kontrola logu

Zpráva

JanSpasitel · #1 Příspěvek od **JanSpasitel** » 09 led 2014 22:16

Caute chcem sa nieco opytat pri zapnuti PC mi malwarebytes ulozi do karanteny nieco taketo Riskware.BitcoinMiner a ze je to polozka windows cpu.exe , nikdy predtym to nerobilo a zda sa mi spomaleny pc , malwarebytes nic nenasiel , tak som skusil spravit log aby ste sa na to mrkli dik

Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2014-01-09 22:29:13
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 7 GB (17%) free of 40 GB
Total RAM: 6142 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:29:14, on 9. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
D:\WebcamMax\wcmmon.exe
C:\Program Files (x86)\ASUS\AI Gear\GearHelp.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\core.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files (x86)\ASUS\AI Gear\GearHelp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "D:\WebcamMax\wcmmon.exe" -a
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Users\Martin\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10110 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"
"C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe" -Embedding
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
taskeng.exe {B13711EE-E813-4DD0-8DD7-BBA733EDB92D}
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
C:\Users\Martin\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"D:\WebcamMax\wcmmon.exe" -a
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\ASUS\AI Gear\GearHelp.exe"
"C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
WLIDSvcM.exe 2664
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe"
"C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
c:\windows\core.exe
"C:\windows\ati.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4236.18348f00.452960936 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4236 "\\.\pipe\gecko-crash-server-pipe.4236" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash3816.6EAAB990.9730 --host-broker-channel=Flash3816.6EAAB990.28971 --host-pid=3816 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=600.0045F7D0.177048112 --proxy-stub-channel=Flash3816.6EAAB990.9730 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Martin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CF0F43AB-9C23-4D7B-8040-201B82844854}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-01 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"WebcamMaxAutoRun"=D:\WebcamMax\wcmmon.exe [2011-07-17 1038848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cracked Steam Service]
f:\cracked steam\Cracked Steam.exe /SERVICE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-01 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
D:\Kies\Kies.exe [2013-12-11 1564528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
D:\Kies\KiesTrayAgent.exe [2013-12-11 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-10-13 19549320]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Ai Gear Help"=C:\Program Files (x86)\ASUS\AI Gear\GearHelp.exe [2009-08-25 440832]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-10-08 766208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-01-09 22:29:13 ----D---- C:\rsit
2014-01-09 22:29:13 ----D---- C:\Program Files\trend micro
2014-01-09 22:04:54 ----D---- C:\AdwCleaner
2014-01-09 21:37:21 ----D---- C:\Program Files (x86)\HijackThis
2014-01-03 19:58:58 ----D---- C:\Users\Martin\AppData\Roaming\Unity
2014-01-03 15:08:02 ----A---- C:\Windows\core.exe
2014-01-03 15:05:54 ----A---- C:\Windows\cpu1.exe
2014-01-03 09:31:56 ----A---- C:\Windows\start.exe
2013-12-27 21:37:00 ----A---- C:\Users\Martin\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-27 21:37:00 ----A---- C:\Users\Martin\AppData\Roaming\trace_FilterInstaller.txt
2013-12-27 21:37:00 ----A---- C:\Users\Martin\AppData\Roaming\trace_FilterInstaller.1.txt
2013-12-27 21:36:06 ----D---- C:\Program Files (x86)\ AV Vcs 7.0
2013-12-11 12:00:28 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2014-01-09 22:29:13 ----RD---- C:\Program Files
2014-01-09 22:28:52 ----D---- C:\Windows\Temp
2014-01-09 22:11:45 ----D---- C:\Windows\SoftwareDistribution
2014-01-09 22:10:58 ----D---- C:\Windows
2014-01-09 22:09:24 ----D---- C:\Windows\system32\Tasks
2014-01-09 22:06:44 ----RD---- C:\Program Files (x86)
2014-01-09 22:06:44 ----HD---- C:\ProgramData
2014-01-09 21:13:59 ----SHD---- C:\System Volume Information
2014-01-09 01:13:47 ----D---- C:\Users\Martin\AppData\Roaming\uTorrent
2014-01-09 01:13:47 ----D---- C:\Users\Martin\AppData\Roaming\Media Player Classic
2014-01-09 01:13:44 ----D---- C:\Windows\inf
2014-01-09 00:50:55 ----D---- C:\Windows\Microsoft.NET
2014-01-08 20:54:16 ----D---- C:\Windows\SysWOW64
2014-01-08 01:17:11 ----D---- C:\Windows\Prefetch
2014-01-06 18:22:22 ----D---- C:\Windows\System32
2014-01-06 18:22:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-04 18:50:52 ----D---- C:\Windows\system32\config
2013-12-31 16:41:13 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2013-12-29 23:48:11 ----D---- C:\Windows\system32\catroot2
2013-12-27 21:45:44 ----D---- C:\Windows\system32\drivers
2013-12-27 00:58:04 ----D---- C:\Program Files\CCleaner
2013-12-18 11:50:46 ----SHD---- C:\Windows\Installer
2013-12-18 11:50:37 ----D---- C:\Program Files (x86)\Google
2013-12-14 01:47:29 ----D---- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2013-12-14 01:47:27 ----D---- C:\Windows\Logs
2013-12-13 19:04:20 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-12-13 18:51:31 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-12-13 18:50:10 ----RSD---- C:\Windows\assembly
2013-12-13 18:42:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-11 17:28:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-11 00:09:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2011-11-01 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2011-11-01 13368]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-14 283064]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-10-08 12534784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-10-08 619008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2011-11-01 15416]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2009-04-30 588952]
S2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
S2 ASInsHelp;ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-21 103576]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-07-01 121416]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-21 204568]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WINUSB;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2010-08-19 74960]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-10-08 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-08 344064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-13 76888]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2367360]
R2 TeamViewer7;TeamViewer 7; C:\Users\Martin\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-11 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-10 559016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 09 led 2014 22:26

Zdravim

Kdyz se podivate nahoru, tak je tam takovej veeeeelkej oranzovej obdelnik - mrknete se jaky log chceme, HJT se pouzival nekdy pred 5 lety...

JanSpasitel · #3 Příspěvek od **JanSpasitel** » 09 led 2014 22:31

pardon

uz je to zmenene zle som skopiroval

#4 Příspěvek od **vyosek** » 09 led 2014 22:37

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna.

