Velké využití fyzické paměti od startu PC

Zpráva

slecna_sy · #16 Příspěvek od **slecna_sy** » 27 dub 2014 11:04

Tady toto se objevilo během prohledávání.

#17 Příspěvek od **Márty84** » 27 dub 2014 11:05

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

slecna_sy · #18 Příspěvek od **slecna_sy** » 27 dub 2014 11:08

Děkuji, pustila jsem jej znovu.

#19 Příspěvek od **Márty84** » 27 dub 2014 11:09

slecna_sy · #20 Příspěvek od **slecna_sy** » 27 dub 2014 11:23

OTL logfile created on: 27.4.2014 12:07:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Simona\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 67,14% Memory free
6,50 Gb Paging File | 5,20 Gb Available in Paging File | 80,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 422,07 Gb Free Space | 90,64% Space Free | Partition Type: NTFS
Drive D: | 5,56 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 15,05 Gb Total Space | 2,01 Gb Free Space | 13,36% Space Free | Partition Type: FAT32

Computer Name: PAVEL-PC | User Name: Simona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.04.27 11:37:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Simona\Desktop\OTL.exe
PRC - [2014.04.02 15:29:05 | 002,201,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.04.02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.04.02 15:28:42 | 019,405,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2014.04.02 03:58:05 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.03.11 13:23:51 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2014.03.11 13:23:37 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2014.03.04 14:34:44 | 001,821,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2014.03.04 14:34:44 | 000,943,048 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014.03.04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.12.18 14:53:59 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.08.02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:39 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe

========== Modules (No Company Name) ==========

MOD - [2014.04.02 03:58:03 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppgooglenaclpluginchrome.dll
MOD - [2014.04.02 03:57:59 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll
MOD - [2014.04.02 03:57:54 | 000,674,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
MOD - [2014.04.02 03:57:53 | 000,093,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\libegl.dll
MOD - [2014.04.02 03:57:52 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
MOD - [2014.04.02 03:57:49 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll

========== Services (SafeList) ==========

SRV - [2014.04.02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.04.02 15:28:42 | 019,405,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014.03.12 15:20:07 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.03.11 13:23:51 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014.03.11 13:23:37 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014.03.06 09:38:10 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.03.04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.08.03 10:21:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2014.04.27 09:54:22 | 000,107,736 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014.03.21 21:43:52 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2014.03.04 16:29:02 | 010,523,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.12.18 14:54:21 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.12.18 14:54:21 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.10.01 12:43:03 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.07.28 13:46:22 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2012.03.26 15:50:12 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009.10.13 02:16:02 | 000,049,152 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l160x86.sys -- (AtcL001)
DRV - [2009.04.29 16:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)
DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003.06.05 10:20:10 | 000,155,776 | ---- | M] (D-Link) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AIRPLUS.sys -- (AIRPLUS)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4241348990-4021177864-1308685860-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4241348990-4021177864-1308685860-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2013.03.12 10:27:46 | 000,093,976 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledĂˇvĂˇnĂ Google = C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: PenÄ›Ĺľenka Google = C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.04.27 10:50:06 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKU\S-1-5-21-4241348990-4021177864-1308685860-1003..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4241348990-4021177864-1308685860-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4241348990-4021177864-1308685860-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0055236F-BAB2-4FED-8587-54172377DA22}: DhcpNameServer = 192.168.2.91
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0042636-9B68-4072-877E-32C11EA53F19}: DhcpNameServer = 160.218.167.5 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F61F253F-DDF2-470A-A0BF-2486EA91A53E}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.04.30 04:57:32 | 000,054,544 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.22 01:48:37 | 000,000,045 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.04.27 11:37:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Simona\Desktop\OTL.exe
[2014.04.27 11:25:54 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.04.27 11:23:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.04.27 10:50:05 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Local\temp
[2014.04.27 10:44:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.04.27 10:44:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.04.27 10:44:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.04.27 10:43:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.04.27 10:43:45 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.04.27 10:29:21 | 005,196,309 | R--- | C] (Swearware) -- C:\Users\Simona\Desktop\ComboFix.exe
[2014.04.27 10:09:37 | 000,000,000 | ---D | C] -- C:\Users\Simona\Desktop\RK_Quarantine
[2014.04.27 09:29:04 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014.04.27 09:28:42 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.04.27 09:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.04.27 09:11:00 | 000,000,000 | ---D | C] -- C:\rsit
[2014.04.27 01:57:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.04.27 01:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.04.27 01:31:48 | 000,000,000 | -HSD | C] -- C:\Users\Simona\AppData\Local\EmieUserList
[2014.04.27 01:31:48 | 000,000,000 | -HSD | C] -- C:\Users\Simona\AppData\Local\EmieSiteList
[2014.04.27 01:31:46 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\ProductData
[2014.04.27 01:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014.04.27 01:31:33 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\IObit
[2014.04.27 01:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014.04.27 01:08:41 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\NVIDIA
[2014.04.27 00:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2014.04.27 00:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014.04.26 23:57:49 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Local\Programs
[2014.04.26 22:59:36 | 000,000,000 | ---D | C] -- C:\Users\Simona\Documents\Electronic Arts
[2014.04.26 22:45:43 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\Avira
[2014.04.26 22:40:36 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\Apple Computer
[2014.04.26 22:40:26 | 000,000,000 | R--D | C] -- C:\Users\Simona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.04.26 22:40:26 | 000,000,000 | R--D | C] -- C:\Users\Simona\Searches
[2014.04.26 22:40:26 | 000,000,000 | R--D | C] -- C:\Users\Simona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.04.26 22:40:14 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\Identities
[2014.04.26 22:40:11 | 000,000,000 | R--D | C] -- C:\Users\Simona\Contacts
[2014.04.26 22:40:04 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Local\NVIDIA Corporation
[2014.04.26 22:40:04 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Local\NVIDIA
[2014.04.26 22:40:04 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\Adobe
[2014.04.26 22:39:59 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Local\VirtualStore
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\AppData\Local\Temporary Internet Files
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Šablony
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Soubory cookie
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\SendTo
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Poslední
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Okolní tiskárny
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Okolní síť
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Documents\Obrázky
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Nabídka Start
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Local Settings
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Documents\Hudba
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\AppData\Local\History
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Documents\Filmy
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Dokumenty
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\Data aplikací
[2014.04.26 22:39:52 | 000,000,000 | -HSD | C] -- C:\Users\Simona\AppData\Local\Data aplikací
[2014.04.26 22:39:51 | 000,000,000 | --SD | C] -- C:\Users\Simona\AppData\Roaming\Microsoft
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Videos
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Saved Games
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Pictures
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Music
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Links
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Favorites
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Downloads
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Documents
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\Desktop
[2014.04.26 22:39:51 | 000,000,000 | R--D | C] -- C:\Users\Simona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.04.26 22:39:51 | 000,000,000 | -H-D | C] -- C:\Users\Simona\AppData
[2014.04.26 22:39:51 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Local\Microsoft
[2014.04.26 22:39:51 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\Media Center Programs
[2014.04.26 22:39:51 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\Macromedia
[2014.04.26 22:39:51 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Local\Google
[2014.04.26 15:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2014.04.26 15:46:14 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2014.04.26 15:40:55 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2014.04.26 15:40:55 | 010,523,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2014.04.26 15:40:55 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2014.04.26 15:40:55 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2014.04.26 15:40:55 | 002,956,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2014.04.26 15:40:55 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2014.04.26 15:40:55 | 001,049,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3233523.dll
[2014.04.26 15:40:55 | 000,894,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3233523.dll
[2014.04.26 15:40:55 | 000,865,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2014.04.26 15:40:55 | 000,847,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2014.04.26 15:40:52 | 017,559,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2014.04.26 15:31:29 | 000,034,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvvad32v.sys
[2014.04.25 17:40:27 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.04.25 17:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.04.25 14:48:39 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.04.25 14:48:37 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.04.25 14:48:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014.04.25 14:48:35 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.04.25 14:48:34 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.04.25 14:48:34 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.04.25 14:48:34 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.04.25 14:48:33 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014.04.25 14:48:32 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014.04.25 14:48:31 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.04.25 14:48:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.04.25 14:48:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.04.25 14:48:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.04.25 14:48:30 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014.04.25 14:48:29 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014.04.25 14:48:29 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014.04.25 14:48:29 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014.04.25 14:48:29 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014.04.25 14:48:18 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.04.25 14:48:16 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.04.23 17:29:23 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2014.04.20 14:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MediaMonkey
[2014.04.20 14:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2014.04.09 14:03:57 | 000,149,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014.04.09 14:03:57 | 000,027,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2014.04.09 14:03:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iologmsg.dll

