Vytížení procesoru > Steam.exe

[miravlak]

zdravíčko,už delší dobu se peru s procesem steam.exe,sebere cca 60-70% procáku,dokut ho nevypnu manuálně,ale zase naskočí cca do hodiny,projel sem to Spybotem,Malwarebytes Anti-Malware,ADWC a ještě pár softama,ale zatím bez úspěchu přikládám LOG,kdyby někdo věděl poradit díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by miravlak at 2014-11-04 16:14:20
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 32 GB (28%) free of 114 GB
Total RAM: 12238 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:14:28, on 4.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Program Files\trend micro\miravlak.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Wondershare Helper Compact.exe] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: YouTubeAcceleratorService - Unknown owner - C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe (file missing)

--
End of file - 7856 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss bc42455e-daab-41ef-90e6-83bd035c1ca7 1
\??\C:\Windows\system32\conhost.exe "-276550911912749122-126173840119297512771399110312-16514273522141637717-2074565267
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-552172318515639813125724905-8760813501328741677841998061317288596-946950656
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {05FD4AB1-D301-480F-B2AA-DC94ED87C833}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4580.2bd57f60.1201865838 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4580 "\\.\pipe\gecko-crash-server-pipe.4580" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --proxy-stub-channel=Flash3704.6B3DAAA0.16727 --host-broker-channel=Flash3704.6B3DAAA0.25861 --host-pid=3704 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --channel=1836.0029F1E4.1807073363 --proxy-stub-channel=Flash3704.6B3DAAA0.16727 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\AUDIODG.EXE 0x7c0
"C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\miravlak\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\miravlak\AppData\Roaming\Mozilla\Firefox\Profiles\e7vt4b8u.default

prefs.js - "browser.startup.homepage" - "google.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2461504]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-17 2799784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-08-21 6462744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"Command Center"=C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [2014-09-23 797648]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-04 16:14:20 ----D---- C:\rsit
2014-11-04 16:14:20 ----D---- C:\Program Files\trend micro
2014-11-04 16:09:06 ----D---- C:\Program Files\Reason
2014-11-01 18:33:15 ----D---- C:\Users\miravlak\AppData\Roaming\NVIDIA 3D Vision Video Player
2014-10-30 10:58:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-26 13:22:37 ----HD---- C:\MSIServiceCfg_CC
2014-10-23 14:41:09 ----D---- C:\Users\miravlak\AppData\Roaming\Apple Computer
2014-10-23 14:41:06 ----DC---- C:\Windows\system32\DRVSTORE
2014-10-23 14:41:06 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2014-10-23 14:40:48 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-23 14:40:48 ----D---- C:\ProgramData\Apple Computer
2014-10-23 14:40:48 ----D---- C:\Program Files\iTunes
2014-10-23 14:40:48 ----D---- C:\Program Files\iPod
2014-10-23 14:40:48 ----D---- C:\Program Files (x86)\iTunes
2014-10-23 14:40:35 ----D---- C:\Program Files (x86)\Apple Software Update
2014-10-23 14:40:32 ----D---- C:\Program Files\Common Files\Apple
2014-10-23 14:40:27 ----D---- C:\Program Files\Bonjour
2014-10-23 14:40:27 ----D---- C:\Program Files (x86)\Bonjour
2014-10-23 14:40:18 ----D---- C:\ProgramData\Apple
2014-10-23 13:52:56 ----D---- C:\Program Files (x86)\WebGadget
2014-10-20 17:54:42 ----D---- C:\Program Files\Wondershare
2014-10-20 17:32:32 ----D---- C:\Users\miravlak\AppData\Roaming\Wondershare
2014-10-20 17:32:31 ----HD---- C:\Program Files (x86)\DrFoneAndroid_Temp
2014-10-15 21:35:30 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 21:35:29 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 21:35:29 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 21:35:29 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 21:35:29 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 21:35:29 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 21:35:29 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 21:35:28 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 21:35:28 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 21:35:28 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 21:35:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 21:35:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 21:35:27 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 21:35:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 21:35:27 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 21:35:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 21:35:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 21:35:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 21:35:26 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 21:35:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 21:35:26 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 21:35:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 21:35:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 21:35:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 21:35:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 21:35:25 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 21:35:25 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 21:35:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 21:35:25 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 21:35:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 21:35:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 21:35:24 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 21:35:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 21:35:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 21:35:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 21:35:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 21:35:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 21:35:24 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 21:35:24 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 21:35:23 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 21:35:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 21:35:23 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 21:35:23 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 21:35:23 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 21:35:23 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 21:35:23 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 21:35:23 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 21:35:22 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 21:35:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 21:35:22 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 21:35:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 21:35:22 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 21:35:22 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 21:33:47 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-10-15 21:33:47 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 21:33:47 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-10-15 21:33:47 ----A---- C:\Windows\system32\msi.dll
2014-10-15 21:33:47 ----A---- C:\Windows\system32\consent.exe
2014-10-15 21:33:47 ----A---- C:\Windows\system32\authui.dll
2014-10-15 21:33:46 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 21:33:45 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 21:33:44 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 21:33:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 21:33:44 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 21:33:44 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 21:33:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 21:33:44 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-10-15 21:33:44 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 21:33:44 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 21:33:44 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 21:33:44 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 21:33:44 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 21:33:44 ----A---- C:\Windows\system32\certcli.dll
2014-10-15 21:33:41 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 21:33:41 ----A---- C:\Windows\system32\packager.dll
2014-10-11 10:35:36 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-10-11 10:35:36 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-10-11 10:35:36 ----A---- C:\Windows\system32\nvspcap64.dll
2014-10-11 10:35:36 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-10-11 10:35:33 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-10-11 10:35:14 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-10-11 10:34:04 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvopencl.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvoglv64.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvinitx.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\NvIFR64.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvhdap64.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\NvFBC64.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvdispgenco6434411.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvdispco6434411.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvcuvid.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvcuda.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-10-11 10:34:04 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-10-11 10:34:04 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-10-11 10:34:04 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-10-11 10:34:03 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-10-11 10:34:03 ----A---- C:\Windows\system32\nvcompiler.dll
2014-10-11 10:32:12 ----D---- C:\NVIDIA

