of active time. This session ended with a crash.
Error - 9.8.2015 11:47:03 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 305
seconds with 240 seconds of active time. This session ended with a crash.
Error - 16.8.2015 13:00:15 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 424
seconds with 180 seconds of active time. This session ended with a crash.
Error - 23.11.2015 14:42:43 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1215
seconds with 1080 seconds of active time. This session ended with a crash.
Error - 7.12.2015 16:29:19 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17164
seconds with 900 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 25.12.2015 8:34:39 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).
Error - 26.12.2015 5:22:53 | Computer Name = Acer-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 26.12.2015 5:24:01 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 26.12.2015 8:49:59 | Computer Name = Acer-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 26.12.2015 8:51:45 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 26.12.2015 8:52:26 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující
chybě: %%1056
Error - 26.12.2015 10:37:31 | Computer Name = Acer-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 26.12.2015 10:38:44 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
< End of report >
OTL Extras logfile created on: 26.12.2015 18:48:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Acer\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 33,08% Memory free
5,98 Gb Paging File | 3,68 Gb Available in Paging File | 61,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 12,02 Gb Free Space | 20,55% Space Free | Partition Type: NTFS
Drive D: | 174,29 Gb Total Space | 11,43 Gb Free Space | 6,56% Space Free | Partition Type: NTFS
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012CB1AB-11A9-4DAF-AB22-BA8B5D25E09D}" = rport=445 | protocol=6 | dir=out | app=system |
"{0850270B-C400-41A5-A4E5-9BC5595EAF91}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D2AF269-C856-44E4-8D8C-079728CB6D49}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{10AE43C4-A215-422C-8F65-EF28C039E7F3}" = rport=139 | protocol=6 | dir=out | app=system |
"{15586602-E6FD-4CD0-B02E-78B31B01A5D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1695A3E9-4A14-4823-B6AB-87E1EADF01CC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2AABFD78-5425-4222-994A-72ACE8FF5C78}" = lport=139 | protocol=6 | dir=in | app=system |
"{2CF49C2D-645C-422E-A4D5-EFC676B660EA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2DDA6DAB-C58E-4B21-9BCD-8B9D7C91232B}" = rport=138 | protocol=17 | dir=out | app=system |
"{2F69DD57-A318-454C-B6CD-3C1549B9EA67}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B10C0AA-51A7-4C29-9041-5A63EA880BB0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68806D0F-784D-496B-A36F-4828B7099727}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6DE127C0-C665-4A6D-A322-048C87D632D1}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D64FF2D-0462-4A84-9A02-71EA557CFBF6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{82D8C4C7-4893-41BB-9C54-3E732B8E91C7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{869C45F6-9F3F-4E96-BE45-C9D3C5F459E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8970A36E-855A-4897-BD93-9ED1C230F0DE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{A5902883-6D7B-441F-9DFD-7E7466D2DEF8}" = lport=137 | protocol=17 | dir=in | app=system |
"{A78D5686-C944-425B-95B1-F6FD0EB2ACFB}" = lport=445 | protocol=6 | dir=in | app=system |
"{CB8B3F65-8778-4907-BA2A-8D38EF090019}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D55EA329-855F-4556-8900-DEA2D4A3C204}" = rport=137 | protocol=17 | dir=out | app=system |
"{E50D9536-2444-40B6-9E0E-84F9FBA6B2D4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EA53BB15-8D9E-47F2-8D61-83AB73CF0741}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0687A819-6B36-4F9B-975F-E520B01E51DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D7088D7-72B6-4DC8-ADE4-4C9891925F6A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{30E7C4D8-B26F-4B32-9AAF-231AAD684057}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3330A6D5-6EFD-42A2-94E6-33BEABBB2AEA}" = protocol=6 | dir=out | app=system |
"{339E4677-6256-4E8B-9AF0-4C7C02B6821D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36488D2D-3A07-4CDB-8904-CE829A83D5BF}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{3B115B77-A62A-4B63-B2FF-0B09B44DB76E}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{3EEB9B1B-D128-4ACB-AC6A-DF31683FC6AC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4EF889FE-8794-448C-AC30-E4C7886A6F93}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4F2DD59B-8632-4BE0-9858-2685D5FD7B5D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5DCE7AFF-6D3A-4338-A228-D97BC411963C}" = protocol=17 | dir=in | app=c:\users\acer\appdata\roaming\utorrent\utorrent.exe |
"{64125329-F9BD-46D4-B6AA-E3585DA95859}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6648A6A3-403A-415F-8138-69121F993F38}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{667526A6-B747-4062-9DFB-87512A2ACFB8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{7F7DF18D-50E2-4F50-B007-988E35E2F6B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8DCCEE59-ED49-419F-BD5C-BBD4A8598C1D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{90941E3E-E1B6-4E26-BC2F-1C5627E52C55}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9ECC3684-A304-4449-B64D-55C294A597DD}" = protocol=6 | dir=in | app=c:\users\acer\appdata\roaming\utorrent\utorrent.exe |