JanSpasitel · #5 Příspěvek od **JanSpasitel** » 09 led 2014 22:41

neviem o tom ze by bol nelegalny

mam ho uz par rokov

#6 Příspěvek od **vyosek** » 09 led 2014 22:41

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

JanSpasitel · #7 Příspěvek od **JanSpasitel** » 09 led 2014 22:43

mam dat vsetky disky alebo len systemove Ccko?

#8 Příspěvek od **vyosek** » 09 led 2014 22:44

Poprosim o vsechny, at se podivame, jestli se nam to nekde nezasiva...

JanSpasitel · #9 Příspěvek od **JanSpasitel** » 10 led 2014 00:40

tu je log co mi vyhodilo na konci

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2014.01.09.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Martin :: MARTIN-PC [administrátor]

Ochrana: Zapnuté

9. 1. 2014 22:45:17
mbam-log-2014-01-09 (22-45-17).txt

Typ kontroly: Úplná kontrola (C:\|D:\|F:\|X:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 715662
Uplynutý čas: 1 hod, 50 min, 24 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

#10 Příspěvek od **vyosek** » 10 led 2014 06:41

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

JanSpasitel · #11 Příspěvek od **JanSpasitel** » 10 led 2014 11:28

tu je ten OTL

OTL logfile created on: 10. 1. 2014 11:12:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

6,00 Gb Total Physical Memory | 4,21 Gb Available Physical Memory | 70,14% Memory free
12,00 Gb Paging File | 9,57 Gb Available in Paging File | 79,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,96 Gb Total Space | 6,37 Gb Free Space | 16,34% Space Free | Partition Type: NTFS
Drive D: | 35,47 Gb Total Space | 21,24 Gb Free Space | 59,90% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 21,59 Gb Free Space | 14,49% Space Free | Partition Type: NTFS
Drive X: | 931,51 Gb Total Space | 931,39 Gb Free Space | 99,99% Space Free | Partition Type: NTFS

Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014/01/10 11:10:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
PRC - [2014/01/03 15:08:02 | 001,050,112 | ---- | M] () -- c:\Windows\core.exe
PRC - [2013/12/13 18:51:31 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/12/11 12:00:48 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/12/11 00:09:16 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/24 12:01:41 | 002,735,528 | ---- | M] (TeamViewer GmbH) -- C:\Users\Martin\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/08/30 18:04:44 | 007,462,272 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
PRC - [2011/08/30 18:04:44 | 002,367,360 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/07/17 05:56:48 | 001,038,848 | ---- | M] () -- D:\WebcamMax\wcmmon.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/08/25 21:04:34 | 000,440,832 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Gear\GearHelp.exe

========== Modules (No Company Name) ==========

MOD - [2014/01/03 15:08:02 | 001,050,112 | ---- | M] () -- c:\Windows\core.exe
MOD - [2013/12/11 12:00:35 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/12/11 00:09:14 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2011/07/17 05:56:48 | 001,038,848 | ---- | M] () -- D:\WebcamMax\wcmmon.exe
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe

========== Services (SafeList) ==========

SRV:64bit: - [2013/10/08 13:52:58 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/10/08 09:34:38 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/10/07 00:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/12/13 18:51:31 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/12/11 12:00:48 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/11 00:09:16 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/10 02:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/24 12:01:41 | 002,735,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Users\Martin\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/08/30 18:04:44 | 002,367,360 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/11 08:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/05/31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/14 11:16:32 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/10/08 14:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/10/08 13:27:46 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/08/21 05:31:40 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/08/21 05:31:40 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/07/05 09:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/11/20 13:55:42 | 000,057,512 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/11/20 13:55:42 | 000,057,512 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/07/01 12:12:46 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012/04/15 22:32:14 | 001,071,032 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:64bit: - [2011/11/01 11:02:39 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 05:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/08/19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/01/28 15:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/10/07 00:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 00:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/30 23:56:32 | 000,588,952 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV561V64.sys -- (PID_0928)
DRV:64bit: - [2008/08/28 10:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.sk/?ocid=iehp
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 B0 96 37 DB EE CE 01 [binary data]
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.zoznam.sk"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: D:\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Martin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Martin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/10/18 06:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2013/12/05 16:25:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\f4xpu444.default\extensions
[2013/12/05 16:25:57 | 000,479,561 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\f4xpu444.default\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi
[2013/12/11 12:00:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/11 12:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/12/11 12:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/12/11 12:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/12/11 12:00:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/11 12:00:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Google Update (Enabled) = C:\Users\Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

