Dobrý den, mám asi nějaký vir na facebooku. Stále se mi na mém Timelinu zobrazují erotická videa pod hlavičkou BER, která vždy sdílím s 16-ti přáteli.
Prosím o radu. Díky.
Vkládám log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2016-03-13 18:53:05
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 16 GB (16%) free of 100 GB
Total RAM: 3053 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:03:10, on 13.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\AsScrPro.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\Data\Tomas\Downloads\RSIT.exe
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5VJ40PL2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... /google.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5VJ40PL2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... XX5VJ40PL2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Samsung Appstore] "C:\Users\Tomas\AppData\Roaming\Mozila\autoit.exe" "C:\Users\Tomas\AppData\Roaming\Mozila\up.au3"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: SOPRO Update.lnk = C:\Program Files\Sopro Imaging\WiseUpdt.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Update sizlsearch - Unknown owner - C:\Program Files\sizlsearch\updatesizlsearch.exe (file missing)
O23 - Service: Util sizlsearch - Unknown owner - C:\Program Files\sizlsearch\bin\utilsizlsearch.exe (file missing)
--
End of file - 9682 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job - C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job - C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-03-08 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-07-20 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-03-08 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2010-10-25 3054136]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-11-17 75048]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-12-09 74752]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-02 946352]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-10 6108752]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-01-29 595504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2013-03-28 4482718]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe -autorun []
"Dropbox Update"=C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20 134512]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-02-10 50605696]
"Samsung Appstore"=C:\Users\Tomas\AppData\Roaming\Mozila\autoit.exe [2016-03-06 934400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe []
C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
SOPRO Update.lnk - C:\Program Files\Sopro Imaging\WiseUpdt.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-13 18:53:05 ----D---- C:\rsit
2016-03-13 18:53:05 ----D---- C:\Program Files\trend micro
2016-03-10 17:07:20 ----A---- C:\Windows\system32\vbscript.dll
2016-03-10 17:07:20 ----A---- C:\Windows\system32\urlmon.dll
2016-03-10 17:07:20 ----A---- C:\Windows\system32\occache.dll
2016-03-10 17:07:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-10 17:07:20 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-10 17:07:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-10 17:07:20 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-10 17:07:20 ----A---- C:\Windows\system32\iernonce.dll
2016-03-10 17:07:20 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-10 17:07:20 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-10 17:07:20 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-10 17:07:20 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-10 17:07:19 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-10 17:07:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-10 17:07:19 ----A---- C:\Windows\system32\inseng.dll
2016-03-10 17:07:19 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-10 17:07:19 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-10 17:07:18 ----A---- C:\Windows\system32\webcheck.dll
2016-03-10 17:07:18 ----A---- C:\Windows\system32\msrating.dll
2016-03-10 17:07:18 ----A---- C:\Windows\system32\iesetup.dll
2016-03-10 17:07:17 ----A---- C:\Windows\system32\wininet.dll
2016-03-10 17:07:17 ----A---- C:\Windows\system32\jscript.dll
2016-03-10 17:07:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-10 17:07:16 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-10 17:07:15 ----A---- C:\Windows\system32\ieui.dll
2016-03-10 17:07:15 ----A---- C:\Windows\system32\ieframe.dll
2016-03-10 17:07:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-10 17:07:13 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-10 17:07:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-10 17:07:11 ----A---- C:\Windows\system32\jscript9.dll
2016-03-10 17:07:10 ----A---- C:\Windows\system32\mshtml.dll
2016-03-10 17:07:09 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 16:55:55 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 16:55:54 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 16:55:50 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 16:55:47 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 16:55:40 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 16:55:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 16:55:38 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-03-09 16:55:37 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 16:55:37 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\smss.exe
2016-03-09 16:55:36 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 16:55:36 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 16:55:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 16:55:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 16:55:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 16:55:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 16:55:36 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 16:55:36 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 16:55:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 16:55:35 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 16:55:35 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 16:55:35 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 16:55:35 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 16:55:35 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 16:55:35 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 16:55:35 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 16:55:35 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wups.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 16:55:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 16:55:28 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 16:55:27 ----A---- C:\Windows\system32\olepro32.dll
2016-03-09 16:55:27 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 16:54:05 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 16:54:05 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 16:54:05 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 16:54:05 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 16:54:05 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 16:54:05 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 16:54:05 ----A---- C:\Windows\system32\acmigration.dll
2016-03-09 16:54:04 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 16:54:04 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 16:54:04 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 16:54:04 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 16:54:04 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 16:54:03 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 16:54:01 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 16:53:59 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 16:53:59 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 16:53:58 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 16:53:52 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-08 07:00:16 ----D---- C:\ProgramData\F-Secure
2016-03-08 06:39:05 ----D---- C:\ProgramData\Apple Computer
2016-03-08 06:39:05 ----D---- C:\Program Files\QuickTime
2016-03-08 06:36:03 ----D---- C:\Program Files\Common Files\Java
2016-03-08 06:35:43 ----D---- C:\Users\Tomas\AppData\Roaming\Sun
2016-03-06 10:51:07 ----D---- C:\Users\Tomas\AppData\Roaming\Mozila
======List of files/folders modified in the last 1 month======
2016-03-13 18:59:47 ----D---- C:\Windows\Temp
2016-03-13 18:53:18 ----D---- C:\Windows\Prefetch
2016-03-13 18:53:05 ----D---- C:\Program Files
2016-03-13 18:37:44 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2016-03-13 18:31:07 ----D---- C:\Windows\System32
2016-03-13 18:31:07 ----D---- C:\Windows\inf
2016-03-13 18:31:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-12 17:27:42 ----D---- C:\Windows\system32\config
2016-03-12 17:26:08 ----D---- C:\Users\Tomas\AppData\Roaming\Dropbox
2016-03-11 20:36:04 ----SHD---- C:\System Volume Information
2016-03-11 20:28:23 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-03-11 16:38:04 ----D---- C:\Windows\rescache
2016-03-11 16:20:21 ----D---- C:\Windows\Microsoft.NET
2016-03-11 16:01:26 ----RSD---- C:\Windows\assembly
2016-03-11 06:25:38 ----D---- C:\Windows\winsxs
2016-03-11 06:24:49 ----D---- C:\Windows\system32\en-US
2016-03-11 06:24:49 ----D---- C:\Windows\system32\cs-CZ
2016-03-11 06:24:46 ----D---- C:\Program Files\Internet Explorer
2016-03-09 21:45:20 ----D---- C:\Windows\system32\drivers
2016-03-09 21:45:18 ----D---- C:\Windows\system32\appraiser
2016-03-09 21:45:16 ----D---- C:\Program Files\Windows Media Player
2016-03-09 21:45:15 ----D---- C:\Windows\system32\DriverStore
2016-03-09 18:50:16 ----SHD---- C:\Windows\Installer
2016-03-09 18:50:10 ----D---- C:\ProgramData\Microsoft Help
2016-03-09 18:38:26 ----D---- C:\Windows\system32\MRT
2016-03-09 18:38:22 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 16:50:35 ----D---- C:\Windows\system32\catroot2
2016-03-08 15:47:29 ----D---- C:\Windows\system32\NDF
2016-03-08 09:01:13 ----D---- C:\Program Files\SupTab
2016-03-08 07:00:16 ----HD---- C:\ProgramData
2016-03-08 06:36:03 ----D---- C:\Program Files\Common Files
2016-03-08 06:35:10 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-03-08 06:34:43 ----D---- C:\Program Files\Java
2016-03-04 07:51:53 ----D---- C:\ProgramData\tmp
2016-02-26 22:58:53 ----SD---- C:\Windows\system32\GWX
2016-02-25 20:52:04 ----D---- C:\Users\Tomas\AppData\Roaming\Winamp
2016-02-19 08:26:36 ----D---- C:\ProgramData\Skype
2016-02-15 06:21:48 ----SD---- C:\ProgramData\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-20 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-20 208664]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 330264]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-20 95112]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-20 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-10 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-10 435464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-12 243128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-20 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-20 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-20 113592]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [2015-07-20 220752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2009-05-13 14392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1759872]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-01-22 5191680]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-01-22 125440]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 104976]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 15720]
S3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 15872]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 123504]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SOPIX;SOPIX; C:\Windows\system32\drivers\sopix.sys [2006-10-08 7296]
S3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 131000]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-07-20 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 KMService;KMService; C:\Windows\system32\srvany.exe [2010-10-05 8192]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [2015-07-20 3218624]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 Update sizlsearch;Update sizlsearch; C:\Program Files\sizlsearch\updatesizlsearch.exe []
S2 Util sizlsearch;Util sizlsearch; C:\Program Files\sizlsearch\bin\utilsizlsearch.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-26 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-05 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
vir na facebooku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku
Zdravím!
Jak je na tom váš opr. systém s legalitou?
Jak je na tom váš opr. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vir na facebooku
Popravdě řečenu už ani nevím. Máme ho doma už dlouho, ale asi je legální. Ale nejsem si jistá. J.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku
OK. Udělejte tento sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vir na facebooku
OTL logfile created on: 14.3.2016 19:43:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Data\Tomas\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,98 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 43,73% Memory free
5,96 Gb Paging File | 3,77 Gb Available in Paging File | 63,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 15,40 Gb Free Space | 15,78% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 119,45 Gb Free Space | 32,45% Space Free | Partition Type: NTFS
Computer Name: TOMAS-PC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016.03.14 19:41:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Data\Tomas\Downloads\OTL.exe
PRC - [2016.02.18 05:15:35 | 000,746,648 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2016.02.17 16:08:49 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2016.02.16 19:39:50 | 025,122,080 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2016.01.22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2016.01.22 06:01:48 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2016.01.08 10:47:10 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016.01.08 10:44:00 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2015.11.10 21:05:04 | 006,108,752 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\avastui.exe
PRC - [2015.10.13 11:12:44 | 000,228,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2015.07.20 20:53:41 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2015.07.20 20:52:41 | 003,218,624 | ---- | M] (Avast Software) -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.12.09 11:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010.11.17 21:29:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010.10.25 21:05:47 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010.10.05 19:15:37 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2010.10.05 19:15:37 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe
PRC - [2010.06.29 14:15:18 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.08.18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.02.23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe
========== Modules (No Company Name) ==========
MOD - [2016.02.18 05:14:44 | 001,630,360 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
MOD - [2016.02.18 05:14:32 | 000,085,656 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\48.0.2564.116\libegl.dll
MOD - [2016.02.16 19:39:34 | 000,024,904 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
MOD - [2016.02.16 19:39:34 | 000,021,840 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
MOD - [2016.02.16 19:39:32 | 000,021,832 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
MOD - [2016.02.16 19:39:32 | 000,020,800 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
MOD - [2016.02.16 19:39:30 | 000,023,376 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
MOD - [2016.02.16 19:39:30 | 000,022,352 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
MOD - [2016.02.16 19:39:28 | 000,021,824 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
MOD - [2016.02.16 19:39:28 | 000,020,800 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
MOD - [2016.02.16 19:39:28 | 000,019,776 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
MOD - [2016.02.16 19:39:26 | 000,020,800 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
MOD - [2016.02.16 19:39:24 | 000,381,752 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
MOD - [2016.02.16 19:39:24 | 000,019,760 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
MOD - [2016.02.16 19:39:18 | 003,928,880 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
MOD - [2016.02.16 19:39:18 | 000,223,544 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
MOD - [2016.02.16 19:39:16 | 000,158,008 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
MOD - [2016.02.16 19:39:16 | 000,132,912 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
MOD - [2016.02.16 19:39:14 | 000,546,096 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
MOD - [2016.02.16 19:39:14 | 000,357,680 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
MOD - [2016.02.16 19:39:14 | 000,042,808 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
MOD - [2016.02.16 19:39:12 | 000,531,248 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
MOD - [2016.02.16 19:39:12 | 000,207,672 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
MOD - [2016.02.16 19:39:10 | 001,971,504 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
MOD - [2016.02.16 19:39:10 | 001,826,096 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
MOD - [2016.02.16 19:39:08 | 000,052,024 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
MOD - [2016.02.16 19:39:06 | 000,038,696 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\fastpath.pyd
MOD - [2016.02.16 19:39:06 | 000,024,392 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
MOD - [2016.02.16 19:39:04 | 000,084,792 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
MOD - [2016.02.16 19:39:02 | 000,026,456 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
MOD - [2016.02.16 19:38:52 | 000,020,808 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
MOD - [2016.02.16 19:38:50 | 001,682,760 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
MOD - [2016.02.16 19:38:50 | 000,020,816 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
MOD - [2016.02.16 19:38:48 | 000,117,056 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
MOD - [2016.02.16 19:38:48 | 000,020,280 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
MOD - [2016.01.12 19:52:06 | 000,697,304 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2016.01.12 19:49:22 | 001,631,184 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2016.01.12 19:49:12 | 000,017,864 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2016.01.12 19:47:34 | 000,036,296 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\librsync.dll
MOD - [2016.01.12 19:47:08 | 000,350,152 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winxpgui.pyd
MOD - [2016.01.12 19:47:04 | 000,114,640 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32security.pyd
MOD - [2016.01.12 19:47:04 | 000,048,592 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32service.pyd
MOD - [2016.01.12 19:47:04 | 000,028,616 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32ts.pyd
MOD - [2016.01.12 19:47:02 | 000,043,472 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32process.pyd
MOD - [2016.01.12 19:47:02 | 000,030,160 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32pipe.pyd
MOD - [2016.01.12 19:47:02 | 000,024,016 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32profile.pyd
MOD - [2016.01.12 19:46:50 | 000,175,560 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32gui.pyd
MOD - [2016.01.12 19:46:46 | 000,124,880 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32file.pyd
MOD - [2016.01.12 19:46:40 | 000,057,808 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
MOD - [2016.01.12 19:46:40 | 000,024,528 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32event.pyd
MOD - [2016.01.12 19:46:38 | 000,105,928 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32api.pyd
MOD - [2016.01.12 19:46:38 | 000,024,016 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
MOD - [2016.01.12 19:46:38 | 000,020,936 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\mmapfile.pyd