======List of files/folders modified in the last 1 month======

2014-11-04 16:14:20 ----RD---- C:\Program Files
2014-11-04 16:14:19 ----D---- C:\Windows\Temp
2014-11-04 14:43:11 ----D---- C:\Windows\system32\config
2014-11-04 14:36:35 ----D---- C:\Windows\System32
2014-11-04 14:36:35 ----D---- C:\Windows\inf
2014-11-04 14:36:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-04 14:29:32 ----D---- C:\ProgramData\NVIDIA
2014-11-03 19:10:06 ----D---- C:\Users\miravlak\AppData\Roaming\uTorrent
2014-11-03 17:21:02 ----SHD---- C:\System Volume Information
2014-11-03 14:38:18 ----D---- C:\ProgramData\ProductData
2014-11-01 23:28:05 ----D---- C:\Users\miravlak\AppData\Roaming\vlc
2014-11-01 18:33:06 ----SHD---- C:\Windows\Installer
2014-11-01 18:33:05 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-10-31 11:05:38 ----D---- C:\Windows\system32\catroot2
2014-10-31 09:12:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-30 22:30:07 ----D---- C:\Program Files (x86)
2014-10-30 12:25:26 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-28 11:22:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-28 04:06:07 ----D---- C:\Windows\system32\drivers
2014-10-28 04:06:07 ----D---- C:\Windows\Logs
2014-10-26 15:19:36 ----D---- C:\Users\miravlak\AppData\Roaming\XnView
2014-10-26 13:23:52 ----D---- C:\MSI
2014-10-26 13:22:37 ----D---- C:\Program Files (x86)\MSI
2014-10-24 23:04:54 ----D---- C:\Windows\Prefetch
2014-10-23 18:49:45 ----D---- C:\Users\miravlak\AppData\Roaming\AIMP3
2014-10-23 14:41:07 ----D---- C:\Windows\SysWOW64
2014-10-23 14:41:06 ----D---- C:\Windows\system32\catroot
2014-10-23 14:40:48 ----HD---- C:\ProgramData
2014-10-23 14:40:34 ----D---- C:\Windows\system32\DriverStore
2014-10-23 14:40:32 ----D---- C:\Program Files\Common Files
2014-10-23 14:40:18 ----D---- C:\Program Files (x86)\Common Files
2014-10-20 17:55:01 ----RSD---- C:\Windows\assembly
2014-10-20 17:55:01 ----D---- C:\Windows\Microsoft.NET
2014-10-17 10:27:17 ----D---- C:\Windows\rescache
2014-10-16 21:27:28 ----D---- C:\Windows\winsxs
2014-10-16 12:13:30 ----SD---- C:\Windows\system32\CompatTel
2014-10-16 12:13:30 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-16 12:13:30 ----D---- C:\Windows\system32\en-US
2014-10-16 12:13:30 ----D---- C:\Program Files\Internet Explorer
2014-10-16 12:13:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-16 12:13:29 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 12:13:29 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-16 09:22:37 ----D---- C:\ProgramData\Microsoft Help
2014-10-16 09:21:50 ----D---- C:\Windows\system32\MRT
2014-10-16 09:20:32 ----A---- C:\Windows\system32\MRT.exe
2014-10-16 09:18:45 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-12 12:50:33 ----D---- C:\Windows
2014-10-11 15:48:25 ----D---- C:\Program Files (x86)\Movies
2014-10-11 15:04:04 ----D---- C:\Program Files (x86)\Screenshots
2014-10-11 11:33:30 ----D---- C:\ProgramData\NVIDIA Corporation
2014-10-11 10:35:42 ----D---- C:\Program Files\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2013-10-21 213848]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2014-09-07 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2014-09-07 117024]
R1 BfLwf;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bflwfx64.sys [2013-02-19 66928]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2013-10-21 516096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-16 283064]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R2 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2014-10-01 93400]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-02-19 165824]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-11-04 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-09-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 20288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [2012-11-19 13368]
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [2012-11-26 13368]
S3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [2012-11-19 13368]
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [2012-11-19 13368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SliceDisk5;SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-10-21 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2013-10-21 27136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1149760]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 MSICTL_CC;MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014-09-26 1993216]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19440960]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-09-13 934216]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-09-13 411968]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-21 2175264]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-28 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2013-10-21 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-30 114288]
S3 MSIBIOSData_CC;MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2014-06-04 2100736]
S3 MSIClock_CC;MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2014-09-26 4026880]
S3 MSICOMM_CC;MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2014-07-28 2118144]
S3 MSICPU_CC;MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2014-09-26 4157440]
S3 MSIDDR_CC;MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2014-09-01 2242560]
S3 MSISMB_CC;MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2014-07-28 2063360]
S3 MSISuperIO_CC;MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2014-09-25 550400]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2013-10-21 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2013-10-21 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-16 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [2013-02-19 497664]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *kms* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[miravlak]

Tady to je,předem dík za ochotu
OTL

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*kms* /s
*keygen* /s
*loader* /s

[miravlak]

OTL Extras

OTL Extras logfile created on: 4.11.2014 18:38:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\miravlak\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