O1 HOSTS File: ([2012/01/03 17:52:33 | 000,000,952 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 mp02.maniaplanet.com
O1 - Hosts: 127.0.0.1 mp01.maniaplanet.com
O1 - Hosts: 127.0.0.1 mp03.maniaplanet.com
O1 - Hosts: 127.0.0.1 game.maniaplanet.com
O2:64bit: - BHO: (no name) - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CF0F43AB-9C23-4D7B-8040-201B82844854} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Ai Gear Help] C:\Program Files (x86)\ASUS\AI Gear\GearHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001..\Run: [WebcamMaxAutoRun] D:\WebcamMax\wcmmon.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.151.222.34 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5BDA890-1A2A-4BD2-82B9-907EC565BC59}: DhcpNameServer = 213.151.222.34 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{155cc47e-f4f8-11e2-9c90-0018f3ca82b5}\Shell - "" = AutoRun
O33 - MountPoints2\{155cc47e-f4f8-11e2-9c90-0018f3ca82b5}\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.I420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.RTV1 - rtvcvfw32.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014/01/10 11:10:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2014/01/09 22:29:13 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/09 22:29:13 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/09 22:04:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/03 19:58:58 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Unity
[2014/01/03 19:58:35 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Unity
[14 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014/01/10 11:14:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/10 11:12:30 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 11:12:30 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 11:10:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2014/01/10 11:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/10 11:05:10 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2014/01/10 11:05:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/10 11:04:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/10 11:04:40 | 535,683,071 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/10 02:16:33 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001UA.job
[2014/01/10 01:48:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/09 20:54:26 | 000,650,660 | ---- | M] () -- C:\Windows\litecoin-reaperv13.Barts-256-6144-2.bin
[2014/01/09 12:16:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001Core.job
[2014/01/08 20:45:27 | 000,000,579 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2014/01/08 01:17:21 | 000,002,386 | ---- | M] () -- C:\Users\Martin\Desktop\Google Chrome.lnk
[2014/01/06 18:22:22 | 000,788,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/06 18:22:22 | 000,658,206 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/06 18:22:22 | 000,123,448 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/03 17:39:53 | 000,104,205 | ---- | M] () -- C:\Windows\cpu.exe
[2014/01/03 15:08:02 | 001,050,112 | ---- | M] () -- C:\Windows\core.exe
[2014/01/03 15:05:54 | 000,190,284 | ---- | M] () -- C:\Windows\cpu1.exe
[14 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/10 11:14:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/10 11:05:35 | 000,104,205 | ---- | C] () -- C:\Windows\cpu.exe
[2014/01/09 20:54:26 | 000,650,660 | ---- | C] () -- C:\Windows\litecoin-reaperv13.Barts-256-6144-2.bin
[2014/01/03 15:08:02 | 001,050,112 | ---- | C] () -- C:\Windows\core.exe
[2014/01/03 15:05:54 | 000,190,284 | ---- | C] () -- C:\Windows\cpu1.exe
[2014/01/03 09:31:56 | 000,368,161 | ---- | C] () -- C:\Windows\start.exe
[2013/11/30 07:43:14 | 000,478,208 | ---- | C] () -- C:\Windows\ati.exe
[2013/11/30 07:43:07 | 000,082,432 | ---- | C] () -- C:\Windows\pthread.dll
[2013/11/21 22:45:59 | 004,422,144 | ---- | C] () -- C:\Windows\cuda.exe
[2013/10/08 09:45:08 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/08/21 18:06:29 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2013/06/14 18:56:26 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/06/12 12:15:00 | 000,245,795 | ---- | C] () -- C:\Windows\libcurl-4.dll
[2013/06/12 12:15:00 | 000,100,864 | ---- | C] () -- C:\Windows\zlib1.dll
[2013/03/29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/02/10 13:33:59 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/02/10 13:33:50 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/02/05 16:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013/02/05 16:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013/02/05 16:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013/02/05 16:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/10/06 20:07:18 | 000,000,042 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\TheHunterSettings_local.cfg
[2012/08/07 21:11:20 | 000,000,109 | ---- | C] () -- C:\Windows\disney.ini
[2012/06/21 09:37:14 | 003,233,712 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/05/09 19:09:28 | 000,000,227 | ---- | C] () -- C:\Windows\PowerReg.dat
[2012/05/09 19:09:27 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2012/04/02 19:00:00 | 000,143,068 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/02/15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/11/16 01:25:32 | 000,000,412 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\All CPU Meter_Settings.ini
[2011/11/14 22:19:26 | 000,007,598 | ---- | C] () -- C:\Users\Martin\AppData\Local\resmon.resmoncfg
[2011/11/08 12:51:27 | 000,042,769 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader.err
[2011/11/08 12:43:21 | 000,001,160 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader.nast

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 05:27:26 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 04:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/10/06 15:11:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\2K Sports
[2012/04/01 12:41:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Auslogics
[2011/11/01 18:54:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Canneverbe Limited
[2013/12/14 01:47:29 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2011/11/05 17:22:04 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Day 1 Studios
[2013/01/04 22:30:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GameRanger
[2011/11/01 11:56:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GlarySoft
[2012/10/06 19:52:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Leadertech
[2013/06/25 18:02:25 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Milestone
[2012/04/10 21:08:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MotioninJoy
[2013/08/20 14:15:45 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Origin
[2013/04/24 19:57:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PC Suite
[2013/05/12 14:01:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PhotoFiltre 7
[2012/08/17 18:18:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\RedDotGames
[2013/08/29 10:40:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Samsung
[2013/10/31 18:59:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SmileysWeLove
[2013/11/25 18:04:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Subversion
[2013/01/06 23:23:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TeamViewer
[2012/11/21 23:01:28 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Theta
[2014/01/03 19:58:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Unity
[2014/01/09 01:13:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent
[2012/10/17 21:06:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2013/05/25 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WebcamMax