"{A19A2EDF-31BD-46C6-9481-1D641F7A4E17}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A1AC3BEA-EA16-4D12-B8D0-5A9B2440E11E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A6A37EED-327B-45BA-8E77-E22E473932BE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AA974D76-DC8E-4EDF-AD11-2F4646274A1A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AE58BF65-E484-41A1-9D5F-4684CB7838F1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BEEBC623-4CC3-44A2-95E3-0D2FB9995E1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC2FA121-03FB-4524-B056-AD88CE36B38C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1010766-CFFF-462A-B6D7-A3D74948404B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1D676D8-4E57-47F8-B6B0-2147EBED64D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E22DBC4F-94AD-484C-A64A-71F906FBE212}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E5D599E3-41BE-41F5-A57B-3FBC5850C2CA}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{EEB73095-0FF4-4FA8-BF77-1A878697F863}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1D42798-C82B-458D-B0CD-F304E80DE27D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F794D6C7-9277-46CC-9AA5-C900C9E97A08}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{061406DE-F400-4C6E-9024-0EFDEDA208BE}G:\portable\bittorrent v7.2.1 build 25302\bittorrent v7.2.1 build 25302\bittorrent.exe" = protocol=6 | dir=in | app=g:\portable\bittorrent v7.2.1 build 25302\bittorrent v7.2.1 build 25302\bittorrent.exe |
"TCP Query User{4292D157-A8DD-4E3B-B496-F88E8CEBAF1E}C:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe |
"TCP Query User{53D66F39-C646-4C4D-B0B6-9994051D643C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{6969AD09-7038-45A1-8356-F76A994DE9EB}I:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=i:\xampp\apache\bin\httpd.exe |
"TCP Query User{75FF635D-E30A-4F79-94AB-AE841F63D6C8}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{7BDC1995-7C61-4735-A58D-35F7E9A8DBB4}C:\program files\java\jre1.8.0_25\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_25\bin\java.exe |
"TCP Query User{804FFD4F-8F78-413D-972A-CC0840D62B22}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{8C4ECBFB-3D86-40D8-91F6-D3D087137F74}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{8EA311A4-826C-4B3F-9001-98BE342AA121}I:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=i:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{95E27D0D-1F34-441C-A528-05A0348D053B}C:\users\acer\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\acer\appdata\roaming\spotify\spotify.exe |
"TCP Query User{AC6B3C10-91A9-4B02-AFDC-A954706BA7D6}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{0343023D-ABC3-4A51-BE89-869B572DAE9D}G:\portable\bittorrent v7.2.1 build 25302\bittorrent v7.2.1 build 25302\bittorrent.exe" = protocol=17 | dir=in | app=g:\portable\bittorrent v7.2.1 build 25302\bittorrent v7.2.1 build 25302\bittorrent.exe |
"UDP Query User{042E6B33-18F0-41AC-B828-12DA8486382B}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{156A59E1-14F8-4862-8A24-944E4B26CCBC}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{26D52A40-C8B6-4CB2-91E9-97596571C8F9}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{4AF02D07-9EC5-4158-AED9-DA509F0AC0E2}C:\users\acer\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\acer\appdata\roaming\spotify\spotify.exe |
"UDP Query User{BB47E310-A93F-479C-B7F4-BB5400AA1383}C:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\gog games\star wars jedi knight - jedi academy\gamedata\jamp.exe |
"UDP Query User{CDD4082A-6E47-4CA9-BF04-F6EE7FDADD88}I:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=i:\xampp\apache\bin\httpd.exe |
"UDP Query User{D8140C64-5C4A-44C8-B658-59F0203CB7C9}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{E7614D5E-EE6F-480E-BCD0-A69F858F18C9}C:\program files\java\jre1.8.0_25\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_25\bin\java.exe |
"UDP Query User{F4B43F29-0FFE-4D11-AC38-F8760128957A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FD42DAB4-14AB-46C7-A706-6E6A16CD41FB}I:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=i:\xampp\mysql\bin\mysqld.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F83218066F0}" = Java 8 Update 66
"{2C741651-87E0-4479-9703-6DD0D7988B84}" = iTunes
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69402281-8050-417B-93D8-9C2DB46C9DDC}" = calibre
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}" = Podpora aplikací Apple (32bitová)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}" = Apple Mobile Device Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824161310}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D168AAD0-6686-47C1-B599-CDD4888B9D1A}" = Bonjour
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{F9B579C2-D854-300A-BE62-A09EB9D722E4}" = Google Talk Plugin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}" = Apple Software Update
"1428935726_is1" = STAR WARS™ Jedi Knight™ - Jedi Academy™
"7-Zip" = 7-Zip 9.21beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity_is1" = Audacity 2.0.5
"avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"Defraggler" = Defraggler
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"FileZilla Client" = FileZilla Client 3.13.1
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Inkscape" = Inkscape 0.48.5
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"LAME_is1" = LAME v3.99.3 (for Windows)
"LManager" = Launch Manager
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.0.1024
"Opera 12.17.1863" = Opera 12.17
"Opera 34.0.2036.25" = Opera Stable 34.0.2036.25
"PSPad editor_is1" = PSPad editor
"ShockwaveFlash" = Macromedia Flash Player 8
"Sublime Text 2_is1" = Sublime Text 2.0.2
"VLC media player" = VLC media player
"WinStrom 10" = ABRA FlexiBee
"xampp" = XAMPP
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.12.2015 8:51:54 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 26.12.2015 8:51:54 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 26.12.2015 8:51:54 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 26.12.2015 10:38:13 | Computer Name = Acer-PC | Source = PostgreSQL | ID = 0
Description =
Error - 26.12.2015 10:38:36 | Computer Name = Acer-PC | Source = Log4j | ID = 4096
Description = 6997 [main] ERROR cz.winstrom.service.CsLicenseHelper - License 1
was not read, START will be used temporarily (this call only)!