MOD - [2016.01.12 19:45:54 | 000,112,592 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
MOD - [2016.01.12 19:45:50 | 000,083,912 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\sip.pyd
MOD - [2016.01.12 19:45:42 | 000,240,584 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\jpegtran.pyd
MOD - [2016.01.12 19:45:36 | 000,019,408 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\faulthandler.pyd
MOD - [2016.01.12 19:44:48 | 000,134,608 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_elementtree.pyd
MOD - [2016.01.12 19:44:48 | 000,034,768 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
MOD - [2016.01.12 19:44:46 | 000,093,640 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_ctypes.pyd
MOD - [2016.01.12 19:44:44 | 000,692,688 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\unicodedata.pyd
MOD - [2016.01.12 19:44:42 | 000,018,376 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\select.pyd
MOD - [2016.01.12 19:44:40 | 000,134,088 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\pyexpat.pyd
MOD - [2016.01.12 19:44:34 | 000,116,688 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\pywintypes27.dll
MOD - [2016.01.12 19:44:30 | 000,392,144 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\pythoncom27.dll
MOD - [2016.01.11 10:36:54 | 000,932,032 | R--- | M] () -- C:\Program Files\Skype\Phone\ssScreenVVS2.dll
MOD - [2015.07.20 20:54:00 | 040,540,672 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2015.07.20 20:53:47 | 000,102,864 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\log.dll
MOD - [2015.07.20 20:53:42 | 000,123,976 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.02.10 17:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\sizlsearch\bin\utilsizlsearch.exe -- (Util sizlsearch)
SRV - File not found [Auto | Stopped] -- C:\Program Files\sizlsearch\updatesizlsearch.exe -- (Update sizlsearch)
SRV - [2016.03.11 20:28:23 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016.02.08 21:28:58 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016.01.08 10:47:10 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016.01.08 10:44:00 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2015.07.22 18:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.07.20 20:53:41 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015.07.20 20:52:41 | 003,218,624 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2015.07.09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.12.19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.10.05 19:17:00 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.10.05 19:15:37 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService)
SRV - [2009.08.18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\stwrt.sys -- (STHDA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2015.11.10 21:05:05 | 000,794,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2015.11.10 21:05:05 | 000,435,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2015.07.20 20:54:09 | 000,208,664 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.07.20 20:54:09 | 000,113,592 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2015.07.20 20:54:09 | 000,076,000 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015.07.20 20:54:09 | 000,049,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.07.20 20:54:09 | 000,024,016 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.07.20 20:54:08 | 000,081,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2015.07.20 20:53:27 | 000,095,112 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ngvss.sys -- (ngvss)
DRV - [2015.07.20 20:52:41 | 000,220,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2015.06.11 18:15:04 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2014.07.12 17:36:05 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.17 21:29:20 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/12/29 18:04:20] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010.01.22 02:12:40 | 005,191,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.01.22 01:07:42 | 000,125,440 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009.11.19 14:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009.11.19 14:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009.11.19 14:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009.11.19 14:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009.11.19 14:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009.11.19 14:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009.11.19 14:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009.11.13 10:47:48 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009.10.05 15:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.09.30 02:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.09.17 11:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009.08.18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.08.12 04:37:32 | 001,759,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.05.13 08:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2009.02.24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008.05.23 16:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.10.08 18:24:46 | 000,007,296 | ---- | M] (Insight Concept) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sopix.sys -- (SOPIX)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5VJ40PL2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5VJ40PL2
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{32C61F48-EAA9-4187-8EAE-A37A794B7C5E}: "URL" = http://www.search.ask.com/web?tpid=ORJ- ... erms}&psv=
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.74.2: C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.74.2: C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015.12.10 18:33:55 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [Dropbox Update] C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [Samsung Appstore] C:\Users\Tomas\AppData\Roaming\Mozila\autoit.exe (AutoIt Team)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SOPRO Update.lnk = C:\Program Files\Sopro Imaging\WiseUpdt.exe ()
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 11.74.2)
O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 11.74.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.200.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C09E805A-603E-4858-9B70-1A9A62C5CECD}: DhcpNameServer = 192.168.200.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\Shell - "" = AutoRun
O33 - MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2016.03.13 18:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016.03.13 18:53:05 | 000,000,000 | ---D | C] -- C:\rsit
[2016.03.11 16:43:13 | 000,000,000 | ---D | C] -- D:\Data\Tomas\Desktop\předlohy
[2016.03.11 15:46:01 | 000,000,000 | ---D | C] -- D:\Data\Tomas\Desktop\2016-03-11 Zápis 10.3
[2016.03.10 17:07:20 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016.03.10 17:07:20 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016.03.10 17:07:20 | 000,341,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016.03.10 17:07:20 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016.03.10 17:07:20 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016.03.10 17:07:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016.03.10 17:07:20 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016.03.10 17:07:20 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016.03.10 17:07:20 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016.03.10 17:07:19 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016.03.10 17:07:19 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016.03.10 17:07:19 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016.03.10 17:07:19 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016.03.10 17:07:19 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016.03.10 17:07:19 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016.03.10 17:07:18 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016.03.10 17:07:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016.03.10 17:07:18 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016.03.10 17:07:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016.03.10 17:07:16 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016.03.10 17:07:15 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016.03.10 17:07:14 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016.03.10 17:07:13 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016.03.10 17:07:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016.03.10 17:07:11 | 004,611,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016.03.09 16:55:50 | 002,387,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016.03.09 16:55:47 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2016.03.09 16:55:39 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016.03.09 16:55:38 | 003,994,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016.03.09 16:55:36 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016.03.09 16:55:36 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016.03.09 16:55:36 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016.03.09 16:55:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016.03.09 16:55:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016.03.09 16:55:35 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016.03.09 16:55:35 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016.03.09 16:55:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016.03.09 16:55:35 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016.03.09 16:55:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016.03.09 16:55:30 | 002,956,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2016.03.09 16:55:30 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2016.03.09 16:55:30 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2016.03.09 16:55:30 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2016.03.09 16:55:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2016.03.09 16:55:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2016.03.09 16:55:30 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2016.03.09 16:55:30 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2016.03.09 16:55:30 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2016.03.09 16:55:27 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2016.03.09 16:54:05 | 001,206,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2016.03.09 16:54:05 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016.03.09 16:54:05 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2016.03.09 16:54:05 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2016.03.09 16:54:05 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2016.03.09 16:54:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2016.03.09 16:54:05 | 000,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016.03.09 16:54:04 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2016.03.09 16:54:04 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2016.03.09 16:54:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2016.03.09 16:54:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2016.03.09 16:54:03 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucrtbase.dll
[2016.03.09 16:54:03 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
[2016.03.09 16:54:03 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
[2016.03.09 16:54:03 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
[2016.03.09 16:54:03 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
[2016.03.09 16:54:03 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
[2016.03.09 16:54:03 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
[2016.03.09 16:54:03 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
[2016.03.09 16:54:03 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
[2016.03.09 16:54:03 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
[2016.03.09 16:54:03 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
[2016.03.09 16:54:03 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
[2016.03.09 16:54:03 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
[2016.03.09 16:54:03 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
[2016.03.09 16:54:03 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
[2016.03.09 16:53:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2016.03.09 16:53:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2016.03.09 16:53:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2016.03.09 16:53:58 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2016.03.08 07:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2016.03.08 07:00:02 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\FSDART
[2016.03.08 06:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2016.03.08 06:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2016.03.08 06:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2016.03.08 06:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2016.03.08 06:35:43 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Sun
[2016.03.08 06:35:43 | 000,000,000 | ---D | C] -- C:\Users\Tomas\.oracle_jre_usage
[2016.03.06 10:51:07 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Mozila
[2016.02.27 21:07:51 | 000,000,000 | ---D | C] -- D:\Data\Tomas\Desktop\foto na poslání
[2016.02.19 19:02:44 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016.03.14 19:46:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.03.14 19:42:56 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.03.14 19:42:56 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.03.14 19:40:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016.03.14 19:37:10 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job
[2016.03.14 19:36:40 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.03.14 19:36:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.03.14 18:32:10 | 004,969,489 | ---- | M] () -- D:\Data\Tomas\Desktop\DSC00658.JPG
[2016.03.14 18:31:54 | 004,591,076 | ---- | M] () -- D:\Data\Tomas\Desktop\DSC00657.JPG
[2016.03.14 17:25:38 | 000,677,834 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.03.14 17:25:38 | 000,663,256 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.03.14 17:25:38 | 000,146,720 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.03.14 17:25:38 | 000,126,386 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.03.14 07:40:19 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016.03.14 07:39:59 | 2400,616,448 | -HS- | M] () -- C:\hiberfil.sys
[2016.03.13 17:37:52 | 000,000,866 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job
[2016.03.12 19:24:34 | 002,114,975 | ---- | M] () -- D:\Data\Tomas\Desktop\axa tom.zip
[2016.03.11 20:28:23 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016.03.11 20:28:23 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2016.03.11 15:53:10 | 000,560,800 | ---- | M] () -- D:\Data\Tomas\Desktop\Zápis 10.3 001.jpg
[2016.03.09 21:47:54 | 000,408,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016.03.08 06:39:10 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016.03.08 06:35:10 | 000,095,840 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016.03.07 20:18:22 | 000,004,610 | ---- | M] () -- D:\Data\Tomas\Desktop\LAUBOVÁ_JANA (1).p12
[2016.03.06 10:51:32 | 000,001,328 | ---- | M] () -- D:\Data\Tomas\Desktop\Internet Explorer.lnk
[2016.03.06 10:51:32 | 000,001,328 | ---- | M] () -- D:\Data\Tomas\Desktop\Google Chrome.lnk
[2016.02.25 16:39:55 | 002,115,819 | ---- | M] () -- D:\Data\Tomas\Desktop\axa Jana.zip
[2016.02.20 09:42:16 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.02.19 19:50:25 | 000,034,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016.02.19 19:41:49 | 000,958,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016.02.19 19:03:19 | 000,001,135 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2016.02.19 15:07:31 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016.03.14 19:46:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.03.14 17:25:06 | 004,969,489 | ---- | C] () -- D:\Data\Tomas\Desktop\DSC00658.JPG
[2016.03.14 17:25:01 | 004,591,076 | ---- | C] () -- D:\Data\Tomas\Desktop\DSC00657.JPG
[2016.03.12 19:24:20 | 002,114,975 | ---- | C] () -- D:\Data\Tomas\Desktop\axa tom.zip
[2016.03.11 20:42:39 | 002,115,819 | ---- | C] () -- D:\Data\Tomas\Desktop\axa Jana.zip
[2016.03.11 15:53:10 | 000,560,800 | ---- | C] () -- D:\Data\Tomas\Desktop\Zápis 10.3 001.jpg
[2016.03.08 06:39:10 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016.03.07 20:22:06 | 000,004,610 | ---- | C] () -- D:\Data\Tomas\Desktop\LAUBOVÁ_JANA (1).p12
[2016.03.06 10:51:15 | 000,001,328 | ---- | C] () -- D:\Data\Tomas\Desktop\Internet Explorer.lnk
[2016.03.06 10:51:15 | 000,001,328 | ---- | C] () -- D:\Data\Tomas\Desktop\Google Chrome.lnk
[2011.11.15 20:10:12 | 000,003,584 | ---- | C] () -- C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.01.22 07:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.02.01 16:41:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\.minecraft
[2014.07.12 20:12:58 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AVAST Software
[2014.07.12 17:37:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AVG
[2014.07.13 06:46:38 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BitTorrent
[2014.07.12 17:38:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2016.03.14 07:42:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2012.05.26 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\EurekaLog
[2012.06.19 18:37:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Garmin
[2015.07.14 05:31:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GeoGet
[2010.10.05 18:50:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GHISLER
[2015.09.02 15:36:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\gsak
[2010.12.10 19:52:02 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ImgBurn
[2010.10.17 07:36:14 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Leadertech
[2012.05.17 06:20:40 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Medicus PRO
[2012.09.03 18:37:03 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mobile Atlas Creator
[2016.03.06 10:51:12 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozila
[2015.08.14 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\omiga-plus
[2014.07.12 17:35:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\OpenCandy
[2014.05.12 11:37:26 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Oracle
[2010.10.20 20:27:45 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sony
[2010.10.20 20:25:03 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sony Setup
[2012.05.21 13:29:44 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TeamViewer
[2013.03.29 08:52:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TMNT Demo
[2013.03.29 10:09:30 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Unity
[2010.10.05 19:35:13 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.10.05 20:50:15 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.10.05 20:50:16 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.02.28 22:33:04 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015.06.20 05:15:51 | 000,000,866 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job
[2015.06.20 05:15:54 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2016.01.22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\explorer.exe
[2016.01.22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.19135_none_53a73c47d80e17a9\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2016.01.22 07:07:00 | 002,973,696 | ---- | M] (Microsoft Corporation) MD5=CEA6C2000AEC6CAF3CD6F3F73848E40A -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23338_none_5433dbd6f129009f\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 04:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014.04.05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2014.07.16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a9e0f276db91d08e27d95ae56f71efd0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a9e0f276db91d08e27d95ae56f71efd0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f79c473a9c1d704dbe41b5e4cc146923\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f79c473a9c1d704dbe41b5e4cc146923\*.tmp -> ]