11,95 Gb Total Physical Memory | 9,84 Gb Available Physical Memory | 82,36% Memory free
23,90 Gb Paging File | 21,56 Gb Available in Paging File | 90,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 30,02 Gb Free Space | 26,85% Space Free | Partition Type: NTFS
Drive D: | 2048,00 Gb Total Space | 1575,86 Gb Free Space | 76,95% Space Free | Partition Type: NTFS
Drive F: | 25,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 746,52 Gb Total Space | 746,37 Gb Free Space | 99,98% Space Free | Partition Type: NTFS

Computer Name: MIRAVLAK-PC | User Name: miravlak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2405550360-788701585-294151714-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1451E4E4-F3FE-4DB5-885B-5E9C0FD5A855}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1514CD40-F5BD-43B3-BA06-82155C617BCC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{20DE00C1-F7A1-44C7-B867-CDE06654A449}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{505149CE-9B09-4987-9D82-57FE06E2EA85}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\games\the crew (beta)\thecrew.exe |
"{5AC81F4E-3849-4749-BDFC-D97EA71A1BED}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{7935599E-C6AF-4DC9-88EB-F5CE5D013C5F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A0B62671-687C-4A6B-8378-C18A397C4955}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B1314FA4-6895-42C4-9879-B422EE40E70B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BFC7D0AA-8C38-456A-BE78-2D128DDE35B8}" = protocol=17 | dir=in | app=c:\users\miravlak\appdata\roaming\utorrent\utorrent.exe |
"{DBE52B65-3E3B-42D2-AF5A-414DA7557F45}" = protocol=6 | dir=in | app=c:\users\miravlak\appdata\roaming\utorrent\utorrent.exe |
"{DF1F6F67-4BD3-43D4-8F13-AA57CD50510C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{DFCC5C7B-1B6B-43F2-A853-1DAF7963C1CB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{E1A2FC7F-02AE-45F9-A588-4C9139591218}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\games\the crew (beta)\thecrew.exe |
"TCP Query User{880D8BA1-9535-41AC-AA27-5121D906736D}D:\hry\wolfenstein the new order\wolfneworder_x64.exe" = protocol=6 | dir=in | app=d:\hry\wolfenstein the new order\wolfneworder_x64.exe |
"TCP Query User{9F073B04-9633-4CF7-AFF7-5248747A9AEC}D:\hry\far cry 3\bin\farcry3_d3d11.exe" = protocol=6 | dir=in | app=d:\hry\far cry 3\bin\farcry3_d3d11.exe |
"TCP Query User{C1224E49-C2E4-4D30-AEFA-32672ABEEEB8}C:\users\miravlak\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\miravlak\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{C76A4F06-5009-4A45-BC50-9B2D7F994221}D:\hry\far cry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=d:\hry\far cry 3\bin\farcry3.exe |
"TCP Query User{D340D4DB-F147-4F29-B80C-3D3798A798AB}D:\hry\stronghold crusader 2\bin\win32_release\crusader2.exe" = protocol=6 | dir=in | app=d:\hry\stronghold crusader 2\bin\win32_release\crusader2.exe |
"UDP Query User{27F571BF-9AC1-4A83-81EF-65E04D8BF883}D:\hry\stronghold crusader 2\bin\win32_release\crusader2.exe" = protocol=17 | dir=in | app=d:\hry\stronghold crusader 2\bin\win32_release\crusader2.exe |
"UDP Query User{4EAA73B5-12CF-4B31-837D-3393B09CD6B1}D:\hry\far cry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=d:\hry\far cry 3\bin\farcry3.exe |
"UDP Query User{6509243B-29D3-4BF1-9D56-78D8A0ECC3F7}D:\hry\far cry 3\bin\farcry3_d3d11.exe" = protocol=17 | dir=in | app=d:\hry\far cry 3\bin\farcry3_d3d11.exe |
"UDP Query User{CB172C91-F936-4278-A092-6782B04658D8}C:\users\miravlak\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\miravlak\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{FFDB7B2E-45AF-4E45-BB3D-49F27ABA8F2D}D:\hry\wolfenstein the new order\wolfneworder_x64.exe" = protocol=17 | dir=in | app=d:\hry\wolfenstein the new order\wolfneworder_x64.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-001B-0000-1000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 344.46
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.32.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"CCleaner" = CCleaner
"MediaInfo" = MediaInfo 0.7.70
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.WORD" = Microsoft Word 2010

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1" = Wondershare Dr.Fone for Android(Build 4.8.0.135)
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.6
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BF8BD5F-EE1A-4DB1-B810-A4AE1D34530E}" = NVIDIA 3D Vision Video Player
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1" = MSI Command Center
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D2EF3F95-782D-483E-B153-E9755CC6D8C0}_is1" = DaemonicMU Season 4 1.35
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.6.0.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"«GRID 2»_is1" = «GRID 2» 1.0.85.8679
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"AIMP3" = AIMP3
"aTube Catcher" = aTube Catcher
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dead Rising 3_is1" = Dead Rising 3
"Far Cry 3_R.G. Mechanics_is1" = Far Cry 3
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"GRID - Autosport_is1" = GRID - Autosport
"herdProtectScan" = herdProtect Anti-Malware Scanner
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"Mafia II HD_is1" = Mafia II HD verze v1.7u5
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.3.1025
"Metro Last Light Redux_is1" = Metro Last Light Redux v.1.0.0.7.u1
"Middle-earth. Shadow of Mordor_is1" = Middle-earth. Shadow of Mordor, âĺđńč˙ 1.0.0.0
"Mozilla Firefox 33.0.2 (x86 cs)" = Mozilla Firefox 33.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mp3cutter_is1" = mp3cutter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Ryse Son of Rome_is1" = Ryse Son of Rome
"Stronghold Crusader 2_is1" = Stronghold Crusader 2
"TeamViewer 9" = TeamViewer 9
"The KMPlayer" = The KMPlayer (remove only)
"Tomb Raider_R.G. Mechanics_is1" = Tomb Raider
"Trials Fusion - Riders of the Rustlands_is1" = Trials Fusion - Riders of the Rustlands
"Trine 2 - Complete Story_is1" = Trine 2 - Complete Story
"Uplay" = Uplay
"Uplay Install 750" = The Crew (Beta)
"VLC media player" = VLC media player
"WebGadget Mixcloud Downloader_is1" = WebGadget Mixcloud Downloader
"WinRAR archiver" = WinRAR 5.00 (32-bit)
"XnView_is1" = XnView 2.22