Error - 26.12.2015 10:51:20 | Computer Name = Acer-PC | Source = MsiInstaller | ID = 1024
Description =
[ Media Center Events ]
Error - 3.7.2009 6:28:38 | Computer Name = Acer-PC | Source = MCUpdate | ID = 0
Description = 12:28:37 - Chyba při připojování k Internetu 12:28:38 - Nelze kontaktovat
server..
Error - 25.8.2009 5:44:47 | Computer Name = Acer-PC | Source = MCUpdate | ID = 0
Description = 11:44:47 - Chyba při připojování k Internetu 11:44:47 - Nelze kontaktovat
server..
Error - 11.9.2009 14:14:52 | Computer Name = Acer-PC | Source = MCUpdate | ID = 0
Description = 20:14:52 - Chyba při připojování k Internetu 20:14:52 - Nelze kontaktovat
server..
[ OSession Events ]
Error - 23.4.2013 11:45:45 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 27
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.4.2013 15:16:28 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 41
seconds with 0 seconds of active time. This session ended with a crash.
Error - 15.5.2014 13:24:55 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 64
seconds with 60 seconds of active time. This session ended with a crash.
Error - 26.10.2014 9:04:08 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 438
seconds with 0 seconds of active time. This session ended with a crash.
Error - 28.12.2014 8:19:04 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 296
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9.8.2015 10:53:52 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5399
seconds with 1740 seconds of active time. This session ended with a crash.
Error - 9.8.2015 11:47:03 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 305
seconds with 240 seconds of active time. This session ended with a crash.
Error - 16.8.2015 13:00:15 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 424
seconds with 180 seconds of active time. This session ended with a crash.
Error - 23.11.2015 14:42:43 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1215
seconds with 1080 seconds of active time. This session ended with a crash.
Error - 7.12.2015 16:29:19 | Computer Name = Acer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17164
seconds with 900 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 25.12.2015 8:34:39 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).
Error - 26.12.2015 5:22:53 | Computer Name = Acer-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 26.12.2015 5:24:01 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 26.12.2015 8:49:59 | Computer Name = Acer-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 26.12.2015 8:51:45 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.
Error - 26.12.2015 8:51:56 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 26.12.2015 8:52:26 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující
chybě: %%1056
Error - 26.12.2015 10:37:31 | Computer Name = Acer-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 26.12.2015 10:38:44 | Computer Name = Acer-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
< End of report >
Re: Prosím o preventivní kontrolu
Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu
NTB mám z druhé ruky, OS tam byl již nainstalován, abych řekl pravdu tak sám nevím.
# AdwCleaner v5.026 - Logfile created 26/12/2015 at 21:08:07
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 7 Ultimate (x86)
# Username : Acer - ACER-PC
# Running from : C:\Users\Acer\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Acer\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Acer\Desktop\Ap
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Conduit
***** [ Web browsers ] *****
[-] [C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nonjdcjchghhkdoolnlbekcfllmednbl
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1046 bytes] ##########
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Ultimate Edition [6.1 Build 7600] (x86)
Date : 2015/12/26 21:19:14
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) ICH8M 3 port Serial ATA Storage Controller - 2828 [ATA]
+ ATA Channel 0 (0)
- Hitachi HTS542525K9SA00 ATA Device
- Optiarc DVD RW AD-7560A ATA Device
- ATA Channel 1 (1)
+ MagicISO SCSI Host Controller [SCSI]
- MagicISO Virtual DVD-ROM0000
-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS542525K9SA00 : 250,0 GB [0/2/0, pd1]
----------------------------------------------------------------------------
(1) Hitachi HTS542525K9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS542525K9SA00
Firmware : BBFOC31P
Serial Number : 081119BB6F00WDKJGLHF
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 7229 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : SATA/150
Power On Hours : 9687 hod.
