VIRY.CZ

Poznamka o tomto jednani bude predana do interni sekce, kolega bude pokracovat zrejme rano

Co znamena ze bude predana do interne sekcie ?

K uzivateum si piseme poznamky o jejich jednani a problemech - tyto poznamky vidi jen tym pomocniku (radci, MODi, ADMini)...bude k vam pridan nalez stahnuteho nelegalniho W7 Ultimate, pouziti RemoteWAT apod...

aha. no jo, mozem si zato sam. pockam teda na kolegu vaseho ci mi bude vobec dana pomoc. zatial dakujem.

Takže po dohodě s kolegou se na to tentokrát podívám. Dostaneš záznam a pokud přijdeš příště se stejným nelegální systémem, bude Ti nejen pomoc odmítnuta, ale pravděpodobně bude následovat i BAN.

Jestli jsi tak ještě neučinil, všechny nálezy MBAMu dej pochopitelně smazat. Stejně tak si ručně projdi poč a všechny cracky, keygen a další sajrajt ven! Až to provedeš, MBAM zase odinstaluj.


Potom fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: C:\Program Files\trend micro\Fester.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Fester\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 http://www.order.tune-up.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - (no file)
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Fester\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-21-2701260577-2833626082-2814547817-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2701260577-2833626082-2814547817-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O15 - Trusted Zone: http://software.kuaiche.com


Dále stáhni OTL z tohoto odkazu a ulož jej na Plochu.

• Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
• Zaškrtni okénko Pro všechny uživatele.
• Zaškrtni okénko Kontrola na havěť "LOP".
• Zaškrtni okénko Kontrola na havěť "Purity".
• Stáři souborů změň z 30 dnů na 7 dnů!!
• Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

• Klikni na tlačítko [Prohledat].
• Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
• Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

OTL vyhodilo chybu

cannot create file C:\users\fester\desktop\cmd.bat

a zastavilo sa na

Scanning HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Adobe ARM...

Tohle je chyba OTL. Při jednom příkazu dochází ke konfliktu s antivirem. Bohužel, autorovi se zatím nedaří tuto chybu odstranit.
Použij pro OTL takto upravený script: Postup pochopitelně stejný jako předtím.

OTL Extras logfile created on: 17. 1. 2012 15:45:51 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Fester\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 59,69% Memory free
5,46 Gb Paging File | 3,47 Gb Available in Paging File | 63,57% Paging File free
Paging file location(s): c:\pagefile.sys 1500 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 41,89 Gb Total Space | 1,35 Gb Free Space | 3,22% Space Free | Partition Type: NTFS
Drive G: | 554,18 Gb Total Space | 1,20 Gb Free Space | 0,22% Space Free | Partition Type: NTFS

Computer Name: FESTER-PC | User Name: Fester | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.txt[@ = txtfile] -- Reg Error: Key error. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.txt [@ = txtfile] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-2701260577-2833626082-2814547817-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [RapidShareManagerMail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [RapidShareManagerMail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3DCF00F5-04A5-4543-A088-70548081120E}_is1" = Compiled Driver Disc (Full) 1.0
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{5708148D-3A0E-4587-8311-DFCFA33F4D92}" = Windows Live Family Safety
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-1000-0000000FF1CE}_Office14.PROPLUS_{70A6C738-452C-4999-9780-B2C23339711D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUS_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}_Office14.PROPLUS_{8F7BCAD4-B6E7-485B-AA1A-F1D702A6A0CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0043-041B-1000-0000000FF1CE}_Office14.PROPLUS_{D5B1D4C9-AF5A-4653-AB6D-D8AFFBE363AC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}_Office14.PROPLUS_{4A62DCE9-94CF-491F-B8EF-B5E3396F2421}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}_Office14.PROPLUS_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}" = Logitech Webcam Software
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 4.5)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AutopanoGiga2.5" = Kolor Autopano Giga 2.5
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1218
"CCleaner" = CCleaner
"EEEE705096F837B7907659F100C9FE6DA001970F" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.7)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"ImagenomicNoisewareProPlugin" = Imagenomic Noiseware 4.2 Professional Plug-in (build 4205)
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Total Commander_is1" = Total Commander 7.56a Vi7Pack 1.78 (23.02.2011)
"WinRAR archiver" = WinRAR 4.00 beta 7 (64-bit)
"ZonerPhotoStudio13_CZ_is1" = Zoner Photo Studio 13

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}" = Nokia Ovi Player
"{134007CC-7026-46C2-B46F-40D9FD2AF385}" = Technisat DVB-VC80 Redistributable Modules
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1" = MOBILedit! ver. 5.5.0.1148
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}" = PC Connectivity Solution
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5CF6EEE9-86B1-3DB6-A07C-8F6C079C39BA}" = Google Talk Plugin
"{5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}" = Adobe Download Assistant
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75E1C8FF-45B8-42F1-BB79-F70C2F7C85CE}" = ASUS iTracker
"{770103E9-E1C3-48C9-812B-2982C7070575}_is1" = Pazera Free MOV to AVI Converter 1.4
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{889D48DA-457F-4C8B-9095-6458F2793B12}" = Nokia Software Updater
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3BC1DBD-64D6-4EBC-0091-24C811662D40}" = Madden NFL 08
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B5F47039-9B19-4AC3-9A4A-E1CA3068E59F}" = ArcSoft TotalMedia Theatre 3
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF097717-F174-4144-954A-FBC4BF301051}" = Nero 7 Premium
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D032A7F0-8B5C-4603-8B46-235025D5F9C1}" = TechniSat DVB-PC TV Star
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4423F16-0E98-4855-BFF4-3EF016C55D67}" = Nokia_Multimedia_Common_Components_2_5
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALchemy" = Creative ALchemy
"Ant Movie Catalog_is1" = Ant Movie Catalog
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ASIO4ALL" = ASIO4ALL
"AudioCS" = Creative Audio Control Panel
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DFX for Winamp" = DFX for Winamp
"DVB Dream_is1" = DVB Dream version 1.5g
"Foxit Phantom" = Foxit Phantom
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{75E1C8FF-45B8-42F1-BB79-F70C2F7C85CE}" = ASUS iTracker
"InstallShield_{B5F47039-9B19-4AC3-9A4A-E1CA3068E59F}" = ArcSoft TotalMedia Theatre 3
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.60.0.1800
"MediaInfo" = MediaInfo 0.7.27 (32-bit)
"MeGUI" = MeGUI (remove only)
"MKVtoolnix" = MKVtoolnix 3.4.0
"Mozilla Firefox 9.0.1 (x86 sk)" = Mozilla Firefox 9.0.1 (x86 sk)
"MPE" = MyPhoneExplorer
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NSS" = NSS (remove only)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PS3 Media Server" = PS3 Media Server (SubJunk Build)
"PuTTY_is1" = PuTTY version 0.60
"RapidShare Manager" = RapidShare Manager
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"WaveStudio 7" = Creative WaveStudio 7
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.2.9

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2701260577-2833626082-2814547817-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13. 1. 2012 6:05:56 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 6:05:56 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 6:05:56 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 6:05:56 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 6:05:56 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 6:05:56 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 6:05:56 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 6:13:18 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 6:13:19 | Computer Name = Fester-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Na disku není dost místa. .

Error - 13. 1. 2012 19:27:29 | Computer Name = Fester-PC | Source = MsiInstaller | ID = 11705
Description =

[ Media Center Events ]
Error - 29. 11. 2010 4:48:19 | Computer Name = Fester-PC | Source = MCUpdate | ID = 0
Description = 9:48:19 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při příjmu.)

Error - 9. 5. 2011 12:30:34 | Computer Name = Fester-PC | Source = MCUpdate | ID = 0
Description = 18:30:34 - Chyba při připojování k Internetu 18:30:34 - Nelze kontaktovat
server..

Error - 9. 5. 2011 12:31:49 | Computer Name = Fester-PC | Source = MCUpdate | ID = 0
Description = 18:31:49 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

[ System Events ]
Error - 17. 1. 2012 9:56:36 | Computer Name = Fester-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535

Error - 17. 1. 2012 9:56:36 | Computer Name = Fester-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535

Error - 17. 1. 2012 9:56:36 | Computer Name = Fester-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535

Error - 17. 1. 2012 9:56:36 | Computer Name = Fester-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535

Error - 17. 1. 2012 10:51:29 | Computer Name = Fester-PC | Source = PNRPSvc | ID = 102
Description =

Error - 17. 1. 2012 10:51:29 | Computer Name = Fester-PC | Source = PNRPSvc | ID = 102
Description =

Error - 17. 1. 2012 10:51:29 | Computer Name = Fester-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535

Error - 17. 1. 2012 10:51:29 | Computer Name = Fester-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535

Error - 17. 1. 2012 10:51:29 | Computer Name = Fester-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535

Error - 17. 1. 2012 10:51:29 | Computer Name = Fester-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535


< End of report >

OTL logfile created on: 17. 1. 2012 15:45:51 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Fester\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 59,69% Memory free
5,46 Gb Paging File | 3,47 Gb Available in Paging File | 63,57% Paging File free
Paging file location(s): c:\pagefile.sys 1500 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 41,89 Gb Total Space | 1,35 Gb Free Space | 3,22% Space Free | Partition Type: NTFS
Drive G: | 554,18 Gb Total Space | 1,20 Gb Free Space | 0,22% Space Free | Partition Type: NTFS