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2405550360-788701585-294151714-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.11.2014 10:45:49 | Computer Name = miravlak-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7005

Error - 3.11.2014 10:45:50 | Computer Name = miravlak-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3.11.2014 10:45:50 | Computer Name = miravlak-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8003

Error - 3.11.2014 10:45:50 | Computer Name = miravlak-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8003

Error - 4.11.2014 9:29:33 | Computer Name = miravlak-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 4.11.2014 9:29:42 | Computer Name = miravlak-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.11.2014 12:08:50 | Computer Name = miravlak-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: plugin-container.exe, verze: 33.0.2.5413,
časové razítko: 0x544ef530 Název chybujícího modulu: xul.dll, verze: 33.0.2.5413,
časové razítko: 0x544ef44e Kód výjimky: 0xc0000005 Posun chyby: 0x0039e443 ID chybujícího
procesu: 0x11f0 Čas spuštění chybující aplikace: 0x01cff84992fbb70e Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: dd09990f-643c-11e4-9a59-d43d7eba6ebf

Error - 4.11.2014 12:08:54 | Computer Name = miravlak-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: plugin-container.exe, verze: 33.0.2.5413,
časové razítko: 0x544ef530 Název chybujícího modulu: mozalloc.dll, verze: 33.0.2.5413,
časové razítko: 0x544ed089 Kód výjimky: 0x80000003 Posun chyby: 0x00001425 ID chybujícího
procesu: 0xbf8 Čas spuštění chybující aplikace: 0x01cff84966e33a43 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll ID zprávy: df4a90c6-643c-11e4-9a59-d43d7eba6ebf

Error - 4.11.2014 12:12:45 | Computer Name = miravlak-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 4.11.2014 12:12:50 | Computer Name = miravlak-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2.11.2014 5:06:53 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7000
Description = Služba YouTubeAcceleratorService neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 3.11.2014 9:37:25 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7000
Description = Služba YouTubeAcceleratorService neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 3.11.2014 10:10:26 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7023
Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 3.11.2014 11:34:21 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7023
Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 3.11.2014 12:34:21 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7023
Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 3.11.2014 13:34:21 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7023
Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 3.11.2014 14:34:21 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7023
Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 3.11.2014 15:34:21 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7023
Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 4.11.2014 9:29:39 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7000
Description = Služba YouTubeAcceleratorService neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 4.11.2014 12:12:50 | Computer Name = miravlak-PC | Source = Service Control Manager | ID = 7000
Description = Služba YouTubeAcceleratorService neuspěla při spuštění v důsledku
následující chyby: %%2


< End of report >

[vyosek]

Dejte sem soubor OTL.txt, to co jste dal jako OTL je muj skript

[miravlak]

chybička se vloudila,omlouvám se
OTL logfile created on: 5.11.2014 14:35:50 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\miravlak\Desktop
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

11,95 Gb Total Physical Memory | 9,87 Gb Available Physical Memory | 82,58% Memory free
23,90 Gb Paging File | 21,57 Gb Available in Paging File | 90,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 31,18 Gb Free Space | 27,89% Space Free | Partition Type: NTFS
Drive D: | 2048,00 Gb Total Space | 1575,86 Gb Free Space | 76,95% Space Free | Partition Type: NTFS
Drive F: | 25,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 746,52 Gb Total Space | 746,37 Gb Free Space | 99,98% Space Free | Partition Type: NTFS

Computer Name: MIRAVLAK-PC | User Name: miravlak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.11.04 18:36:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\miravlak\Desktop\OTL.exe
PRC - [2014.10.30 10:58:19 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.10.28 11:22:11 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
PRC - [2014.10.16 13:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.10.01 10:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014.10.01 10:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014.10.01 10:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014.08.06 10:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.06.27 10:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014.06.24 09:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014.04.25 13:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe


========== Modules (No Company Name) ==========

MOD - [2014.10.30 10:58:18 | 003,649,648 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.10.28 11:22:09 | 016,832,176 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.09.19 02:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.08.22 14:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014.08.22 14:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.10.21 07:06:29 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.10.21 06:58:31 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013.02.19 15:05:38 | 000,497,664 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe -- (Qualcomm Atheros Killer Service)
SRV:64bit: - [2008.05.08 00:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Disabled | Stopped] -- C:\Windows\SysNative\Crypserv.exe -- (Crypkey License)
SRV - [2014.10.30 10:58:18 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.10.28 11:22:11 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.10.16 13:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.10.01 10:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.10.01 10:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.08.21 10:17:21 | 002,175,264 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2014.08.06 10:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys -- (SliceDisk5)
DRV:64bit: - [2014.11.05 14:26:20 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014.10.01 10:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014.10.01 10:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2014.10.01 10:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014.09.17 05:51:20 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014.09.07 14:17:54 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2014.09.07 14:17:54 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2014.07.17 17:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014.06.16 16:57:59 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014.01.22 07:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.10.21 07:13:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.10.21 07:13:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.10.21 06:44:35 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.02.22 13:40:13 | 000,792,560 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013.02.22 13:40:13 | 000,358,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013.02.22 13:40:13 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013.02.19 15:06:38 | 000,066,928 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bflwfx64.sys -- (BfLwf)
DRV:64bit: - [2013.02.19 15:06:36 | 000,165,824 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e22W7x64.sys -- (Ke2200)
DRV:64bit: - [2012.07.17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.02.16 16:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2010.11.21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.11.02 17:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.08.21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.03.17 18:12:26 | 000,028,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Ckldrv.sys -- (NetworkX)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2405550360-788701585-294151714-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2405550360-788701585-294151714-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2405550360-788701585-294151714-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2405550360-788701585-294151714-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.cz"
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3m
FF - prefs.js..extensions.enabledAddons: %7Bd49a148e-817e-4025-bee3-5d541376de3b%7D:3.1
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014.06.16 16:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\miravlak\AppData\Roaming\Mozilla\Extensions
[2014.11.02 12:03:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\miravlak\AppData\Roaming\Mozilla\Firefox\Profiles\e7vt4b8u.default\extensions
[2014.08.27 21:19:49 | 000,133,000 | ---- | M] () (No name found) -- C:\Users\miravlak\AppData\Roaming\Mozilla\Firefox\Profiles\e7vt4b8u.default\extensions\adblockpopups@jessehakanen.net.xpi
[2014.08.27 21:21:22 | 000,011,042 | ---- | M] () (No name found) -- C:\Users\miravlak\AppData\Roaming\Mozilla\Firefox\Profiles\e7vt4b8u.default\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi
[2014.06.29 14:27:07 | 000,060,307 | ---- | M] () (No name found) -- C:\Users\miravlak\AppData\Roaming\Mozilla\Firefox\Profiles\e7vt4b8u.default\extensions\translator@zoli.bod.xpi
[2014.10.29 22:41:35 | 000,097,715 | ---- | M] () (No name found) -- C:\Users\miravlak\AppData\Roaming\Mozilla\Firefox\Profiles\e7vt4b8u.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
[2014.10.16 21:49:28 | 000,979,610 | ---- | M] () (No name found) -- C:\Users\miravlak\AppData\Roaming\Mozilla\Firefox\Profiles\e7vt4b8u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.08.27 21:02:40 | 000,009,274 | ---- | M] () (No name found) -- C:\Users\miravlak\AppData\Roaming\Mozilla\Firefox\Profiles\e7vt4b8u.default\extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi
[2014.10.30 10:58:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.10.30 10:58:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014.08.21 09:33:08 | 000,450,709 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 http://www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 http://www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 http://www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 http://www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 http://www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 http://www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 http://www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 http://www.100888290cs.com
O1 - Hosts: 127.0.0.1 http://www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 http://www.10sek.com
O1 - Hosts: 127.0.0.1 http://www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15469 more lines...
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-2405550360-788701585-294151714-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2405550360-788701585-294151714-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B5295AB-06DC-4E75-9F9C-239682509E80}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1999.12.11 23:00:00 | 000,000,041 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{c0bb7ed2-f56d-11e3-8b6b-d43d7eba6ebf}\Shell - "" = AutoRun
O33 - MountPoints2\{c0bb7ed2-f56d-11e3-8b6b-d43d7eba6ebf}\Shell\AutoRun\command - "" = F:\setup.exe -- [1999.12.11 23:00:00 | 000,644,175 | R--- | M] (CODEX )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.11.04 19:02:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.11.04 18:36:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\miravlak\Desktop\OTL.exe
[2014.11.04 17:08:52 | 000,614,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014.11.04 16:59:48 | 031,890,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.11.04 16:59:48 | 024,555,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.11.04 16:59:48 | 020,922,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.11.04 16:59:48 | 019,966,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.11.04 16:59:48 | 018,499,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.11.04 16:59:48 | 017,260,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.11.04 16:59:48 | 016,886,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.11.04 16:59:48 | 014,029,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.11.04 16:59:48 | 013,942,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.11.04 16:59:48 | 011,395,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.11.04 16:59:48 | 011,333,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.11.04 16:59:48 | 004,289,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.11.04 16:59:48 | 004,009,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.11.04 16:59:48 | 002,849,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.11.04 16:59:48 | 001,876,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434448.dll
[2014.11.04 16:59:48 | 001,539,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434448.dll
[2014.11.04 16:59:48 | 000,962,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.11.04 16:59:48 | 000,931,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.11.04 16:59:48 | 000,921,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.11.04 16:59:48 | 000,895,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.11.04 16:59:48 | 000,870,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.11.04 16:59:48 | 000,500,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.11.04 16:59:48 | 000,418,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.11.04 16:59:48 | 000,392,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.11.04 16:59:48 | 000,352,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.11.04 16:59:48 | 000,348,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.11.04 16:59:48 | 000,303,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.11.04 16:59:48 | 000,174,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.11.04 16:59:48 | 000,156,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.11.04 16:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.11.04 16:14:20 | 000,000,000 | ---D | C] -- C:\rsit
[2014.11.04 16:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\Reason
[2014.11.04 16:03:00 | 000,000,000 | ---D | C] -- C:\Users\miravlak\Desktop\backups
[2014.11.01 18:33:15 | 000,000,000 | ---D | C] -- C:\Users\miravlak\AppData\Roaming\NVIDIA 3D Vision Video Player
[2014.10.30 10:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.09.09 11:22:21 | 000,040,445 | ---- | C] (Beepa Pty Ltd) -- C:\Program Files (x86)\uninstall.exe
[2012.08.30 14:20:14 | 002,550,968 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\fraps.exe
[2012.08.30 14:20:14 | 000,234,168 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\fraps32.dll
[2012.08.30 14:20:14 | 000,186,552 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\fraps64.dll
[2012.08.30 14:20:14 | 000,068,792 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\fraps64.dat
[2012.08.30 14:17:20 | 000,140,288 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\frapslcd.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.11.05 14:36:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.11.05 14:36:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.11.05 14:30:40 | 001,583,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.11.05 14:30:40 | 000,668,542 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.11.05 14:30:40 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.11.05 14:30:40 | 000,141,202 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.11.05 14:30:40 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.11.05 14:26:20 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.11.05 14:26:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.11.05 14:25:59 | 1034,137,598 | -HS- | M] () -- C:\hiberfil.sys
[2014.11.04 18:36:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\miravlak\Desktop\OTL.exe
[2014.11.04 16:59:36 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.11.04 16:07:24 | 001,375,089 | ---- | M] () -- C:\Users\miravlak\Desktop\adwcleaner_3.311.exe
[2014.11.04 14:56:58 | 000,020,337 | ---- | M] () -- C:\Users\miravlak\Desktop\10394131_975912159089466_4368187084104079400_n.jpg
[2014.11.03 20:40:26 | 000,022,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.11.03 20:40:26 | 000,022,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.11.03 20:05:42 | 000,055,910 | ---- | M] () -- C:\Users\miravlak\Desktop\10388075_955054721174534_8501544266821983782_n.jpg
[2014.11.03 14:45:09 | 000,151,161 | ---- | M] () -- C:\Users\miravlak\Desktop\10735959_681105742003212_6547659_n.jpg
[2014.11.02 18:54:39 | 000,038,785 | ---- | M] () -- C:\Users\miravlak\Desktop\kanoe debil.jpg
[2014.11.02 11:19:16 | 000,251,331 | ---- | M] () -- C:\Users\miravlak\Desktop\Dawn-Patrol1-e1412904618724.jpg
[2014.11.01 23:11:08 | 000,039,163 | ---- | M] () -- C:\Users\miravlak\Desktop\10360912_10201923965619485_7952173411064729034_n.jpg
[2014.11.01 18:33:06 | 000,002,331 | ---- | M] () -- C:\Users\Public\Desktop\NVIDIA 3D Vision Video Player.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.11.04 18:39:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.11.04 16:07:20 | 001,375,089 | ---- | C] () -- C:\Users\miravlak\Desktop\adwcleaner_3.311.exe
[2014.11.04 14:56:57 | 000,020,337 | ---- | C] () -- C:\Users\miravlak\Desktop\10394131_975912159089466_4368187084104079400_n.jpg
[2014.11.03 20:05:41 | 000,055,910 | ---- | C] () -- C:\Users\miravlak\Desktop\10388075_955054721174534_8501544266821983782_n.jpg
[2014.11.03 14:45:09 | 000,151,161 | ---- | C] () -- C:\Users\miravlak\Desktop\10735959_681105742003212_6547659_n.jpg
[2014.11.02 18:54:39 | 000,038,785 | ---- | C] () -- C:\Users\miravlak\Desktop\kanoe debil.jpg
[2014.11.02 11:19:15 | 000,251,331 | ---- | C] () -- C:\Users\miravlak\Desktop\Dawn-Patrol1-e1412904618724.jpg
[2014.11.01 23:11:08 | 000,039,163 | ---- | C] () -- C:\Users\miravlak\Desktop\10360912_10201923965619485_7952173411064729034_n.jpg
[2014.11.01 18:33:06 | 000,002,331 | ---- | C] () -- C:\Users\Public\Desktop\NVIDIA 3D Vision Video Player.lnk
[2014.09.03 14:32:01 | 000,000,000 | ---- | C] () -- C:\Users\miravlak\.gtk-bookmarks
[2014.09.03 14:31:33 | 000,603,803 | ---- | C] () -- C:\Users\miravlak\.fonts.cache-1
[2014.08.18 09:22:41 | 002,051,304 | ---- | C] () -- C:\Windows\SysWow64\x11modGeForce GTX 770glg2tc4032w256l4.bin
[2014.07.29 19:13:48 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014.07.29 18:42:08 | 000,000,077 | ---- | C] () -- C:\Windows\Crypkey.ini
[2014.07.29 18:42:05 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe
[2014.07.29 18:42:05 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2014.07.29 18:42:05 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2014.06.16 16:31:46 | 001,557,940 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.30 14:09:28 | 000,001,892 | ---- | C] () -- C:\Program Files (x86)\README.HTM