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,570 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/01 11:34:27 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001Core.job
[2011/11/01 11:34:32 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001UA.job
[2011/11/01 11:38:14 | 000,000,326 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012/03/29 17:58:17 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/08/10 14:21:10 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/08/10 14:21:11 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 05:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 05:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 04:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 04:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/11/20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 05:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 05:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010/11/20 05:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010/11/20 05:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\60f05894619a7ce3c673328fb5c63171\*.tmp files -> C:\Windows\SoftwareDistribution\Download\60f05894619a7ce3c673328fb5c63171\*.tmp -> ]
[14 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[14 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/10/06 15:11:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\2K Sports
[2012/03/15 21:34:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Adobe
[2011/11/01 11:27:04 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ATI
[2012/04/01 12:41:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Auslogics
[2011/11/01 18:54:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Canneverbe Limited
[2013/12/14 01:47:29 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2011/11/05 17:22:04 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Day 1 Studios
[2013/01/04 22:30:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GameRanger
[2011/11/01 11:56:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GlarySoft
[2011/11/01 10:53:32 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Identities
[2012/10/06 19:52:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\InstallShield
[2011/11/01 11:37:51 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Intel
[2012/10/06 19:52:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Leadertech
[2011/11/01 12:10:29 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Macromedia
[2011/11/01 11:51:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Malwarebytes
[2013/11/25 18:04:37 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MathWorks
[2009/07/14 08:54:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Center Programs
[2014/01/09 01:13:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Player Classic
[2013/11/14 13:50:05 | 000,000,000 | --SD | M] -- C:\Users\Martin\AppData\Roaming\Microsoft
[2013/06/25 18:02:25 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Milestone
[2012/04/10 21:08:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MotioninJoy
[2013/10/18 06:11:19 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mozilla
[2013/08/20 14:15:45 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Origin
[2013/04/24 19:57:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PC Suite
[2013/05/12 14:01:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PhotoFiltre 7
[2012/08/17 18:18:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\RedDotGames
[2013/08/29 10:40:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Samsung
[2012/07/13 21:25:03 | 000,000,000 | RH-D | M] -- C:\Users\Martin\AppData\Roaming\SecuROM
[2013/12/31 16:41:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Skype
[2013/10/31 18:59:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SmileysWeLove
[2013/11/25 18:04:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Subversion
[2013/01/06 23:23:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TeamViewer
[2012/11/21 23:01:28 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Theta
[2014/01/03 19:58:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Unity
[2014/01/09 01:13:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent
[2012/10/17 21:06:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2013/05/25 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WebcamMax
[2011/11/01 19:16:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013/07/02 20:14:10 | 001,824,928 | ---- | M] (GameRanger Technologies) -- C:\Users\Martin\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2011/11/07 15:08:09 | 000,010,134 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012/07/01 12:12:45 | 000,104,768 | ---- | M] (www.motioninjoy.com) -- C:\Users\Martin\AppData\Roaming\MotioninJoy\DS3tool\update\DS3_Tool.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[14 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2014/01/10 11:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/01/10 11:05:10 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2014/01/10 11:05:01 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/01/10 01:48:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014/01/09 12:16:00 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001Core.job
[2014/01/10 11:17:14 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[14 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[14 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/09/01 07:15:55 | 000,136,176 | ---- | M] (Google Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 05:25:18 | 001,475,584 | ---- | M] (Microsoft Corporation)
"WebcamMaxAutoRun" = "D:\WebcamMax\wcmmon.exe" -a -- [2011/07/17 05:56:48 | 001,038,848 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013/12/11 12:00:48 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=1EEA6C1B35191DC177EA83672B9C3FC0 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010/11/20 04:22:52 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/01/10 11:14:23 | 000,000,512 | ---- | M] () MD5=3E4E5C1F4F2BF9825DF1023D9DC194EC -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/11/02 17:46:14 | 000,001,558 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\007 LEGENDS-FLT CRACK ONLY.torrent
[2013/11/19 23:23:45 | 000,013,178 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Assassin's.Creed.IV.Black.Flag.Update.And.Crack.Fix.V6.rar.torrent
[2013/05/26 11:17:30 | 000,007,476 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Call.of.Juarez.Gunslinger.Proper.Crack-3DM.7z.torrent
[2011/11/06 13:36:23 | 000,013,338 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Driver San Francisco Crack by SKIDROW.torrent
[2011/11/06 13:39:29 | 000,003,742 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Driver San Francisco PC Crack - Razor1911.rar.torrent
[2013/05/29 17:27:47 | 000,000,549 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\GRID 2 PROPER CRACK ONLY-RELOADED.rar.torrent
[2013/05/29 17:39:28 | 000,019,515 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\GRID.2.CRACK.ONLY-RELOADED.torrent
[2013/08/30 23:25:14 | 000,012,661 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Saints.Row.IV.CRACK.ONLY-RELOADED.torrent
[2012/11/02 11:44:44 | 000,020,741 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\[PC GAME MULTI] - Gran Theft Auto San Andreas + Crack NoCD - (Perfect DVD Version) - (Eng-Ita-Deu-Fra-Esp) - (By G-ADLVR_R7.rar.torrent

< *keygen* /s >

< *loader* /s >
[2008/07/30 10:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008/07/29 03:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010/03/24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010/08/05 13:33:12 | 000,034,304 | ---- | M] () -- \Program Files (x86)\MSI Kombustor\KLoaderWin32.exe
[2010/09/10 10:05:56 | 000,075,104 | ---- | M] () -- \Program Files (x86)\MSI Kombustor\PhysXLoader.dll
[2009/05/31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/02/27 22:58:46 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2012/02/27 22:58:46 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2012/02/27 22:58:46 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2012/02/27 22:58:46 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2012/11/14 10:36:12 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012/11/14 10:33:44 | 000,293,376 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2010/03/24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/03/02 12:39:56 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013/12/13 18:55:43 | 000,209,920 | ---- | M] () -- \ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{841C2125-2B8B-26DE-9032-AE5F3B91F919}-UBIORBITAPI_R2_LOADER.DLL
[2013/12/13 18:55:43 | 000,209,920 | ---- | M] () -- \Users\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{841C2125-2B8B-26DE-9032-AE5F3B91F919}-UBIORBITAPI_R2_LOADER.DLL
[2014/01/02 12:24:30 | 000,042,769 | ---- | M] () -- \Users\Martin\AppData\Local\SRDownloader.err
[2014/01/02 12:24:36 | 000,001,160 | ---- | M] () -- \Users\Martin\AppData\Local\SRDownloader.nast
[2013/09/13 22:24:47 | 000,905,728 | ---- | M] () -- \Users\Martin\Desktop\SRDownloader.exe
[2013/11/16 17:19:38 | 000,005,147 | ---- | M] () -- \Users\Martin\Documents\Add-in Express\adxloader.log
[2014/01/02 12:24:36 | 000,036,944 | ---- | M] () -- \Windows\Prefetch\SRDOWNLOADER.EXE-747A502F.pf
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[14 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[14 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 08:44:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 08:44:39 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 08:44:39 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 08:44:39 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 08:44:39 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012/11/26 00:53:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2012/11/26 00:53:33 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winload.efi_75834aa0
[2012/11/26 00:53:33 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winload.exe_75835076
[2012/11/26 00:53:34 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winresume.efi_85cd069f
[2012/11/26 00:53:34 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 08:43:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

JanSpasitel · #12 Příspěvek od **JanSpasitel** » 10 led 2014 11:29

a Extras

OTL Extras logfile created on: 10. 1. 2014 11:12:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

6,00 Gb Total Physical Memory | 4,21 Gb Available Physical Memory | 70,14% Memory free
12,00 Gb Paging File | 9,57 Gb Available in Paging File | 79,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,96 Gb Total Space | 6,37 Gb Free Space | 16,34% Space Free | Partition Type: NTFS
Drive D: | 35,47 Gb Total Space | 21,24 Gb Free Space | 59,90% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 21,59 Gb Free Space | 14,49% Space Free | Partition Type: NTFS
Drive X: | 931,51 Gb Total Space | 931,39 Gb Free Space | 99,99% Space Free | Partition Type: NTFS

Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{158FC473-B829-43D7-8BC3-83AFD441FF5B}" = lport=138 | protocol=17 | dir=in | app=system |
"{26526213-3B70-4F2A-89BB-4E9B9F60BE24}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{273C7C3C-9612-4636-979B-7C3CA2A812C0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27811ED7-E862-46B1-BE01-4F691BB56DB4}" = lport=137 | protocol=17 | dir=in | app=system |
"{2DB13FD3-5FAA-40C5-97A0-829D8F379ED1}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3145EF10-0326-4B39-9AB0-71DA3661FBFE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{373DFED1-A1F8-4E8B-B9FC-DEA51118DB7F}" = rport=139 | protocol=6 | dir=out | app=system |
"{3EF91B7E-CB42-4CF7-8CA4-42491639F374}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3FAE4B61-0E6F-4F10-83A7-65653E89FB8F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4E7C5F46-C167-448C-AD7F-D48C07509F77}" = lport=445 | protocol=6 | dir=in | app=system |
"{5396EE00-823E-4BE1-9228-00A78CF0D823}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5EE9BD67-33A9-4C62-8EC7-025632D26ECC}" = rport=137 | protocol=17 | dir=out | app=system |
"{62BB8774-849A-4CA5-B0D2-4B37CB21E9FF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{66A9DAF6-106C-43CE-8231-2188A3487257}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{737BE29C-255F-4E2B-8D2D-3B01C751398C}" = rport=138 | protocol=17 | dir=out | app=system |
"{773649B8-F16C-48ED-9AA9-D5926EAE1BE7}" = rport=445 | protocol=6 | dir=out | app=system |
"{77AC8DBB-70F2-42E6-B855-20BE89EBC624}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{7F64770C-0C1F-4023-B54D-45AED2601B39}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{7FA5AD8A-0695-4E74-A3F7-0B613321129A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9146B086-6A42-418F-A021-48227E3FF843}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A27ACF42-F743-42FC-8946-DA7DC9086A87}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE3CF737-5BEB-4684-BED7-E90679D2F145}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BD50148E-1057-4FC9-8EDB-6E216B921515}" = lport=139 | protocol=6 | dir=in | app=system |
"{D4946266-2562-41B6-BF35-E9FFA2FE1FD5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DBB63CD7-53EE-48B4-8777-9EC3B260E2F9}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E5F5F841-2B45-4B59-AFC4-A91EB4307343}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{EE817E18-C310-45D1-986A-9F509B282DE0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FC3517F5-CA21-48A4-B759-E9C21EF39163}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FEF08BA6-162A-465A-B4B3-2DF19E33BCC3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BC2411-4E72-481F-ADB2-6003914C0190}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{04739BB7-F0F9-4FB6-A2CD-7B74C572989A}" = protocol=6 | dir=in | app=f:\steam\steam.exe |
"{097B65ED-E6C8-4DE1-94A2-18CA803066AA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{09B59A51-68B1-4C18-AA28-384894D83630}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\medal of honor\support\ea help\electronic_arts_technical_support.htm |
"{0C8AF248-E99B-420F-8C6B-B88D7C32C3B5}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{0E198F82-F7A4-4AA9-BFA9-3B2C4862AB73}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{10792AAA-0E20-4132-B3D3-346C3B84F5BD}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1177F063-614D-4CB0-9FB7-B2294D9D1126}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{124A66DB-A893-4097-AF15-AF83AA465E62}" = protocol=6 | dir=in | app=f:\farcry 3\bin\farcry3_d3d11.exe |
"{1430B534-B85A-4CC0-B2A0-72735E9D1A63}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{17C28DAA-7459-4D88-9DB7-49C3653FB9EF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{17F03525-0754-4431-B13D-16AB7CA4A999}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{1BDF8E2B-E3EB-449E-B258-5A1AE189134B}" = protocol=17 | dir=in | app=f:\steam\steam.exe |
"{1CAD31D1-F47B-402F-B29D-42851D41CD53}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{1D76F95A-9B8D-4C04-AB23-2093B4E69995}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\medal of honor\support\ea help\electronic_arts_technical_support.htm |
"{2B7FA03F-0FAA-456A-B3DE-9D829345F3F3}" = protocol=17 | dir=in | app=f:\farcry 3\bin\farcry3_d3d11.exe |
"{2D8BB120-37B6-44A0-8753-DC468C318F46}" = dir=in | app=c:\windows\ati.exe |
"{3272FBA6-F557-459F-81E5-83FEB49A2DA2}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{346CB989-171A-4E64-BE43-A5144B91421B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{38633536-7965-4EB6-AED0-6D7065DEACB9}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{39E568F6-973C-4215-8BF3-1FF2898E4402}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3EC36850-0D28-4069-87EA-18D617DBC3E8}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{41C28404-E1B6-453B-92B9-62A8EA99419C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{45D9069E-0A06-42EB-88C6-C1F534A233EB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{48AAD3B3-FF02-4146-876B-FFCE950266C8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{49E3C058-F0EC-48B3-91CF-2A57C2A00B26}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4C0EA9BD-DA0F-4506-A292-EB083B943FB3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{4EF18F7D-1A71-4D00-89AF-9C0B3B735F84}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F6FC61A-A9B2-421E-8C05-449E26DAFF59}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{4FFBFDF9-4CDD-4DD1-BE6D-C211695D996B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{517CEBB1-5AAC-44EA-8BCA-EC765E851933}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{52119035-D19C-4803-82A4-2DF4905D2D5C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{60A01322-0B60-40B7-A742-D960BBFF7DAD}" = protocol=6 | dir=in | app=f:\farcry 3\bin\fc3updater.exe |
"{612AD026-C03B-491B-B7A5-5E72FF7D50BA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{61372149-A8BA-422D-812F-71E0CD4489D9}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{617A1B86-1B99-4BF1-9EEE-8612EAADEBE8}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{627742BC-E5F1-4F18-B034-6FAEA9B6961D}" = protocol=17 | dir=in | app=f:\farcry 3\bin\fc3updater.exe |
"{685E7179-06B0-40F1-8A15-6949B4C30FAC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6FF608CE-01E2-4D20-9129-F46038598BA3}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{70B742CC-D1AF-4819-80CC-3F5AEFBC02C0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{72B618B4-487A-41CA-B4B8-6A70B0C3BF11}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{79DA01A7-2009-4623-BCAD-23909F976B65}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7AAA16F1-479F-4512-A757-99C2F808EC2B}" = protocol=17 | dir=in | app=f:\farcry 3\bin\fc3editor.exe |
"{85703B1A-D5E9-437B-9B3F-E98B21E19E37}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{8CE92E6A-62B3-45F6-A6F2-11407AE9AB11}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"{8EE6EE2D-2431-456C-82AB-B7AB1064F40B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{90EDB77D-1AE2-45AE-B3E9-5D7D919E1D8F}" = protocol=17 | dir=in | app=f:\call of duty 4 - modern warfare\iw3mp.exe |
"{92AF7B7B-F528-4C5C-BD2B-5A7EABE0BB55}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9307E848-CD2D-488E-8009-4827796AAD00}" = protocol=6 | dir=in | app=f:\farcry 3\bin\farcry3.exe |
"{940D7805-C2B3-42DE-9476-AB55F762372E}" = protocol=17 | dir=in | app=f:\farcry 3\bin\farcry3.exe |
"{94E278BA-1CBC-46D6-AFC5-230C1F2EB824}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9572D280-64C2-4404-958A-0245A3DF72C3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"{A031B81F-AE03-4F30-ABD6-6B40DB9C907A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2BBD474-50D7-4252-9879-2505297DC3E2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A3B3B1E4-4C3F-4BB3-99CA-B575361F948C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{A710CDAD-68D6-450B-8779-8D71A2B85E10}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{A74AE699-6608-4C80-AF27-B65D51117F38}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A82B69AC-FC89-496C-968F-0EB26B3DA074}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B913E6EA-E987-4208-9485-A0B0E332531E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B9866987-6977-47DB-BAA7-44D00C64CC7A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BE9E67A0-93D1-4988-94B8-53A47B29BDC8}" = protocol=17 | dir=in | app=f:\origin hry\battlefield 3\bf3.exe |