Computer Name: FESTER-PC | User Name: Fester | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/01/16 16:53:39 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fester\Desktop\OTL.exe
PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/12/21 09:07:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/06/30 20:47:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/05/25 08:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/05/20 21:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/04/27 15:45:15 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/01 09:31:38 | 002,271,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/03/29 06:50:35 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010/11/05 16:21:09 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/10/19 12:01:32 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/08/31 18:12:22 | 005,896,656 | -H-- | M] () -- G:\QIP\QIP Infium PafoPack 9040\infium.exe
PRC - [2009/04/30 16:01:12 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/04/27 17:24:08 | 001,707,520 | ---- | M] (ASUSTek) -- C:\Program Files (x86)\ASUS\iTracker\iTracker.exe
PRC - [2008/11/18 12:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/01 17:58:45 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/12/21 09:07:08 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/10/14 15:28:52 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/10/14 15:28:16 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bb7848a42e8c9dd8577af34b9bd511a1\PresentationFramework.ni.dll
MOD - [2011/10/14 15:27:58 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/14 15:27:49 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/14 15:27:46 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2b301555648e46137965de64da03b93\PresentationCore.ni.dll
MOD - [2011/10/14 15:27:32 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/14 15:27:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/14 15:27:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/14 15:27:20 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/14 15:27:13 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/05/20 21:35:00 | 000,247,400 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/13 03:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 02:54:43 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010/08/31 18:12:26 | 000,438,224 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Protos\Social\Social.dll
MOD - [2010/08/31 18:12:24 | 001,993,680 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Protos\InfICQ\inficq.dll
MOD - [2010/08/31 18:12:24 | 000,086,992 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Core\WebWindow.dll
MOD - [2010/08/31 18:12:22 | 005,896,656 | -H-- | M] () -- G:\QIP\QIP Infium PafoPack 9040\infium.exe
MOD - [2009/06/24 10:30:55 | 001,805,312 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Plugins\TVp\TVp.dll
MOD - [2009/06/09 18:21:24 | 002,046,464 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Plugins\RSSNews\RSSNews.dll
MOD - [2009/03/07 17:36:02 | 001,478,656 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Plugins\FMtune\FMtune.dll
MOD - [2009/01/24 18:11:52 | 000,584,192 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Plugins\QIPGraffiti\QIPGraffiti.dll
MOD - [2009/01/12 16:10:50 | 001,174,528 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Plugins\Weather\Weather.dll
MOD - [2008/11/24 16:04:35 | 000,316,416 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Plugins\Svatky\svatky.dll
MOD - [2008/05/15 22:01:18 | 001,083,392 | ---- | M] () -- G:\QIP\QIP Infium PafoPack 9040\Plugins\ExMusic\ExMusic.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/04/30 16:01:00 | 000,190,488 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/30 20:47:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/25 08:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/05/20 21:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/04/27 15:45:15 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/04/01 09:31:38 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/03/21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/01/12 14:41:40 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/10/19 12:01:32 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/09/16 09:06:12 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/09/16 08:07:51 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 12:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/08/17 09:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/17 09:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/17 09:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/17 09:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/06/30 20:47:43 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/06/30 20:47:43 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/11 01:48:22 | 000,015,872 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2010/12/09 16:04:32 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2010/12/09 16:02:40 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mdm.sys -- (s125mdm)
DRV:64bit: - [2010/12/09 16:02:38 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2010/12/09 16:02:38 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125obex.sys -- (s125obex)
DRV:64bit: - [2010/12/09 16:02:38 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV:64bit: - [2010/12/09 16:02:38 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mdfl.sys -- (s125mdfl)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/09/23 13:54:47 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/10 08:09:36 | 000,617,048 | ---- | M] (TechniSat Digital, S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SkyNET_AMD64.sys -- (SKYNET)
DRV:64bit: - [2010/04/27 15:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 15:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 13:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 13:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009/12/17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/09/28 08:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/09/11 06:47:38 | 000,605,968 | ---- | M] (TechniSat Digital, S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SkyNetBDA_AMD64.sys -- (SkyNetBDA_AMD64) TechniSat DVB-PC TV Star PCI (BDA)
DRV:64bit: - [2009/08/09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/01 00:03:06 | 006,377,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech QuickCam Pro 5000(UVC)
DRV:64bit: - [2009/05/01 00:01:34 | 000,327,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/04/30 23:59:22 | 000,271,640 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2009/04/30 15:59:48 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/04/30 15:59:48 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/04/21 13:12:50 | 001,288,192 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/11/22 12:06:46 | 001,064,448 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/03/29 07:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7F C8 7A 7D AB 86 CC 01 [binary data]
IE - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/sli ... ie7&query="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {62760FD6-B943-48C9-AB09-F99C6FE96088}:2.1.4
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.5
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: pastebin.com@gmail.com:2.1
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/sli ... pab&query="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.qip.ru/search?from=FF&query="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Fester\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Fester\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Fester\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Fester\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Fester\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: G:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/09/25 14:19:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/02/17 21:14:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/27 10:43:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/15 19:48:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/02/17 21:14:46 | 000,000,000 | ---D | M]

[2011/04/14 12:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fester\AppData\Roaming\Mozilla\Extensions
[2011/04/14 12:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fester\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/04/06 14:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions
[2010/10/09 11:32:26 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2010/09/30 14:32:48 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010/10/09 11:32:27 | 000,000,000 | ---D | M] (eBay Sidebar for Firefox) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
[2010/10/19 12:26:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/14 19:13:35 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\battlefieldheroespatcher@ea.com
[2010/10/19 17:19:34 | 000,000,000 | ---D | M] (Pastebin) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com
[2012/01/07 11:40:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\n74pss22.default\extensions
[2011/11/12 22:32:14 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\n74pss22.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/27 10:43:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\FESTER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5PHHYGCY.DEFAULT\EXTENSIONS\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
[2011/12/21 09:07:09 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/23 12:20:20 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/03 21:49:21 | 000,076,288 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2011/12/21 06:25:11 | 000,001,583 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
[2011/12/21 06:25:11 | 000,001,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
[2011/12/21 06:25:11 | 000,001,479 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
[2011/12/21 06:25:11 | 000,001,473 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
[2010/08/16 15:38:48 | 000,002,181 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\vmndtxtb3.xml
[2011/12/21 06:25:11 | 000,001,104 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011/12/21 06:25:11 | 000,000,830 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2012/01/16 16:50:02 | 000,000,100 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.tune-up.com
O1 - Hosts: 127.0.0.1 www.tune-up.com/order
O1 - Hosts: 127.0.0.1 www.registertuneup.com
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001..\Run: [Infium] G:\QIP\QIP Infium PafoPack 9040\infium.exe ()
O4 - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001..\Run: [iTracker] C:\Program Files (x86)\ASUS\iTracker\iTracker.exe (ASUSTek)
O4 - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2701260577-2833626082-2814547817-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2701260577-2833626082-2814547817-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://G:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://G:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22AEC24C-2CF8-4F4F-99BD-6DDA379D54C3}: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42425AF2-528A-49C2-A4D4-C982B165DA92}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D94FB4E-82FA-4061-BDD7-8E11A11F1D4C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7072825-6698-4A30-A660-F3A730093F15}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/01/16 16:53:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Fester\Desktop\OTL.exe
[2012/01/14 17:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/13 09:04:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/01/12 20:31:13 | 000,000,000 | ---D | C] -- C:\rsit
[2012/01/12 20:30:47 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/12 20:30:47 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/12 20:30:47 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/12 20:30:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/12 20:30:47 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/12 20:30:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/12 15:09:52 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/12 15:09:52 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/12 15:09:52 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/12 15:09:52 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/12 15:09:50 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/12 15:09:48 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/12 15:09:48 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll

========== Files - Modified Within 7 Days ==========

[2012/01/17 15:48:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/01/17 15:21:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2701260577-2833626082-2814547817-1001UA.job
[2012/01/17 15:16:35 | 001,609,780 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/17 15:16:35 | 000,669,632 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012/01/17 15:16:35 | 000,663,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/17 15:16:35 | 000,144,322 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012/01/17 15:16:35 | 000,125,420 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/17 15:06:05 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/17 15:03:14 | 000,020,000 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/17 15:03:14 | 000,020,000 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/17 14:55:42 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/17 14:55:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/17 00:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2701260577-2833626082-2814547817-1001Core.job
[2012/01/16 16:53:39 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fester\Desktop\OTL.exe
[2012/01/16 16:50:02 | 000,000,100 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/01/15 13:52:43 | 000,043,706 | ---- | M] () -- C:\Users\Fester\Desktop\troy-polamalu-hair-490x325.jpg
[2012/01/14 17:00:18 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/14 00:30:58 | 001,579,840 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/13 09:09:29 | 000,458,240 | ---- | M] () -- C:\Users\Fester\Desktop\CKScanner.exe
[2012/01/12 22:07:33 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