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:06:10 | 014,179,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:37:22 | 012,877,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.07.20 15:11:33 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Abelssoft
[2014.11.04 17:00:38 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\AIMP3
[2014.06.18 16:51:33 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\AVG
[2014.08.21 09:57:20 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\BSplayer
[2014.07.27 16:00:05 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\BSplayer Pro
[2014.11.04 17:00:39 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\DAEMON Tools Lite
[2014.08.31 09:48:48 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Far Cry 3
[2014.09.10 10:53:35 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Foxit Software
[2014.08.21 10:03:33 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\HTC
[2014.09.03 14:36:47 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\IrfanView
[2014.09.08 14:27:23 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\MPC-HC
[2014.09.22 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\ObviousIdea
[2014.09.03 14:50:29 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\PhotoFiltre Studio X
[2014.06.18 16:50:56 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\PowerISO
[2014.08.22 09:10:17 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\ProductData
[2014.09.07 14:18:14 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Seagate
[2014.09.23 15:32:42 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Steam
[2014.11.04 17:00:43 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\TeamViewer
[2014.09.03 13:38:57 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Tomb Raider
[2014.08.27 01:49:16 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Unity
[2014.11.04 17:14:33 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\uTorrent
[2014.10.20 17:54:46 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Wondershare
[2014.09.03 14:17:48 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\XnConvert
[2014.11.04 17:00:43 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\XnView