========== Files - Modified Within 30 Days ==========

[2014.04.27 12:09:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.04.27 11:37:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Simona\Desktop\OTL.exe
[2014.04.27 11:34:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.04.27 11:27:16 | 000,039,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.04.27 11:27:16 | 000,039,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.27 11:22:18 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.04.27 11:22:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.04.27 11:21:56 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2014.04.27 11:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.04.27 10:50:06 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014.04.27 10:30:06 | 005,196,309 | R--- | M] (Swearware) -- C:\Users\Simona\Desktop\ComboFix.exe
[2014.04.27 10:09:12 | 003,972,608 | ---- | M] () -- C:\Users\Simona\Desktop\RogueKiller.exe
[2014.04.27 09:54:22 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.04.27 09:50:31 | 000,007,614 | ---- | M] () -- C:\Users\Simona\AppData\Local\Resmon.ResmonCfg
[2014.04.27 09:06:28 | 001,329,501 | ---- | M] () -- C:\Users\Simona\Desktop\adwcleaner.exe
[2014.04.26 20:43:31 | 000,668,866 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.04.26 20:43:31 | 000,654,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.04.26 20:43:31 | 000,141,526 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.04.26 20:43:31 | 000,122,126 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.04.26 07:11:56 | 000,408,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.04.25 20:40:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2014.04.25 20:40:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014.04.02 15:27:17 | 001,081,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspcap.dll
[2014.03.31 09:35:10 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

========== Files Created - No Company Name ==========

[2014.04.27 11:40:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.04.27 10:44:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.04.27 10:44:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.04.27 10:44:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.04.27 10:44:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.04.27 10:44:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.04.27 10:09:09 | 003,972,608 | ---- | C] () -- C:\Users\Simona\Desktop\RogueKiller.exe
[2014.04.27 09:06:23 | 001,329,501 | ---- | C] () -- C:\Users\Simona\Desktop\adwcleaner.exe
[2014.04.26 22:42:41 | 000,007,614 | ---- | C] () -- C:\Users\Simona\AppData\Local\Resmon.ResmonCfg
[2014.04.26 22:40:04 | 000,001,397 | ---- | C] () -- C:\Users\Simona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.04.25 20:40:28 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2014.04.25 20:40:28 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013.05.11 22:11:12 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2013.05.11 22:11:12 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2012.10.31 19:03:21 | 000,430,080 | ---- | C] () -- C:\Windows\System32\ZSHP1020.EXE
[2012.08.01 12:34:32 | 000,033,708 | ---- | C] () -- C:\Windows\System32\drivers\WLANGEN.bin
[2012.08.01 12:34:32 | 000,000,964 | ---- | C] () -- C:\Windows\System32\drivers\RADIO11.bin
[2012.08.01 12:34:32 | 000,000,964 | ---- | C] () -- C:\Windows\System32\drivers\AIRPLUS.bin
[2012.08.01 12:34:32 | 000,000,920 | ---- | C] () -- C:\Windows\System32\drivers\RADIO0d.bin

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.04.27 01:31:33 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\IObit
[2014.04.27 01:31:46 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\ProductData