Power On Count : 7021 krát
Temparature : 54 C (129 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 241 241 _33 000C00000001 Čas na roztočení ploten
04 _96 _96 __0 000000001BE0 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _78 _78 __0 0000000025D7 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 __0 000000001B6D Počet cyklů zapnutí zařízení
BF 100 100 __0 000000010000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000014 Počet vypnutí disku
C1 _88 _88 __0 00000001E795 Počet cyklů načítání/vymazání
C2 101 101 __0 003B00100036 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3038 3131 3139 4242 3646 5744 5744 4B4A 474C 4846
020: 0003 387B 0004 4242 464F 3150 3150 4869 7461 6368
030: 6920 4854 5335 3432 3532 3953 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1702 1702 0000 005E 0000
080: 01FC 0042 746B 7F69 6163 BC49 BC49 6163 207F 0035
090: 0036 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 33F1 C33E 0000 0000 0000 0000 0000 0000 0000 4004
120: 4004 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 4650 0000 0000 2570 2570 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C6A5
# AdwCleaner v5.026 - Logfile created 26/12/2015 at 21:08:07
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 7 Ultimate (x86)
# Username : Acer - ACER-PC
# Running from : C:\Users\Acer\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Acer\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Acer\Desktop\Ap
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Conduit
***** [ Web browsers ] *****
[-] [C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nonjdcjchghhkdoolnlbekcfllmednbl
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1046 bytes] ##########
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Ultimate Edition [6.1 Build 7600] (x86)
Date : 2015/12/26 21:19:14
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) ICH8M 3 port Serial ATA Storage Controller - 2828 [ATA]
+ ATA Channel 0 (0)
- Hitachi HTS542525K9SA00 ATA Device
- Optiarc DVD RW AD-7560A ATA Device
- ATA Channel 1 (1)
+ MagicISO SCSI Host Controller [SCSI]
- MagicISO Virtual DVD-ROM0000
-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS542525K9SA00 : 250,0 GB [0/2/0, pd1]
----------------------------------------------------------------------------
(1) Hitachi HTS542525K9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS542525K9SA00
Firmware : BBFOC31P
Serial Number : 081119BB6F00WDKJGLHF
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 7229 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : SATA/150
Power On Hours : 9687 hod.
Power On Count : 7021 krát
Temparature : 54 C (129 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 241 241 _33 000C00000001 Čas na roztočení ploten
04 _96 _96 __0 000000001BE0 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _78 _78 __0 0000000025D7 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 __0 000000001B6D Počet cyklů zapnutí zařízení
BF 100 100 __0 000000010000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000014 Počet vypnutí disku
C1 _88 _88 __0 00000001E795 Počet cyklů načítání/vymazání
C2 101 101 __0 003B00100036 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3038 3131 3139 4242 3646 5744 5744 4B4A 474C 4846
020: 0003 387B 0004 4242 464F 3150 3150 4869 7461 6368
030: 6920 4854 5335 3432 3532 3953 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1702 1702 0000 005E 0000
080: 01FC 0042 746B 7F69 6163 BC49 BC49 6163 207F 0035
090: 0036 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 33F1 C33E 0000 0000 0000 0000 0000 0000 0000 4004
120: 4004 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 4650 0000 0000 2570 2570 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C6A5
Re: Prosím o preventivní kontrolu
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu
Předtím, než jsem vás oslovil tady na fóru, tak jsem provedl již jednu kontrolu s MBAM (Sken hrozeb). Hrozby jsem již odstranil, tak doufám že jsem tím nic nepokazil. Níže zasílám log z "mé" analýzy. V dalším příspěvku zasílám log, o který jste žádal.