========== Files Created - No Company Name ==========

[2012/01/16 16:59:43 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/01/15 13:52:40 | 000,043,706 | ---- | C] () -- C:\Users\Fester\Desktop\troy-polamalu-hair-490x325.jpg
[2012/01/14 17:00:18 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/13 09:09:35 | 000,458,240 | ---- | C] () -- C:\Users\Fester\Desktop\CKScanner.exe
[2011/07/16 15:37:58 | 000,000,022 | ---- | C] () -- C:\Windows\SysWow64\config.ini
[2011/07/13 19:47:56 | 000,000,000 | ---- | C] () -- C:\Users\Fester\AppData\Local\{6BE02757-0BFD-4633-A96A-85852C478669}
[2011/06/02 11:47:30 | 000,000,600 | ---- | C] () -- C:\Users\Fester\AppData\Roaming\winscp.rnd
[2011/05/20 21:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/05/11 19:20:16 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/05/11 19:20:15 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/05/11 19:20:15 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/05/11 19:20:14 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/05/05 21:07:13 | 000,000,000 | ---- | C] () -- C:\Users\Fester\AppData\Local\{C8170AA0-C8C5-41B6-A270-280D17FE8972}
[2011/05/05 20:42:57 | 000,000,000 | ---- | C] () -- C:\Users\Fester\AppData\Local\{F9F2B95C-BDF0-49C5-83E4-65DB5BE38805}
[2011/05/04 21:10:46 | 000,000,000 | ---- | C] () -- C:\Windows\graphedit.INI
[2011/05/03 21:06:42 | 000,000,000 | ---- | C] () -- C:\Windows\graphedt.INI
[2011/05/02 15:53:26 | 000,000,130 | ---- | C] () -- C:\Windows\EurekaLog.ini
[2011/04/27 10:21:38 | 003,268,096 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/06 11:45:59 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/03/03 21:35:53 | 000,000,093 | ---- | C] () -- C:\Windows\NoClose.ini
[2011/01/09 22:24:09 | 000,056,899 | ---- | C] () -- C:\Windows\SysWow64\x264-uninstall.exe
[2010/12/14 08:43:05 | 000,000,057 | ---- | C] () -- C:\Windows\rocksoft.ini
[2010/12/07 22:04:08 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010/12/02 14:11:57 | 000,007,603 | ---- | C] () -- C:\Users\Fester\AppData\Local\Resmon.ResmonCfg
[2010/11/29 10:01:58 | 000,009,728 | ---- | C] () -- C:\Users\Fester\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/27 12:08:51 | 000,000,000 | ---- | C] () -- C:\Windows\graphedt_x64.INI
[2010/11/27 00:28:30 | 000,001,008 | ---- | C] () -- C:\Users\Fester\AppData\Local\SRDownloader.nast
[2010/11/14 17:57:49 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/11/02 00:47:46 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2010/10/22 18:52:14 | 000,000,133 | ---- | C] () -- C:\Windows\VobEdit.INI
[2010/10/22 11:08:16 | 000,000,000 | ---- | C] () -- C:\Windows\acehtml6.ini
[2010/10/19 12:02:03 | 000,215,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/10/19 12:01:32 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/10/12 18:44:54 | 000,000,600 | ---- | C] () -- C:\Users\Fester\AppData\Local\PUTTY.RND
[2010/10/11 14:43:17 | 001,579,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/10/10 15:45:52 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/10/09 11:36:17 | 000,000,271 | ---- | C] () -- C:\Windows\maketorrent.ini
[2010/10/08 12:11:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/10/07 05:14:55 | 000,003,328 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2010/09/16 08:07:15 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/09/16 08:07:15 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010/09/16 07:52:40 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/03/28 11:55:22 | 001,571,817 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2008/11/13 13:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2008/06/29 19:48:48 | 000,311,128 | ---- | C] () -- C:\Windows\SysWow64\libssl32.dll
[2008/06/05 10:02:36 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASIT.exe
[2000/01/01 01:00:00 | 000,000,023 | RHS- | C] () -- C:\Windows\mtlid64s2.dat

========== LOP Check ==========

[2011/04/13 20:23:11 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\.purple
[2010/11/02 01:08:45 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Aegisub
[2011/04/13 16:47:58 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Ashampoo
[2011/02/22 14:47:41 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Autodesk
[2010/10/15 16:39:02 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\BITS
[2011/04/13 14:51:10 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Canneverbe Limited
[2010/12/11 11:25:30 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Canon
[2011/06/11 11:24:06 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/03/29 16:41:40 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\com.caffeinatedmind.Sendoid
[2010/09/17 06:44:56 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\com.prakaz.project.photogettr.FBAB9E68ED32BC183252F597C39DBF71CF315A79.1
[2010/09/16 11:37:32 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\e
[2010/09/16 07:52:35 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\FlashGet
[2010/09/16 07:52:32 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\FlashGetBHO
[2010/12/23 10:30:22 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\fltk.org
[2011/05/10 22:17:29 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Foxit Software
[2011/04/13 17:24:39 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Gajim
[2011/03/03 21:23:56 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\GHISLER
[2011/04/13 17:46:37 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\gtk-2.0
[2011/01/09 16:23:02 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\HDRsoft
[2010/10/31 00:19:55 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Imagenomic
[2010/12/22 16:08:29 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Kenny Kerr
[2010/10/18 22:04:28 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\LolClient
[2010/10/15 12:05:01 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Mirillis
[2010/10/08 13:03:07 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\mkvtoolnix
[2011/11/27 23:03:18 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\MOBILedit
[2011/06/10 20:12:59 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\mojosoft
[2011/11/27 23:23:33 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\MyPhoneExplorer
[2010/11/02 11:40:25 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Nik Software
[2011/11/15 21:33:12 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Nokia
[2011/02/17 21:43:45 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Nokia Ovi Suite
[2010/10/15 12:15:02 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Notepad++
[2011/03/30 20:06:33 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\OpenCandy
[2011/11/27 23:07:00 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\PC Suite
[2011/03/20 21:45:36 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\PDF Writer
[2010/09/23 12:40:03 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\PPLive
[2010/10/17 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Promixis
[2011/11/13 11:54:50 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Publish Providers
[2010/10/05 08:05:18 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\QIP
[2011/04/13 20:01:20 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\qutim
[2011/04/13 20:01:35 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\qxdg
[2010/10/17 10:16:13 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\RGSystemFonts
[2010/12/14 09:17:16 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Rockwell Software
[2011/10/15 12:43:55 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Samsung
[2011/11/13 11:54:46 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Sony
[2010/11/07 09:39:14 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Sparx Systems
[2010/11/22 11:38:13 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/07/10 12:07:44 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\StepMania 5
[2010/09/28 17:23:27 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Stereoscopic Player
[2011/02/26 09:45:37 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\TeamViewer
[2011/04/14 12:37:03 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Thunderbird
[2011/02/24 19:48:44 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Toad Data Modeler Freeware
[2010/11/09 18:07:16 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Trillian
[2012/01/13 09:05:51 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\TuneUp Software
[2012/01/17 15:50:44 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\uTorrent
[2011/03/03 22:14:42 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\VisualAssist
[2010/10/05 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\VitySoft
[2010/10/21 20:32:16 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\vmndtxtb
[2010/11/14 20:11:10 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Windows Live Writer
[2011/03/25 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Youtube Downloader HD
[2010/12/30 22:45:57 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Zoner
[2011/12/27 10:37:45 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< netsvc >


< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\ERDNT\cache86\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache86\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\ERDNT\cache64\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\ERDNT\cache64\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[112 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/04/13 20:23:11 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\.purple
[2011/07/24 00:21:42 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Adobe
[2010/11/02 01:08:45 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Aegisub
[2011/11/01 08:12:13 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Ahead
[2010/12/25 15:04:16 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Apple Computer
[2011/05/11 14:32:45 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\ArcSoft
[2011/04/13 16:47:58 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Ashampoo
[2011/02/22 14:47:41 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Autodesk
[2010/09/15 22:47:04 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Avira
[2010/10/15 16:39:02 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\BITS
[2011/04/13 14:51:10 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Canneverbe Limited
[2010/12/11 11:25:30 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Canon
[2011/06/11 11:24:06 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/03/29 16:41:40 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\com.caffeinatedmind.Sendoid
[2010/09/17 06:44:56 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\com.prakaz.project.photogettr.FBAB9E68ED32BC183252F597C39DBF71CF315A79.1
[2010/09/16 11:26:00 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Creative
[2011/05/05 13:35:08 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\CyberLink
[2010/09/23 21:31:40 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\DivX
[2011/01/11 01:43:07 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Download Manager
[2010/09/16 11:37:32 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\e
[2010/09/16 07:52:35 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\FlashGet
[2010/09/16 07:52:32 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\FlashGetBHO
[2010/12/23 10:30:22 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\fltk.org
[2011/05/10 22:17:29 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Foxit Software
[2011/04/13 17:24:39 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Gajim
[2011/03/03 21:23:56 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\GHISLER
[2011/04/13 17:46:37 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\gtk-2.0
[2011/01/09 16:23:02 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\HDRsoft
[2010/09/15 20:45:01 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Identities
[2010/10/31 00:19:55 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Imagenomic
[2010/12/22 16:08:29 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Kenny Kerr
[2010/10/18 22:04:28 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\LolClient
[2010/09/15 23:02:32 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Macromedia
[2012/01/14 18:14:22 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Malwarebytes
[2009/07/14 16:36:58 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Media Center Programs
[2011/07/29 20:18:53 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Media Player Classic
[2011/07/27 21:40:13 | 000,000,000 | --SD | M] -- C:\Users\Fester\AppData\Roaming\Microsoft
[2010/11/21 22:56:41 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Microsoft Corporation
[2010/10/15 12:05:01 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Mirillis
[2010/10/08 13:03:07 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\mkvtoolnix
[2011/11/27 23:03:18 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\MOBILedit
[2011/06/10 20:12:59 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\mojosoft
[2011/04/06 11:46:03 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Mozilla
[2011/11/27 23:23:33 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\MyPhoneExplorer
[2010/09/17 06:40:49 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Nero
[2010/11/02 11:40:25 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Nik Software
[2011/11/15 21:33:12 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Nokia
[2011/02/17 21:43:45 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Nokia Ovi Suite
[2010/10/15 12:15:02 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Notepad++
[2010/09/24 07:23:22 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\NVIDIA
[2010/09/28 17:08:36 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\NVIDIA 3D Vision Video Player
[2011/03/30 20:06:33 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\OpenCandy
[2011/11/27 23:07:00 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\PC Suite
[2011/03/20 21:45:36 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\PDF Writer
[2010/09/23 12:40:03 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\PPLive
[2010/10/17 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Promixis
[2011/11/13 11:54:50 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Publish Providers
[2010/10/05 08:05:18 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\QIP
[2011/04/13 20:01:20 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\qutim
[2011/04/13 20:01:35 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\qxdg
[2011/05/07 09:35:49 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Real
[2010/10/17 10:16:13 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\RGSystemFonts
[2010/12/14 09:17:16 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Rockwell Software
[2011/10/15 12:43:55 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Samsung
[2011/11/13 13:24:44 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Skype
[2011/08/29 15:49:01 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\skypePM
[2011/11/13 11:54:46 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Sony
[2010/11/07 09:39:14 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Sparx Systems
[2010/11/22 11:38:13 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/07/10 12:07:44 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\StepMania 5
[2010/09/28 17:23:27 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Stereoscopic Player
[2011/02/26 09:45:37 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\TeamViewer
[2011/04/14 12:37:03 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Thunderbird
[2011/02/24 19:48:44 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Toad Data Modeler Freeware
[2010/11/09 18:07:16 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Trillian
[2012/01/13 09:05:51 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\TuneUp Software
[2012/01/17 16:08:25 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\uTorrent
[2011/03/03 22:14:42 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\VisualAssist
[2010/10/05 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\VitySoft
[2010/10/21 20:32:16 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\vmndtxtb
[2011/07/24 00:36:27 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Winamp
[2010/11/14 20:11:10 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Windows Live Writer
[2010/09/16 09:50:22 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\WinRAR
[2011/03/25 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Youtube Downloader HD
[2010/12/30 22:45:57 | 000,000,000 | ---D | M] -- C:\Users\Fester\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011/12/25 12:31:08 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Fester\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\ARPPRODUCTICON.exe
[2011/12/25 12:31:08 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Fester\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2011/12/25 12:31:08 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Fester\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2011/12/25 12:31:08 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Fester\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2011/12/25 12:31:08 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Fester\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2011/07/24 08:33:21 | 000,010,134 | R--- | M] () -- C:\Users\Fester\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/02/20 11:03:02 | 001,574,371 | ---- | M] () -- C:\Users\Fester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RapidShare Manager\WinRAR.4.00.Beta.7_UltraTeam___WBB_ByoniX\WinRAR.4.00.Beta.7 UltraTeam_@_WBB_ByoniX\winrar-x64-40b7.exe
[2010/08/19 22:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
[2011/03/30 20:06:34 | 000,416,160 | ---- | M] () -- C:\Users\Fester\AppData\Roaming\OpenCandy\OpenCandy_2AE533B99D4E4C0D9EC3299C23147D1C\LatestDLMgr.exe
[2010/12/17 23:07:06 | 000,043,440 | ---- | M] () -- C:\Users\Fester\AppData\Roaming\OpenCandy\OpenCandy_2AE533B99D4E4C0D9EC3299C23147D1C\SpeedstarterCZ.exe
[2010/12/17 18:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\Fester\AppData\Roaming\OpenCandy\OpenCandy_2AE533B99D4E4C0D9EC3299C23147D1C\ZrychleniPocitace.exe
[2011/03/30 20:06:41 | 001,842,096 | ---- | M] () -- C:\Users\Fester\AppData\Roaming\OpenCandy\OpenCandy_2AE533B99D4E4C0D9EC3299C23147D1C\ZrychleniPocitace_p2v1.exe
[2011/12/27 19:59:20 | 037,351,744 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\Fester\AppData\Roaming\Samsung\AllShare\AllShare_2.1.0.11123_8.exe
[2010/04/19 21:15:28 | 000,414,168 | ---- | M] (Visicom Media Inc.) -- C:\Users\Fester\AppData\Roaming\vmndtxtb\vmn3_2dn.exe
[2010/11/04 21:54:14 | 012,452,064 | ---- | M] (ZONER software ) -- C:\Users\Fester\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build02.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012/01/17 14:55:42 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/01/17 16:06:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/01/17 00:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2701260577-2833626082-2814547817-1001Core.job
[2012/01/17 15:21:01 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2701260577-2833626082-2814547817-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >

< %userprofile%\Desktop\*.* >
[2011/11/15 21:36:14 | 018,830,601 | R--- | M] () -- C:\Users\Fester\Desktop\2011-11-15 Nokia 5530 XpressMusic.nbu
[2011/11/27 23:09:51 | 009,728,814 | R--- | M] () -- C:\Users\Fester\Desktop\2011-11-27 Nokia 6303 classic.nbu
[2012/01/02 08:13:48 | 000,195,993 | ---- | M] () -- C:\Users\Fester\Desktop\2959831-little-big-planet.jpg
[2011/11/13 21:47:02 | 000,032,050 | ---- | M] () -- C:\Users\Fester\Desktop\391946_240455766012044_203577189699902_689763_612194737_n.jpg
[2011/12/25 11:55:24 | 000,137,290 | ---- | M] () -- C:\Users\Fester\Desktop\american-chopper-senior-junior.jpg
[2011/12/25 11:56:00 | 000,009,475 | ---- | M] () -- C:\Users\Fester\Desktop\AmericanChopperSeniorVsJunior.jpg
[2011/11/21 12:56:25 | 000,086,906 | ---- | M] () -- C:\Users\Fester\Desktop\Bez názvu.png
[2012/01/13 09:13:28 | 000,002,066 | ---- | M] () -- C:\Users\Fester\Desktop\ckfiles.txt
[2012/01/13 09:09:29 | 000,458,240 | ---- | M] () -- C:\Users\Fester\Desktop\CKScanner.exe
[2011/10/26 17:37:28 | 000,000,282 | -HS- | M] () -- C:\Users\Fester\Desktop\desktop.ini
[2012/01/07 21:41:44 | 000,306,329 | ---- | M] () -- C:\Users\Fester\Desktop\DSCF1184.JPG
[2012/01/01 15:22:37 | 000,302,227 | ---- | M] () -- C:\Users\Fester\Desktop\DSC_0150.jpg
[2012/01/01 16:23:08 | 008,433,357 | ---- | M] () -- C:\Users\Fester\Desktop\DSC_0150.NEF
[2012/01/06 07:38:11 | 000,285,416 | ---- | M] () -- C:\Users\Fester\Desktop\DSC_0162.jpg
[2012/01/06 01:39:06 | 008,354,441 | ---- | M] () -- C:\Users\Fester\Desktop\DSC_0162.NEF
[2011/10/30 21:06:43 | 000,000,606 | ---- | M] () -- C:\Users\Fester\Desktop\DVB Dream.lnk
[2011/11/15 21:31:06 | 000,001,078 | ---- | M] () -- C:\Users\Fester\Desktop\F1Upgrade.lnk
[2011/11/12 22:33:15 | 000,125,855 | ---- | M] () -- C:\Users\Fester\Desktop\ImgW.ashx.jpg
[2011/10/30 10:10:21 | 000,187,571 | ---- | M] () -- C:\Users\Fester\Desktop\IMG_1043.JPG
[2011/10/30 10:08:08 | 000,176,225 | ---- | M] () -- C:\Users\Fester\Desktop\IMG_1057.JPG
[2011/03/23 20:30:53 | 000,001,023 | ---- | M] () -- C:\Users\Fester\Desktop\Kolor Autopano Giga 2.5.lnk
[2012/01/02 08:16:39 | 000,093,576 | ---- | M] () -- C:\Users\Fester\Desktop\little-big-planet-2-wallpaper-9.jpg
[2011/07/24 00:19:58 | 000,001,009 | ---- | M] () -- C:\Users\Fester\Desktop\Madden NFL 08.lnk
[2011/01/09 23:22:55 | 018,078,945 | ---- | M] () -- C:\Users\Fester\Desktop\Me&You.wmv
[2011/11/13 11:00:08 | 202,594,304 | ---- | M] () -- C:\Users\Fester\Desktop\MOV001.MOD
[2011/11/12 10:15:28 | 002,357,346 | ---- | M] () -- C:\Users\Fester\Desktop\MOV01045.MP4
[2009/02/01 18:15:52 | 003,250,688 | ---- | M] () -- C:\Users\Fester\Desktop\MovieCatalog.exe
[2011/11/13 12:08:02 | 001,565,567 | ---- | M] () -- C:\Users\Fester\Desktop\Môj film.wmv
[2011/11/13 12:08:34 | 003,914,648 | ---- | M] () -- C:\Users\Fester\Desktop\Môj film.wmv.sfap0
[2011/11/13 12:09:10 | 000,030,648 | ---- | M] () -- C:\Users\Fester\Desktop\Môj film.wmv.sfk
[2012/01/02 10:25:29 | 000,048,809 | ---- | M] () -- C:\Users\Fester\Desktop\nfl_nfl_preview2_576.jpg
[2011/12/25 12:31:08 | 000,002,237 | ---- | M] () -- C:\Users\Fester\Desktop\Nokia Software Updater.lnk
[2011/10/15 11:15:03 | 000,000,000 | ---- | M] () -- C:\Users\Fester\Desktop\Nový Dokument programu Microsoft Word (2).docx
[2011/10/15 11:20:33 | 000,000,000 | ---- | M] () -- C:\Users\Fester\Desktop\Nový Dokument programu Microsoft Word (3).docx
[2011/08/31 20:11:57 | 000,008,843 | ---- | M] () -- C:\Users\Fester\Desktop\Nový Pracovný hárok programu Microsoft Excel (2).xlsx
[2011/10/15 11:14:23 | 000,000,000 | ---- | M] () -- C:\Users\Fester\Desktop\Nový textový dokument.txt
[2011/11/15 21:31:06 | 000,000,981 | ---- | M] () -- C:\Users\Fester\Desktop\NSS.lnk
[2012/01/16 16:53:39 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fester\Desktop\OTL.exe
[2011/08/31 04:29:06 | 002,568,041 | ---- | M] () -- C:\Users\Fester\Desktop\Profilove (zmensene).rar
[2011/04/14 12:41:08 | 000,000,676 | ---- | M] () -- C:\Users\Fester\Desktop\qip – zástupce.lnk
[2011/11/13 11:54:21 | 000,002,412 | ---- | M] () -- C:\Users\Fester\Desktop\Register Vegas Pro.htm
[2011/11/27 23:25:48 | 000,107,888 | ---- | M] () -- C:\Users\Fester\Desktop\SMS Export 27. 11. 2011 23 25.html
[2011/11/27 23:25:22 | 000,033,511 | ---- | M] () -- C:\Users\Fester\Desktop\SMS Export 27. 11. 2011 23 25.txt
[2011/11/27 23:09:25 | 000,036,217 | ---- | M] () -- C:\Users\Fester\Desktop\spravy.csv
[2011/12/29 21:33:30 | 000,086,744 | ---- | M] () -- C:\Users\Fester\Desktop\Strange-Animal-Friends-Banned-Hollywood-06.jpg
[2011/10/16 10:22:26 | 000,027,293 | ---- | M] () -- C:\Users\Fester\Desktop\TEST A FINAL.docx
[2011/10/16 17:15:10 | 000,024,658 | ---- | M] () -- C:\Users\Fester\Desktop\TEST A tahak.docx
[2011/10/16 10:28:31 | 000,025,590 | ---- | M] () -- C:\Users\Fester\Desktop\TEST B FINAL.docx
[2011/10/16 17:15:58 | 000,022,219 | ---- | M] () -- C:\Users\Fester\Desktop\TEST B tahak.docx
[2011/05/15 15:50:29 | 000,000,598 | ---- | M] () -- C:\Users\Fester\Desktop\trening.txt
[2012/01/15 13:52:43 | 000,043,706 | ---- | M] () -- C:\Users\Fester\Desktop\troy-polamalu-hair-490x325.jpg
[2011/12/29 20:40:43 | 000,075,232 | ---- | M] () -- C:\Users\Fester\Desktop\tucniaky-ruky-romantika-drzanie.jpg
[2012/01/13 11:21:48 | 000,004,694 | ---- | M] () -- C:\Users\Fester\Desktop\WVCheck_1121_13-01-2012.txt
[2012/01/01 14:30:27 | 000,040,666 | ---- | M] () -- C:\Users\Fester\Desktop\xmass.jpg
[2011/10/06 04:30:55 | 000,028,160 | ---- | M] () -- C:\Users\Fester\Desktop\Zivotopis Lukas Jano.doc
[2011/06/16 12:21:21 | 000,029,696 | ---- | M] () -- C:\Users\Fester\Desktop\Zivotopis.doc
[2011/04/05 13:30:25 | 002,207,979 | ---- | M] () -- C:\Users\Fester\Desktop\zoznamDVD.pdf
[2011/05/26 11:59:32 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$ tahak.docx
[2011/10/15 19:10:15 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$ST A tahak.docx
[2011/10/15 12:10:14 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$ST B FINAL.docx
[2011/01/13 15:42:43 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$testz.doc
[2011/01/13 15:39:12 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$testz.txt
[2011/09/05 05:59:53 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$votopis.doc
[2011/02/02 21:47:52 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$vý Dokument aplikace Microsoft Office Word (2).docx
[2011/08/25 04:11:29 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$vý Dokument programu Microsoft Word (2).docx
[2011/06/29 04:27:14 | 000,000,162 | -H-- | M] () -- C:\Users\Fester\Desktop\~$vý Dokument programu Microsoft Word.docx

< %ALLUSERSPROFILE%\Plocha\*.* >

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >
[2009/03/03 12:28:38 | 000,000,461 | ---- | M] () -- \Program Files (x86)\Image-Line\Sawer\Presets\Ambient\MC Cracked.sawer
[2011/11/13 11:40:13 | 000,000,970 | ---- | M] () -- \Users\Fester\AppData\Roaming\Microsoft\Windows\Recent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.lnk
[2010/11/06 19:04:55 | 000,024,181 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\Cracks.2009.720p.BluRay.x264.CZ.EN-ViDeoM.1.torrent
[2010/10/31 01:03:03 | 000,024,181 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\Cracks.2009.720p.BluRay.x264.CZ.EN-ViDeoM.torrent
[2010/10/19 19:35:13 | 000,000,731 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\DVDFab.v8.0.2.2.WinAll.Cracked-PDTTAH.torrent
[2010/11/18 17:42:17 | 000,000,714 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\Need.for.Speed.Hot.Pursuit.CRACKONLY-RELOADED.torrent
[2011/11/13 11:26:18 | 000,019,471 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.torrent
[2010/11/23 22:07:52 | 004,271,249 | ---- | M] () -- \Users\Fester\Documents\Prijaté súbory\Crack_by_dudiss.rar
[2010/09/26 09:26:58 | 000,016,454 | ---- | M] () -- \Users\Fester\Documents\Xilisoft Corporation\Mobile Video Converter\crack.js

< *keygen* /s >
[2011/10/30 20:53:53 | 000,000,743 | ---- | M] () -- \Users\Fester\AppData\Roaming\Microsoft\Windows\Recent\DVB Dream 1.5g Multilingual incl Keygen.lnk
[2010/09/24 07:21:42 | 000,001,115 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\CoreCodec.CoreAVC.Professional.Edition.v2.0.0.0.Incl.Keygen-HERiTAGE.torrent
[2011/10/30 20:42:20 | 000,002,306 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\DVB Dream 1.5g + Keygen.rar.torrent
[2010/10/07 19:39:57 | 000,003,158 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\Lavalys.EVEREST.Ultimate.Edition.v4.60.1500.Multilingual.Incl.Keygen-BRD.torrent
[2011/12/29 15:21:30 | 000,011,289 | ---- | M] () -- \Users\Fester\AppData\Roaming\uTorrent\TuneUp.Utilities.2012.v12.0.2120.7.Incl.Keygen-Lz0.torrent
[2011/10/30 20:53:53 | 008,663,070 | ---- | M] () -- \Users\Fester\Downloads\DVB Dream 1.5g Multilingual incl Keygen.rar
[2011/09/04 14:05:56 | 000,070,144 | ---- | M] () -- \Users\Fester\Downloads\DVB Dream 1.5g Multilingual incl Keygen\Keygen\maze_keygen.exe

< *loader* /s >
[2010/02/04 22:53:02 | 000,003,386 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 3\PlayerLoader.htm
[2008/11/27 18:57:14 | 000,000,333 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 3\PlayerLoader.mcl
[2010/02/05 08:25:34 | 000,084,480 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 3\PlayerLoader32\HookLoader32.dll
[2009/12/15 09:15:30 | 000,068,096 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 3\PlayerLoader32\HookLoader32.exe
[2009/12/15 09:15:06 | 000,399,872 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 3\PlayerLoader32\PlayerLoader32.dll
[2010/02/05 08:25:34 | 000,096,768 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 3\PlayerLoader64\HookLoader64.dll
[2009/12/15 09:15:32 | 000,074,752 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 3\PlayerLoader64\HookLoader64.exe
[2009/12/15 09:15:06 | 000,552,448 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 3\PlayerLoader64\PlayerLoader64.dll
[2011/06/30 20:47:42 | 000,034,664 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avnetworkloader.dll
[2011/06/30 20:47:42 | 000,343,400 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avnetworkloadergui.dll
[2011/06/30 20:47:42 | 000,214,184 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2007/06/27 18:03:00 | 000,177,448 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2010/10/07 03:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010/11/04 10:37:28 | 000,335,872 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2011/11/11 12:20:12 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011/03/30 21:15:23 | 000,004,057 | ---- | M] () -- \Program Files (x86)\Image-Line\Downloader\fldownloader.log
[2009/05/31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 02:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2009/09/25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2010/10/07 03:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/02/20 13:19:18 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010/04/29 14:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Facebook\ZPSFacebookUploader.exe
[2010/04/29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Facebook\ZPSPluginLoader.exe
[2010/04/29 14:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Flickr\ZPSFlickrUploader.exe
[2010/04/29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Flickr\ZPSPluginLoader.exe
[2010/10/26 11:20:22 | 000,192,512 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Picasa\ZPSPicasaUploader.exe
[2010/04/29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Picasa\ZPSPluginLoader.exe
[2010/11/02 13:47:12 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program32\8bfLoader.exe
[2010/11/02 13:47:24 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program32\WICLoader.exe
[2010/11/02 13:48:32 | 000,021,896 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program64\WICLoader.exe
[2010/11/27 00:30:23 | 000,001,008 | ---- | M] () -- \Users\Fester\AppData\Local\SRDownloader.nast
[2011/04/11 14:15:25 | 000,000,042 | ---- | M] () -- \Users\Fester\AppData\Roaming\Youtube Downloader HD\YouTubeDownloaderHD.ini
[2010/04/27 17:04:14 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/04/27 17:04:14 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/04/27 17:04:14 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/04/27 17:04:14 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/28 14:29:30 | 000,131,072 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-2701260577-2833626082-2814547817-1001\578E3553E00F1304DBCE57BFD1EF0B39\2.6.6\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/07/14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009/07/14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009/07/14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009/07/14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/06/06 08:51:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/06/06 08:51:57 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/06/06 08:51:57 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/06/06 08:51:57 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/06/06 08:51:57 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *RemoveWAT* /s >

