Prosim o kotrolu, pritelkyne PC :-X

[Márty84]

takže nový disk?

Bylo by to nejlepsi. Pokud ne, rozhodne pravidelne zalohujte!


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[to_je_jedno]

po chvíli OTL vyhodí error cannot create Peta.bat v umístění kde ho spouštím. co s tím?

[Márty84]

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

[to_je_jedno]

OTL logfile created on: 8.9.2014 21:27:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peta\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 57,03% Memory free
6,00 Gb Paging File | 4,69 Gb Available in Paging File | 78,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 39,33 Gb Free Space | 16,90% Space Free | Partition Type: NTFS

Computer Name: PETA-PC | User Name: Peta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.09.06 22:40:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
PRC - [2014.08.26 10:13:51 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.09.03 15:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.11.08 01:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.11.08 01:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.02.01 15:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2007.10.16 17:24:32 | 000,229,376 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.10.02 22:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.08.15 12:38:30 | 000,147,456 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007.08.08 12:03:42 | 002,441,216 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe


========== Modules (No Company Name) ==========

MOD - [2014.08.26 10:14:14 | 003,715,184 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010.03.15 12:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.02.01 15:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe
MOD - [2008.02.01 15:29:28 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\ATKMETHOD.dll


========== Services (SafeList) ==========

SRV - [2014.08.26 10:14:07 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.07.25 14:10:12 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.07.09 20:25:22 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.11 21:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.09.03 15:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.11.08 01:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.09 20:34:57 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007.10.02 22:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Peta\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Peta\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.11.08 01:37:56 | 000,082,952 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012.11.08 01:37:55 | 000,036,072 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.11.08 01:37:54 | 000,494,416 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.02.10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.01.08 18:59:47 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.08.17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.29 01:25:02 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2009.07.14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009.07.14 00:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.07.14 00:02:46 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l160x86.sys -- (AtcL001)
DRV - [2008.12.18 11:13:18 | 000,025,680 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2007.07.31 03:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.14 18:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{4D6B8F92-61F8-474D-8604-3B42F2AB7C15}: "URL" = http://www.search.ask.com/web?tpid=SGT- ... erms}&psv=
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{C7A9539C-497C-4F6F-B10D-5B138E57A7C1}: "URL" = http://www.bing.com/search?FORM=WLETDF& ... -SearchBox
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1004\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B76063e7f-3558-4b68-8287-54eb6512adc0%7D:2.8.0
FF - prefs.js..extensions.enabledAddons: %7B7fb9a47c-8237-47dd-a247-bf2cb7f07e2a%7D:2.5.1
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.1
FF - prefs.js..extensions.enabledAddons: youtubemp3podcaster%40jeremy.d.gregorio.com:3.3.4
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.23
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Peta\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Peta\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Peta\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Peta\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.07.22 19:47:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.08 13:02:47 | 000,000,204 | ---- | M] ()