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 26.12.2015
Čas skenování: 13:23
Protokol: MB.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.26.02
Databáze rootkitů: v2015.12.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7
CPU: x86
Souborový systém: NTFS
Uživatel: Acer
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 343062
Uplynulý čas: 23 min, 36 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 6
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2786678, , [e4c63475602b2313b99d6c1a20e36e92],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [e9c1b3f604872016c03eeea92ad9cd33],
PUP.Optional.PriceGong, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [5159cfda3754cd69ea3d58610ef5be42],
PUP.Optional.Conduit, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [e2c87237c1cacd6901f0197e8c77df21],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}, , [4c5eaffa593275c116f69dedf70c55ab],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}, , [83279910ff8ca591c14c1e6c2bd8f010],
Hodnoty registru: 6
PUP.Optional.uTorrentBar, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, , [d7d31e8bc7c4b680324264015ea4d32d],
PUP.Optional.uTorrentBar, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, ú€sż´ă˛MŻ>ť‡¤[ü, , [d7d31e8bc7c4b680324264015ea4d32d]
PUP.Optional.uTorrentBar, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, , [d7d31e8bc7c4b680324264015ea4d32d],
PUP.Optional.uTorrentBar, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}, , [ccde1792f89358def67e7fe6ae5442be],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.as ... =CT2786678, , [e9c1b3f604872016c03eeea92ad9cd33]
PUP.Optional.Conduit, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.as ... =CT2786678, , [e2c87237c1cacd6901f0197e8c77df21]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data, , [b7f3eebb1d6e3501b543ebb6f11144bc],
Soubory: 29
PUP.Optional.Conduit, C:\Users\Acer\AppData\Roaming\uTorrent\ism.exe, , [62480e9be7a42d0947391b133fc24eb2],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\1.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\a.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\b.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\c.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\d.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\e.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\f.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\g.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\h.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\i.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\J.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\k.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\l.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\m.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\mru.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\n.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\o.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\p.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\q.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\r.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\s.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\t.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\u.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\v.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\w.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\x.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\y.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\z.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Níže zasílám log z "mé" analýzy. V dalším příspěvku zasílám log, o který jste žádal.Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 26.12.2015
Čas skenování: 13:23
Protokol: MB.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.26.02
Databáze rootkitů: v2015.12.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7
CPU: x86
Souborový systém: NTFS
Uživatel: Acer
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 343062
Uplynulý čas: 23 min, 36 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 6
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2786678, , [e4c63475602b2313b99d6c1a20e36e92],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [e9c1b3f604872016c03eeea92ad9cd33],
PUP.Optional.PriceGong, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [5159cfda3754cd69ea3d58610ef5be42],
PUP.Optional.Conduit, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [e2c87237c1cacd6901f0197e8c77df21],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}, , [4c5eaffa593275c116f69dedf70c55ab],
PUP.Optional.Hicosmea, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}, , [83279910ff8ca591c14c1e6c2bd8f010],
Hodnoty registru: 6
PUP.Optional.uTorrentBar, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, , [d7d31e8bc7c4b680324264015ea4d32d],
PUP.Optional.uTorrentBar, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, ú€sż´ă˛MŻ>ť‡¤[ü, , [d7d31e8bc7c4b680324264015ea4d32d]
PUP.Optional.uTorrentBar, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, , [d7d31e8bc7c4b680324264015ea4d32d],
PUP.Optional.uTorrentBar, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}, , [ccde1792f89358def67e7fe6ae5442be],
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.as ... =CT2786678, , [e9c1b3f604872016c03eeea92ad9cd33]
PUP.Optional.Conduit, HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.as ... =CT2786678, , [e2c87237c1cacd6901f0197e8c77df21]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data, , [b7f3eebb1d6e3501b543ebb6f11144bc],
Soubory: 29