[88 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]
[1 C:\Windows\Temp\{1F190E2A-BFF6-42B7-B934-A3C7B6FE4881}\*.tmp files -> C:\Windows\Temp\{1F190E2A-BFF6-42B7-B934-A3C7B6FE4881}\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.02.01 16:41:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\.minecraft
[2010.10.05 20:19:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Adobe
[2012.08.01 14:37:07 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Apple Computer
[2010.10.25 20:50:21 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ATI
[2014.07.12 20:12:58 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AVAST Software
[2014.07.12 17:37:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AVG
[2014.07.13 06:46:38 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BitTorrent
[2010.12.29 18:05:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\CyberLink
[2014.07.12 17:38:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2016.03.14 07:42:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2012.05.26 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\EurekaLog
[2012.06.19 18:37:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Garmin
[2015.07.14 05:31:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GeoGet
[2010.10.05 18:50:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GHISLER
[2014.04.14 14:00:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Google
[2015.09.02 15:36:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\gsak
[2010.10.06 00:04:48 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Identities
[2010.12.10 19:52:02 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ImgBurn
[2010.10.25 20:52:40 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\InstallShield
[2010.10.17 07:36:14 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Leadertech
[2010.10.05 18:15:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Media Center Programs
[2012.05.17 06:20:40 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Medicus PRO
[2015.09.20 16:55:29 | 000,000,000 | --SD | M] -- C:\Users\Tomas\AppData\Roaming\Microsoft
[2012.09.03 18:37:03 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mobile Atlas Creator
[2016.03.06 10:51:12 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozila
[2015.08.14 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\omiga-plus
[2014.07.12 17:35:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\OpenCandy
[2014.05.12 11:37:26 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Oracle
[2016.03.14 20:11:34 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Skype
[2010.10.20 20:27:45 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sony
[2010.10.20 20:25:03 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sony Setup
[2016.03.08 06:35:43 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sun
[2012.05.21 13:29:44 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TeamViewer
[2013.03.29 08:52:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TMNT Demo
[2013.03.29 10:09:30 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Unity
[2016.02.25 20:52:04 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Winamp
[2010.10.20 18:02:30 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\WinRAR
[2010.10.05 19:35:13 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2014.07.12 17:33:33 | 001,799,512 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\BitTorrent\updates\7.9.2_32344.exe
[2016.02.16 19:39:50 | 025,122,080 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2016.02.16 19:40:02 | 000,173,032 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2016.01.12 19:50:22 | 000,018,392 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe
[2016.02.16 19:39:50 | 025,122,080 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\Client_3.14.7\Dropbox.exe
[2016.03.06 10:51:09 | 000,934,400 | ---- | M] (AutoIt Team) -- C:\Users\Tomas\AppData\Roaming\Mozila\Autoit.exe
[2014.04.09 23:33:06 | 027,826,600 | ---- | M] (AVG) -- C:\Users\Tomas\AppData\Roaming\OpenCandy\929CE3E14A2244C89129B6CCE7251AC5\AVG-PC-TuneUp2014.exe
[2010.10.20 20:25:44 | 033,850,672 | ---- | M] (Apple Inc.) -- C:\Users\Tomas\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
[2010.10.05 19:37:15 | 007,383,104 | ---- | M] (ZONER software ) -- C:\Users\Tomas\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build10.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2016.03.14 19:36:40 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016.03.13 17:37:52 | 000,000,866 | ---- | M] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job
[2016.03.14 20:13:58 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job
[2016.03.14 07:40:19 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016.03.14 19:40:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2016.03.14 19:42:56 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.03.14 19:42:56 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.03.11 20:28:23 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2016.03.11 20:28:23 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2016.03.14 17:25:38 | 000,146,720 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2016.03.14 17:25:38 | 000,126,386 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2016.03.14 17:25:38 | 000,677,834 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2016.03.14 17:25:38 | 000,663,256 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2016.03.14 17:25:38 | 001,611,880 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Pando Media Booster" = C:\Program Files\Pando Networks\Media Booster\PMB.exe -- [2013.03.28 16:22:03 | 004,482,718 | ---- | M] ()
"DAEMON Tools Lite" = "D:\DAEMON Tools Lite\DTLite.exe" -autorun
"Dropbox Update" = "C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c -- [2015.06.20 05:15:49 | 000,134,512 | ---- | M] (Dropbox, Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2016.02.10 15:09:20 | 050,605,696 | R--- | M] (Skype Technologies S.A.)
"Samsung Appstore" = "C:\Users\Tomas\AppData\Roaming\Mozila\autoit.exe" "C:\Users\Tomas\AppData\Roaming\Mozila\up.au3" -- [2016.03.06 10:51:09 | 000,934,400 | ---- | M] (AutoIt Team)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2016.02.09 07:10:26 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=9A663A210C03A364AF5357F5E68203AB -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016.02.18 05:15:35 | 000,746,648 | ---- | M] (Google Inc.) MD5=63740680B14C2EEE08B11ADADFA98DA1 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016.03.14 19:46:23 | 000,000,512 | ---- | M] () MD5=6C100B1A8253FABA306F3759CD9EB667 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
[2009.08.29 12:10:12 | 000,586,240 | ---- | M] () -- \Garmin\mapy\keygen.exe
[2010.07.25 17:17:26 | 001,990,144 | ---- | M] () -- \PS2\Instalacky\Keygen.exe
< *loader* /s >
[2013.03.29 08:23:40 | 000,393,064 | ---- | M] () -- \Data\Tomas\Downloads\SoftonicDownloader_for_teenage-mutant-ninja-turtles.exe
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Data\Tomas\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,98 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 43,73% Memory free
5,96 Gb Paging File | 3,77 Gb Available in Paging File | 63,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 15,40 Gb Free Space | 15,78% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 119,45 Gb Free Space | 32,45% Space Free | Partition Type: NTFS
Computer Name: TOMAS-PC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016.03.14 19:41:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Data\Tomas\Downloads\OTL.exe
PRC - [2016.02.18 05:15:35 | 000,746,648 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2016.02.17 16:08:49 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2016.02.16 19:39:50 | 025,122,080 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2016.01.22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2016.01.22 06:01:48 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2016.01.08 10:47:10 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016.01.08 10:44:00 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2015.11.10 21:05:04 | 006,108,752 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\avastui.exe
PRC - [2015.10.13 11:12:44 | 000,228,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2015.07.20 20:53:41 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2015.07.20 20:52:41 | 003,218,624 | ---- | M] (Avast Software) -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.12.09 11:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010.11.17 21:29:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010.10.25 21:05:47 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010.10.05 19:15:37 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2010.10.05 19:15:37 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe
PRC - [2010.06.29 14:15:18 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.08.18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.02.23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe
========== Modules (No Company Name) ==========
MOD - [2016.02.18 05:14:44 | 001,630,360 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
MOD - [2016.02.18 05:14:32 | 000,085,656 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\48.0.2564.116\libegl.dll
MOD - [2016.02.16 19:39:34 | 000,024,904 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
MOD - [2016.02.16 19:39:34 | 000,021,840 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
MOD - [2016.02.16 19:39:32 | 000,021,832 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
MOD - [2016.02.16 19:39:32 | 000,020,800 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
MOD - [2016.02.16 19:39:30 | 000,023,376 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
MOD - [2016.02.16 19:39:30 | 000,022,352 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
MOD - [2016.02.16 19:39:28 | 000,021,824 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
MOD - [2016.02.16 19:39:28 | 000,020,800 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
MOD - [2016.02.16 19:39:28 | 000,019,776 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
MOD - [2016.02.16 19:39:26 | 000,020,800 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
MOD - [2016.02.16 19:39:24 | 000,381,752 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
MOD - [2016.02.16 19:39:24 | 000,019,760 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
MOD - [2016.02.16 19:39:18 | 003,928,880 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
MOD - [2016.02.16 19:39:18 | 000,223,544 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
MOD - [2016.02.16 19:39:16 | 000,158,008 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
MOD - [2016.02.16 19:39:16 | 000,132,912 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
MOD - [2016.02.16 19:39:14 | 000,546,096 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
MOD - [2016.02.16 19:39:14 | 000,357,680 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
MOD - [2016.02.16 19:39:14 | 000,042,808 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
MOD - [2016.02.16 19:39:12 | 000,531,248 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
MOD - [2016.02.16 19:39:12 | 000,207,672 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
MOD - [2016.02.16 19:39:10 | 001,971,504 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
MOD - [2016.02.16 19:39:10 | 001,826,096 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
MOD - [2016.02.16 19:39:08 | 000,052,024 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
MOD - [2016.02.16 19:39:06 | 000,038,696 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\fastpath.pyd
MOD - [2016.02.16 19:39:06 | 000,024,392 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
MOD - [2016.02.16 19:39:04 | 000,084,792 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
MOD - [2016.02.16 19:39:02 | 000,026,456 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
MOD - [2016.02.16 19:38:52 | 000,020,808 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
MOD - [2016.02.16 19:38:50 | 001,682,760 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
MOD - [2016.02.16 19:38:50 | 000,020,816 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
MOD - [2016.02.16 19:38:48 | 000,117,056 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
MOD - [2016.02.16 19:38:48 | 000,020,280 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
MOD - [2016.01.12 19:52:06 | 000,697,304 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2016.01.12 19:49:22 | 001,631,184 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2016.01.12 19:49:12 | 000,017,864 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2016.01.12 19:47:34 | 000,036,296 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\librsync.dll
MOD - [2016.01.12 19:47:08 | 000,350,152 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\winxpgui.pyd
MOD - [2016.01.12 19:47:04 | 000,114,640 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32security.pyd
MOD - [2016.01.12 19:47:04 | 000,048,592 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32service.pyd
MOD - [2016.01.12 19:47:04 | 000,028,616 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32ts.pyd
MOD - [2016.01.12 19:47:02 | 000,043,472 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32process.pyd
MOD - [2016.01.12 19:47:02 | 000,030,160 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32pipe.pyd
MOD - [2016.01.12 19:47:02 | 000,024,016 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32profile.pyd
MOD - [2016.01.12 19:46:50 | 000,175,560 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32gui.pyd
MOD - [2016.01.12 19:46:46 | 000,124,880 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32file.pyd
MOD - [2016.01.12 19:46:40 | 000,057,808 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
MOD - [2016.01.12 19:46:40 | 000,024,528 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32event.pyd
MOD - [2016.01.12 19:46:38 | 000,105,928 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32api.pyd
MOD - [2016.01.12 19:46:38 | 000,024,016 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
MOD - [2016.01.12 19:46:38 | 000,020,936 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\mmapfile.pyd
MOD - [2016.01.12 19:45:54 | 000,112,592 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
MOD - [2016.01.12 19:45:50 | 000,083,912 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\sip.pyd
MOD - [2016.01.12 19:45:42 | 000,240,584 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\jpegtran.pyd
MOD - [2016.01.12 19:45:36 | 000,019,408 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\faulthandler.pyd
MOD - [2016.01.12 19:44:48 | 000,134,608 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_elementtree.pyd
MOD - [2016.01.12 19:44:48 | 000,034,768 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
MOD - [2016.01.12 19:44:46 | 000,093,640 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\_ctypes.pyd
MOD - [2016.01.12 19:44:44 | 000,692,688 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\unicodedata.pyd
MOD - [2016.01.12 19:44:42 | 000,018,376 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\select.pyd
MOD - [2016.01.12 19:44:40 | 000,134,088 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\pyexpat.pyd
MOD - [2016.01.12 19:44:34 | 000,116,688 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\pywintypes27.dll
MOD - [2016.01.12 19:44:30 | 000,392,144 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\pythoncom27.dll
MOD - [2016.01.11 10:36:54 | 000,932,032 | R--- | M] () -- C:\Program Files\Skype\Phone\ssScreenVVS2.dll
MOD - [2015.07.20 20:54:00 | 040,540,672 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2015.07.20 20:53:47 | 000,102,864 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\log.dll
MOD - [2015.07.20 20:53:42 | 000,123,976 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.02.10 17:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\sizlsearch\bin\utilsizlsearch.exe -- (Util sizlsearch)
SRV - File not found [Auto | Stopped] -- C:\Program Files\sizlsearch\updatesizlsearch.exe -- (Update sizlsearch)
SRV - [2016.03.11 20:28:23 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016.02.08 21:28:58 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016.01.08 10:47:10 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016.01.08 10:44:00 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2015.07.22 18:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.07.20 20:53:41 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015.07.20 20:52:41 | 003,218,624 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2015.07.09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.12.19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.10.05 19:17:00 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.10.05 19:15:37 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService)
SRV - [2009.08.18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\stwrt.sys -- (STHDA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2015.11.10 21:05:05 | 000,794,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2015.11.10 21:05:05 | 000,435,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2015.07.20 20:54:09 | 000,208,664 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.07.20 20:54:09 | 000,113,592 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2015.07.20 20:54:09 | 000,076,000 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015.07.20 20:54:09 | 000,049,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.07.20 20:54:09 | 000,024,016 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.07.20 20:54:08 | 000,081,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2015.07.20 20:53:27 | 000,095,112 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ngvss.sys -- (ngvss)
DRV - [2015.07.20 20:52:41 | 000,220,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2015.06.11 18:15:04 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2014.07.12 17:36:05 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.17 21:29:20 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/12/29 18:04:20] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010.01.22 02:12:40 | 005,191,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.01.22 01:07:42 | 000,125,440 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009.11.19 14:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009.11.19 14:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009.11.19 14:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009.11.19 14:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009.11.19 14:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009.11.19 14:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009.11.19 14:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009.11.13 10:47:48 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009.10.05 15:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.09.30 02:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.09.17 11:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009.08.18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.08.12 04:37:32 | 001,759,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.05.13 08:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2009.02.24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008.05.23 16:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.10.08 18:24:46 | 000,007,296 | ---- | M] (Insight Concept) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sopix.sys -- (SOPIX)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5VJ40PL2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5VJ40PL2
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{32C61F48-EAA9-4187-8EAE-A37A794B7C5E}: "URL" = http://www.search.ask.com/web?tpid=ORJ- ... erms}&psv=
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.74.2: C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.74.2: C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015.12.10 18:33:55 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [Dropbox Update] C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [Samsung Appstore] C:\Users\Tomas\AppData\Roaming\Mozila\autoit.exe (AutoIt Team)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SOPRO Update.lnk = C:\Program Files\Sopro Imaging\WiseUpdt.exe ()