< *minodlogin* /s >

< *tnod* /s >

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2009/08/17 21:35:44 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\System.Runtime.Serialization.Json.dll
[2009/04/14 08:47:30 | 000,000,464 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\System.Runtime.Serialization.Json.extmap.xml
[2009/06/11 03:20:48 | 000,006,699 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\System.Runtime.Serialization.Json.xml
[2009/08/17 21:35:44 | 000,321,392 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\System.Xml.Serialization.dll
[2009/04/14 08:56:20 | 000,000,437 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\System.Xml.Serialization.extmap.xml
[2009/06/11 03:20:48 | 000,149,896 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\System.Xml.Serialization.xml
[2009/08/17 21:35:44 | 000,022,408 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\de\System.Runtime.Serialization.Json.Resources.dll
[2009/08/17 21:35:44 | 000,046,976 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\de\System.Xml.Serialization.Resources.dll
[2009/08/17 21:35:44 | 000,022,408 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\es\System.Runtime.Serialization.Json.Resources.dll
[2009/08/17 21:35:44 | 000,046,968 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\es\System.Xml.Serialization.Resources.dll
[2009/08/17 21:35:44 | 000,022,936 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\fr\System.Runtime.Serialization.Json.Resources.dll
[2009/08/17 21:35:44 | 000,046,968 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\fr\System.Xml.Serialization.Resources.dll
[2009/08/17 21:35:44 | 000,022,424 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\it\System.Runtime.Serialization.Json.Resources.dll
[2009/08/17 21:35:44 | 000,046,968 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\it\System.Xml.Serialization.Resources.dll
[2009/08/17 21:35:44 | 000,034,712 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\ja\System.Runtime.Serialization.Json.Resources.dll
[2009/08/17 21:35:44 | 000,051,072 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\ja\System.Xml.Serialization.Resources.dll
[2009/08/17 21:35:44 | 000,022,408 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\ko\System.Runtime.Serialization.Json.Resources.dll
[2009/08/17 21:35:44 | 000,046,968 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\ko\System.Xml.Serialization.Resources.dll
[2009/08/17 21:35:44 | 000,030,616 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\zh-Hans\System.Runtime.Serialization.Json.Resources.dll
[2009/08/17 21:35:44 | 000,042,880 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\zh-Hans\System.Xml.Serialization.Resources.dll
[2009/08/17 21:35:44 | 000,030,616 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\zh-Hant\System.Runtime.Serialization.Json.Resources.dll
[2009/08/17 21:35:44 | 000,042,872 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\Libraries\Client\zh-Hant\System.Xml.Serialization.Resources.dll
[2011/08/30 16:58:34 | 000,413,696 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011/10/14 11:24:55 | 001,186,816 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2010/03/18 18:31:26 | 000,370,552 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.dll
[2010/03/18 18:31:26 | 000,042,904 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2010/03/18 18:31:26 | 000,429,432 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.dll
[2010/03/18 18:31:26 | 000,032,664 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.dll
[2010/03/18 18:31:26 | 000,429,432 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.dll
[2010/03/18 18:31:26 | 000,032,664 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009/08/17 20:34:48 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\Silverlight\v3.0\System.Runtime.Serialization.dll
[2009/06/11 03:20:48 | 000,165,919 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\Silverlight\v3.0\system.runtime.serialization.xml
[2009/08/17 21:09:06 | 000,063,384 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\Silverlight\v3.0\en-us\System.Runtime.Serialization.debug.resources.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/11/05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010/12/27 12:47:00 | 000,315,392 | ---- | M] () -- \Program Files (x86)\Sony\Vegas Pro 10.0\CoreUI.XmlSerializers.dll
[2010/12/27 12:46:58 | 000,454,656 | ---- | M] () -- \Program Files (x86)\Sony\Vegas Pro 10.0\Sony.MediaSoftware.TextGen.CoreGraphics.XmlSerializers.dll
[2010/04/14 17:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010/04/14 17:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010/04/14 17:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2011/06/20 09:57:10 | 000,007,081 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\Android\Acer2\gserial.cat
[2011/06/20 09:57:10 | 000,001,733 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\Android\Acer2\GSerial.inf
[2011/06/20 09:57:10 | 000,007,721 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\Android\Acer2\g_serial.cat
[2011/06/20 09:57:10 | 000,001,968 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\Android\Acer2\g_serial.inf
[2011/03/28 16:03:20 | 000,009,127 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\RIM\amd64\rimserial.cat
[2011/03/28 16:03:20 | 000,001,594 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\RIM\amd64\RimSerial.inf
[2011/03/28 16:03:20 | 000,027,136 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\RIM\amd64\RimSerial.sys
[2011/03/28 16:03:20 | 000,031,744 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\RIM\amd64\RimSerial_AMD64.sys
[2011/03/30 10:50:48 | 000,009,127 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\RIM\i386\rimserial.cat
[2011/03/30 10:50:48 | 000,001,594 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\RIM\i386\RimSerial.inf
[2011/03/30 10:50:50 | 000,027,136 | ---- | M] () -- \Program Files\Compiled Driver Disc (Full)\RIM\i386\RimSerial.sys
[2010/11/05 02:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/11/05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012/01/12 22:02:58 | 000,000,594 | ---- | M] () -- \Users\Fester\AppData\Roaming\Microsoft\Windows\Recent\serial.lnk
[2012/01/12 22:01:47 | 000,000,796 | ---- | M] () -- \Users\Fester\AppData\Roaming\Microsoft\Windows\Recent\Serials.lnk
[2010/10/11 15:14:15 | 000,055,136 | ---- | M] () -- \Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Management.DacSerialization\10.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.Management.DacSerialization.dll
[2009/07/14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/10/14 15:27:59 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 16:41:48 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
[2011/10/16 16:24:33 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\1377c29b871c7eb768769b5f4bdbb15d\System.Runtime.Serialization.ni.dll
[2011/10/14 15:23:58 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/12/29 10:06:55 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\461a2bcb31bea2f236245c08ec291178\System.Runtime.Serialization.ni.dll
[2011/12/29 10:05:59 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5fc996580eec2dccaa2a1aebe827154e\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/12/29 10:15:49 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\f850af32cf4786ba4b6c00dac9156566\System.Xml.Serialization.ni.dll
[2011/12/29 10:28:54 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\06e388c829239feed16fda7eb89c51c4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/12/29 10:27:11 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\df367a5a9c437c213f7cb9924517f4e9\System.Runtime.Serialization.ni.dll
[2011/12/29 10:33:43 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\57216ad7373e6d7baa598d1d66a08c23\System.Xml.Serialization.ni.dll
[2011/04/06 15:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Xml.Serialization.dll.amd64
[2011/04/06 15:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Xml.Serialization.dll.x86
[2011/12/27 20:06:58 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/01/14 00:29:06 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011/12/27 20:06:58 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012/01/14 00:29:05 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/01/14 00:29:09 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010/06/15 01:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/06/15 01:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010/06/15 01:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/06/15 01:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2011/06/20 09:57:10 | 000,007,721 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\g_serial.inf_amd64_neutral_bcad0f77deb13f75\g_serial.cat
[2011/06/20 09:57:10 | 000,001,968 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\g_serial.inf_amd64_neutral_bcad0f77deb13f75\g_serial.inf
[2011/11/27 23:16:30 | 000,007,268 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\g_serial.inf_amd64_neutral_bcad0f77deb13f75\g_serial.PNF
[2011/06/20 09:57:10 | 000,007,081 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\gserial.inf_amd64_neutral_82d5d1544e3f7b03\GSerial.cat
[2011/06/20 09:57:10 | 000,001,733 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\gserial.inf_amd64_neutral_82d5d1544e3f7b03\GSerial.inf
[2011/11/27 23:16:29 | 000,007,176 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\gserial.inf_amd64_neutral_82d5d1544e3f7b03\gserial.PNF
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2011/03/28 16:03:20 | 000,009,127 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\rimserial.inf_amd64_neutral_095f8f326d5d196a\RimSerial.cat
[2011/03/28 16:03:20 | 000,001,594 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\rimserial.inf_amd64_neutral_095f8f326d5d196a\RimSerial.inf
[2011/11/27 23:16:37 | 000,007,584 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\rimserial.inf_amd64_neutral_095f8f326d5d196a\rimserial.PNF
[2011/03/28 16:03:20 | 000,031,744 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\rimserial.inf_amd64_neutral_095f8f326d5d196a\RimSerial_AMD64.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009/07/14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009/07/14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/07/14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009/07/14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010/11/05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009/07/14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009/06/10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010/11/05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009/06/10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010/11/05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2011/06/06 08:51:33 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/06/06 08:51:33 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009/07/14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009/07/14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011/02/05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009/07/14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010/11/20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009/07/14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010/11/20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009/07/14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009/07/14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009/07/14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/07/14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010/11/05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"avgnt" = "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min -- [2010/11/05 16:21:09 | 000,281,768 | ---- | M] (Avira GmbH)
"AllShareAgent" = C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
"Malwarebytes' Anti-Malware" = "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray -- [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation)
"Adobe ARM" = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2012/01/03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated)