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,542 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.06.16 17:18:28 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2013.10.21 06:36:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2014.06.24 09:42:02 | 004,818,848 | ---- | M] (Safer-Networking Ltd.) MD5=280C014187E24860A7C860329513208F -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
[2013.10.21 06:36:20 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2013.10.21 06:36:20 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2013.10.21 06:36:20 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2013.10.21 06:36:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2013.10.21 06:36:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014.10.01 10:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2013.10.21 06:58:31 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=DFDE777FAF31DC25E3624E8071073146 -- C:\Windows\SysNative\svchost.exe
[2013.10.21 06:58:31 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=DFDE777FAF31DC25E3624E8071073146 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.22137_none_14583c9b351893b5\svchost.exe
[2013.10.21 06:58:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=FFB38D8AFD6F4FCA1D46D64F1EDE0B9F -- C:\Windows\SysWOW64\svchost.exe
[2013.10.21 06:58:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=FFB38D8AFD6F4FCA1D46D64F1EDE0B9F -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.22137_none_b839a1177cbb227f\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2013.10.21 06:54:15 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.10.21 07:12:28 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.10.21 06:58:31 | 001,901,928 | ---- | M] (Microsoft Corporation) MD5=5AE58766730BBE03157A27A60B94E156 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22176_none_118eb55296526d33\tcpip.sys
[2013.10.21 07:12:28 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.10.21 07:10:31 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.10.21 06:54:15 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.10.21 07:10:31 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2014.10.01 10:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.07.20 15:11:33 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Abelssoft
[2014.06.16 16:44:00 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Adobe
[2014.11.04 17:00:38 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\AIMP3
[2014.10.23 14:41:52 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Apple Computer
[2014.06.18 16:51:33 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\AVG
[2014.08.21 09:57:20 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\BSplayer
[2014.07.27 16:00:05 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\BSplayer Pro
[2014.11.04 17:00:39 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\DAEMON Tools Lite
[2014.08.31 09:48:48 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Far Cry 3
[2014.09.10 10:53:35 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Foxit Software
[2014.08.21 10:03:33 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\HTC
[2014.09.03 14:36:47 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\IrfanView
[2014.06.16 17:24:29 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Macromedia
[2011.04.12 09:45:27 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Media Center Programs
[2014.09.08 15:25:54 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Media Player Classic
[2014.08.19 09:02:58 | 000,000,000 | --SD | M] -- C:\Users\miravlak\AppData\Roaming\Microsoft
[2014.06.16 16:53:02 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Mozilla
[2014.09.08 14:27:23 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\MPC-HC
[2014.08.18 09:22:29 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\NVIDIA
[2014.11.01 18:33:15 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\NVIDIA 3D Vision Video Player
[2014.09.22 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\ObviousIdea
[2014.09.03 14:50:29 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\PhotoFiltre Studio X
[2014.06.18 16:50:56 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\PowerISO
[2014.08.22 09:10:17 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\ProductData
[2014.09.07 14:18:14 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Seagate
[2014.09.23 15:32:42 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Steam
[2014.11.04 17:00:43 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\TeamViewer
[2014.09.03 13:38:57 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Tomb Raider
[2014.08.27 01:49:16 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Unity
[2014.11.04 17:14:33 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\uTorrent
[2014.11.01 23:28:05 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\vlc
[2014.06.16 17:14:51 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\WinRAR
[2014.10.20 17:54:46 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\Wondershare
[2014.09.03 14:17:48 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\XnConvert
[2014.11.04 17:00:43 | 000,000,000 | ---D | M] -- C:\Users\miravlak\AppData\Roaming\XnView

< %APPDATA%\*.exe /s >
[2014.09.14 14:31:10 | 007,771,936 | ---- | M] (AIMP DevTeam) -- C:\Users\miravlak\AppData\Roaming\AIMP3\UpdateInstaller.exe
[2014.08.31 09:42:07 | 001,107,297 | ---- | M] () -- C:\Users\miravlak\AppData\Roaming\Far Cry 3\Uninstall\unins000.exe
[2014.06.18 16:48:23 | 000,119,808 | R--- | M] () -- C:\Users\miravlak\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
[2014.08.30 19:11:58 | 000,613,681 | ---- | M] () -- C:\Users\miravlak\AppData\Roaming\Steam\Reversed\steam.exe
[2014.09.03 13:24:53 | 000,958,305 | ---- | M] () -- C:\Users\miravlak\AppData\Roaming\Tomb Raider\Uninstall\unins000.exe
[2014.08.17 09:56:09 | 002,568,704 | ---- | M] () -- C:\Users\miravlak\AppData\Roaming\uTorrent\chrome.exe
[2014.06.29 07:50:30 | 000,030,208 | ---- | M] () -- C:\Users\miravlak\AppData\Roaming\uTorrent\googleupd.exe
[2014.04.13 23:00:00 | 000,042,496 | ---- | M] () -- C:\Users\miravlak\AppData\Roaming\uTorrent\uninstall.exe
[2014.04.13 23:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\miravlak\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2014.11.05 14:36:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2014.03.04 10:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014.10.30 15:45:50 | 006,501,656 | ---- | M] (Piriform Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014.10.30 10:58:19 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=BA7E0BAD9AFF2E62F10F74DFB4783986 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.10.07 03:04:46 | 000,812,736 | ---- | M] (Microsoft Corporation) MD5=F9F310F9FB7F294F00ABDD03453D8CEE -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.11.05 14:36:42 | 000,000,512 | ---- | M] () MD5=C6074F458DCB62F6D2FA819EFEEF6295 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.09.23 16:19:08 | 000,016,223 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\firecracker0001.OZJ
[2008.09.23 16:19:08 | 000,017,939 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\firecracker0002.OZJ
[2008.09.23 16:19:08 | 000,020,684 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\firecracker0003.OZJ
[2008.09.23 16:19:08 | 000,023,889 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\firecracker0004.OZJ
[2008.09.23 16:19:08 | 000,027,580 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\firecracker0005.OZJ
[2008.09.23 16:19:08 | 000,029,199 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\firecracker0006.OZJ
[2008.09.23 16:19:08 | 000,028,015 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\firecracker0007.OZJ
[2008.05.20 16:23:34 | 000,011,320 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\knight_plancrack_a.bmd
[2008.05.26 10:10:42 | 000,005,648 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\knight_plancrack_b.bmd
[2008.04.24 15:01:00 | 000,160,240 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Effect\knight_plancrack_grand.bmd
[2003.01.13 13:38:06 | 000,003,448 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Item\firecracker.OZJ
[2006.07.03 09:30:54 | 000,016,685 | ---- | M] () -- \Program Files (x86)\DaeMUSeason4\Data\Object40\han_mcrack.OZJ
[2014.07.29 18:40:27 | 000,001,356 | ---- | M] () -- \Users\miravlak\AppData\Roaming\uTorrent\Stellar Phoenix Windows Data Recovery v6.0.0.0 Technical Edition + Crack.torrent
[2014.06.16 17:16:08 | 000,019,106 | ---- | M] () -- \Users\miravlak\AppData\Roaming\uTorrent\Windows 8.1 + crack.torrent
[2014.07.29 18:40:27 | 000,001,356 | ---- | M] () -- \Users\miravlak\Data aplikací\uTorrent\Stellar Phoenix Windows Data Recovery v6.0.0.0 Technical Edition + Crack.torrent
[2014.06.16 17:16:08 | 000,019,106 | ---- | M] () -- \Users\miravlak\Data aplikací\uTorrent\Windows 8.1 + crack.torrent