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 11.74.2)
O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 11.74.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.200.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C09E805A-603E-4858-9B70-1A9A62C5CECD}: DhcpNameServer = 192.168.200.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\Shell - "" = AutoRun
O33 - MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2016.03.13 18:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016.03.13 18:53:05 | 000,000,000 | ---D | C] -- C:\rsit
[2016.03.11 16:43:13 | 000,000,000 | ---D | C] -- D:\Data\Tomas\Desktop\předlohy
[2016.03.11 15:46:01 | 000,000,000 | ---D | C] -- D:\Data\Tomas\Desktop\2016-03-11 Zápis 10.3
[2016.03.10 17:07:20 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016.03.10 17:07:20 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016.03.10 17:07:20 | 000,341,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016.03.10 17:07:20 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016.03.10 17:07:20 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016.03.10 17:07:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016.03.10 17:07:20 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016.03.10 17:07:20 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016.03.10 17:07:20 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016.03.10 17:07:19 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016.03.10 17:07:19 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016.03.10 17:07:19 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016.03.10 17:07:19 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016.03.10 17:07:19 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016.03.10 17:07:19 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016.03.10 17:07:18 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016.03.10 17:07:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016.03.10 17:07:18 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016.03.10 17:07:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016.03.10 17:07:16 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016.03.10 17:07:15 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016.03.10 17:07:14 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016.03.10 17:07:13 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016.03.10 17:07:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016.03.10 17:07:11 | 004,611,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016.03.09 16:55:50 | 002,387,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016.03.09 16:55:47 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2016.03.09 16:55:39 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016.03.09 16:55:38 | 003,994,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016.03.09 16:55:36 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016.03.09 16:55:36 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016.03.09 16:55:36 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016.03.09 16:55:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016.03.09 16:55:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016.03.09 16:55:35 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016.03.09 16:55:35 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016.03.09 16:55:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016.03.09 16:55:35 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016.03.09 16:55:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016.03.09 16:55:30 | 002,956,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2016.03.09 16:55:30 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2016.03.09 16:55:30 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2016.03.09 16:55:30 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2016.03.09 16:55:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2016.03.09 16:55:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2016.03.09 16:55:30 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2016.03.09 16:55:30 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2016.03.09 16:55:30 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2016.03.09 16:55:27 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2016.03.09 16:54:05 | 001,206,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2016.03.09 16:54:05 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016.03.09 16:54:05 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2016.03.09 16:54:05 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2016.03.09 16:54:05 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2016.03.09 16:54:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2016.03.09 16:54:05 | 000,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016.03.09 16:54:04 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2016.03.09 16:54:04 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2016.03.09 16:54:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2016.03.09 16:54:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2016.03.09 16:54:03 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucrtbase.dll
[2016.03.09 16:54:03 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
[2016.03.09 16:54:03 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
[2016.03.09 16:54:03 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
[2016.03.09 16:54:03 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
[2016.03.09 16:54:03 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
[2016.03.09 16:54:03 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
[2016.03.09 16:54:03 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
[2016.03.09 16:54:03 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
[2016.03.09 16:54:03 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
[2016.03.09 16:54:03 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
[2016.03.09 16:54:03 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
[2016.03.09 16:54:03 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
[2016.03.09 16:54:03 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
[2016.03.09 16:54:03 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
[2016.03.09 16:54:03 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
[2016.03.09 16:53:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2016.03.09 16:53:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2016.03.09 16:53:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2016.03.09 16:53:58 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2016.03.08 07:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2016.03.08 07:00:02 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\FSDART
[2016.03.08 06:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2016.03.08 06:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2016.03.08 06:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2016.03.08 06:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2016.03.08 06:35:43 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Sun
[2016.03.08 06:35:43 | 000,000,000 | ---D | C] -- C:\Users\Tomas\.oracle_jre_usage
[2016.03.06 10:51:07 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Mozila
[2016.02.27 21:07:51 | 000,000,000 | ---D | C] -- D:\Data\Tomas\Desktop\foto na poslání
[2016.02.19 19:02:44 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016.03.14 19:46:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.03.14 19:42:56 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.03.14 19:42:56 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.03.14 19:40:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016.03.14 19:37:10 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job
[2016.03.14 19:36:40 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.03.14 19:36:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.03.14 18:32:10 | 004,969,489 | ---- | M] () -- D:\Data\Tomas\Desktop\DSC00658.JPG
[2016.03.14 18:31:54 | 004,591,076 | ---- | M] () -- D:\Data\Tomas\Desktop\DSC00657.JPG
[2016.03.14 17:25:38 | 000,677,834 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.03.14 17:25:38 | 000,663,256 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.03.14 17:25:38 | 000,146,720 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.03.14 17:25:38 | 000,126,386 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.03.14 07:40:19 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016.03.14 07:39:59 | 2400,616,448 | -HS- | M] () -- C:\hiberfil.sys
[2016.03.13 17:37:52 | 000,000,866 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job
[2016.03.12 19:24:34 | 002,114,975 | ---- | M] () -- D:\Data\Tomas\Desktop\axa tom.zip
[2016.03.11 20:28:23 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016.03.11 20:28:23 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2016.03.11 15:53:10 | 000,560,800 | ---- | M] () -- D:\Data\Tomas\Desktop\Zápis 10.3 001.jpg
[2016.03.09 21:47:54 | 000,408,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016.03.08 06:39:10 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016.03.08 06:35:10 | 000,095,840 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016.03.07 20:18:22 | 000,004,610 | ---- | M] () -- D:\Data\Tomas\Desktop\LAUBOVÁ_JANA (1).p12
[2016.03.06 10:51:32 | 000,001,328 | ---- | M] () -- D:\Data\Tomas\Desktop\Internet Explorer.lnk
[2016.03.06 10:51:32 | 000,001,328 | ---- | M] () -- D:\Data\Tomas\Desktop\Google Chrome.lnk
[2016.02.25 16:39:55 | 002,115,819 | ---- | M] () -- D:\Data\Tomas\Desktop\axa Jana.zip
[2016.02.20 09:42:16 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.02.19 19:50:25 | 000,034,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016.02.19 19:41:49 | 000,958,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016.02.19 19:03:19 | 000,001,135 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2016.02.19 15:07:31 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016.03.14 19:46:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.03.14 17:25:06 | 004,969,489 | ---- | C] () -- D:\Data\Tomas\Desktop\DSC00658.JPG
[2016.03.14 17:25:01 | 004,591,076 | ---- | C] () -- D:\Data\Tomas\Desktop\DSC00657.JPG
[2016.03.12 19:24:20 | 002,114,975 | ---- | C] () -- D:\Data\Tomas\Desktop\axa tom.zip
[2016.03.11 20:42:39 | 002,115,819 | ---- | C] () -- D:\Data\Tomas\Desktop\axa Jana.zip
[2016.03.11 15:53:10 | 000,560,800 | ---- | C] () -- D:\Data\Tomas\Desktop\Zápis 10.3 001.jpg
[2016.03.08 06:39:10 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016.03.07 20:22:06 | 000,004,610 | ---- | C] () -- D:\Data\Tomas\Desktop\LAUBOVÁ_JANA (1).p12
[2016.03.06 10:51:15 | 000,001,328 | ---- | C] () -- D:\Data\Tomas\Desktop\Internet Explorer.lnk
[2016.03.06 10:51:15 | 000,001,328 | ---- | C] () -- D:\Data\Tomas\Desktop\Google Chrome.lnk
[2011.11.15 20:10:12 | 000,003,584 | ---- | C] () -- C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.01.22 07:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.02.01 16:41:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\.minecraft
[2014.07.12 20:12:58 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AVAST Software
[2014.07.12 17:37:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AVG
[2014.07.13 06:46:38 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BitTorrent
[2014.07.12 17:38:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2016.03.14 07:42:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2012.05.26 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\EurekaLog
[2012.06.19 18:37:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Garmin
[2015.07.14 05:31:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GeoGet
[2010.10.05 18:50:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GHISLER
[2015.09.02 15:36:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\gsak
[2010.12.10 19:52:02 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ImgBurn
[2010.10.17 07:36:14 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Leadertech
[2012.05.17 06:20:40 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Medicus PRO
[2012.09.03 18:37:03 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mobile Atlas Creator
[2016.03.06 10:51:12 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozila
[2015.08.14 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\omiga-plus
[2014.07.12 17:35:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\OpenCandy
[2014.05.12 11:37:26 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Oracle
[2010.10.20 20:27:45 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sony
[2010.10.20 20:25:03 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sony Setup
[2012.05.21 13:29:44 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TeamViewer
[2013.03.29 08:52:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TMNT Demo
[2013.03.29 10:09:30 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Unity
[2010.10.05 19:35:13 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.10.05 20:50:15 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.10.05 20:50:16 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.02.28 22:33:04 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015.06.20 05:15:51 | 000,000,866 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job
[2015.06.20 05:15:54 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2016.01.22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\explorer.exe
[2016.01.22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.19135_none_53a73c47d80e17a9\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2016.01.22 07:07:00 | 002,973,696 | ---- | M] (Microsoft Corporation) MD5=CEA6C2000AEC6CAF3CD6F3F73848E40A -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23338_none_5433dbd6f129009f\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 04:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014.04.05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2014.07.16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a9e0f276db91d08e27d95ae56f71efd0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a9e0f276db91d08e27d95ae56f71efd0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f79c473a9c1d704dbe41b5e4cc146923\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f79c473a9c1d704dbe41b5e4cc146923\*.tmp -> ]
[88 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]
[1 C:\Windows\Temp\{1F190E2A-BFF6-42B7-B934-A3C7B6FE4881}\*.tmp files -> C:\Windows\Temp\{1F190E2A-BFF6-42B7-B934-A3C7B6FE4881}\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.02.01 16:41:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\.minecraft
[2010.10.05 20:19:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Adobe
[2012.08.01 14:37:07 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Apple Computer
[2010.10.25 20:50:21 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ATI
[2014.07.12 20:12:58 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AVAST Software
[2014.07.12 17:37:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AVG
[2014.07.13 06:46:38 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BitTorrent
[2010.12.29 18:05:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\CyberLink
[2014.07.12 17:38:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2016.03.14 07:42:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2012.05.26 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\EurekaLog
[2012.06.19 18:37:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Garmin
[2015.07.14 05:31:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GeoGet
[2010.10.05 18:50:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GHISLER
[2014.04.14 14:00:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Google
[2015.09.02 15:36:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\gsak
[2010.10.06 00:04:48 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Identities
[2010.12.10 19:52:02 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ImgBurn
[2010.10.25 20:52:40 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\InstallShield
[2010.10.17 07:36:14 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Leadertech
[2010.10.05 18:15:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Media Center Programs
[2012.05.17 06:20:40 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Medicus PRO
[2015.09.20 16:55:29 | 000,000,000 | --SD | M] -- C:\Users\Tomas\AppData\Roaming\Microsoft
[2012.09.03 18:37:03 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mobile Atlas Creator
[2016.03.06 10:51:12 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozila
[2015.08.14 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\omiga-plus
[2014.07.12 17:35:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\OpenCandy
[2014.05.12 11:37:26 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Oracle
[2016.03.14 20:11:34 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Skype
[2010.10.20 20:27:45 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sony
[2010.10.20 20:25:03 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sony Setup
[2016.03.08 06:35:43 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Sun
[2012.05.21 13:29:44 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TeamViewer
[2013.03.29 08:52:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TMNT Demo
[2013.03.29 10:09:30 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Unity
[2016.02.25 20:52:04 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Winamp
[2010.10.20 18:02:30 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\WinRAR
[2010.10.05 19:35:13 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2014.07.12 17:33:33 | 001,799,512 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\BitTorrent\updates\7.9.2_32344.exe
[2016.02.16 19:39:50 | 025,122,080 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2016.02.16 19:40:02 | 000,173,032 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2016.01.12 19:50:22 | 000,018,392 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe
[2016.02.16 19:39:50 | 025,122,080 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\Client_3.14.7\Dropbox.exe
[2016.03.06 10:51:09 | 000,934,400 | ---- | M] (AutoIt Team) -- C:\Users\Tomas\AppData\Roaming\Mozila\Autoit.exe
[2014.04.09 23:33:06 | 027,826,600 | ---- | M] (AVG) -- C:\Users\Tomas\AppData\Roaming\OpenCandy\929CE3E14A2244C89129B6CCE7251AC5\AVG-PC-TuneUp2014.exe
[2010.10.20 20:25:44 | 033,850,672 | ---- | M] (Apple Inc.) -- C:\Users\Tomas\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
[2010.10.05 19:37:15 | 007,383,104 | ---- | M] (ZONER software ) -- C:\Users\Tomas\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build10.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2016.03.14 19:36:40 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016.03.13 17:37:52 | 000,000,866 | ---- | M] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job
[2016.03.14 20:13:58 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job
[2016.03.14 07:40:19 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016.03.14 19:40:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2016.03.14 19:42:56 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.03.14 19:42:56 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.03.11 20:28:23 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2016.03.11 20:28:23 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2016.03.14 17:25:38 | 000,146,720 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2016.03.14 17:25:38 | 000,126,386 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2016.03.14 17:25:38 | 000,677,834 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2016.03.14 17:25:38 | 000,663,256 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2016.03.14 17:25:38 | 001,611,880 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Pando Media Booster" = C:\Program Files\Pando Networks\Media Booster\PMB.exe -- [2013.03.28 16:22:03 | 004,482,718 | ---- | M] ()
"DAEMON Tools Lite" = "D:\DAEMON Tools Lite\DTLite.exe" -autorun
"Dropbox Update" = "C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c -- [2015.06.20 05:15:49 | 000,134,512 | ---- | M] (Dropbox, Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2016.02.10 15:09:20 | 050,605,696 | R--- | M] (Skype Technologies S.A.)