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"iTracker" = C:\Program Files (x86)\ASUS\iTracker\iTracker.exe /start -- [2009/04/27 17:24:08 | 001,707,520 | ---- | M] (ASUSTek)
"Infium" = "G:\QIP\QIP Infium PafoPack 9040\infium.exe" /isolated /nosrv /oldsearch/acc profil /pass profil /autorun -- [2010/08/31 18:12:22 | 005,896,656 | -H-- | M] ()
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" -- [2011/03/29 06:50:35 | 000,399,736 | ---- | M] (BitTorrent, Inc.)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
"avgnt" = "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min -- [2010/11/05 16:21:09 | 000,281,768 | ---- | M] (Avira GmbH)
"AllShareAgent" = C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
"Malwarebytes' Anti-Malware" = "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray -- [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation)
"Adobe ARM" = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2012/01/03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated)

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/01/17 15:48:04 | 000,000,512 | ---- | M] () MD5=9B9250076F2717A7DE722BF2BD35F0B8 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 175 bytes -> C:\ProgramData\TEMP:319E7F0B

< End of report >

Máš strašně málo místa na C:\ !! Něco odinstaluj, promaž to, vyčisti. Systém se dusí a značně zpomaluje! Na systémovém disku bys měl mít minimálně tak 10 GB volného místa. Pak se Ti nestáhnou ani aktualizace, jak tak koukám do logu.

Psal jsem Ti, ať odinstaluješ MBAM a pořád jej tam vidím. Myslíš, že ty návody píšu pro srandu králíkům nebo?


Znovu spusť OTL.

• Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
• Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

• Klikni na tlačítko [Opravit].
• Po dokončení skenu se objeví log, ten mi sem vlož.
• Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

MBAM odinstalovany uz, z disku C som pomazal zbytocne data a aj odinstaloval co uz nepouzivam, miesta mam momentalne len 4.72GB z 41.8GB

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Fester
->Temp folder emptied: 27009697 bytes
->Temporary Internet Files folder emptied: 329265 bytes
->Java cache emptied: 5164 bytes
->FireFox cache emptied: 323313291 bytes
->Flash cache emptied: 7400 bytes

User: Guest
->Temp folder emptied: 0 bytes

User: HomeGroupUser$
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 247064 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 335,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Fester
->Flash cache emptied: 0 bytes