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,524 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.08.03 07:52:59 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.04 09:36:54 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.04 09:36:55 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.09.07 04:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\erdnt\cache\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 13:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[91 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\82b4baeb22f4da46e55fe0145388b49c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\82b4baeb22f4da46e55fe0145388b49c\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.04.26 22:40:04 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\Adobe
[2014.04.26 22:40:36 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\Apple Computer
[2014.04.26 22:45:43 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\Avira
[2014.04.26 22:40:14 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\Identities
[2014.04.27 01:31:33 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\IObit
[2013.02.06 16:41:01 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\Macromedia
[2010.11.21 03:24:44 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\Media Center Programs
[2014.04.27 09:50:05 | 000,000,000 | --SD | M] -- C:\Users\Simona\AppData\Roaming\Microsoft
[2014.04.27 01:08:41 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\NVIDIA
[2014.04.27 01:31:46 | 000,000,000 | ---D | M] -- C:\Users\Simona\AppData\Roaming\ProductData

< %APPDATA%\*.exe /s >
[2014.04.27 01:31:33 | 000,649,024 | ---- | M] () -- C:\Users\Simona\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014.04.27 01:31:28 | 002,129,728 | ---- | M] (IObit) -- C:\Users\Simona\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2013.02.06 16:40:42 | 000,055,424 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Simona\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.04.27 11:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.04.27 11:22:18 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.04.27 11:34:00 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2014.04.27 09:54:22 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\MBAMSwissArmy.sys

< %systemroot%\system32\*.* /3 >
[2014.04.27 11:27:16 | 000,039,664 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.27 11:27:16 | 000,039,664 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.04.26 07:11:56 | 000,408,952 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2014.04.26 20:43:31 | 000,141,526 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.04.26 20:43:31 | 000,122,126 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.04.26 20:43:31 | 000,668,866 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.04.26 20:43:31 | 000,654,254 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.04.26 20:43:31 | 001,584,554 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2014.03.13 10:15:42 | 000,000,238 | ---- | M] () -- \ProgramData\BlueStacks\UserData\InputMapper\com.fluik.PlumberCrack.cfg
[2014.03.13 10:14:17 | 000,000,595 | ---- | M] () -- \ProgramData\BlueStacks\UserData\InputMapper\com.polarbit.crackingsands.cfg
[2014.03.13 10:13:47 | 000,000,590 | ---- | M] () -- \ProgramData\BlueStacks\UserData\InputMapper\com.polarbit.crackingsandsads.cfg
[2014.03.19 08:15:59 | 000,000,385 | ---- | M] () -- \ProgramData\BlueStacks\UserData\InputMapper\org.supergonk.safecrackerpremium.cfg
[2014.03.13 10:15:42 | 000,000,238 | ---- | M] () -- \Users\All Users\BlueStacks\UserData\InputMapper\com.fluik.PlumberCrack.cfg
[2014.03.13 10:14:17 | 000,000,595 | ---- | M] () -- \Users\All Users\BlueStacks\UserData\InputMapper\com.polarbit.crackingsands.cfg
[2014.03.13 10:13:47 | 000,000,590 | ---- | M] () -- \Users\All Users\BlueStacks\UserData\InputMapper\com.polarbit.crackingsandsads.cfg
[2014.03.19 08:15:59 | 000,000,385 | ---- | M] () -- \Users\All Users\BlueStacks\UserData\InputMapper\org.supergonk.safecrackerpremium.cfg