< *kms* /s >
[2014.10.16 17:54:03 | 000,019,272 | ---- | M] () -- \NVIDIA\DisplayDriver\344.48\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
[2014.10.16 17:54:03 | 000,019,272 | ---- | M] () -- \NVIDIA\DisplayDriver\344.48\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
[2014.04.30 19:28:22 | 000,018,776 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\GFExperience.NvStreamSrv.{C44AA522-6BF2-4F0D-AFF7-F121BE946275}\amd64\server\NvStreamKms.sys
[2014.04.30 19:28:29 | 000,017,240 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\GFExperience.NvStreamSrv.{C44AA522-6BF2-4F0D-AFF7-F121BE946275}\x86\server\NvStreamKms.sys
[2011.04.12 09:34:06 | 000,002,560 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_6d1856e91edfe880\KMSVC.DLL.MUI
[2010.11.21 04:24:16 | 000,090,624 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7601.17514_none_70367407ace652fb\KMSVC.DLL
[2011.04.12 09:33:23 | 000,001,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_6d1856e91edfe880.manifest
[2010.11.21 04:16:01 | 000,008,711 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7601.17514_none_70367407ace652fb.manifest

< *keygen* /s >
[2014.10.20 18:02:25 | 000,772,244 | ---- | M] () -- \Users\miravlak\Downloads\Wondershare_Dr_Fone_for_Android_4_8_0_135_Multilingual_keygen.exe

< *loader* /s >
[2013.09.30 06:02:37 | 000,022,528 | R--- | M] () -- \$WINDOWS.~BT\Sources\cs-cz\upgloader.dll.mui
[2014.09.24 16:51:40 | 000,029,696 | ---- | M] () -- \Hry\Watch_Dogs\bin\Downloader.exe
[2014.09.24 17:14:00 | 000,000,062 | ---- | M] () -- \Hry\Watch_Dogs\bin\Downloader.ini
[2014.05.23 08:23:00 | 000,528,184 | ---- | M] () -- \Hry\Watch_Dogs\bin\uplay_r1_loader64.dll
[2014.10.16 17:54:03 | 001,171,272 | ---- | M] () -- \NVIDIA\DisplayDriver\344.48\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2014.10.11 12:06:14 | 000,060,712 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\YSLoader.exe
[2013.03.09 07:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 07:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.06.10 15:42:34 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014.06.10 15:42:34 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014.06.10 15:42:30 | 000,070,464 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014.06.10 15:42:30 | 000,085,312 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2014.08.26 11:57:46 | 000,439,096 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Beta)\uplay_r1_loader.dll
[2013.03.09 07:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 07:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.09.30 16:57:30 | 000,593,248 | ---- | M] () -- \Program Files\Microsoft Xbox 360 Accessories\Downloader.exe
[2014.04.30 19:27:31 | 001,168,216 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{6F093D56-7E9A-4DAA-9DBB-62C05B0FA156}\ExtensionLoader.dll
[2014.11.05 14:27:04 | 000,264,976 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2014.08.04 09:57:05 | 000,004,828 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2014.11.05 14:27:04 | 000,264,976 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2014.08.04 09:57:05 | 000,004,828 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2010.03.24 19:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109B10000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109B10000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109B10000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109B10000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.10.21 07:10:52 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2013.10.21 07:10:52 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:55:12 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:52:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 07:10:52 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:55:12 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:52:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:59:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 07:10:52 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 07:11:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 09:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 09:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 09:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 09:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 09:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.10.21 06:35:10 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.10.21 06:35:10 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.10.21 06:35:10 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.10.21 06:35:10 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.10.21 06:35:10 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 09:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2013.10.21 06:35:06 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.10.21 06:35:06 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:55:12 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:52:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 07:10:52 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:55:12 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:52:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 06:59:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 07:10:52 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.21 07:11:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:07BB519E
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:56E2E879

< End of report >

[miravlak]

Nejspíš sem už na to narazil C:\Users\miravlak\AppData\Roaming\Steam byla v tom nějaká cizí složka s aplikací steam uvidíme

[vyosek]

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

[miravlak]

takže to je ono,ale po smazání a resetu pc se složka zase udělá C:/users/AppData/Roaming/Steam/Reversed

[vyosek]

Pisete si svoje, ja se ptam, vy neodpovidate, takze se ani k nicemu nedostanem a tema uzavrem...