"Samsung Appstore" = "C:\Users\Tomas\AppData\Roaming\Mozila\autoit.exe" "C:\Users\Tomas\AppData\Roaming\Mozila\up.au3" -- [2016.03.06 10:51:09 | 000,934,400 | ---- | M] (AutoIt Team)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2016.02.09 07:10:26 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=9A663A210C03A364AF5357F5E68203AB -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016.02.18 05:15:35 | 000,746,648 | ---- | M] (Google Inc.) MD5=63740680B14C2EEE08B11ADADFA98DA1 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016.03.14 19:46:23 | 000,000,512 | ---- | M] () MD5=6C100B1A8253FABA306F3759CD9EB667 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
[2009.08.29 12:10:12 | 000,586,240 | ---- | M] () -- \Garmin\mapy\keygen.exe
[2010.07.25 17:17:26 | 001,990,144 | ---- | M] () -- \PS2\Instalacky\Keygen.exe
< *loader* /s >
[2013.03.29 08:23:40 | 000,393,064 | ---- | M] () -- \Data\Tomas\Downloads\SoftonicDownloader_for_teenage-mutant-ninja-turtles.exe
< End of report >
Re: vir na facebooku
OTL Extras logfile created on: 14.3.2016 19:43:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Data\Tomas\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,98 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 43,73% Memory free
5,96 Gb Paging File | 3,77 Gb Available in Paging File | 63,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 15,40 Gb Free Space | 15,78% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 119,45 Gb Free Space | 32,45% Space Free | Partition Type: NTFS
Computer Name: TOMAS-PC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE prezentace] -- "C:\Program Files\Fotolab\Fotolab Fotosvet\CEWE prezentace.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet] -- "C:\Program Files\Fotolab\Fotolab Fotosvet\Fotolab Fotosvet.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1096377E-E6E3-4AEF-926B-981D17E0FB53}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{1417D41D-CC86-4553-9654-29A42743E1F2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1AFAA326-7769-4D36-87B1-2D75E02BE00E}" = lport=138 | protocol=17 | dir=in | app=system |
"{2073E3FB-9161-4E14-B8A8-D1E3A37DD1BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{260CA318-D947-4C3D-9897-67362EAB1C34}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{277803CB-6825-47D2-BBBE-9D80A72ABE68}" = rport=137 | protocol=17 | dir=out | app=system |
"{307C6C7D-1842-4B0E-B9FD-476380ECD587}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{32990897-A4FE-4808-8E8B-525467918891}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{392F8736-163B-4B4E-B4A0-3741236F8743}" = lport=57037 | protocol=6 | dir=in | name=pando media booster |
"{5127F2D0-AAA2-4CD4-B3AD-F98B1D5FC62F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{52FBBAFE-805E-4998-AAA8-01B08D1C1750}" = lport=10243 | protocol=6 | dir=in | app=system |
"{60717989-0684-4C65-BB04-4ADB475C31E8}" = lport=57037 | protocol=17 | dir=in | name=pando media booster |
"{63380633-CE72-4C82-8CEC-3A6E04B08A6C}" = lport=57037 | protocol=17 | dir=in | name=pando media booster |
"{669705E7-F1AA-410F-A33A-2A2DAA0F0B76}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76A001CD-EB7A-46E3-B1BA-F705C76C40EE}" = rport=139 | protocol=6 | dir=out | app=system |
"{7E255BC3-B117-4E4B-8128-46C6AA7F1EFE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{857F4180-8E82-43DC-A617-62659F4A68EF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{897FAD2D-BD20-4A8A-B2DF-5E6DA59F4DC0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{89AE27EF-E503-480E-A92D-E1596491342D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D0FA83D-799B-432E-B6F0-593849063881}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8DEABB40-676E-46B6-85F5-4EB31DA20AD4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9DAF21BC-C477-4CDB-8DCF-7CBB95555E5B}" = rport=445 | protocol=6 | dir=out | app=system |
"{C000D814-C5A8-4FA3-AB83-9DC66A0C6483}" = lport=139 | protocol=6 | dir=in | app=system |
"{C0F9E35F-4697-457D-B20C-417D14195090}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9C014FE-F6B6-4CB6-83BE-C599C671259D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CCA3B712-E003-4E84-BC79-8464BA0DF221}" = lport=57037 | protocol=6 | dir=in | name=pando media booster |
"{E8AC840F-545F-4044-B5BE-0D5521CF433E}" = rport=138 | protocol=17 | dir=out | app=system |
"{EE53BE53-388F-4316-A097-6FAB1A2F7BEE}" = lport=445 | protocol=6 | dir=in | app=system |
"{FDF50AB6-6E63-4059-940B-2E4C60ABC427}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08DCE719-8345-4F96-BFB8-609C017C789F}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{1315DC9E-1874-4CAD-9026-A725C5691925}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A969988-610E-498D-8BB5-8D2E2D020CE0}" = protocol=6 | dir=out | app=system |
"{2820A47D-5831-4E45-A12E-FBC7A24A73B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{321DF53D-4EA5-456E-9BE8-6AE66D055976}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{4C58F683-779C-48A8-96D0-5C20DCD01DE2}" = dir=in | app=c:\program files\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{4ED42BD3-9135-4B14-87E5-693093132FEA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F815F74-B68E-4EE8-89FD-D000F9C36093}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{4FFCA7A3-FAE8-4D82-A344-C68E248E914D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{506B4E4C-5059-4FAE-A0F1-91A285D50D6B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{569466C3-2DE9-4BF2-8073-4A523ADCBBFE}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5C36352F-D535-4F0F-AF1E-8B5FBF77A06B}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5F5C7F31-8B05-4D13-A6FD-3254CC239B36}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{66C2C70F-ABFD-4778-91EC-837192C4522E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{70690000-47E0-4E71-A8D0-6ED1BA9441F6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{723BF87A-5F30-4A5B-9BBA-F27DA95BC37B}" = dir=in | app=c:\program files\cyberlink\powerdvd10\powerdvd10.exe |
"{73F7A60E-F6D9-426A-9FA5-B92F55A6EDCE}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{76046FE6-2AF7-421A-A23B-B78C2348BA03}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{76564241-E9BF-4274-B99B-EAD9A704BA81}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7E42BEB6-D79C-4F44-9CC5-D630ADEBBF03}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8278D279-D7B6-417A-A24D-E2568FF18F97}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe |
"{829B6421-6E3F-4429-8502-9A6D3417FA10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8986A50F-8B14-4F24-AC66-E034603E388D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B09430B-A74A-4603-B5CF-C1CF8CE0BE5F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8FB9B6FC-ED27-4759-BBBE-E59B7CE669A0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{98149CA2-4465-44A3-B8B7-8DA14C1603B1}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{9AE052A4-B3A4-401A-9CE5-40DC157974FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9AF4BAFA-21BB-4335-894B-C58B7D597B6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A7427A39-227F-4EFF-8CEF-7095B434DF1D}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{A85E0979-0417-4642-B59E-E19C7F23718F}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe |
"{C2B50EDD-F7B5-4A96-90DF-9D6AF1DFE6B9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{C3C3762D-11FA-4D10-9EFC-CF793473137E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE619D9D-9D5B-489E-929B-28F01E5CA8FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D801727E-2A03-4776-BD4E-85A2277144ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D8D43228-8B05-47DE-80C8-B6FE7766A4A7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EDED3F23-5D29-4558-A489-6B44829237CF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F8875F9E-45FD-41E8-809F-429547A552D7}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{03053E88-E33B-4111-BB18-9E3E53735285}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{2CA4EF41-C262-4915-8A2B-A8B9E197573B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{3275CF24-C563-4CCC-AA1F-962D7B625184}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{3629C46C-8D9D-4548-A00B-7034D2572EC6}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{5E4A3CDB-8CCC-4047-9231-38FB5DC6F1D4}C:\users\tomas\appdata\roaming\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\bittorrent\bittorrent.exe |
"TCP Query User{6DB4F512-084C-430B-BE67-155C462B84ED}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{756874DD-FEA3-4460-BDC9-601D29A180A8}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{975E3FC8-B30D-481B-A275-E509BC7E141D}C:\program files\sony\media go\mediago.exe" = protocol=6 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"TCP Query User{988C43C7-8CC5-4F05-ACC7-5BD7429BB9C0}C:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{BF90EC74-37A2-4073-A9AF-419DC0F524D1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{F13600CE-F050-47FE-A81A-526558A0D16B}C:\users\tomas\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{F1BA7436-79FF-40BF-8CD3-AE68F5368CAF}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{12DE32A6-4A2C-453B-813A-560BF00732F8}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{1B64D1F2-5A0E-44B0-A7A4-CBC76372A065}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{234A446A-B094-4C43-8B02-A828DA91B0BB}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{4F870A11-B8E6-4A09-A966-F2C4E837884C}C:\program files\sony\media go\mediago.exe" = protocol=17 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"UDP Query User{95F13376-DF33-4DD7-A6E6-C13AE7DD0FB5}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{975036F8-CFFB-48E0-BFF8-8EAE493F3E55}C:\users\tomas\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{9AFBC7C8-1D29-4E05-935D-7899B24A0AEB}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{A1556F3F-4B39-49C9-A19A-B35E242C2E97}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{BBFD109F-0989-415C-8ACD-84C568FC0B85}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{CC4E5A15-D0CB-4EB6-9313-FEBE854FC517}C:\users\tomas\appdata\roaming\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\bittorrent\bittorrent.exe |
"UDP Query User{E099A9C3-7445-4486-8681-3100B26E331B}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F098D1D8-7D6E-40FB-B0C4-0B130105CD21}C:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0FBAFFD8-BCBA-4631-97E8-433DE7D1D753}" = Garmin MapInstall
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series" = Canon MP490 series MP Drivers
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{26A24AE4-039D-4CA4-87B4-2F83218074F0}" = Java 8 Update 74
"{2E0A8315-9A0B-4310-BD0A-14471A7CB69F}_is1" = MyFound_6.0.5.4
"{30500C7C-2206-3DC6-9792-96E95A04669D}" = Microsoft .NET Framework 4.6.1
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.6.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3A56896-24EC-412D-BC5E-F8168DFA1934}" = TMNT Demo
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}" = Garmin USB Drivers
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.4 - Czech
"{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}" = Garmin Communicator Plugin
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{EB33445C-02E0-4885-AFE2-8DA02D5B3D2A}" = Makita Service Information
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFCB4F04-04AD-4B17-999E-E7B54F9817A9}" = Garmin BaseCamp
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4C709E1-76EC-3A6B-A015-38AEB35CAED0}" = Microsoft .NET Framework 4.6.1 (CSY)
"{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}" = Garmin WebUpdater
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.18
"{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}" = QuickTime 7
"7-Zip" = 7-Zip 9.20
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 21 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"ASUS USB2.0 UVC VGA WebCam" = ASUS USB2.0 UVC VGA WebCam
"avast" = Avast Free Antivirus
"CyberLink PowerDVD 10.0.2325.51 Mark II" = CyberLink PowerDVD 10.0.2325.51 Mark II - odinstalovat češtinu
"DVD Shrink_is1" = DVD Shrink 3.2
"Fotolab Fotosvet" = Fotolab Fotosvet
"GeoGet_is1" = GeoGet verze 2.9.2.759
"Google Chrome" = Google Chrome
"GSAK_is1" = GSAK 8.1.1.119
"ImgBurn" = ImgBurn
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"JDownloader" = JDownloader
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenSSL_is1" = OpenSSL 0.9.8e
"OziExplorer 3.95_is1" = OziExplorer 3.95
"ShoppingReport2" = ShopperReports
"SOPRO-Imaging" = SOPRO-Imaging
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"XviD_is1" = XviD 1.1 final uninstall
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"HappyCloud" = Happy Cloud Client
"LOTROen" = The Lord of the Rings Online
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.2.2016 1:21:17 | Computer Name = Tomas-PC | Source = ESENT | ID = 485
Description = Windows (5296) Windows: Pokus o odstranění složky C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru,
neboť jej právě využívá jiný proces. . Operace odstranění složky se nezdaří a dojde
k chybě -1032 (0xfffffbf8).