PUP.Optional.Conduit, C:\Users\Acer\AppData\Roaming\uTorrent\ism.exe, , [62480e9be7a42d0947391b133fc24eb2],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\1.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\a.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\b.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\c.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\d.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\e.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\f.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\g.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\h.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\i.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\J.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\k.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\l.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\m.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\mru.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\n.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\o.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\p.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\q.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\r.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\s.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\t.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\u.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\v.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\w.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\x.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\y.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
PUP.Optional.PriceGong, C:\Users\Acer\AppData\LocalLow\PriceGong\Data\z.xml, , [b7f3eebb1d6e3501b543ebb6f11144bc],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o preventivní kontrolu
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 27.12.2015
Čas skenování: 9:38
Protokol: Log 27.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.27.02
Databáze rootkitů: v2015.12.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7
CPU: x86
Souborový systém: NTFS
Uživatel: Acer
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 489934
Uplynulý čas: 3 hod, 34 min, 6 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.Unizeto, C:\Program Files\GIMP 2\lib\gegl-0.2\unsharp-mask.dll, , [818d14962f5c2a0c4cad4109d92b55ab],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 27.12.2015
Čas skenování: 9:38
Protokol: Log 27.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.27.02
Databáze rootkitů: v2015.12.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7
CPU: x86
Souborový systém: NTFS
Uživatel: Acer
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 489934
Uplynulý čas: 3 hod, 34 min, 6 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.Unizeto, C:\Program Files\GIMP 2\lib\gegl-0.2\unsharp-mask.dll, , [818d14962f5c2a0c4cad4109d92b55ab],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o preventivní kontrolu
Nalez nechte odstranit, pak muzete MBAM odinstalovat. Dejte novy log z RSIT.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Acer at 2015-12-27 14:04:08
Microsoft Windows 7 Ultimate
System drive C: has 12 GB (20%) free of 60 GB
Total RAM: 3062 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:04:15, on 27.12.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Acer\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Acer\Downloads\RSIT.exe
C:\Program Files\trend micro\Acer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\system32\Msdxm6.ocx
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1933283459-4233979245-4030782100-1145\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'winpostgr')
O4 - HKUS\S-1-5-21-1933283459-4233979245-4030782100-1145\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'winpostgr')
O4 - Startup: MS Office Tools.lnk = D:\Program Files\Game Maker 6.1\Osa9.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: WinStromService (Service1) - FlexiBee Systems s.r.o. - C:\Program Files\WinStrom\winstromservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WinStrom-PostgreSQL - PostgreSQL Global Development Group - C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe
--
End of file - 9661 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-26 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-12-14 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-26 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2009-03-08 520192]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\Windows\system32\Msdxm6.ocx [2000-04-21 844048]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-03-08 1130504]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-14 7021880]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-17 157456]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"Spotify Web Helper"=C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-12-22 2346096]
"Spotify"=C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe [2015-12-22 8316528]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-12-08 6602152]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Acer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MS Office Tools.lnk - D:\Program Files\Game Maker 6.1\Osa9.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-26 21:03:31 ----D---- C:\AdwCleaner
2015-12-26 15:35:12 ----A---- C:\Windows\wininit.ini
2015-12-26 14:11:10 ----D---- C:\Program Files\trend micro
2015-12-26 14:11:09 ----D---- C:\rsit
2015-12-26 13:21:55 ----D---- C:\ProgramData\Malwarebytes
2015-12-26 13:08:35 ----D---- C:\Program Files\Common Files\Java
2015-12-26 13:08:23 ----D---- C:\Users\Acer\AppData\Roaming\Sun
2015-12-26 13:01:01 ----D---- C:\Program Files\iPod
2015-12-26 13:01:00 ----D---- C:\Program Files\iTunes
2015-12-26 12:56:07 ----D---- C:\Program Files\Bonjour
2015-12-22 10:58:48 ----D---- C:\Users\Acer\AppData\Roaming\Opera Software
2015-12-14 17:12:28 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-14 17:11:43 ----A---- C:\Windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2015-12-27 14:04:12 ----D---- C:\Windows\Temp
2015-12-27 14:02:14 ----D---- C:\Users\Acer\AppData\Roaming\Spotify
2015-12-27 14:01:01 ----D---- C:\Program Files
2015-12-27 14:00:31 ----D---- C:\Windows\system32\drivers
2015-12-27 14:00:08 ----D---- C:\Windows\system32\config
2015-12-27 13:55:48 ----D---- C:\winstrom-data
2015-12-26 22:54:50 ----D---- C:\Users\Acer\AppData\Roaming\vlc
2015-12-26 20:27:24 ----D---- C:\Users\Acer\AppData\Roaming\Inkscape
2015-12-26 18:52:28 ----SHD---- C:\System Volume Information
2015-12-26 15:53:31 ----SHD---- C:\Windows\Installer
2015-12-26 15:51:43 ----D---- C:\Windows\System32
2015-12-26 15:35:23 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-12-26 15:35:22 ----SD---- C:\ProgramData\Microsoft
2015-12-26 15:35:12 ----D---- C:\Windows
2015-12-26 13:50:11 ----D---- C:\Windows\schemas
2015-12-26 13:49:18 ----D---- C:\Windows\system32\catroot
2015-12-26 13:21:55 ----HD---- C:\ProgramData
2015-12-26 13:11:21 ----D---- C:\Users\Acer\AppData\Roaming\uTorrent