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.03.11 13:23:42 | 000,053,328 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2014.03.11 13:23:42 | 000,566,352 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2014.03.11 13:23:43 | 001,748,048 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[1999.11.04 16:06:48 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2014.02.06 01:52:40 | 000,007,281 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2014.04.02 15:27:35 | 001,170,376 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{248DC419-82F2-4F18-B302-52D04B151414}\ExtensionLoader.dll
[2013.10.18 03:34:40 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{D37949AE-F278-4A94-A68F-BEE87639A1FF}\ExtensionLoader.dll
[2014.04.02 15:27:35 | 001,170,376 | ---- | M] () -- \Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 01:37:56 | 000,065,344 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 01:37:44 | 000,073,536 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.02.06 17:18:53 | 000,001,323 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2014.04.27 10:52:28 | 000,026,300 | ---- | M] () -- \Qoobox\Quarantine\C\ProgramData\IObit\ASCDownloader\Downloader.log.vir
[2013.02.06 17:18:53 | 000,001,323 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2012.08.03 07:27:53 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.04.26 22:56:22 | 000,023,718 | ---- | M] () -- \Windows\Prefetch\ADOBE GAMMA LOADER.EXE-5F005A4A.pf
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010.11.21 03:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.21 03:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010.11.21 03:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010.11.20 23:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 23:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 23:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010.11.21 03:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.03.13 10:23:12 | 000,000,418 | ---- | M] () -- \ProgramData\BlueStacks\UserData\InputMapper\com.serialscreener.tbcge.cfg
[2014.03.13 10:23:12 | 000,000,418 | ---- | M] () -- \Users\All Users\BlueStacks\UserData\InputMapper\com.serialscreener.tbcge.cfg
[2010.11.21 03:15:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.14 12:40:48 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 14:27:08 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.02.28 15:21:11 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.28 15:21:11 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.28 15:21:24 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.28 15:21:24 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.03.03 12:30:56 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.03.03 12:30:56 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 03:15:47 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 03:15:49 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2010.11.21 03:15:53 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2010.11.21 03:16:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010.11.20 23:24:56 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2010.11.21 03:15:32 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.20 23:24:56 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010.11.20 23:24:56 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 03:15:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010.11.21 03:15:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 03:15:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 03:15:53 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

slecna_sy · #21 Příspěvek od **slecna_sy** » 27 dub 2014 11:24

OTL Extras logfile created on: 27.4.2014 12:07:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Simona\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 67,14% Memory free
6,50 Gb Paging File | 5,20 Gb Available in Paging File | 80,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 422,07 Gb Free Space | 90,64% Space Free | Partition Type: NTFS
Drive D: | 5,56 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 15,05 Gb Total Space | 2,01 Gb Free Space | 13,36% Space Free | Partition Type: FAT32

Computer Name: PAVEL-PC | User Name: Simona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CEEEACA-870A-4599-8697-F5A8F440BCD7}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{0FB4A3B2-AB42-4581-9D9E-BB7347BA6CBB}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{43FED123-B7AE-4D0F-8C40-248CE465B1B6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{602D0492-3915-4526-BF0B-95699B6965DF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8F763142-8E71-4596-AB01-B609950C2C2F}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{BF80843C-DB9E-44C7-88EF-9F66E8A7981A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E3B070CE-2154-4641-A709-5155211CBBDA}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E7CFA389-FF2E-4970-B742-37CE4D93B7DA}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{EAC300D4-9337-4680-89BB-A88C56BAAC88}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{F156267B-C381-498D-AA32-88F2993ACC41}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F8C68A7A-143C-4C25-952F-4AA875EA2637}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{30131355-5313-4EA3-973D-7BB2E71F95B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{495DDA01-7CE0-4769-B0B8-88A003B30429}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4EE0F934-897E-4945-ABD5-7B975067FEFF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{703AFBBA-B899-431D-8466-EA1C297A5B41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9482778-A47E-45A9-BBF3-C36A7BAC2355}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F33F17AB-1420-45F2-88B4-5E9D170F801E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{0DB018A3-DFAC-4CF8-A4DE-EEE350007138}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{6F7E00BD-9DE9-4192-A25C-ED4445F4E2EE}C:\program files\webteh\bsplayer\bsplayer.exe" = protocol=6 | dir=in | app=c:\program files\webteh\bsplayer\bsplayer.exe |
"UDP Query User{59ED7D47-DD3E-45D3-A297-008D88568888}C:\program files\webteh\bsplayer\bsplayer.exe" = protocol=17 | dir=in | app=c:\program files\webteh\bsplayer\bsplayer.exe |
"UDP Query User{CFFDB7A2-D458-42D8-BD72-CCFE4D1F566C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 335.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 12.4.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.22
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"7-Zip" = 7-Zip 9.17 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Speccy" = Speccy
"VLC media player" = VLC media player 2.0.5