Error - 15.2.2016 1:21:17 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 15.2.2016 1:21:17 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 1006
Description =
Error - 22.2.2016 4:12:42 | Computer Name = Tomas-PC | Source = ESENT | ID = 490
Description = Windows (1448) Windows: Pokus o otevření souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error - 22.2.2016 4:12:42 | Computer Name = Tomas-PC | Source = ESENT | ID = 439
Description = Windows (1448) Windows: Pro soubor C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
nelze zapsat stínové záhlaví. Chyba -1032
Error - 24.2.2016 3:30:54 | Computer Name = Tomas-PC | Source = Application Hang | ID = 1002
Description = Program winamp.exe verze 5.6.0.3091 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
fcc Čas spuštění: 01d16ed536554d59 Čas ukončení: 14 Cesta k aplikaci: C:\Program Files\Winamp\winamp.exe
ID
hlášení: 831205b9-dac8-11e5-b57b-485b39373524
Error - 2.3.2016 11:52:47 | Computer Name = Tomas-PC | Source = ESENT | ID = 490
Description = Windows (3996) Windows: Pokus o otevření souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error - 2.3.2016 11:52:47 | Computer Name = Tomas-PC | Source = ESENT | ID = 439
Description = Windows (3996) Windows: Pro soubor C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
nelze zapsat stínové záhlaví. Chyba -1032
Error - 8.3.2016 16:56:42 | Computer Name = Tomas-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary {9d5747ee-0448-4681-8337-1555de75a3b6}Gw.
System
Error: Systém nemůže nalézt uvedený soubor. .
Error - 10.3.2016 1:22:51 | Computer Name = Tomas-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
[ Media Center Events ]
Error - 19.11.2011 8:40:24 | Computer Name = Tomas-PC | Source = MCUpdate | ID = 0
Description = 13:40:21 - Načtení položky Broadband se nezdařilo. (Chyba: Platnost
operace vypršela.)
Error - 29.3.2013 16:03:55 | Computer Name = Tomas-PC | Source = MCUpdate | ID = 0
Description = 21:03:55 - Chyba při připojování k Internetu 21:03:55 - Nelze kontaktovat
server..
Error - 29.3.2013 16:04:28 | Computer Name = Tomas-PC | Source = MCUpdate | ID = 0
Description = 21:04:24 - Chyba při připojování k Internetu 21:04:24 - Nelze kontaktovat
server..
[ System Events ]
Error - 14.3.2016 1:18:32 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7000
Description = Služba Util sizlsearch neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 14.3.2016 2:40:03 | Computer Name = Tomas-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 14.3.2016 2:40:03 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 2:40:27 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7000
Description = Služba Update sizlsearch neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 14.3.2016 2:40:27 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7000
Description = Služba Util sizlsearch neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 14.3.2016 7:06:28 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 7:58:52 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 12:06:44 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 12:20:26 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 14:36:33 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Data\Tomas\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,98 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 43,73% Memory free
5,96 Gb Paging File | 3,77 Gb Available in Paging File | 63,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 15,40 Gb Free Space | 15,78% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 119,45 Gb Free Space | 32,45% Space Free | Partition Type: NTFS
Computer Name: TOMAS-PC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE prezentace] -- "C:\Program Files\Fotolab\Fotolab Fotosvet\CEWE prezentace.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet] -- "C:\Program Files\Fotolab\Fotolab Fotosvet\Fotolab Fotosvet.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1096377E-E6E3-4AEF-926B-981D17E0FB53}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{1417D41D-CC86-4553-9654-29A42743E1F2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1AFAA326-7769-4D36-87B1-2D75E02BE00E}" = lport=138 | protocol=17 | dir=in | app=system |
"{2073E3FB-9161-4E14-B8A8-D1E3A37DD1BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{260CA318-D947-4C3D-9897-67362EAB1C34}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{277803CB-6825-47D2-BBBE-9D80A72ABE68}" = rport=137 | protocol=17 | dir=out | app=system |
"{307C6C7D-1842-4B0E-B9FD-476380ECD587}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{32990897-A4FE-4808-8E8B-525467918891}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{392F8736-163B-4B4E-B4A0-3741236F8743}" = lport=57037 | protocol=6 | dir=in | name=pando media booster |
"{5127F2D0-AAA2-4CD4-B3AD-F98B1D5FC62F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{52FBBAFE-805E-4998-AAA8-01B08D1C1750}" = lport=10243 | protocol=6 | dir=in | app=system |
"{60717989-0684-4C65-BB04-4ADB475C31E8}" = lport=57037 | protocol=17 | dir=in | name=pando media booster |
"{63380633-CE72-4C82-8CEC-3A6E04B08A6C}" = lport=57037 | protocol=17 | dir=in | name=pando media booster |
"{669705E7-F1AA-410F-A33A-2A2DAA0F0B76}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76A001CD-EB7A-46E3-B1BA-F705C76C40EE}" = rport=139 | protocol=6 | dir=out | app=system |
"{7E255BC3-B117-4E4B-8128-46C6AA7F1EFE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{857F4180-8E82-43DC-A617-62659F4A68EF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{897FAD2D-BD20-4A8A-B2DF-5E6DA59F4DC0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{89AE27EF-E503-480E-A92D-E1596491342D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D0FA83D-799B-432E-B6F0-593849063881}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8DEABB40-676E-46B6-85F5-4EB31DA20AD4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9DAF21BC-C477-4CDB-8DCF-7CBB95555E5B}" = rport=445 | protocol=6 | dir=out | app=system |
"{C000D814-C5A8-4FA3-AB83-9DC66A0C6483}" = lport=139 | protocol=6 | dir=in | app=system |
"{C0F9E35F-4697-457D-B20C-417D14195090}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9C014FE-F6B6-4CB6-83BE-C599C671259D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CCA3B712-E003-4E84-BC79-8464BA0DF221}" = lport=57037 | protocol=6 | dir=in | name=pando media booster |
"{E8AC840F-545F-4044-B5BE-0D5521CF433E}" = rport=138 | protocol=17 | dir=out | app=system |
"{EE53BE53-388F-4316-A097-6FAB1A2F7BEE}" = lport=445 | protocol=6 | dir=in | app=system |
"{FDF50AB6-6E63-4059-940B-2E4C60ABC427}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08DCE719-8345-4F96-BFB8-609C017C789F}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{1315DC9E-1874-4CAD-9026-A725C5691925}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A969988-610E-498D-8BB5-8D2E2D020CE0}" = protocol=6 | dir=out | app=system |
"{2820A47D-5831-4E45-A12E-FBC7A24A73B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{321DF53D-4EA5-456E-9BE8-6AE66D055976}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{4C58F683-779C-48A8-96D0-5C20DCD01DE2}" = dir=in | app=c:\program files\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{4ED42BD3-9135-4B14-87E5-693093132FEA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F815F74-B68E-4EE8-89FD-D000F9C36093}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{4FFCA7A3-FAE8-4D82-A344-C68E248E914D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{506B4E4C-5059-4FAE-A0F1-91A285D50D6B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{569466C3-2DE9-4BF2-8073-4A523ADCBBFE}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5C36352F-D535-4F0F-AF1E-8B5FBF77A06B}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5F5C7F31-8B05-4D13-A6FD-3254CC239B36}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{66C2C70F-ABFD-4778-91EC-837192C4522E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{70690000-47E0-4E71-A8D0-6ED1BA9441F6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{723BF87A-5F30-4A5B-9BBA-F27DA95BC37B}" = dir=in | app=c:\program files\cyberlink\powerdvd10\powerdvd10.exe |
"{73F7A60E-F6D9-426A-9FA5-B92F55A6EDCE}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{76046FE6-2AF7-421A-A23B-B78C2348BA03}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{76564241-E9BF-4274-B99B-EAD9A704BA81}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7E42BEB6-D79C-4F44-9CC5-D630ADEBBF03}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8278D279-D7B6-417A-A24D-E2568FF18F97}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe |
"{829B6421-6E3F-4429-8502-9A6D3417FA10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8986A50F-8B14-4F24-AC66-E034603E388D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B09430B-A74A-4603-B5CF-C1CF8CE0BE5F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8FB9B6FC-ED27-4759-BBBE-E59B7CE669A0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{98149CA2-4465-44A3-B8B7-8DA14C1603B1}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{9AE052A4-B3A4-401A-9CE5-40DC157974FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9AF4BAFA-21BB-4335-894B-C58B7D597B6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A7427A39-227F-4EFF-8CEF-7095B434DF1D}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{A85E0979-0417-4642-B59E-E19C7F23718F}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe |
"{C2B50EDD-F7B5-4A96-90DF-9D6AF1DFE6B9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{C3C3762D-11FA-4D10-9EFC-CF793473137E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE619D9D-9D5B-489E-929B-28F01E5CA8FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D801727E-2A03-4776-BD4E-85A2277144ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D8D43228-8B05-47DE-80C8-B6FE7766A4A7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EDED3F23-5D29-4558-A489-6B44829237CF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F8875F9E-45FD-41E8-809F-429547A552D7}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{03053E88-E33B-4111-BB18-9E3E53735285}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{2CA4EF41-C262-4915-8A2B-A8B9E197573B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{3275CF24-C563-4CCC-AA1F-962D7B625184}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{3629C46C-8D9D-4548-A00B-7034D2572EC6}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{5E4A3CDB-8CCC-4047-9231-38FB5DC6F1D4}C:\users\tomas\appdata\roaming\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\bittorrent\bittorrent.exe |
"TCP Query User{6DB4F512-084C-430B-BE67-155C462B84ED}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{756874DD-FEA3-4460-BDC9-601D29A180A8}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{975E3FC8-B30D-481B-A275-E509BC7E141D}C:\program files\sony\media go\mediago.exe" = protocol=6 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"TCP Query User{988C43C7-8CC5-4F05-ACC7-5BD7429BB9C0}C:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{BF90EC74-37A2-4073-A9AF-419DC0F524D1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{F13600CE-F050-47FE-A81A-526558A0D16B}C:\users\tomas\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{F1BA7436-79FF-40BF-8CD3-AE68F5368CAF}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{12DE32A6-4A2C-453B-813A-560BF00732F8}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{1B64D1F2-5A0E-44B0-A7A4-CBC76372A065}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{234A446A-B094-4C43-8B02-A828DA91B0BB}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{4F870A11-B8E6-4A09-A966-F2C4E837884C}C:\program files\sony\media go\mediago.exe" = protocol=17 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"UDP Query User{95F13376-DF33-4DD7-A6E6-C13AE7DD0FB5}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{975036F8-CFFB-48E0-BFF8-8EAE493F3E55}C:\users\tomas\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{9AFBC7C8-1D29-4E05-935D-7899B24A0AEB}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{A1556F3F-4B39-49C9-A19A-B35E242C2E97}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{BBFD109F-0989-415C-8ACD-84C568FC0B85}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{CC4E5A15-D0CB-4EB6-9313-FEBE854FC517}C:\users\tomas\appdata\roaming\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\bittorrent\bittorrent.exe |
"UDP Query User{E099A9C3-7445-4486-8681-3100B26E331B}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F098D1D8-7D6E-40FB-B0C4-0B130105CD21}C:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0FBAFFD8-BCBA-4631-97E8-433DE7D1D753}" = Garmin MapInstall
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series" = Canon MP490 series MP Drivers
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{26A24AE4-039D-4CA4-87B4-2F83218074F0}" = Java 8 Update 74
"{2E0A8315-9A0B-4310-BD0A-14471A7CB69F}_is1" = MyFound_6.0.5.4
"{30500C7C-2206-3DC6-9792-96E95A04669D}" = Microsoft .NET Framework 4.6.1
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.6.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3A56896-24EC-412D-BC5E-F8168DFA1934}" = TMNT Demo
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}" = Garmin USB Drivers
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.4 - Czech
"{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}" = Garmin Communicator Plugin
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{EB33445C-02E0-4885-AFE2-8DA02D5B3D2A}" = Makita Service Information
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFCB4F04-04AD-4B17-999E-E7B54F9817A9}" = Garmin BaseCamp
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4C709E1-76EC-3A6B-A015-38AEB35CAED0}" = Microsoft .NET Framework 4.6.1 (CSY)
"{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}" = Garmin WebUpdater
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.18
"{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}" = QuickTime 7
"7-Zip" = 7-Zip 9.20
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 21 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"ASUS USB2.0 UVC VGA WebCam" = ASUS USB2.0 UVC VGA WebCam
"avast" = Avast Free Antivirus
"CyberLink PowerDVD 10.0.2325.51 Mark II" = CyberLink PowerDVD 10.0.2325.51 Mark II - odinstalovat češtinu
"DVD Shrink_is1" = DVD Shrink 3.2
"Fotolab Fotosvet" = Fotolab Fotosvet
"GeoGet_is1" = GeoGet verze 2.9.2.759
"Google Chrome" = Google Chrome
"GSAK_is1" = GSAK 8.1.1.119
"ImgBurn" = ImgBurn
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"JDownloader" = JDownloader
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenSSL_is1" = OpenSSL 0.9.8e
"OziExplorer 3.95_is1" = OziExplorer 3.95
"ShoppingReport2" = ShopperReports
"SOPRO-Imaging" = SOPRO-Imaging
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"XviD_is1" = XviD 1.1 final uninstall
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"HappyCloud" = Happy Cloud Client
"LOTROen" = The Lord of the Rings Online
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.2.2016 1:21:17 | Computer Name = Tomas-PC | Source = ESENT | ID = 485
Description = Windows (5296) Windows: Pokus o odstranění složky C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru,
neboť jej právě využívá jiný proces. . Operace odstranění složky se nezdaří a dojde
k chybě -1032 (0xfffffbf8).