2015-12-26 13:11:14 ----D---- C:\Windows\inf
2015-12-26 13:09:48 ----D---- C:\ProgramData\Oracle
2015-12-26 13:08:35 ----D---- C:\Program Files\Common Files
2015-12-26 13:07:45 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-12-26 13:07:29 ----D---- C:\Program Files\Java
2015-12-26 13:03:41 ----D---- C:\Users\Acer\AppData\Roaming\Apple Computer
2015-12-26 13:01:00 ----D---- C:\Program Files\Common Files\Apple
2015-12-26 13:00:44 ----D---- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-12-26 12:55:43 ----D---- C:\Windows\system32\DriverStore
2015-12-26 12:55:07 ----D---- C:\Windows\system32\Tasks
2015-12-26 12:55:04 ----D---- C:\Program Files\Apple Software Update
2015-12-23 14:41:29 ----D---- C:\Program Files\Common Files\Adobe
2015-12-23 14:41:28 ----D---- C:\Program Files\Adobe
2015-12-23 14:41:11 ----D---- C:\ProgramData\Adobe
2015-12-23 10:57:42 ----D---- C:\Program Files\Opera
2015-12-20 21:00:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-16 18:42:44 ----D---- C:\Users\Acer\AppData\Roaming\Mozilla
2015-12-15 18:00:04 ----D---- C:\Windows\system32\catroot2
2015-12-13 08:03:18 ----D---- C:\Windows\Prefetch
2015-12-12 21:28:19 ----RSD---- C:\Windows\Fonts
2015-12-04 22:54:10 ----D---- C:\Windows\Tasks
2015-12-03 17:25:11 ----D---- C:\Program Files\Common Files\AV
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-14 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-14 209432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-14 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-14 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-19 436360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-14 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-19 81168]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-14 117712]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-08 21000]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2009-03-08 30720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2009-03-08 290816]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-03-13 717296]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-12-14 226440]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 390416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-09-09 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2015-09-25 214520]
R2 Service1;WinStromService; C:\Program Files\WinStrom\winstromservice.exe [2014-12-05 586752]
R2 WinStrom-PostgreSQL;WinStrom-PostgreSQL; C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe [2014-03-18 76800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-17 541456]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-08-05 77944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
-----------------EOF-----------------
Run by Acer at 2015-12-27 14:04:08
Microsoft Windows 7 Ultimate
System drive C: has 12 GB (20%) free of 60 GB
Total RAM: 3062 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:04:15, on 27.12.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Acer\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Acer\Downloads\RSIT.exe
C:\Program Files\trend micro\Acer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\system32\Msdxm6.ocx
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1933283459-4233979245-4030782100-1145\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'winpostgr')
O4 - HKUS\S-1-5-21-1933283459-4233979245-4030782100-1145\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'winpostgr')
O4 - Startup: MS Office Tools.lnk = D:\Program Files\Game Maker 6.1\Osa9.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: WinStromService (Service1) - FlexiBee Systems s.r.o. - C:\Program Files\WinStrom\winstromservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WinStrom-PostgreSQL - PostgreSQL Global Development Group - C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe
--
End of file - 9661 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-26 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-12-14 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-26 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2009-03-08 520192]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\Windows\system32\Msdxm6.ocx [2000-04-21 844048]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-03-08 1130504]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-14 7021880]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-17 157456]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"Spotify Web Helper"=C:\Users\Acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-12-22 2346096]
"Spotify"=C:\Users\Acer\AppData\Roaming\Spotify\Spotify.exe [2015-12-22 8316528]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-12-08 6602152]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Acer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MS Office Tools.lnk - D:\Program Files\Game Maker 6.1\Osa9.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-26 21:03:31 ----D---- C:\AdwCleaner
2015-12-26 15:35:12 ----A---- C:\Windows\wininit.ini
2015-12-26 14:11:10 ----D---- C:\Program Files\trend micro
2015-12-26 14:11:09 ----D---- C:\rsit
2015-12-26 13:21:55 ----D---- C:\ProgramData\Malwarebytes
2015-12-26 13:08:35 ----D---- C:\Program Files\Common Files\Java
2015-12-26 13:08:23 ----D---- C:\Users\Acer\AppData\Roaming\Sun
2015-12-26 13:01:01 ----D---- C:\Program Files\iPod
2015-12-26 13:01:00 ----D---- C:\Program Files\iTunes
2015-12-26 12:56:07 ----D---- C:\Program Files\Bonjour
2015-12-22 10:58:48 ----D---- C:\Users\Acer\AppData\Roaming\Opera Software
2015-12-14 17:12:28 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-14 17:11:43 ----A---- C:\Windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2015-12-27 14:04:12 ----D---- C:\Windows\Temp
2015-12-27 14:02:14 ----D---- C:\Users\Acer\AppData\Roaming\Spotify
2015-12-27 14:01:01 ----D---- C:\Program Files
2015-12-27 14:00:31 ----D---- C:\Windows\system32\drivers
2015-12-27 14:00:08 ----D---- C:\Windows\system32\config
2015-12-27 13:55:48 ----D---- C:\winstrom-data
2015-12-26 22:54:50 ----D---- C:\Users\Acer\AppData\Roaming\vlc
2015-12-26 20:27:24 ----D---- C:\Users\Acer\AppData\Roaming\Inkscape
2015-12-26 18:52:28 ----SHD---- C:\System Volume Information
2015-12-26 15:53:31 ----SHD---- C:\Windows\Installer
2015-12-26 15:51:43 ----D---- C:\Windows\System32