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29.1.2014 14:26:57 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:26:57 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:26:58 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:26:58 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:26:58 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:26:59 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:26:59 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:26:59 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:27:00 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

Error - 29.1.2014 14:27:00 | Computer Name = PAvel-PC | Source = Bonjour Service | ID = 100
Description =

[ OSession Events ]
Error - 1.12.2013 17:32:57 | Computer Name = PAvel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8624
seconds with 4080 seconds of active time. This session ended with a crash.

Error - 9.12.2013 16:39:14 | Computer Name = PAvel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 29818
seconds with 9240 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 26.4.2014 16:21:07 | Computer Name = PAvel-PC | Source = DCOM | ID = 10010
Description =

Error - 26.4.2014 18:45:36 | Computer Name = PAvel-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error - 27.4.2014 4:45:03 | Computer Name = PAvel-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 27.4.2014 4:47:22 | Computer Name = PAvel-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 27.4.2014 4:50:09 | Computer Name = PAvel-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 27.4.2014 4:51:06 | Computer Name = PAvel-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:50:13, ?27.?4.?2014) bylo neočekávané.

Error - 27.4.2014 5:15:17 | Computer Name = PAvel-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 27.4.2014 5:17:58 | Computer Name = PAvel-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 27.4.2014 5:20:59 | Computer Name = PAvel-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 27.4.2014 5:22:04 | Computer Name = PAvel-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (11:20:57, ?27.?4.?2014) bylo neočekávané.

< End of report >

#22 Příspěvek od **Márty84** » 27 dub 2014 12:43

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
C:\Users\Simona\AppData\Roaming\IObit

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014.04.27 01:31:33 | 000,000,000 | ---D | C] -- C:\Users\Simona\AppData\Roaming\IObit
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[91 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\82b4baeb22f4da46e55fe0145388b49c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\82b4baeb22f4da46e55fe0145388b49c\*.tmp -> ]
[2014.04.27 01:31:33 | 000,649,024 | ---- | M] () -- C:\Users\Simona\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014.04.27 01:31:28 | 002,129,728 | ---- | M] (IObit) -- C:\Users\Simona\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

slecna_sy · #23 Příspěvek od **slecna_sy** » 27 dub 2014 12:52

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 58264 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Simi
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 258 bytes
->Google Chrome cache emptied: 7374713 bytes
->Flash cache emptied: 58264 bytes

User: Simona
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 536848 bytes
->Google Chrome cache emptied: 7253975 bytes
->Flash cache emptied: 58720 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 15,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Simi
->Flash cache emptied: 0 bytes

User: Simona
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk moved successfully.
C:\Users\Simona\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Simona\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Simona\AppData\Roaming\IObit folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Folder C:\Users\Simona\AppData\Roaming\IObit\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3CC6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP543A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP89B8.tmp\AspNetMMCExt.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP89B8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD167.tmp\System.Web.Mobile.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD167.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE986.tmp\System.Data.Entity.Design.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE986.tmp folder deleted successfully.
C:\Windows\Installer\MSI11AD.tmp- folder deleted successfully.
C:\Windows\Installer\MSI129B.tmp- folder deleted successfully.
C:\Windows\Installer\MSI1566.tmp- folder deleted successfully.
C:\Windows\Installer\MSI1A2.tmp- folder deleted successfully.
C:\Windows\Installer\MSI1AB4.tmp- folder deleted successfully.
C:\Windows\Installer\MSI1BDD.tmp-\HD-ShortcutHandler.dll deleted successfully.
C:\Windows\Installer\MSI1BDD.tmp- folder deleted successfully.
C:\Windows\Installer\MSI1D74.tmp- folder deleted successfully.
C:\Windows\Installer\MSI2523.tmp-\HD-LibraryHandler.dll deleted successfully.
C:\Windows\Installer\MSI2523.tmp-\HD-ShortcutHandler.dll deleted successfully.
C:\Windows\Installer\MSI2523.tmp- folder deleted successfully.
C:\Windows\Installer\MSI284B.tmp- folder deleted successfully.
C:\Windows\Installer\MSI32A6.tmp- folder deleted successfully.
C:\Windows\Installer\MSI34D.tmp- folder deleted successfully.
C:\Windows\Installer\MSI3662.tmp- folder deleted successfully.
C:\Windows\Installer\MSI36C.tmp- folder deleted successfully.
C:\Windows\Installer\MSI37F9.tmp-\HD-ShortcutHandler.dll deleted successfully.
C:\Windows\Installer\MSI37F9.tmp- folder deleted successfully.
C:\Windows\Installer\MSI385C.tmp- folder deleted successfully.
C:\Windows\Installer\MSI423.tmp- folder deleted successfully.
C:\Windows\Installer\MSI4978.tmp- folder deleted successfully.
C:\Windows\Installer\MSI4B5C.tmp- folder deleted successfully.
C:\Windows\Installer\MSI4D31.tmp- folder deleted successfully.
C:\Windows\Installer\MSI4F17.tmp- folder deleted successfully.
C:\Windows\Installer\MSI510B.tmp- folder deleted successfully.
C:\Windows\Installer\MSI54F5.tmp- folder deleted successfully.
C:\Windows\Installer\MSI56A.tmp- folder deleted successfully.
C:\Windows\Installer\MSI5A8E.tmp- folder deleted successfully.
C:\Windows\Installer\MSI6117.tmp- folder deleted successfully.
C:\Windows\Installer\MSI65A.tmp-\HD-LibraryHandler.dll deleted successfully.
C:\Windows\Installer\MSI65A.tmp- folder deleted successfully.
C:\Windows\Installer\MSI66F1.tmp- folder deleted successfully.
C:\Windows\Installer\MSI68B2.tmp- folder deleted successfully.
C:\Windows\Installer\MSI693F.tmp- folder deleted successfully.
C:\Windows\Installer\MSI6CA7.tmp- folder deleted successfully.
C:\Windows\Installer\MSI70CE.tmp- folder deleted successfully.
C:\Windows\Installer\MSI70DC.tmp- folder deleted successfully.
C:\Windows\Installer\MSI7286.tmp- folder deleted successfully.
C:\Windows\Installer\MSI72F0.tmp- folder deleted successfully.
C:\Windows\Installer\MSI743C.tmp- folder deleted successfully.
C:\Windows\Installer\MSI74A6.tmp- folder deleted successfully.
C:\Windows\Installer\MSI7B3F.tmp- folder deleted successfully.
C:\Windows\Installer\MSI7C06.tmp- folder deleted successfully.
C:\Windows\Installer\MSI847E.tmp-\HD-ShortcutHandler.dll deleted successfully.
C:\Windows\Installer\MSI847E.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8663.tmp- folder deleted successfully.
C:\Windows\Installer\MSI872D.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8848.tmp-\HD-Frontend-Native.dll deleted successfully.
C:\Windows\Installer\MSI8848.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8AD8.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8B61.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8C22.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8D0B.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8EFF.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8F29.tmp- folder deleted successfully.
C:\Windows\Installer\MSI911D.tmp- folder deleted successfully.
C:\Windows\Installer\MSI93AD.tmp- folder deleted successfully.
C:\Windows\Installer\MSI974B.tmp- folder deleted successfully.
C:\Windows\Installer\MSI996.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9AB5.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9B6C.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9CD4.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9EDB.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9F9E.tmp-\HD-LibraryHandler.dll deleted successfully.
C:\Windows\Installer\MSI9F9E.tmp-\HD-ShortcutHandler.dll deleted successfully.
C:\Windows\Installer\MSI9F9E.tmp- folder deleted successfully.
C:\Windows\Installer\MSIA31C.tmp- folder deleted successfully.
C:\Windows\Installer\MSIA6B.tmp- folder deleted successfully.
C:\Windows\Installer\MSIA7E9.tmp- folder deleted successfully.
C:\Windows\Installer\MSIABEF.tmp-\HD-ShortcutHandler.dll deleted successfully.
C:\Windows\Installer\MSIABEF.tmp- folder deleted successfully.
C:\Windows\Installer\MSIAC8C.tmp-\HD-Frontend-Native.dll deleted successfully.
C:\Windows\Installer\MSIAC8C.tmp- folder deleted successfully.
C:\Windows\Installer\MSIAEDE.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB19D.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB297.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB4AB.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB630.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB759.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB883.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB9FB.tmp- folder deleted successfully.
C:\Windows\Installer\MSIBCA7.tmp- folder deleted successfully.
C:\Windows\Installer\MSIBED1.tmp- folder deleted successfully.
C:\Windows\Installer\MSIC0C7.tmp- folder deleted successfully.
C:\Windows\Installer\MSIC863.tmp- folder deleted successfully.
C:\Windows\Installer\MSICB03.tmp- folder deleted successfully.
C:\Windows\Installer\MSICCC.tmp- folder deleted successfully.
C:\Windows\Installer\MSICFFB.tmp- folder deleted successfully.
C:\Windows\Installer\MSID15A.tmp- folder deleted successfully.
C:\Windows\Installer\MSID34E.tmp- folder deleted successfully.
C:\Windows\Installer\MSID42A.tmp- folder deleted successfully.
C:\Windows\Installer\MSID6F1.tmp- folder deleted successfully.
C:\Windows\Installer\MSIDA32.tmp- folder deleted successfully.
C:\Windows\Installer\MSIE37.tmp- folder deleted successfully.
C:\Windows\Installer\MSIE47F.tmp- folder deleted successfully.
C:\Windows\Installer\MSIEE30.tmp- folder deleted successfully.
C:\Windows\Installer\MSIEFC5.tmp- folder deleted successfully.
C:\Windows\Installer\MSIF0C3.tmp- folder deleted successfully.
C:\Windows\Installer\MSIF504.tmp- folder deleted successfully.
C:\Windows\Installer\MSIFAF2.tmp- folder deleted successfully.
C:\Windows\Installer\MSIFB8A.tmp- folder deleted successfully.
C:\Windows\Installer\MSIFFB3.tmp- folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\82b4baeb22f4da46e55fe0145388b49c\BIT5476.tmp deleted successfully.
File C:\Users\Simona\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe not found.
File C:\Users\Simona\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 04272014_134818