[2012.01.08 12:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peta\AppData\Roaming\Mozilla\Extensions
[2014.09.05 21:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions
[2014.08.09 09:15:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.03.03 19:55:59 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\2020Player_IKEA@2020Technologies.com
[2014.09.05 21:54:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\staged
[2012.05.16 19:58:53 | 000,000,000 | ---D | M] (Yandex.Bar) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru
[2014.06.17 23:03:35 | 000,000,000 | ---D | M] (Youtube MP3 Podcaster) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\youtubemp3podcaster@jeremy.d.gregorio.com
[2012.02.01 22:15:37 | 000,106,705 | ---- | M] () (No name found) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\{76063e7f-3558-4b68-8287-54eb6512adc0}.xpi
[2012.02.01 22:20:49 | 000,331,610 | ---- | M] () (No name found) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\{7fb9a47c-8237-47dd-a247-bf2cb7f07e2a}.xpi
[2014.05.22 23:08:33 | 000,001,907 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\searchplugins\google-peklada.xml
[2014.09.05 15:40:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.09.05 15:40:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Peněženka Google = C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Late Night = C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: Gmail = C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.09.04 21:11:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - No CLSID value found.
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe ()
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKU\S-1-5-21-305399671-4234761083-2540851607-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-305399671-4234761083-2540851607-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17A7AB08-B6B2-48FF-8A48-72F33D6864D8}: DhcpNameServer = 8.8.8.8
O20 - AppInit_DLLs: (c:\Windows\System32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.09.06 22:37:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
[2014.09.05 15:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2014.09.05 15:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2014.09.05 15:40:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014.09.04 21:11:40 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014.09.04 21:07:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.09.04 20:54:04 | 000,000,000 | ---D | C] -- C:\Users\Peta\Desktop\Nová složka (2)
[2014.09.04 20:00:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.09.04 20:00:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.09.04 20:00:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.09.04 20:00:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.09.04 20:00:10 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.09.04 19:56:15 | 005,576,326 | R--- | C] (Swearware) -- C:\Users\Peta\Desktop\ComboFix.exe
[2014.09.01 20:26:21 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014.09.01 20:25:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.09.01 19:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.09.01 19:38:48 | 000,000,000 | ---D | C] -- C:\rsit
[2014.08.31 23:05:15 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.08.31 23:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.08.31 23:05:01 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014.08.31 23:05:01 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014.08.31 23:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014.08.30 17:51:02 | 002,352,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.08.21 20:15:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2014.08.21 20:07:00 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Opera Software
[2014.08.21 20:06:59 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Opera Software
[2014.08.21 20:06:38 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2014.08.21 20:03:12 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\AVG
[2014.08.21 20:03:12 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\AVG
[2014.08.21 20:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014.08.21 19:59:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014.08.21 19:59:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014.08.18 20:40:39 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2014.08.18 20:40:37 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2014.08.18 20:40:34 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2014.08.18 20:40:32 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2014.08.13 09:19:39 | 000,219,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2014.08.13 09:19:39 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014.08.13 09:19:36 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014.08.13 09:19:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014.08.13 09:19:35 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014.08.13 09:19:35 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.08.13 09:19:35 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014.08.13 09:19:35 | 000,307,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014.08.13 09:19:35 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.08.13 09:19:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014.08.13 09:19:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.08.13 09:19:35 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.08.13 09:19:34 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.08.13 09:19:34 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.08.13 09:19:33 | 000,663,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.08.13 09:19:33 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.08.13 09:19:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.08.13 09:19:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014.08.13 09:19:32 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.08.13 09:19:31 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014.08.13 09:19:30 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.08.13 09:19:28 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014.08.13 09:19:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014.08.13 09:19:27 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014.08.13 09:19:26 | 004,204,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.08.13 09:18:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014.08.13 09:18:42 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014.08.13 09:18:42 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014.08.13 09:18:42 | 000,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014.08.13 09:18:38 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014.08.13 09:18:37 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014.08.13 09:17:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDYAK.DLL
[2014.08.13 09:17:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAT.DLL
[2014.08.13 09:17:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDRU1.DLL
[2014.08.13 09:17:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2014.08.13 09:17:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDRU.DLL
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.09.08 21:28:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.09.08 21:25:34 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.09.08 21:25:21 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000UA.job
[2014.09.08 21:25:14 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.09.08 21:24:52 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.09.08 21:24:52 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000Core.job
[2014.09.08 21:24:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.09.07 02:09:27 | 000,031,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.09.07 02:09:27 | 000,031,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.09.06 22:40:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
[2014.09.05 15:49:13 | 000,000,896 | ---- | M] () -- C:\Users\Peta\Desktop\HD Tune.lnk
[2014.09.05 15:40:43 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.09.04 21:11:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014.09.04 21:08:46 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2014.09.04 19:56:49 | 005,576,326 | R--- | M] (Swearware) -- C:\Users\Peta\Desktop\ComboFix.exe
[2014.09.03 20:42:48 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.09.02 03:20:02 | 000,288,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.09.01 21:05:27 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.09.01 20:21:44 | 001,364,531 | ---- | M] () -- C:\Users\Peta\Desktop\adwcleaner_3.308.exe
[2014.09.01 19:36:37 | 001,107,968 | ---- | M] () -- C:\Users\Peta\Desktop\RSIT.exe
[2014.08.31 23:05:05 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.08.23 02:42:53 | 002,352,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.08.21 20:15:43 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2014.08.19 20:17:30 | 000,672,424 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.08.19 20:17:30 | 000,657,422 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.08.19 20:17:30 | 000,142,988 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.08.19 20:17:30 | 000,123,234 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.09.06 22:44:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.09.05 15:49:13 | 000,000,896 | ---- | C] () -- C:\Users\Peta\Desktop\HD Tune.lnk
[2014.09.05 15:40:43 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.09.05 15:40:42 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.09.04 20:00:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.09.04 20:00:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.09.04 20:00:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.09.04 20:00:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.09.04 20:00:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.09.01 20:21:36 | 001,364,531 | ---- | C] () -- C:\Users\Peta\Desktop\adwcleaner_3.308.exe
[2014.09.01 19:34:46 | 001,107,968 | ---- | C] () -- C:\Users\Peta\Desktop\RSIT.exe
[2013.05.22 20:43:48 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013.05.22 20:43:48 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013.05.22 20:43:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013.05.22 20:43:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.05.21 20:29:34 | 000,005,632 | ---- | C] () -- C:\Users\Peta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.08 13:59:08 | 000,138,056 | ---- | C] () -- C:\Users\Peta\AppData\Roaming\PnkBstrK.sys