User: Guest

User: HomeGroupUser$

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service NBService stopped successfully!
Service NBService deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Error: No service named TuneUp.UtilitiesSvc was found to stop!
Service\Driver key TuneUp.UtilitiesSvc not found.
========== OTL ==========
HKU\S-1-5-21-2701260577-2833626082-2814547817-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-2701260577-2833626082-2814547817-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Winamp Search" removed from browser.search.defaultenginename
Prefs.js: "http://slirsredirect.search.aol.com/sli ... ie7&query=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Winamp Search" removed from browser.search.selectedEngine
Prefs.js: battlefieldheroespatcher@ea.com:5.0.31.0 removed from extensions.enabledItems
Prefs.js: pastebin.com@gmail.com:2.1 removed from extensions.enabledItems
Prefs.js: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1 removed from extensions.enabledItems
Prefs.js: "http://slirsredirect.search.aol.com/sli ... pab&query=" removed from keyword.URL
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from sweetim.toolbar.previous.keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Users\Fester\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Users\Fester\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\battlefieldheroespatcher@ea.com\platform folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\battlefieldheroespatcher@ea.com\META-INF folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\battlefieldheroespatcher@ea.com folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com\skin folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com\locale\en-US folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com\locale folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com\defaults\preferences folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com\defaults folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com\chrome\content folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com\chrome folder moved successfully.
C:\Users\Fester\AppData\Roaming\Mozilla\Firefox\Profiles\5phhygcy.default\extensions\pastebin.com@gmail.com folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\vmndtxtb3.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AllShareAgent deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP67CA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8849.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF821.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP374D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7ECE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP94A3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9D20.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD1AB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD27D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFDD9.tmp folder deleted successfully.
C:\Windows\Installer\MSI3041.tmp deleted successfully.
C:\Windows\Installer\MSI375B.tmp deleted successfully.
C:\Windows\Installer\MSI3837.tmp deleted successfully.
C:\Windows\Installer\MSI3951.tmp deleted successfully.
C:\Windows\Installer\MSI39A0.tmp deleted successfully.
C:\Windows\Installer\MSI3A1E.tmp deleted successfully.
C:\Windows\Installer\MSI3A4E.tmp deleted successfully.
C:\Windows\Installer\MSI3A9D.tmp deleted successfully.
C:\Windows\Installer\MSI3AEC.tmp deleted successfully.
C:\Windows\Installer\MSI3B1C.tmp deleted successfully.
C:\Windows\Installer\MSI3B4C.tmp deleted successfully.
C:\Windows\Installer\MSI3B8C.tmp deleted successfully.
C:\Windows\Installer\MSI3BBC.tmp deleted successfully.
C:\Windows\Installer\MSI3BEB.tmp deleted successfully.
C:\Windows\Installer\MSI3C1B.tmp deleted successfully.
C:\Windows\Installer\MSI3C8A.tmp deleted successfully.
C:\Windows\Installer\MSI3D37.tmp deleted successfully.
C:\Windows\Installer\MSI3D95.tmp deleted successfully.
C:\Windows\Installer\MSI3DC5.tmp deleted successfully.
C:\Windows\Installer\MSI3E24.tmp deleted successfully.
C:\Windows\Installer\MSI3F00.tmp deleted successfully.
C:\Windows\Installer\MSI3F20.tmp deleted successfully.
C:\Windows\Installer\MSI3FCD.tmp deleted successfully.
C:\Windows\Installer\MSI402C.tmp deleted successfully.
C:\Windows\Installer\MSI40C9.tmp deleted successfully.
C:\Windows\Installer\MSI40F9.tmp deleted successfully.
C:\Windows\Installer\MSI4148.tmp deleted successfully.
C:\Windows\Installer\MSI4168.tmp deleted successfully.
C:\Windows\Installer\MSI4198.tmp deleted successfully.
C:\Windows\Installer\MSI41C8.tmp deleted successfully.
C:\Windows\Installer\MSI465D.tmp deleted successfully.
C:\Windows\Installer\MSI46CB.tmp deleted successfully.
C:\Windows\Installer\MSI471A.tmp deleted successfully.
C:\Windows\Installer\MSI4769.tmp deleted successfully.
C:\Windows\Installer\MSI47D8.tmp deleted successfully.
C:\Windows\Installer\MSI4885.tmp deleted successfully.
C:\Windows\Installer\MSI4903.tmp deleted successfully.
C:\Windows\Installer\MSI49A0.tmp deleted successfully.
C:\Windows\Installer\MSI49FF.tmp deleted successfully.
C:\Windows\Installer\MSI4A6D.tmp deleted successfully.
C:\Windows\Installer\MSI4ABC.tmp deleted successfully.
C:\Windows\Installer\MSI4B2A.tmp deleted successfully.
C:\Windows\Installer\MSI4B7A.tmp deleted successfully.
C:\Windows\Installer\MSI4C17.tmp deleted successfully.
C:\Windows\Installer\MSI4C85.tmp deleted successfully.
C:\Windows\Installer\MSI4D61.tmp deleted successfully.
C:\Windows\Installer\MSI4DA0.tmp deleted successfully.
C:\Windows\Installer\MSI4DE0.tmp deleted successfully.
C:\Windows\Installer\MSI4E4E.tmp deleted successfully.
C:\Windows\Installer\MSI54D7.tmp deleted successfully.
C:\Windows\Installer\MSI553D.tmp deleted successfully.
C:\Windows\Installer\MSI56CC.tmp deleted successfully.
C:\Windows\Installer\MSI57B8.tmp deleted successfully.
C:\Windows\Installer\MSI5874.tmp deleted successfully.
C:\Windows\Installer\MSI58B4.tmp deleted successfully.
C:\Windows\Installer\MSI58F3.tmp deleted successfully.
C:\Windows\Installer\MSI5952.tmp deleted successfully.
C:\Windows\Installer\MSI59D0.tmp deleted successfully.
C:\Windows\Installer\MSI5A2F.tmp deleted successfully.
C:\Windows\Installer\MSI5A6E.tmp deleted successfully.
C:\Windows\Installer\MSI5ADC.tmp deleted successfully.
C:\Windows\Installer\MSI5B4B.tmp deleted successfully.
C:\Windows\Installer\MSI5B8A.tmp deleted successfully.
C:\Windows\Installer\MSI5BCA.tmp deleted successfully.
C:\Windows\Installer\MSI5C19.tmp deleted successfully.
C:\Windows\Installer\MSI5D33.tmp deleted successfully.
C:\Windows\Installer\MSI5EBB.tmp deleted successfully.
C:\Windows\Installer\MSI5F39.tmp deleted successfully.
C:\Windows\Installer\MSI5FF5.tmp deleted successfully.
C:\Windows\Installer\MSI6035.tmp deleted successfully.
C:\Windows\Installer\MSI6065.tmp deleted successfully.
C:\Windows\Installer\MSI60A4.tmp deleted successfully.
C:\Windows\Installer\MSI60E4.tmp deleted successfully.
C:\Windows\Installer\MSI6133.tmp deleted successfully.
C:\Windows\Installer\MSI6172.tmp deleted successfully.
C:\Windows\Installer\MSI61B2.tmp deleted successfully.
C:\Windows\Installer\MSI61E2.tmp deleted successfully.
C:\Windows\Installer\MSI6221.tmp deleted successfully.
C:\Windows\Installer\MSI6261.tmp deleted successfully.
C:\Windows\Installer\MSI6291.tmp deleted successfully.
C:\Windows\Installer\MSI62C0.tmp deleted successfully.
C:\Windows\Installer\MSI62F0.tmp deleted successfully.
C:\Windows\Installer\MSI6330.tmp deleted successfully.
C:\Windows\Installer\MSI6350.tmp deleted successfully.
C:\Windows\Installer\MSI6380.tmp deleted successfully.
C:\Windows\Installer\MSI63A0.tmp deleted successfully.
C:\Windows\Installer\MSI63E0.tmp deleted successfully.
C:\Windows\Installer\MSI6400.tmp deleted successfully.
C:\Windows\Installer\MSI6430.tmp deleted successfully.
C:\Windows\Installer\MSI6460.tmp deleted successfully.
C:\Windows\Installer\MSI649F.tmp deleted successfully.
C:\Windows\Installer\MSI64CF.tmp deleted successfully.
C:\Windows\Installer\MSI64EF.tmp deleted successfully.
C:\Windows\Installer\MSI651F.tmp deleted successfully.
C:\Windows\Installer\MSI654F.tmp deleted successfully.
C:\Windows\Installer\MSI656F.tmp deleted successfully.
C:\Windows\Installer\MSI659F.tmp deleted successfully.
C:\Windows\Installer\MSI65DF.tmp deleted successfully.
C:\Windows\Installer\MSI662E.tmp deleted successfully.
C:\Windows\Installer\MSI665E.tmp deleted successfully.
C:\Windows\Installer\MSI669D.tmp deleted successfully.
C:\Windows\Installer\MSI66CD.tmp deleted successfully.
C:\Windows\Installer\MSI66FD.tmp deleted successfully.
C:\Windows\Installer\MSI674C.tmp deleted successfully.
C:\Windows\Installer\MSI678C.tmp deleted successfully.
C:\Windows\Installer\MSI67BB.tmp deleted successfully.
C:\Windows\Installer\MSI67DC.tmp deleted successfully.
C:\Windows\Installer\MSI67FC.tmp deleted successfully.
C:\Windows\Installer\MSI682C.tmp deleted successfully.
C:\Windows\Installer\MSI729F.tmp deleted successfully.
C:\Windows\Installer\MSIA525.tmp deleted successfully.
C:\Windows\Installer\MSIA637.tmp deleted successfully.
C:\Windows\Installer\MSID6C0.tmp deleted successfully.
C:\Windows\Installer\MSIF5DA.tmp deleted successfully.
ADS C:\ProgramData\TEMP:319E7F0B deleted successfully.
========== FILES ==========
C:\Program Files (x86)\TuneUp Utilities 2011 folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler\LogonScreens\Cache folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler\LogonScreens folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler\LogoAnimations\Cache folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler\LogoAnimations folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler\IconPacks\Cache folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler\IconPacks folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler\BootScreens\Cache folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler\BootScreens folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011\WinStyler folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities 2011 folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Cache folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Cache folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\BootScreens\Cache folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\BootScreens folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\TuneUp Registry Editor folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\StartUp Manager\Disabled objects folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\StartUp Manager folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\Speed Optimizer folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\Program Statistics folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\Disk Space Explorer folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\Dashboard folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities\Backups folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TuneUp Utilities folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2012\Dashboard folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2012 folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2011\TuningIndex folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2011\StartUp Manager folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2011\Speed Optimizer folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2011\Disk Space Explorer folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2011\Dashboard folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2011\Backups folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software\TU2011 folder moved successfully.
C:\Users\Fester\AppData\Roaming\TuneUp Software folder moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2701260577-2833626082-2814547817-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2701260577-2833626082-2814547817-1001UA.job moved successfully.
C:\Users\Fester\AppData\Roaming\Microsoft\Windows\Recent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.lnk deleted successfully.
C:\Users\Fester\AppData\Roaming\uTorrent\Cracks.2009.720p.BluRay.x264.CZ.EN-ViDeoM.1.torrent deleted successfully.
C:\Users\Fester\AppData\Roaming\uTorrent\Cracks.2009.720p.BluRay.x264.CZ.EN-ViDeoM.torrent deleted successfully.
C:\Users\Fester\AppData\Roaming\uTorrent\DVDFab.v8.0.2.2.WinAll.Cracked-PDTTAH.torrent deleted successfully.
C:\Users\Fester\AppData\Roaming\uTorrent\Need.for.Speed.Hot.Pursuit.CRACKONLY-RELOADED.torrent deleted successfully.
C:\Users\Fester\AppData\Roaming\uTorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.torrent deleted successfully.
C:\Users\Fester\Documents\Prijaté súbory\Crack_by_dudiss.rar deleted successfully.
File\Folder C:\Users\Fester\AppData\Roaming\Microsoft\Windows\Recent\DVB Dream 1.5g Multilingual incl Keygen.lnk not found.
C:\Users\Fester\AppData\Roaming\uTorrent\CoreCodec.CoreAVC.Professional.Edition.v2.0.0.0.Incl.Keygen-HERiTAGE.torrent deleted successfully.
C:\Users\Fester\AppData\Roaming\uTorrent\DVB Dream 1.5g + Keygen.rar.torrent deleted successfully.
C:\Users\Fester\AppData\Roaming\uTorrent\Lavalys.EVEREST.Ultimate.Edition.v4.60.1500.Multilingual.Incl.Keygen-BRD.torrent deleted successfully.
C:\Users\Fester\AppData\Roaming\uTorrent\TuneUp.Utilities.2012.v12.0.2120.7.Incl.Keygen-Lz0.torrent deleted successfully.
File\Folder C:\Users\Fester\Downloads\DVB Dream 1.5g Multilingual incl Keygen.rar not found.
File\Folder C:\Users\Fester\Downloads\DVB Dream 1.5g Multilingual incl Keygen not found.
G:\usb\removeWAT2.2.6\Extras folder deleted successfully.
G:\usb\removeWAT2.2.6\Important!! Read Me.txt deleted successfully.
G:\usb\removeWAT2.2.6\RemoveWAT.exe deleted successfully.
G:\usb\removeWAT2.2.6 folder deleted successfully.
G:\[app]\app\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Keygen\CORE.NFO deleted successfully.
G:\[app]\app\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Keygen\CORE10k.EXE deleted successfully.
G:\[app]\app\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Keygen\FILE_ID.DIZ deleted successfully.
G:\[app]\app\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Keygen\keygen.exe deleted successfully.
G:\[app]\app\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Keygen folder deleted successfully.
G:\[app]\app\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\noisewareproplugin4205.exe deleted successfully.
G:\[app]\app\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE folder deleted successfully.
G:\[app]\app\Imagenomic.Noiseware.Professional.PlugIn.v4.2.Incl.Keymaker-CORE folder deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ\keygen\keygen.exe deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ\keygen\zwt.nfo deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ\keygen folder deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ\cz\Readme.txt deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ\cz\TuneUp_Utilities_2011_v10_0_3000CZ-WinXP.exe deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ\cz\TuneUp_Utilities_2011_v10_0_3000CZ.exe deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ\cz folder deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ\TuneUpUtilities2011_en-US.exe deleted successfully.
G:\[app]\TuneUp Utilities 2011 v10_0_3000_101CZ folder deleted successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\System32\catroot\TMP1F44.tmp moved successfully.
C:\Windows\System32\catroot\TMP1FE4.tmp moved successfully.
C:\Windows\System32\catroot\TMP21E7.tmp moved successfully.
C:\Windows\System32\catroot\TMP2EC2.tmp moved successfully.
C:\Windows\System32\catroot\TMP4B69.tmp moved successfully.
C:\Windows\System32\catroot\TMP51B2.tmp moved successfully.
C:\Windows\System32\catroot\TMP54D2.tmp moved successfully.
C:\Windows\System32\catroot\TMP59AA.tmp moved successfully.
C:\Windows\System32\catroot\TMP5EA1.tmp moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.

OTL by OldTimer - Version 3.2.31.0 log created on 01182012_104920

Files\Folders moved on Reboot...
C:\Users\Fester\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...

To už je lepší, s tím místem, ale ještě by to chtělo přitlačit. Buď něco smazat, odinstalovat nebo přesunout (přeinstalovat) na jinou část disku, či jiný disk. Abys měl na C:\ opravdu kolem těch 10 GB volného místa, jinak Ti to bude běhat pomalu.

Jinak OTL provedlo, co mělo.

Jak je na tom počítač, můžeme dočistit?

na disku C nemam praveze ziadne data ako myslim foto a podobne, a vacsina instalacii je davana na druhy disk. Nemozu mi to zaberat ostatne casti systemu ? alebo zeby bolo fakt malo pre windows 42 GB ?

Pc sa zatial chova OK. Mozeme pokracovat v docistovani.

Mno, máš Win7 Pro 64bity a ty mají jen při základní instalaci požadavek 20 GB. A časem se to určitě nabalí. Ono, i když instaluješ jinam, tak se vždy něco instaluje i na C:\.
Taky záleží, jak máš Windows nastavené, co všechno v nich nainstalované a tak podobně.


Takže dočistíme...

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stáhni a spusť.
• Pro potvrzení volby mačkej A, Enter.
• Po použití utilitu smaž.
• Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir).

Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.