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#24 Příspěvek od **Márty84** » 27 dub 2014 13:00

Napiste mi velikost plochy C:\Users\Simona\Desktop

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

slecna_sy · #25 Příspěvek od **slecna_sy** » 27 dub 2014 13:02

Velikost plochy 10,8 MB

#26 Příspěvek od **Márty84** » 27 dub 2014 13:05

slecna_sy píše:Velikost plochy 10,8 MB

Vyborne

slecna_sy · #27 Příspěvek od **slecna_sy** » 27 dub 2014 13:15

Márty84 píše:
slecna_sy píše:Velikost plochy 10,8 MB
Vyborne

Teď si nejsem jistá, použila jsem program TFC, ale nabídka OK se neobjevila.. pouze Exit, a k restartu nedošlo. Mám pokračovat s Ccleanerem?

#28 Příspěvek od **Márty84** » 27 dub 2014 14:39

TFC asi nemel co mazat

Pokracujte dale, provedte vsechny kroky

slecna_sy · #29 Příspěvek od **slecna_sy** » 27 dub 2014 14:47

Nakonec ano.. restart proběhl. Teď čekám na dokončení defragmentace.

#30 Příspěvek od **Márty84** » 27 dub 2014 14:54

Fajn

VIRY.CZ

Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC

Re: Velké využití fyzické paměti od startu PC