"{C1344ABA-68BC-41D4-9429-1A3FE4E30A3C}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{C88A309A-812F-447E-8C4F-3EF87012E297}" = dir=in | app=c:\windows\cuda.exe |
"{C8DA5E39-8509-4916-9C26-A2D15EF20CCA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D19B7D68-F201-4A0C-A65F-46191A954796}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D52C7124-567E-43AA-9987-23BF57CCCCB4}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{DB77C435-1A06-46AC-A4B8-42E43D95D841}" = protocol=6 | dir=in | app=f:\call of duty 4 - modern warfare\iw3mp.exe |
"{DB7A2381-D7F2-412F-B616-C07BD0B151D0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DCBC4A2A-8B0A-47A4-B9AC-42EE9F426423}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DD9ED250-7DE6-4535-8545-8B0536502AF9}" = protocol=6 | dir=in | app=f:\origin hry\battlefield 3\bf3.exe |
"{DE70EE5F-E95F-4B4F-A77A-2228E44E09AA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E49DBE34-3461-4A78-9B3B-BC1CE1D54B20}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E757D7FC-0BBE-48D5-8813-52AB16951010}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F06ACCC6-0D8B-4168-BA02-08D9AE7945F2}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F2EF7AD9-5AB1-48C5-B964-0341274FF5FB}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F6F6FFE6-3D04-41C2-AC6B-06D9969AC846}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F72E262F-BFF6-4DC2-8398-C38C3E39AF17}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F8CB787C-98CF-446E-AF00-359B55790BAC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F9338C83-DE5A-4E51-A2AC-0694065B88BA}" = protocol=6 | dir=out | app=system |
"{F9F02510-6400-4298-9440-50B96E04E2D3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FA95DCE6-6A0B-4E4C-8BB0-B2941CD79C87}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FAFEC614-595F-4040-880C-06EB0E07B217}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FC236F08-5976-449B-83E2-69424F78BAFF}" = protocol=6 | dir=in | app=f:\farcry 3\bin\fc3editor.exe |
"{FCAAD634-143B-45D6-B861-A8DA7CC01F13}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FE856C6E-D842-4DCA-9076-19040E935631}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FFF023A0-7ABE-4732-9D73-C9F6543DA676}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{12DE6291-3C3F-4379-808F-75B012F2BDEA}F:\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=f:\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"TCP Query User{4896E1D2-54A1-4629-A9C0-99A16FC8392E}F:\race driver grid\grid.exe" = protocol=6 | dir=in | app=f:\race driver grid\grid.exe |
"TCP Query User{BAA82F56-C4F8-4152-9D55-B092B929BCD8}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{BB75CC1D-26DD-4162-8C01-00287EA7F162}F:\tdu2\testdrive2.exe" = protocol=6 | dir=in | app=f:\tdu2\testdrive2.exe |
"TCP Query User{E43CF47F-9DA2-485B-A3B3-6949FE956DE8}F:\steam\steamapps\janspasitel\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=f:\steam\steamapps\janspasitel\team fortress 2\hl2.exe |
"UDP Query User{08FE5473-1D16-4BBB-A388-4A2E64791786}F:\tdu2\testdrive2.exe" = protocol=17 | dir=in | app=f:\tdu2\testdrive2.exe |
"UDP Query User{1B710D48-0B51-4D3F-8DD7-7F5F554E7B4F}F:\steam\steamapps\janspasitel\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=f:\steam\steamapps\janspasitel\team fortress 2\hl2.exe |
"UDP Query User{6902CD59-FE2B-4B0A-B4DF-003DD0C88C62}F:\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=f:\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"UDP Query User{8B098B2A-8421-40FD-8C7F-27E56F73FE00}F:\race driver grid\grid.exe" = protocol=17 | dir=in | app=f:\race driver grid\grid.exe |
"UDP Query User{BA4BE99E-5D36-441C-872B-B9A77BC8AE9B}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy DS3 driver version 0.6.0005
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zariadení Windows Mobile
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7D2019DF-713F-B6ED-8C87-14363B081FB2}" = AMD Drag and Drop Transcoding
"{8AB933A1-603C-5B22-3D56-19593698C41A}" = AMD Fuel
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{ADCB5F9E-EF88-6D61-EE2F-99F51DF1B6EF}" = AMD Media Foundation Decoders
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E57289A3-B314-F00A-F0D0-7CB63E588CFF}" = AMD Accelerated Video Transcoding
"{FEB22B7A-7B05-4A49-3BA3-D24815D37FAE}" = ccc-utility64
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.17
"Defraggler" = Defraggler
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Matlab R2013a" = MATLAB R2013a
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.0.0
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{170236F2-1F88-A116-DA64-3FEED17B9387}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2178EDD8-A3A6-50E3-407B-6629EA8E6ECE}" = AMD Catalyst Control Center
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2DFA85ED-588F-4CE3-A175-29E52C3804A8}}_is1" = Folder Size 2.0.0.0
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{32957F2B-A371-151F-9DA1-7BCA54BA2C71}" = CCC Help Danish
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{398004A7-6198-B8AB-443A-D250FFA57446}" = CCC Help Greek
"{3A29665B-2304-A9F7-601D-86340BD29D57}" = CCC Help Korean
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4310E447-8AF3-020C-06D0-CB317D1BC92B}" = CCC Help Spanish
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4DF0CAAC-F479-1673-EE92-03FFB9A05C1A}" = CCC Help English
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{6670AE0A-83FD-C514-C4EC-51618BEDCF04}" = Catalyst Control Center InstallProxy
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{6B568B64-0BDE-4FB2-A1AB-8A41DF033C57}" = AI Gear
"{6DD76706-759A-1D77-9D1B-39FFFEC203BE}" = CCC Help Hungarian
"{6DF3C5B5-AEA5-198E-289C-CAADC4A17C04}" = CCC Help Dutch
"{6F9B3984-08EB-19EE-5E93-E79FD0854596}" = CCC Help Czech
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{784D940E-A14C-45C1-8554-1BAD248679A3}_is1" = Race Driver GRID verze 1.3
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{82DA3D5E-0041-D8F7-6ACD-53A06C863FD4}" = CCC Help Swedish
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8E63AD00-6BEB-9E98-739E-C8EE42CF0419}" = CCC Help Norwegian
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9584BE1B-2FBE-4F45-13EA-6567F3E2D9A2}" = CCC Help Chinese Traditional
"{993609E5-B0A7-0270-BA78-385016D5A4FA}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C50B767-48BA-A567-0CFE-31620AE8FC97}" = CCC Help German
"{9E94C6F8-2B4E-D900-E73C-E7BCC7653188}" = CCC Help Japanese
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BEFD4139-C684-DBF8-33F2-7963161E2F10}" = CCC Help Russian
"{CFBC3C9F-C781-4A0A-4AC9-BEBDE9850C16}" = CCC Help Turkish
"{D17BE572-CBFB-2AA4-759B-E21F04093001}" = CCC Help Thai
"{D3C44AE6-7A77-6CB3-0708-C970C53E8136}" = Catalyst Control Center Localization All
"{DD36B76E-AAC3-4BB7-9946-A5FBBE121C33}" = Smileys We Love Toolbar for IE
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E9E87CFE-894C-8FFB-31C2-61C6B640F2B2}" = CCC Help Finnish
"{E9F63F5F-00EF-516C-C7F6-ABD3DC174B5E}" = CCC Help Polish
"{EA3960CB-883C-5B18-FA85-7C36C320E4BC}" = Catalyst Control Center Graphics Previews Common
"{ED62231A-B71D-C39A-7CE0-B2C8388A67C2}" = CCC Help French
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1CECE09-7CBE-4E98-B435-DA87CDA86167}" = Skype™ 5.5
"{FBC9A8BD-C74D-86B3-7818-D584C9174F48}" = CCC Help Portuguese
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"EGR-ShellExtension" = EGR-ShellExtension
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps
"Glary Utilities_is1" = Glary Utilities 2.38.0.1288
"Cheat Engine 6.3_is1" = Cheat Engine 6.3
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.75.0.1300
"Mozilla Firefox 26.0 (x86 sk)" = Mozilla Firefox 26.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"SpeedFan" = SpeedFan (remove only)
"Steam App 35140" = Batman: Arkham Asylum GOTY Edition
"Steam App 47830" = Medal of Honor(TM) Multiplayer
"Steam App 550" = Left 4 Dead 2
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 6 Host" = TeamViewer 6 Host
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"Uplay" = Uplay
"uTorrent" = µTorrent
"WebcamMax" = WebcamMax