Error - 15.2.2016 1:21:17 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 15.2.2016 1:21:17 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 1006
Description =
Error - 22.2.2016 4:12:42 | Computer Name = Tomas-PC | Source = ESENT | ID = 490
Description = Windows (1448) Windows: Pokus o otevření souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error - 22.2.2016 4:12:42 | Computer Name = Tomas-PC | Source = ESENT | ID = 439
Description = Windows (1448) Windows: Pro soubor C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
nelze zapsat stínové záhlaví. Chyba -1032
Error - 24.2.2016 3:30:54 | Computer Name = Tomas-PC | Source = Application Hang | ID = 1002
Description = Program winamp.exe verze 5.6.0.3091 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
fcc Čas spuštění: 01d16ed536554d59 Čas ukončení: 14 Cesta k aplikaci: C:\Program Files\Winamp\winamp.exe
ID
hlášení: 831205b9-dac8-11e5-b57b-485b39373524
Error - 2.3.2016 11:52:47 | Computer Name = Tomas-PC | Source = ESENT | ID = 490
Description = Windows (3996) Windows: Pokus o otevření souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error - 2.3.2016 11:52:47 | Computer Name = Tomas-PC | Source = ESENT | ID = 439
Description = Windows (3996) Windows: Pro soubor C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
nelze zapsat stínové záhlaví. Chyba -1032
Error - 8.3.2016 16:56:42 | Computer Name = Tomas-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary {9d5747ee-0448-4681-8337-1555de75a3b6}Gw.
System
Error: Systém nemůže nalézt uvedený soubor. .
Error - 10.3.2016 1:22:51 | Computer Name = Tomas-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
[ Media Center Events ]
Error - 19.11.2011 8:40:24 | Computer Name = Tomas-PC | Source = MCUpdate | ID = 0
Description = 13:40:21 - Načtení položky Broadband se nezdařilo. (Chyba: Platnost
operace vypršela.)
Error - 29.3.2013 16:03:55 | Computer Name = Tomas-PC | Source = MCUpdate | ID = 0
Description = 21:03:55 - Chyba při připojování k Internetu 21:03:55 - Nelze kontaktovat
server..
Error - 29.3.2013 16:04:28 | Computer Name = Tomas-PC | Source = MCUpdate | ID = 0
Description = 21:04:24 - Chyba při připojování k Internetu 21:04:24 - Nelze kontaktovat
server..
[ System Events ]
Error - 14.3.2016 1:18:32 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7000
Description = Služba Util sizlsearch neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 14.3.2016 2:40:03 | Computer Name = Tomas-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 14.3.2016 2:40:03 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 2:40:27 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7000
Description = Služba Update sizlsearch neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 14.3.2016 2:40:27 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7000
Description = Služba Util sizlsearch neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 14.3.2016 7:06:28 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 7:58:52 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 12:06:44 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 12:20:26 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 14.3.2016 14:36:33 | Computer Name = Tomas-PC | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:
Po restartu se objevi novy log, ten sem dejte.
Do spodniho okna vlozte nasledujici text:
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5VJ40PL2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... VJ40PL2&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... VJ40PL2&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... VJ40PL2&q={searchTerms}
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5VJ40PL2
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{32C61F48-EAA9-4187-8EAE-A37A794B7C5E}: "URL" = http://www.search.ask.com/web?tpid=ORJ- ... trgb=IE&q={searchTerms}&psv=
IE - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... VJ40PL2&q={searchTerms}
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O4 - HKU\S-1-5-21-321508157-7404182-2858267914-1001..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-321508157-7404182-2858267914-1001\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\Shell - "" = AutoRun
O33 - MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
:files
C:\Program Files\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job
C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Tomas\AppData\Roaming\OpenCandy
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Po restartu se objevi novy log, ten sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vir na facebooku
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKU\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Internet Explorer\SearchScopes\{32C61F48-EAA9-4187-8EAE-A37A794B7C5E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32C61F48-EAA9-4187-8EAE-A37A794B7C5E}\ not found.
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\he folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fil folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\et folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es_419 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_US folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_GB folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ar folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\zh_TW folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\vi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ur folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\uk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\th folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\sv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\sr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\sk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ru folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ro folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\pt_PT folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\pl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\nl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\nb folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ms folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\lv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\lt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\id folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\he folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\fa folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\et folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\en_GB folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\bn folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\be folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ar folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\scripts folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui\templates folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui\icons folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui\css folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui\bgs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\skin\img folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\skin\css folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\skin folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\scripts folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\mocks folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\libs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\zh folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\si folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\pt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\ko_KR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\lib folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\js folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\images folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\css folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_GB folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster deleted successfully.
C:\Program Files\Pando Networks\Media Booster\PMB.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
File C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skypec2c\ deleted successfully.
File C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1fa62e26-dc6b-11df-815a-485b39373524}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1fa62e26-dc6b-11df-815a-485b39373524}\ not found.
File F:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bda4df75-d0d3-11df-a870-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bda4df75-d0d3-11df-a870-806e6f6e6963}\ not found.
File E:\InstAll.exe not found.
========== FILES ==========
Folder move failed. C:\Program Files\Skype\Toolbars\PNRSvc scheduled to be moved on reboot.
C:\Program Files\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files\Skype\Toolbars\ChromeExtension folder moved successfully.
Folder move failed. C:\Program Files\Skype\Toolbars\AutoUpdate scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars scheduled to be moved on reboot.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job moved successfully.
C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Users\Tomas\AppData\Roaming\OpenCandy\929CE3E14A2244C89129B6CCE7251AC5 folder moved successfully.
C:\Users\Tomas\AppData\Roaming\OpenCandy folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\455F074C814E4520B69B5584BD90400C.TMP folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Tomas
->Temp folder emptied: 3092345198 bytes
->Temporary Internet Files folder emptied: 233053925 bytes
->Java cache emptied: 11234304 bytes
->Google Chrome cache emptied: 335028598 bytes
->Flash cache emptied: 84680 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1015140247 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 6023556704 bytes
Total Files Cleaned = 10 214,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Tomas
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 03142016_210244
Files\Folders moved on Reboot...
Folder move failed. C:\Program Files\Skype\Toolbars\PNRSvc scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars\AutoUpdate scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars\PNRSvc scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars\AutoUpdate scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKU\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Internet Explorer\SearchScopes\{32C61F48-EAA9-4187-8EAE-A37A794B7C5E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32C61F48-EAA9-4187-8EAE-A37A794B7C5E}\ not found.
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\he folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fil folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\et folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es_419 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_US folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en_GB folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales\ar folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\zh_TW folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\vi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ur folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\uk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\th folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\sv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\sr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\sk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ru folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ro folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\pt_PT folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\pl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\nl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\nb folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ms folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\lv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\lt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\id folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\he folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\fa folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\et folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\en_GB folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\bn folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\be folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales\ar folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\scripts folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui\templates folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui\icons folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui\css folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui\bgs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\ui folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\skin\img folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\skin\css folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\skin folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\scripts folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\mocks folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common\libs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0\common folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\zh folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\si folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\pt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\ko_KR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\lib folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\js folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\images folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0\css folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.7_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_GB folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster deleted successfully.
C:\Program Files\Pando Networks\Media Booster\PMB.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
File C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skypec2c\ deleted successfully.
File C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1fa62e26-dc6b-11df-815a-485b39373524}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1fa62e26-dc6b-11df-815a-485b39373524}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1fa62e26-dc6b-11df-815a-485b39373524}\ not found.
File F:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bda4df75-d0d3-11df-a870-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bda4df75-d0d3-11df-a870-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bda4df75-d0d3-11df-a870-806e6f6e6963}\ not found.
File E:\InstAll.exe not found.
========== FILES ==========
Folder move failed. C:\Program Files\Skype\Toolbars\PNRSvc scheduled to be moved on reboot.
C:\Program Files\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files\Skype\Toolbars\ChromeExtension folder moved successfully.
Folder move failed. C:\Program Files\Skype\Toolbars\AutoUpdate scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars scheduled to be moved on reboot.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-321508157-7404182-2858267914-1001Core.job moved successfully.
C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Users\Tomas\AppData\Roaming\OpenCandy\929CE3E14A2244C89129B6CCE7251AC5 folder moved successfully.
C:\Users\Tomas\AppData\Roaming\OpenCandy folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\455F074C814E4520B69B5584BD90400C.TMP folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Tomas
->Temp folder emptied: 3092345198 bytes
->Temporary Internet Files folder emptied: 233053925 bytes
->Java cache emptied: 11234304 bytes
->Google Chrome cache emptied: 335028598 bytes
->Flash cache emptied: 84680 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1015140247 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 6023556704 bytes
Total Files Cleaned = 10 214,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Tomas
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 03142016_210244
Files\Folders moved on Reboot...
Folder move failed. C:\Program Files\Skype\Toolbars\PNRSvc scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars\AutoUpdate scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars\PNRSvc scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars\AutoUpdate scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Skype\Toolbars scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vir na facebooku
Stále stejné - když se přihlásím na facebook, tak se na mé stránce začnou zobrazovat erotická videa pod hlavičkou BER. Potom jsem si ještě všimla, že když mi hned naběhne stránka facebooku, tak mi po chvilce zmizí ten malý trojúhelník vpravo, kterým se člověk odhlašuje od facebooku. Musím si vždy stránku aktualizovat a potom být dost rychlá, abych si to odhlásila.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vir na facebooku
Stránka mi píše toto:
Webová stránka byla zablokována rozšířením
ERR_BLOCKED_BY_CLIENT
Jak to mám vyřešit?
Díky.
Webová stránka byla zablokována rozšířením
ERR_BLOCKED_BY_CLIENT
Jak to mám vyřešit?
Díky.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku
Zkuste stáhnout odjinud, nebo použijte jiný prohlížeč. Zkuste tento odkaz: http://www.bleepingcomputer.com/downloa ... ware/dl/7/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vir na facebooku
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 14.3.2016
Čas skenování: 21:51
Protokol: mbam.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.03.14.06
Databáze rootkitů: v2016.03.12.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Tomas
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 322938
Uplynulý čas: 15 min, 37 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
RiskWare.Tool.CK, C:\Windows\KMService.exe, 1792, , [b1fdc3c41980b086f3a257cea35f01ff]
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 30
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\TYPELIB\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}, , [09a5315698010234c62b477b59a9b848],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\TYPELIB\{D44FD6F0-9746-484E-B5C4-C66688393872}, , [119d137439602e08c42fcbf7966c5aa6],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\INTERFACE\{0EB3F101-224A-4B2B-9E5B-DF720857529C}, , [119d137439602e08c42fcbf7966c5aa6],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}, , [119d137439602e08c42fcbf7966c5aa6],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.HbInfoBand, , [b5f99ee9cfca2b0b41b1d4ee61a1bb45],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.HbInfoBand.1, , [129cf5923a5f7fb7ea08774b27db629e],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.IEButton, , [cbe3038486130f2732bda91910f245bb],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.IEButton.1, , [515d33546f2afc3ae40bc101837f718f],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.RprtCtrl, , [2d81dea9f8a1e2541bd38d3500022ed2],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.RprtCtrl.1, , [fbb3e2a5069330062fbf13afbe4402fe],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.IEButtonA, , [9f0f89fe4d4c4fe724cc8141bd4512ee],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.IEButtonA.1, , [d8d650373960bf7700f0dbe730d2748c],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.HbAx, , [00ae8dfa7a1f9a9cd2235e640002ff01],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.HbAx.1, , [911d3453f8a1e65019dc2a980ff3e31d],
PUP.Optional.ISearch.ShrtCln, HKLM\SOFTWARE\omiga-plusSoftware, , [149a9cebaaef58deecd4fae6bb48ec14],
Adware.ShoppingReports, HKLM\SOFTWARE\ShoppingReport2, , [3a74a8df2a6f112537e1989f7a8a758b],
PUP.Optional.SupTab, HKLM\SOFTWARE\supTab, , [04aa1e6954451422a70ef67ecb3957a9],
PUP.Optional.WPM, HKLM\SOFTWARE\supWindowsMangerProtect, , [228c70178f0ad06688b9d1639074c739],
PUP.Optional.SupTab, HKLM\SOFTWARE\supWPM, , [2688acdb71280e2804342ffcc0445ca4],
PUP.Optional.SearchApp, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, , [515dcbbc9108ee483df3e341bc4859a7],
Adware.HotBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ShoppingReport2, , [3a74daad8e0b0a2c2d077f729172ca36],
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPDP, , [565850371b7e58deb6801714f70d6f91],
PUP.Optional.SizlSearch, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update sizlsearch, , [d3db6225544570c6d66c80a724e0df21],