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.06.06 17:21:02 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Audacity
[2012.06.18 20:29:49 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Autodesk
[2014.08.21 20:03:12 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\AVG
[2014.07.06 22:27:26 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\DAEMON Tools Lite
[2012.10.20 21:05:41 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\FrmMain
[2012.05.21 21:06:02 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GetRightToGo
[2014.03.13 20:44:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Graphisoft
[2014.03.04 21:57:50 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\LiveCAD3
[2012.05.21 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Moyea
[2014.08.21 20:12:27 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Opera Software
[2012.07.27 19:11:45 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Origin
[2013.04.14 13:47:12 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Publish Providers
[2014.08.21 20:20:07 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Samsung
[2013.05.29 17:46:23 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Sony
[2012.07.17 17:33:12 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\wargaming.net
[2013.10.31 22:39:58 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Yandex

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,644 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.11.21 20:38:25 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.08 21:52:58 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000Core.job
[2013.07.08 21:52:59 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000UA.job
[2014.03.13 20:51:46 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.03.13 20:51:51 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2014.05.12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\erdnt\cache\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2013.05.08 08:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 04:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 13:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014.05.12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\erdnt\cache\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\System32\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.04.14 15:34:44 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Adobe
[2012.06.06 17:21:02 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Audacity
[2012.06.18 20:29:49 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Autodesk
[2014.08.21 20:03:12 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\AVG
[2014.07.06 22:27:26 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\DAEMON Tools Lite
[2012.02.23 21:11:44 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\dvdcss
[2012.10.20 21:05:41 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\FrmMain
[2012.05.21 21:06:02 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GetRightToGo
[2014.03.13 20:44:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Graphisoft
[2012.01.08 09:58:46 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Identities
[2012.02.18 19:05:52 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\InstallShield
[2014.03.04 21:57:50 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\LiveCAD3
[2012.01.08 11:52:52 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Macromedia
[2014.08.31 23:05:05 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Malwarebytes
[2011.04.12 03:46:30 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Media Center Programs
[2014.01.03 13:47:20 | 000,000,000 | --SD | M] -- C:\Users\Peta\AppData\Roaming\Microsoft
[2012.05.21 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Moyea
[2014.06.10 07:58:05 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Mozilla
[2012.02.19 16:07:17 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\NVIDIA
[2014.08.21 20:12:27 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Opera Software
[2012.07.27 19:11:45 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Origin
[2013.04.14 13:47:12 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Publish Providers
[2014.08.21 20:20:07 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Samsung
[2013.05.29 17:46:23 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Sony
[2014.08.19 20:30:34 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\vlc
[2012.07.17 17:33:12 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\wargaming.net
[2012.01.08 12:51:26 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\WinRAR
[2013.10.31 22:39:58 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Yandex

< %APPDATA%\*.exe /s >
[2012.07.12 19:29:31 | 000,010,134 | R--- | M] () -- C:\Users\Peta\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2014.06.17 21:14:57 | 000,358,912 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\youtubemp3podcaster@jeremy.d.gregorio.com\chrome\b64Launcher.exe
[2014.06.17 21:14:57 | 001,819,648 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\youtubemp3podcaster@jeremy.d.gregorio.com\chrome\encMP3Tagger.exe
[2014.06.17 21:14:57 | 027,124,736 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\youtubemp3podcaster@jeremy.d.gregorio.com\chrome\ffmpeg.exe
[2014.06.17 21:14:57 | 000,122,992 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\youtubemp3podcaster@jeremy.d.gregorio.com\chrome\mp3gain.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.09.08 21:25:14 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.09.08 21:36:46 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.09.08 21:38:20 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.09.08 21:24:52 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000Core.job
[2014.09.08 21:25:21 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.09.07 02:09:27 | 000,031,312 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.09.07 02:09:27 | 000,031,312 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2014.02.05 22:16:16 | 000,015,770 | ---- | M] () -- \Program Files\Steam\SteamApps\common\dota 2 beta\dota\addons\nian\resource\flash3\images\items\firecrackers.png

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012.09.28 11:26:26 | 000,343,040 | ---- | M] () -- \Program Files\Fotolab\Fotolab Fotosvet\CWImageLoader0.dll
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.10.23 22:07:40 | 000,007,825 | ---- | M] () -- \Program Files\Steam\remoteui\static\libs\images\ajax-loader.gif
[2003.09.26 09:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 15:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 15:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 15:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2010.03.15 12:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.06.15 11:10:23 | 000,071,208 | ---- | M] () -- \Program Files\World_of_Tanks\PhysXLoader.dll
[2012.06.15 11:10:23 | 000,005,679 | ---- | M] () -- \Program Files\World_of_Tanks\res\scripts\client\tutorial\TutorialLoader.pyc
[2014.08.21 20:15:43 | 000,002,191 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2014.08.21 20:15:43 | 000,002,191 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2011.10.19 23:08:36 | 000,003,208 | ---- | M] () -- \Users\Peta\Desktop\SD\openfeint\webui\images\loader.gif
[2011.10.20 00:08:36 | 000,003,208 | ---- | M] () -- \Users\Peta\Desktop\zaloha2gbSdPeta\openfeint\webui\images\loader.gif
[2014.08.21 20:15:43 | 000,001,247 | ---- | M] () -- \Users\Public\Desktop\YTD Video Downloader.lnk
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011.04.12 03:37:09 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2011.04.12 03:37:09 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2011.04.12 03:37:09 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010.11.20 23:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 23:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 23:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2011.04.12 03:36:26 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2011.04.08 15:04:32 | 006,945,436 | ---- | M] () -- \Users\Peta\Music\Dance\8 April 2011\Activator & MC Apster - Strike It Up (Extended Mix).mp3

< *serial* /s >
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.26 13:30:17 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2013.12.04 20:43:50 | 000,005,687 | ---- | M] () -- \Program Files\PokerStars\gx\tokenserial.jpg
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 03:36:58 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.07.08 14:43:48 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.08.19 11:16:23 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\55397ff686f2513da42a43b6ad7a7a27\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.08.19 11:18:54 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b09aaacae10f5eb10587d290a779a764\System.Runtime.Serialization.ni.dll
[2014.02.14 17:19:52 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 17:19:52 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.14 17:20:19 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.14 17:20:19 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.14 22:49:49 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.14 22:49:49 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 03:36:49 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.04.12 03:36:50 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\drivers\smserial.sys
[2011.04.12 03:36:55 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2011.04.12 03:37:09 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010.11.20 23:24:56 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014.07.02 07:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014.07.02 08:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2011.04.12 03:36:33 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2014.07.02 08:50:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2012.10.05 21:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2014.07.02 22:15:55 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2010.11.20 23:24:56 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014.07.02 08:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014.07.02 08:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010.11.20 23:24:56 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014.07.02 07:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014.07.02 08:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 03:36:53 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 14:43:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014.03.17 16:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2011.04.12 03:36:58 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2011.04.12 03:36:49 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 03:36:49 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_c227ede109a14864\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 03:36:49 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_c2a4bc1222c8ce98\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 03:36:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.04.12 03:36:58 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2011.04.12 03:36:58 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2011.04.12 03:36:58 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2011.04.12 03:36:55 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

[to_je_jedno]

OTL Extras logfile created on: 8.9.2014 21:27:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peta\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 57,03% Memory free
6,00 Gb Paging File | 4,69 Gb Available in Paging File | 78,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 39,33 Gb Free Space | 16,90% Space Free | Partition Type: NTFS

Computer Name: PETA-PC | User Name: Peta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-305399671-4234761083-2540851607-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A43849-553D-45EC-9599-C655D4AD8656}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A76454A-F139-48BC-845B-8B1C4B0F57F8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0C1F6A28-07DB-4DEB-8C4F-B1499C3F7417}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1C0E518C-2EE7-44F4-990D-7DDB28E58462}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29078206-9BAD-4402-89BC-3C214D8E39C2}" = lport=58444 | protocol=6 | dir=in | name=pando media booster |
"{2E82CCE2-2F8B-42FB-92B4-0B6C8AE47555}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F870B11-DE02-4502-97A6-34F575B574E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3819CECD-CD95-48B4-8E76-55D4D980F551}" = lport=139 | protocol=6 | dir=in | app=system |
"{55A312E2-8667-43BF-9ABD-6FFDBC633BF8}" = rport=139 | protocol=6 | dir=out | app=system |
"{5C78D52A-C366-4058-B541-267B9975F6D4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C699444-9D01-42E8-B2CF-22B636FB8970}" = lport=57923 | protocol=17 | dir=in | name=pando media booster |
"{6D132127-A12E-42B8-8E53-1807CF3F30E9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6D417B88-4DD8-4B98-8260-0C1CA3D4724E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71359D02-85D8-4E69-B3FE-9B1F5CCA6F8B}" = lport=56751 | protocol=6 | dir=in | name=pando media booster |
"{72D1B4CE-071C-478D-B58E-FEC21507BFBE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{77323E79-5E23-4E67-A1DC-136480BF0B54}" = lport=137 | protocol=17 | dir=in | app=system |
"{8DDA5FE1-026A-40A0-A756-0C9E8CFA77F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{8DE0CC9B-2C65-4A20-AD41-F63F734AE882}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9315D23B-4AD9-415A-AED4-B7592F23DA18}" = lport=58444 | protocol=6 | dir=in | name=pando media booster |
"{A4A9A17F-5723-4930-A1F8-1CDB3396CC76}" = lport=138 | protocol=17 | dir=in | app=system |
"{B62B0B8A-63C4-496F-BD27-F9FF10610753}" = lport=56751 | protocol=6 | dir=in | name=pando media booster |
"{BEF03DA0-CC5F-4351-BCC5-6B52E905968D}" = lport=58444 | protocol=17 | dir=in | name=pando media booster |
"{C2D44C03-4468-4C03-8F00-4EE5AEC8936D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C986E9EB-3D03-40A2-9620-9E011F5541FC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{CA798E73-71F3-4180-8161-3251C4EFAC2D}" = rport=138 | protocol=17 | dir=out | app=system |
"{D5A9D405-9056-4F2B-81B9-6C43C78DF400}" = lport=56751 | protocol=17 | dir=in | name=pando media booster |
"{D823EE4C-2E89-4AB8-81D1-041BA55953D2}" = lport=58444 | protocol=17 | dir=in | name=pando media booster |
"{DF468393-EE4C-43B0-A00F-24F9F46B9BC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E087F45F-922D-42F0-8998-FAD4C016656A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E40432CB-02A8-42F9-9459-37A6E0438D4B}" = rport=137 | protocol=17 | dir=out | app=system |
"{E6F55F2D-3179-4FF6-A4B7-4E6702FD15E1}" = lport=57923 | protocol=6 | dir=in | name=pando media booster |
"{F27AEBFE-27BE-4C18-9C87-DED1125CEC5A}" = rport=445 | protocol=6 | dir=out | app=system |
"{F2A1E8CF-A43E-4B2A-9A6A-14C9BEC58CBE}" = lport=56751 | protocol=17 | dir=in | name=pando media booster |
"{F5E65D60-A479-43EA-B9EF-0B0F9E434A86}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FCCA244C-87B8-4AA9-8BEB-FCD327A955E2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FF8B0001-14AB-4982-98D5-43A5DFD40698}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03FAAB22-FFE6-4B14-BAD4-6AA303E0628F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{067E2AEA-B8B5-496D-A97F-1980F5C228E4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{0BE6F91F-666A-4B67-9342-585918C3A9C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1052414E-6E4E-415E-AC51-131265594FAB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1294D667-4D76-41E3-AC44-AFD560A81288}" = protocol=17 | dir=in | app=c:\users\peta\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{13D8C09E-6B49-4CF5-BCAD-51C80DC1BDFD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{14E8C833-9A74-4163-8990-6FA66FD4A6D1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{17998BAA-6B96-43ED-8B2D-94D5F3AEF8E3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{19C4C33D-C9DF-40A7-AFA0-8577BA07952B}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1C09D7BD-438C-4FE4-A91D-D557683CE8A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E564CBC-F687-431A-8872-86B1B9AF5256}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{1E718A93-0986-4A8D-B215-904863436458}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{217F9B10-90C2-4E45-B989-7B9FA2978CD0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{321E6B23-53AD-4AD5-9040-96B760395BA8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{34EFA5CC-1B75-4856-8143-BC8CBCF056EC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{39825BD5-E63F-4E0E-A60E-CDE282EB3BC9}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3B47FEAD-0061-44FE-B5C9-CCFB8F531DA1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{3CF252CB-AA03-4264-AF8B-C4229ACC641E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{3D96ED27-6C10-4012-BBE7-4229AB2D1D72}" = protocol=6 | dir=out | app=system |
"{3EC8E97C-86F5-42A0-8830-A08CDA592468}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{4C68F8C2-FEAD-4B2D-844E-6B593D95652C}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{4CF123BB-DF6C-4FD8-824E-3E897FD1FADC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{4FE4F8CC-8422-4137-B94E-BDB4450E5728}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{54DC82AB-715F-4309-B6E7-C054E3E77DF9}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{55E4D522-7496-420D-8AFF-5EAD54336A37}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{57CC0C2E-02EB-4AA8-8C1B-256E55968E28}" = protocol=6 | dir=in | app=c:\users\peta\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{582266EB-9329-4F04-9D76-BDBF1241D44E}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6B0D7B46-4D9A-4F8E-8D8A-8DEDA835EFE6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{79965DD2-6450-472A-A4F7-16099E75DA37}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7E6258A2-7FB2-45EB-872E-6F3C9F56870A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{83C2D123-B0E8-4784-9730-51BEFF3322E2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{89BB2095-0B40-484F-83AE-5C0B17B611CD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{8AFBC643-E7DF-4D06-9FF1-257E0AA9A7FC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{8DFBEE95-7976-49A8-8564-FAD3064F3C5B}" = protocol=6 | dir=in | app=c:\users\peta\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{8F1518D4-81E9-40E8-AA4F-DA87F674DF82}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{91CBBE30-405B-4837-B21C-ED51E4280DAA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{98C804E0-B7CD-4F44-ADA8-515299663583}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{A1E4A382-5FA3-45E5-8F34-B906CC6E3D91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A59CA84F-2121-476E-B870-80D6D399EBCC}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{A8EB4BE0-CDF6-4AE9-9CB1-743ED241ACA0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AF0F7F05-038C-4D77-BD5A-E2C9573B93C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{AF388E8D-0076-4591-8CC4-583740D178A5}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B406A294-9216-4E26-87EC-2EA22182C7DB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B4B86169-B7CA-4B32-8B67-1AE62B55E084}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{B51AC676-97CF-418B-BC30-A7AF31513C63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5D27639-92CB-4CA1-8B3B-D15DF6B39972}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9940BFC-1F55-4F2D-B97F-2684CA1C12D8}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BB849B5F-2D48-4007-8DAD-170F1C2199C6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C698B9AD-8634-418E-A0EF-4F64C3BCE6B4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{C7EB4FD0-7775-4CE5-B8E0-8927D19F623A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{C8521534-EA07-442D-B4AA-99EAEB0D4F00}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{CAE55977-0A69-428F-A354-09A11907F4F1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{CC15135C-8D10-4CB8-9764-C4DEB5EDCC1A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{D1CA00AB-EACF-424F-AA40-93E6F623E9ED}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{D209A7FD-6387-4AE8-B587-AB19178D2A07}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{D347D5E8-114D-4FB1-AC64-524AC5DF0A98}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{D7FEA994-B6BC-4D5F-A1A1-454D48B41E98}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D833E620-D9AB-48B1-8D5F-EE5C6D0F42CC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D83528C9-3B5B-4EA0-8A3D-4C4523F301C1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA13B91F-C13A-4628-8D00-0B399A1B2173}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DC199994-F8AD-4967-994A-B1C6CD64B5E9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{DF2E9D1C-7DF6-4059-A189-3BB818FB26A4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{DF3AECE9-C873-42FB-A85B-CC73F22A30ED}" = protocol=17 | dir=in | app=c:\users\peta\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{E58B41F2-4B45-49EB-BE1C-3312955241A4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{E8669FF5-CF6E-45C7-A6A8-0301F7F5571A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{ECFF7F1F-A7FD-4BA7-9BA6-A2E66E2D0BF5}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{ED5E171C-9471-4A70-9276-AFB2045E0D95}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{EE6D1BD1-24CE-487E-AF1A-7D29320C936B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{F0F70675-4960-4802-B975-6B68E84D4B37}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FF79A153-141E-44EF-AA5D-4C9F27202B93}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = The Sims™ 3 Diesel Kolekce
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Roční období
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24
"{5347542D-5350-006A-76A7-A758B70C0F05}" = Search App by Ask
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Domácí mazlíčci
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{E1AA8B0F-1176-36F1-8A91-AA19CF39C2F6}" = Google Chrome
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Astroburn Lite" = Astroburn Lite
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HD Tune_is1" = HD Tune 2.55
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"Mozilla Firefox 32.0 (x86 cs)" = Mozilla Firefox 32.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PakkISO_is1" = PakkISO 0.4
"PokerStars" = PokerStars
"rajče.net_is1" = rajče průvodce verze 1.59.48.263
"Steam App 570" = Dota 2
"VLC media player" = VLC media player 1.1.5
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-305399671-4234761083-2540851607-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

Error encountered while reading event logs.

< End of report >

[Márty84]

Napiste mi velikost adresare plochy (C:\Users\Peta\Desktop)




Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000UA.job
C:\Users\Peta\AppData\Roaming\AVG
C:\ProgramData\AVG

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{4D6B8F92-61F8-474D-8604-3B42F2AB7C15}: "URL" = http://www.search.ask.com/web?tpid=SGT- ... trgb=IE&q={searchTerms}&psv=
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-305399671-4234761083-2540851607-1000\..\SearchScopes\{C7A9539C-497C-4F6F-B10D-5B138E57A7C1}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
FF - prefs.js..browser.search.useDBForOrder: true
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2012.05.16 19:58:53 | 000,000,000 | ---D | M] (Yandex.Bar) -- C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru
O2 - BHO: (no name) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014.08.21 20:03:12 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\AVG
[2014.08.21 20:03:12 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\AVG
[2014.08.21 20:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{eec0f710-38b5-4aba-99bf-ec87564a4e13}"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[to_je_jedno]

20 GB...

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Peta
->Temp folder emptied: 1802890 bytes
->Temporary Internet Files folder emptied: 1319615 bytes
->Java cache emptied: 1310 bytes
->FireFox cache emptied: 122960152 bytes
->Google Chrome cache emptied: 8402766 bytes
->Flash cache emptied: 1032 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13342 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 128,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Peta
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-305399671-4234761083-2540851607-1000UA.job moved successfully.
C:\Users\Peta\AppData\Roaming\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Users\Peta\AppData\Roaming\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Users\Peta\AppData\Roaming\AVG\AWL2014\Dashboard folder moved successfully.
C:\Users\Peta\AppData\Roaming\AVG\AWL2014\Backups folder moved successfully.
C:\Users\Peta\AppData\Roaming\AVG\AWL2014 folder moved successfully.
C:\Users\Peta\AppData\Roaming\AVG folder moved successfully.
C:\ProgramData\AVG\AWL2014 folder moved successfully.
C:\ProgramData\AVG\AWL\Program Statistics folder moved successfully.
C:\ProgramData\AVG\AWL folder moved successfully.
C:\ProgramData\AVG folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-305399671-4234761083-2540851607-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-305399671-4234761083-2540851607-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4D6B8F92-61F8-474D-8604-3B42F2AB7C15}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D6B8F92-61F8-474D-8604-3B42F2AB7C15}\ not found.
Registry key HKEY_USERS\S-1-5-21-305399671-4234761083-2540851607-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-305399671-4234761083-2540851607-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C7A9539C-497C-4F6F-B10D-5B138E57A7C1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7A9539C-497C-4F6F-B10D-5B138E57A7C1}\ not found.
Prefs.js: true removed from browser.search.useDBForOrder
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
File C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\modules\foundation folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\modules folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\META-INF folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\defaults\preferences folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\defaults\dynamic-preferences folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\defaults folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\components folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\chrome folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\cbapp\parts\xb folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\cbapp\parts\platform folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\cbapp\parts\native folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\cbapp\parts folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru\cbapp folder moved successfully.
C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\bg6dnwz6.default\extensions\yasearch@yandex.ru folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Folder C:\Users\Peta\AppData\Roaming\AVG\ not found.
C:\Users\Peta\AppData\Local\AVG\AWL2014\Log folder moved successfully.
C:\Users\Peta\AppData\Local\AVG\AWL2014\CrashDumps folder moved successfully.
C:\Users\Peta\AppData\Local\AVG\AWL2014 folder moved successfully.
C:\Users\Peta\AppData\Local\AVG folder moved successfully.
Folder C:\ProgramData\AVG\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3D9E.tmp\System.Web.Mobile.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3D9E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65FE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8768.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBE8D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC0BF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFB90.tmp folder deleted successfully.
C:\Windows\Installer\MSI2ABA.tmp deleted successfully.
C:\Windows\Installer\MSI4765.tmp deleted successfully.
C:\Windows\Installer\MSI531A.tmp deleted successfully.
C:\Windows\Installer\MSIC607.tmp deleted successfully.
C:\Windows\Installer\MSIDE88.tmp deleted successfully.
C:\Windows\Installer\MSIDF34.tmp deleted successfully.
C:\Windows\Installer\MSIE167.tmp deleted successfully.
C:\Windows\Installer\MSIE9F9.tmp deleted successfully.
C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\upd81.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt5C27.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 09102014_201530

Files\Folders moved on Reboot...
File\Folder C:\Users\Peta\AppData\Local\Temp\etilqs_ERP0EX75fo40ulS not found!
File\Folder C:\Users\Peta\AppData\Local\Temp\etilqs_jfd6T65JrNpmZwT not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

20 GB...

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.




11.10. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975