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome
"PhotoFiltre 7" = PhotoFiltre 7
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 17. 5. 2013 12:51:58 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 17. 5. 2013 12:51:58 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 17. 5. 2013 12:51:58 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 17. 5. 2013 12:51:58 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 17. 5. 2013 13:40:10 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.

Error - 18. 5. 2013 12:29:04 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.

Error - 19. 5. 2013 15:09:09 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 19. 5. 2013 15:09:09 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 19. 5. 2013 15:09:22 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 20. 5. 2013 18:13:26 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: MetroLL.exe, verzia: 1.0.0.1, časová značka:
0x518a9265 Názov chybového modulu: MetroLL.exe, verzia: 1.0.0.1, časová značka:
0x518a9265 Kód výnimky: 0xc0000005 Odstup chyby: 0x00576c65 Identifikácia chybného
procesu: 0x3bc Čas spustenia chybnej aplikácie: 0x01ce55a4a49c18f0 Cesta chybnej aplikácie:
F:\Metro Last Light\MetroLL.exe Cesta chybného modulu: F:\Metro Last Light\MetroLL.exe
Identifikácia
hlásenia: 7e039300-c19a-11e2-b85e-0018f3ca82b5

[ System Events ]
Error - 10. 1. 2014 6:06:09 | Computer Name = Martin-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Neznáma chyba Reason: %%842

Error - 10. 1. 2014 6:06:13 | Computer Name = Martin-PC | Source = PNRPSvc | ID = 102
Description =

Error - 10. 1. 2014 6:06:13 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Name Resolution Protocol, od ktorej závisí služba
Peer Networking Grouping, zlyhalo kvôli nasledujúcej chybe: %%-2140993535

Error - 10. 1. 2014 6:06:13 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Služba Peer Name Resolution Protocol bola ukončená s nasledujúcou
chybou: %%-2140993535

Error - 10. 1. 2014 6:06:23 | Computer Name = Martin-PC | Source = PNRPSvc | ID = 102
Description =

Error - 10. 1. 2014 6:06:23 | Computer Name = Martin-PC | Source = PNRPSvc | ID = 102
Description =

Error - 10. 1. 2014 6:06:23 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Služba Peer Name Resolution Protocol bola ukončená s nasledujúcou
chybou: %%-2140993535