2015-12-26 15:35:23 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-12-26 15:35:22 ----SD---- C:\ProgramData\Microsoft
2015-12-26 15:35:12 ----D---- C:\Windows
2015-12-26 13:50:11 ----D---- C:\Windows\schemas
2015-12-26 13:49:18 ----D---- C:\Windows\system32\catroot
2015-12-26 13:21:55 ----HD---- C:\ProgramData
2015-12-26 13:11:21 ----D---- C:\Users\Acer\AppData\Roaming\uTorrent
2015-12-26 13:11:14 ----D---- C:\Windows\inf
2015-12-26 13:09:48 ----D---- C:\ProgramData\Oracle
2015-12-26 13:08:35 ----D---- C:\Program Files\Common Files
2015-12-26 13:07:45 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-12-26 13:07:29 ----D---- C:\Program Files\Java
2015-12-26 13:03:41 ----D---- C:\Users\Acer\AppData\Roaming\Apple Computer
2015-12-26 13:01:00 ----D---- C:\Program Files\Common Files\Apple
2015-12-26 13:00:44 ----D---- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-12-26 12:55:43 ----D---- C:\Windows\system32\DriverStore
2015-12-26 12:55:07 ----D---- C:\Windows\system32\Tasks
2015-12-26 12:55:04 ----D---- C:\Program Files\Apple Software Update
2015-12-23 14:41:29 ----D---- C:\Program Files\Common Files\Adobe
2015-12-23 14:41:28 ----D---- C:\Program Files\Adobe
2015-12-23 14:41:11 ----D---- C:\ProgramData\Adobe
2015-12-23 10:57:42 ----D---- C:\Program Files\Opera
2015-12-20 21:00:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-16 18:42:44 ----D---- C:\Users\Acer\AppData\Roaming\Mozilla
2015-12-15 18:00:04 ----D---- C:\Windows\system32\catroot2
2015-12-13 08:03:18 ----D---- C:\Windows\Prefetch
2015-12-12 21:28:19 ----RSD---- C:\Windows\Fonts
2015-12-04 22:54:10 ----D---- C:\Windows\Tasks
2015-12-03 17:25:11 ----D---- C:\Program Files\Common Files\AV
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-14 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-14 209432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-14 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-14 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-19 436360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-14 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-19 81168]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-14 117712]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-08 21000]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2009-03-08 30720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2009-03-08 290816]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-03-13 717296]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-12-14 226440]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 390416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-09-09 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2015-09-25 214520]
R2 Service1;WinStromService; C:\Program Files\WinStrom\winstromservice.exe [2014-12-05 586752]
R2 WinStrom-PostgreSQL;WinStrom-PostgreSQL; C:\Program Files\WinStrom\pgsql\9.3\bin\pg_ctl.exe [2014-03-18 76800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-17 541456]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-08-05 77944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
-----------------EOF-----------------
Re: Prosím o preventivní kontrolu
Napiste mi velikost adresare plochy (C:\Users\Acer\Plocha)
Vypnete antivir, at nebrani programu v praci. Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
:services
AdobeARMservice
NMIndexingService
gupdate
SkypeUpdate
gupdatem
NBService
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job
C:\ProgramData\Spybot - Search & Destroy
:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1933283459-4233979245-4030782100-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O4 - Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MS Office Tools.lnk = File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2014.12.07 11:12:31 | 000,002,810 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2014.12.07 11:12:31 | 000,002,810 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:890CC2F3
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"GrooveMonitor"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=-
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"Google Update"=-
"SpybotPostWindows10UpgradeReInstall"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu
6,2 GB.Márty84 píše:Napiste mi velikost adresare plochy (C:\Users\Acer\Plocha)
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Acer
->Temp folder emptied: 126138696 bytes
->Temporary Internet Files folder emptied: 1961123 bytes
->Java cache emptied: 595796 bytes
->FireFox cache emptied: 7790620 bytes
->Google Chrome cache emptied: 65865802 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 510 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: winpostgr
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1290473 bytes
RecycleBin emptied: 37454452 bytes
Total Files Cleaned = 230,00 mb
[EMPTYFLASH]
User: Acer
->Flash cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: Public
User: winpostgr
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service NBService stopped successfully!
Service NBService deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1933283459-4233979245-4030782100-1000UA.job moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Quarantine folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Cleaning folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1933283459-4233979245-4030782100-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ not found.
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MS Office Tools.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\Installer\MSI781.tmp deleted successfully.
C:\Windows\Installer\MSI8329.tmp deleted successfully.
C:\Windows\Installer\MSIB80C.tmp deleted successfully.
File delete failed. C:\Windows\Temp\jna6010306064665140398.tmp scheduled to be deleted on reboot.
File \ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip not found.
File \Users\All Users\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip not found.
ADS C:\ProgramData\TEMP:890CC2F3 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 12272015_150308
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\hsperfdata_ACER-PC$\3308 not found!
File\Folder C:\Windows\temp\jna6010306064665140398.tmp not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Přispějete na provoz fóra?