PUP.Optional.SizlSearch, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util sizlsearch, , [7e306a1d277246f0dc6628ff709411ef],
PUP.Optional.IEPluginServices, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, , [832bcdbab8e14fe78151bd51e61ec937],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update sizlsearch, , [bbf38106a9f051e51629f127f11247b9],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util sizlsearch, , [8826f295b6e31c1ae75871a7a2610df3],
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [39757017346589add2cf5ad9a3619a66],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, , [921c82057e1b2a0c7457f22f669d847c],
Adware.ShoppingReports, HKU\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\ShoppingReport2, , [c8e62265bfda8caacc4b2d0aa2627d83],
Hodnoty registru: 2
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPDP|dir, C:\Program Files\SupTab, , [565850371b7e58deb6801714f70d6f91]
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPTAB|ptid, adks, , [921c62252277a98d8bac2308d82cca36]
Data registru: 3
PUP.Optional.OmigaPlus.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... XX5VJ40PL2, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... XX5VJ40PL2),,[149a1b6ce9b0c96d76c7c84c49bce719]
PUP.Optional.OmigaPlus.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://go.microsoft.com/fwlink/?LinkId= ... XX5VJ40PL2, Dobré: (www.google.com), Špatné: (http://go.microsoft.com/fwlink/?LinkId= ... XX5VJ40PL2),,[d8d6087fcacf95a1920aef2837ce44bc]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[347a04830297de58c9e12fe4b253cd33]
Složky: 39
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, , [01ad02851c7d33034b0e657c6b97718f],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Roaming\omiga-plus, , [911d4047cfcaa195f1a9944d5ea4da26],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Roaming\omiga-plus\log, , [911d4047cfcaa195f1a9944d5ea4da26],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices, , [446a2f58415833038476b44254ae7789],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update, , [446a2f58415833038476b44254ae7789],
PUP.Optional.ShoppingReport, C:\Users\Tomas\AppData\LocalLow\ShoppingReport2, , [3579aed9edacc472c3a4b74cd52e9c64],
PUP.Optional.ShoppingReport, C:\Users\Tomas\AppData\LocalLow\ShoppingReport2\cs, , [3579aed9edacc472c3a4b74cd52e9c64],
PUP.Optional.ShoppingReport, C:\Users\Tomas\AppData\LocalLow\ShoppingReport2\cs\dwld, , [3579aed9edacc472c3a4b74cd52e9c64],
PUP.Optional.SupTab, C:\Program Files\SupTab, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\weather, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\en-US, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-419, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-ES, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-BE, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CA, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CH, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-FR, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-LU, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-CH, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-IT, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pl, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt-BR, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru-MO, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\tr-TR, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\vi-VI, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-CN, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-TW, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect, , [01ada4e3dabfce6826c0d4353cc76a96],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect\log, , [01ada4e3dabfce6826c0d4353cc76a96],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect\update, , [01ada4e3dabfce6826c0d4353cc76a96],
Adware.ShoppingReports, C:\Program Files\ShoppingReport2, , [8925dbace4b5ab8b8175f5152dd6a060],
Adware.ShoppingReports, C:\Program Files\ShoppingReport2\Bin, , [8925dbace4b5ab8b8175f5152dd6a060],
Adware.ShoppingReports, C:\Program Files\ShoppingReport2\Bin\2.7.37, , [8925dbace4b5ab8b8175f5152dd6a060],
Soubory: 63
RiskWare.Tool.CK, C:\Windows\KMService.exe, , [b1fdc3c41980b086f3a257cea35f01ff],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage, , [5a54fd8a2e6b9f97fa06a58308fb32ce],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal, , [6f3ff88f89108babad5314142fd403fd],
PUP.Optional.MindSpark, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_crazyforcrafts.dl.tb.ask.com_0.localstorage, , [f9b541467d1c69cd97e8d3428c78dc24],
PUP.Optional.MindSpark, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_crazyforcrafts.dl.tb.ask.com_0.localstorage-journal, , [0ba30483039683b3b0cfe03553b1e21e],
PUP.Optional.QuickStart, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, , [c2ec95f2188185b1892cde427f8550b0],
PUP.Optional.QuickStart, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal, , [1a94bdca69304cea268fcc54ed175fa1],
PUP.Optional.HDApp, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage, , [57575433b4e5ff370938f8874cb8c040],
PUP.Optional.HDApp, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage-journal, , [c6e863240a8fab8ba69be897a3618977],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Roaming\omiga-plus\log\UninstallManager_2014-07-12[19-33-56-787].log, , [911d4047cfcaa195f1a9944d5ea4da26],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update\conf, , [446a2f58415833038476b44254ae7789],
PUP.Optional.ShoppingReport, C:\Users\Tomas\AppData\LocalLow\ShoppingReport2\cs\Config.xml, , [3579aed9edacc472c3a4b74cd52e9c64],
PUP.Optional.SupTab, C:\Program Files\SupTab\ient.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\install.data, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\uninstall.exe, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\WebDataJs, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\data.html, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\indexIE.html, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\indexIE8.html, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\main.css, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\ver.txt, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\arrow.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_add_logo.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_add_logo_hover.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_logo.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\googlelogo.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\googlelogo2.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\google_trends.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon128.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon16.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon48.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\loading.gif, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\logo32.ico, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\weather\0.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\common.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\ga.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\ie8.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\jquery-1.11.0.min.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\jquery.autocomplete.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\js.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\library.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\xagainit.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\en-US\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-419\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-ES\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-BE\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CA\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CH\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-FR\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-LU\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-CH\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-IT\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pl\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt-BR\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru-MO\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\tr-TR\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\vi-VI\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-CN\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-TW\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-12[18-42-26-558].log, , [01ada4e3dabfce6826c0d4353cc76a96],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect\update\conf, , [01ada4e3dabfce6826c0d4353cc76a96],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 14.3.2016
Čas skenování: 21:51
Protokol: mbam.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.03.14.06
Databáze rootkitů: v2016.03.12.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Tomas
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 322938
Uplynulý čas: 15 min, 37 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
RiskWare.Tool.CK, C:\Windows\KMService.exe, 1792, , [b1fdc3c41980b086f3a257cea35f01ff]
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 30
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\TYPELIB\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}, , [09a5315698010234c62b477b59a9b848],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\TYPELIB\{D44FD6F0-9746-484E-B5C4-C66688393872}, , [119d137439602e08c42fcbf7966c5aa6],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\INTERFACE\{0EB3F101-224A-4B2B-9E5B-DF720857529C}, , [119d137439602e08c42fcbf7966c5aa6],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}, , [119d137439602e08c42fcbf7966c5aa6],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.HbInfoBand, , [b5f99ee9cfca2b0b41b1d4ee61a1bb45],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.HbInfoBand.1, , [129cf5923a5f7fb7ea08774b27db629e],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.IEButton, , [cbe3038486130f2732bda91910f245bb],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.IEButton.1, , [515d33546f2afc3ae40bc101837f718f],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.RprtCtrl, , [2d81dea9f8a1e2541bd38d3500022ed2],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.RprtCtrl.1, , [fbb3e2a5069330062fbf13afbe4402fe],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.IEButtonA, , [9f0f89fe4d4c4fe724cc8141bd4512ee],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.IEButtonA.1, , [d8d650373960bf7700f0dbe730d2748c],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.HbAx, , [00ae8dfa7a1f9a9cd2235e640002ff01],
Adware.ShoppingReports, HKLM\SOFTWARE\CLASSES\ShoppingReport2.HbAx.1, , [911d3453f8a1e65019dc2a980ff3e31d],
PUP.Optional.ISearch.ShrtCln, HKLM\SOFTWARE\omiga-plusSoftware, , [149a9cebaaef58deecd4fae6bb48ec14],
Adware.ShoppingReports, HKLM\SOFTWARE\ShoppingReport2, , [3a74a8df2a6f112537e1989f7a8a758b],
PUP.Optional.SupTab, HKLM\SOFTWARE\supTab, , [04aa1e6954451422a70ef67ecb3957a9],
PUP.Optional.WPM, HKLM\SOFTWARE\supWindowsMangerProtect, , [228c70178f0ad06688b9d1639074c739],
PUP.Optional.SupTab, HKLM\SOFTWARE\supWPM, , [2688acdb71280e2804342ffcc0445ca4],
PUP.Optional.SearchApp, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, , [515dcbbc9108ee483df3e341bc4859a7],
Adware.HotBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ShoppingReport2, , [3a74daad8e0b0a2c2d077f729172ca36],
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPDP, , [565850371b7e58deb6801714f70d6f91],
PUP.Optional.SizlSearch, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update sizlsearch, , [d3db6225544570c6d66c80a724e0df21],
PUP.Optional.SizlSearch, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util sizlsearch, , [7e306a1d277246f0dc6628ff709411ef],
PUP.Optional.IEPluginServices, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, , [832bcdbab8e14fe78151bd51e61ec937],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update sizlsearch, , [bbf38106a9f051e51629f127f11247b9],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util sizlsearch, , [8826f295b6e31c1ae75871a7a2610df3],
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [39757017346589add2cf5ad9a3619a66],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, , [921c82057e1b2a0c7457f22f669d847c],
Adware.ShoppingReports, HKU\S-1-5-21-321508157-7404182-2858267914-1001\SOFTWARE\ShoppingReport2, , [c8e62265bfda8caacc4b2d0aa2627d83],
Hodnoty registru: 2
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPDP|dir, C:\Program Files\SupTab, , [565850371b7e58deb6801714f70d6f91]
PUP.Optional.SupTab, HKLM\SOFTWARE\SUPTAB|ptid, adks, , [921c62252277a98d8bac2308d82cca36]
Data registru: 3
PUP.Optional.OmigaPlus.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... XX5VJ40PL2, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... XX5VJ40PL2),,[149a1b6ce9b0c96d76c7c84c49bce719]
PUP.Optional.OmigaPlus.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://go.microsoft.com/fwlink/?LinkId= ... XX5VJ40PL2, Dobré: (www.google.com), Špatné: (http://go.microsoft.com/fwlink/?LinkId= ... XX5VJ40PL2),,[d8d6087fcacf95a1920aef2837ce44bc]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[347a04830297de58c9e12fe4b253cd33]
Složky: 39
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, , [01ad02851c7d33034b0e657c6b97718f],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Roaming\omiga-plus, , [911d4047cfcaa195f1a9944d5ea4da26],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Roaming\omiga-plus\log, , [911d4047cfcaa195f1a9944d5ea4da26],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices, , [446a2f58415833038476b44254ae7789],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update, , [446a2f58415833038476b44254ae7789],
PUP.Optional.ShoppingReport, C:\Users\Tomas\AppData\LocalLow\ShoppingReport2, , [3579aed9edacc472c3a4b74cd52e9c64],
PUP.Optional.ShoppingReport, C:\Users\Tomas\AppData\LocalLow\ShoppingReport2\cs, , [3579aed9edacc472c3a4b74cd52e9c64],
PUP.Optional.ShoppingReport, C:\Users\Tomas\AppData\LocalLow\ShoppingReport2\cs\dwld, , [3579aed9edacc472c3a4b74cd52e9c64],
PUP.Optional.SupTab, C:\Program Files\SupTab, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\weather, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\en-US, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-419, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-ES, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-BE, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CA, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CH, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-FR, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-LU, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-CH, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-IT, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pl, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt-BR, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru-MO, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\tr-TR, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\vi-VI, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-CN, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-TW, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect, , [01ada4e3dabfce6826c0d4353cc76a96],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect\log, , [01ada4e3dabfce6826c0d4353cc76a96],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect\update, , [01ada4e3dabfce6826c0d4353cc76a96],
Adware.ShoppingReports, C:\Program Files\ShoppingReport2, , [8925dbace4b5ab8b8175f5152dd6a060],
Adware.ShoppingReports, C:\Program Files\ShoppingReport2\Bin, , [8925dbace4b5ab8b8175f5152dd6a060],
Adware.ShoppingReports, C:\Program Files\ShoppingReport2\Bin\2.7.37, , [8925dbace4b5ab8b8175f5152dd6a060],
Soubory: 63
RiskWare.Tool.CK, C:\Windows\KMService.exe, , [b1fdc3c41980b086f3a257cea35f01ff],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage, , [5a54fd8a2e6b9f97fa06a58308fb32ce],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal, , [6f3ff88f89108babad5314142fd403fd],
PUP.Optional.MindSpark, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_crazyforcrafts.dl.tb.ask.com_0.localstorage, , [f9b541467d1c69cd97e8d3428c78dc24],
PUP.Optional.MindSpark, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_crazyforcrafts.dl.tb.ask.com_0.localstorage-journal, , [0ba30483039683b3b0cfe03553b1e21e],
PUP.Optional.QuickStart, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, , [c2ec95f2188185b1892cde427f8550b0],
PUP.Optional.QuickStart, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal, , [1a94bdca69304cea268fcc54ed175fa1],
PUP.Optional.HDApp, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage, , [57575433b4e5ff370938f8874cb8c040],
PUP.Optional.HDApp, C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage-journal, , [c6e863240a8fab8ba69be897a3618977],
PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Tomas\AppData\Roaming\omiga-plus\log\UninstallManager_2014-07-12[19-33-56-787].log, , [911d4047cfcaa195f1a9944d5ea4da26],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update\conf, , [446a2f58415833038476b44254ae7789],
PUP.Optional.ShoppingReport, C:\Users\Tomas\AppData\LocalLow\ShoppingReport2\cs\Config.xml, , [3579aed9edacc472c3a4b74cd52e9c64],
PUP.Optional.SupTab, C:\Program Files\SupTab\ient.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\install.data, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\uninstall.exe, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\WebDataJs, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\data.html, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\indexIE.html, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\indexIE8.html, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\main.css, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\ver.txt, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\arrow.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_add_logo.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_add_logo_hover.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_logo.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\googlelogo.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\googlelogo2.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\google_trends.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon128.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon16.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon48.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\loading.gif, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\logo32.ico, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\weather\0.png, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\common.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\ga.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\ie8.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\jquery-1.11.0.min.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\jquery.autocomplete.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\js.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\library.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\js\xagainit.js, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\en-US\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-419\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-ES\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-BE\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CA\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CH\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-FR\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-LU\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-CH\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-IT\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pl\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt-BR\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru-MO\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\tr-TR\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\vi-VI\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-CN\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-TW\messages.json, , [8727ff885d3c1224b535ee17ce35629e],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-12[18-42-26-558].log, , [01ada4e3dabfce6826c0d4353cc76a96],
PUP.Optional.WPM, C:\ProgramData\WindowsMangerProtect\update\conf, , [01ada4e3dabfce6826c0d4353cc76a96],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku
Nalezené položky smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?