Error - 10. 1. 2014 6:06:23 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Name Resolution Protocol, od ktorej závisí služba
Peer Networking Grouping, zlyhalo kvôli nasledujúcej chybe: %%-2140993535

Error - 10. 1. 2014 6:06:23 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Služba Peer Name Resolution Protocol bola ukončená s nasledujúcou
chybou: %%-2140993535

Error - 10. 1. 2014 6:06:23 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Name Resolution Protocol, od ktorej závisí služba
Peer Networking Grouping, zlyhalo kvôli nasledujúcej chybe: %%-2140993535

< End of report >

#13 Příspěvek od **vyosek** » 11 led 2014 06:36

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
MOD - [2014/01/03 15:08:02 | 001,050,112 | ---- | M] () -- c:\Windows\core.exe
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.sk/?ocid=iehp
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 B0 96 37 DB EE CE 01 [binary data]
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O2:64bit: - BHO: (no name) - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CF0F43AB-9C23-4D7B-8040-201B82844854} - No CLSID value found.
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{155cc47e-f4f8-11e2-9c90-0018f3ca82b5}\Shell - "" = AutoRun
[2014/01/03 17:39:53 | 000,104,205 | ---- | M] () -- C:\Windows\cpu.exe
[2014/01/03 15:08:02 | 001,050,112 | ---- | M] () -- C:\Windows\core.exe
[2014/01/03 15:05:54 | 000,190,284 | ---- | M] () -- C:\Windows\cpu1.exe
[2014/01/10 11:05:35 | 000,104,205 | ---- | C] () -- C:\Windows\cpu.exe
[2014/01/09 20:54:26 | 000,650,660 | ---- | C] () -- C:\Windows\litecoin-reaperv13.Barts-256-6144-2.bin
[2014/01/03 15:08:02 | 001,050,112 | ---- | C] () -- C:\Windows\core.exe
[2014/01/03 15:05:54 | 000,190,284 | ---- | C] () -- C:\Windows\cpu1.exe
[2014/01/03 09:31:56 | 000,368,161 | ---- | C] () -- C:\Windows\start.exe
[2013/11/30 07:43:14 | 000,478,208 | ---- | C] () -- C:\Windows\ati.exe
[2013/11/30 07:43:07 | 000,082,432 | ---- | C] () -- C:\Windows\pthread.dll
[2013/11/21 22:45:59 | 004,422,144 | ---- | C] () -- C:\Windows\cuda.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\60f05894619a7ce3c673328fb5c63171\*.tmp files -> C:\Windows\SoftwareDistribution\Download\60f05894619a7ce3c673328fb5c63171\*.tmp -> ]
[14 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[14 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[2014/01/10 11:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/01/10 11:05:10 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2014/01/10 11:05:01 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/01/10 01:48:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014/01/09 12:16:00 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001Core.job
[2014/01/10 11:17:14 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001UA.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cracked Steam Service]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SunJavaUpdateSched"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

JanSpasitel · #14 Příspěvek od **JanSpasitel** » 11 led 2014 11:21

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-3362749566-1486728534-2914300367-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3362749566-1486728534-2914300367-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-3362749566-1486728534-2914300367-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CF0F43AB-9C23-4D7B-8040-201B82844854} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF0F43AB-9C23-4D7B-8040-201B82844854}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{155cc47e-f4f8-11e2-9c90-0018f3ca82b5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{155cc47e-f4f8-11e2-9c90-0018f3ca82b5}\ not found.
File C:\Windows\cpu.exe not found.
C:\Windows\core.exe moved successfully.
C:\Windows\cpu1.exe moved successfully.
File C:\Windows\cpu.exe not found.
C:\Windows\litecoin-reaperv13.Barts-256-6144-2.bin moved successfully.
File C:\Windows\core.exe not found.
File C:\Windows\cpu1.exe not found.
C:\Windows\start.exe moved successfully.
C:\Windows\ati.exe moved successfully.
C:\Windows\pthread.dll moved successfully.
C:\Windows\cuda.exe moved successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI2320.tmp deleted successfully.
C:\Windows\Installer\MSI6BFA.tmp deleted successfully.
C:\Windows\Installer\MSI7B3D.tmp deleted successfully.
C:\Windows\Installer\MSI7F2.tmp deleted successfully.
C:\Windows\Installer\MSIC94.tmp deleted successfully.
C:\Windows\Installer\MSID222.tmp deleted successfully.
C:\Windows\Installer\MSIDD79.tmp deleted successfully.
C:\Windows\Installer\MSIECAB.tmp deleted successfully.
C:\Windows\Installer\MSIFB4.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\60f05894619a7ce3c673328fb5c63171\BITD3DF.tmp deleted successfully.
C:\Windows\System32\tmp180B.tmp deleted successfully.
C:\Windows\System32\tmp181C.tmp deleted successfully.
C:\Windows\System32\tmp1A14.tmp deleted successfully.
C:\Windows\System32\tmp1A25.tmp deleted successfully.
C:\Windows\System32\tmp7FEA.tmp deleted successfully.
C:\Windows\System32\tmp7FEB.tmp deleted successfully.
C:\Windows\System32\tmpCC77.tmp deleted successfully.
C:\Windows\System32\tmpCC78.tmp deleted successfully.
C:\Windows\System32\tmpCE94.tmp deleted successfully.
C:\Windows\System32\tmpCE95.tmp deleted successfully.
C:\Windows\System32\tmpE788.tmp deleted successfully.
C:\Windows\System32\tmpE799.tmp deleted successfully.
C:\Windows\System32\tmpF305.tmp deleted successfully.
C:\Windows\System32\tmpF316.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GlaryInitialize.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3362749566-1486728534-2914300367-1001UA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cracked Steam Service\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run not found.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Martin
->Temp folder emptied: 27895432 bytes
->Temporary Internet Files folder emptied: 3610502 bytes
->Java cache emptied: 2149793 bytes
->FireFox cache emptied: 18019891 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 540 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 241482 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50453 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 50,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Martin
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Martin
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01112014_111743

Files\Folders moved on Reboot...
File move failed. C:\Users\Martin\AppData\Local\Temp\TeamViewer\Version7\TeamViewer7_Logfile.log scheduled to be moved on reboot.
C:\Users\Martin\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe moved successfully.
C:\Users\Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#15 Příspěvek od **vyosek** » 11 led 2014 21:57

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

kontrola logu

kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu