Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakujici reklamy

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vyskakujici reklamy

#16 Příspěvek od vyosek »

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Ver
Návštěvník
Návštěvník
Příspěvky: 113
Registrován: 31 črc 2008 19:05

Re: Vyskakujici reklamy

#17 Příspěvek od Ver »

OTL logfile created on: 8-1-2014 22:44:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mediamarkcruqius\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3,87 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 51,50% Memory free
7,73 Gb Paging File | 5,69 Gb Available in Paging File | 73,57% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,81 Gb Total Space | 8,78 Gb Free Space | 5,90% Space Free | Partition Type: NTFS
Drive D: | 148,88 Gb Total Space | 66,40 Gb Free Space | 44,60% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: mediamarkcruqius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014-01-08 22:42:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mediamarkcruqius\Desktop\OTL.exe
PRC - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010-03-08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010-02-22 12:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009-12-09 15:21:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-12-09 15:21:52 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-07-28 19:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009-03-10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2012-09-12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012-09-12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010-03-17 15:00:44 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010-03-15 08:56:20 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010-02-23 16:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010-02-05 16:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009-11-05 21:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009-07-28 13:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014-01-07 10:02:34 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-12-13 21:36:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-03-29 07:51:54 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010-02-11 01:40:12 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2010-01-28 15:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010-01-25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009-12-09 15:21:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009-12-09 15:21:52 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-10-06 08:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-12-13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012-08-30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-03-26 13:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012-03-08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011-07-25 16:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011-07-20 12:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-09-12 21:43:02 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010-07-21 15:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010-07-07 17:18:58 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010-04-26 16:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2010-03-15 09:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010-03-15 09:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-03-15 08:00:58 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-03-10 17:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010-03-05 10:11:30 | 000,720,952 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDMI64.sys -- (CnxtHdmiAudService)
DRV:64bit: - [2010-02-22 17:03:42 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010-02-10 14:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010-02-01 09:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010-01-18 16:45:50 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010-01-15 11:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-09-17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-07-30 18:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009-07-14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009-07-14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009-07-14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009-07-14 01:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009-07-07 07:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009-06-22 16:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009-06-19 18:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009-06-10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009-06-10 21:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-05-02 09:59:08 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008-05-02 09:58:50 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008-05-02 09:58:48 | 000,023,552 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008-05-02 09:58:48 | 000,018,432 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{4D4A2FD4-59FA-4487-B5CC-CA223493E1B4}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes\{7FA6D6DA-F503-48DC-9540-5212D4F27FF1}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-354615371-2128914143-2807093971-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-354615371-2128914143-2807093971-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: client%40anonymox.net:2.1.1
FF - prefs.js..extensions.enabledAddons: %7B94cd2cc3-083f-49ba-a218-4cda4b4829fd%7D:1.3.0.2
FF - prefs.js..extensions.enabledAddons: %7B140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA%7D:3.0.0.0
FF - prefs.js..extensions.enabledAddons: a3b1728f-d038-4a75-a59f-6b5923320790%409bfb4f95-ed11-4198-bb7d-7925a3125ffb.com:0.93.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1423
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\mediamarkcruqius\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mediamarkcruqius\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mediamarkcruqius\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014-01-07 10:02:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-01-07 13:53:39 | 000,000,000 | ---D | M]

[2010-07-18 10:49:58 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mediamarkcruqius\AppData\Roaming\mozilla\Extensions
[2014-01-08 17:59:24 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mediamarkcruqius\AppData\Roaming\mozilla\Firefox\Profiles\3jrfjxl7.default\extensions
[2014-01-07 13:44:24 | 000,000,000 | ---D | M] (Value Apps) -- C:\Users\mediamarkcruqius\AppData\Roaming\mozilla\Firefox\Profiles\3jrfjxl7.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
[2014-01-08 17:59:24 | 000,000,000 | ---D | M] ("DP1818") -- C:\Users\mediamarkcruqius\AppData\Roaming\mozilla\Firefox\Profiles\3jrfjxl7.default\extensions\a3b1728f-d038-4a75-a59f-6b5923320790@9bfb4f95-ed11-4198-bb7d-7925a3125ffb.com
[2014-01-08 19:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mediamarkcruqius\AppData\Roaming\mozilla\Firefox\Profiles\3jrfjxl7.default\extensions\a3b1728f-d038-4a75-a59f-6b5923320790@9bfb4f95-ed11-4198-bb7d-7925a3125ffb.com\extensionData
[2014-01-08 19:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mediamarkcruqius\AppData\Roaming\mozilla\Firefox\Profiles\3jrfjxl7.default\extensions\a3b1728f-d038-4a75-a59f-6b5923320790@9bfb4f95-ed11-4198-bb7d-7925a3125ffb.com\extensionData\plugins
[2014-01-08 19:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mediamarkcruqius\AppData\Roaming\mozilla\Firefox\Profiles\3jrfjxl7.default\extensions\a3b1728f-d038-4a75-a59f-6b5923320790@9bfb4f95-ed11-4198-bb7d-7925a3125ffb.com\extensionData\userCode
[2013-12-15 14:22:51 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\mediamarkcruqius\AppData\Roaming\mozilla\firefox\profiles\3jrfjxl7.default\extensions\client@anonymox.net.xpi
[2014-01-07 10:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014-01-07 10:02:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014-01-07 10:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014-01-07 10:02:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011-09-04 14:00:12 | 000,001,687 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010-08-15 21:32:02 | 000,002,024 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2014-01-07 13:44:51 | 000,000,573 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\nationzoom.xml
CHR - Extension: No name found = C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\crossrider
CHR - Extension: No name found = C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\
CHR - Extension: No name found = C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp\3.0_0\

O1 HOSTS File: ([2014-01-08 14:22:13 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (Webexp Enhanced) - {fd9425ac-8ec0-4faf-8f6c-3033cc2ddd26} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha2360\ie\WebexpEnhancedV1alpha2360.dll File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-354615371-2128914143-2807093971-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-354615371-2128914143-2807093971-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-354615371-2128914143-2807093971-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23FEA785-B2A1-4B14-9434-21F4D6181BF6}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4ABC82E1-1F3D-4EF7-8FCD-2B55099C0FA6}: DhcpNameServer = 192.168.2.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5FD8C14-E1EE-4985-A9BB-03DB5AA9CF70}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014-01-08 22:42:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mediamarkcruqius\Desktop\OTL.exe
[2014-01-08 16:13:03 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\AppData\Local\{53F42C59-892D-4705-B187-15FC376FA380}
[2014-01-08 14:25:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014-01-08 14:12:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014-01-08 14:12:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014-01-08 14:12:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014-01-08 14:12:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014-01-08 14:12:27 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014-01-08 14:11:18 | 005,162,069 | R--- | C] (Swearware) -- C:\Users\mediamarkcruqius\Desktop\ComboFix.exe
[2014-01-08 14:08:22 | 001,933,048 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\mediamarkcruqius\Desktop\rkill.com
[2014-01-07 23:49:59 | 000,000,000 | ---D | C] -- C:\FRST
[2014-01-07 23:48:40 | 001,931,762 | ---- | C] (Farbar) -- C:\Users\mediamarkcruqius\Desktop\FRST64.exe
[2014-01-07 23:46:54 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\mediamarkcruqius\Desktop\FRSTLauncher.exe
[2014-01-07 14:28:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-07 14:18:59 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014-01-07 14:18:13 | 001,036,305 | ---- | C] (Thisisu) -- C:\Users\mediamarkcruqius\Desktop\JRT.exe
[2014-01-07 14:02:10 | 000,000,000 | ---D | C] -- C:\rsit
[2014-01-07 13:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014-01-07 13:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014-01-07 13:52:29 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2014-01-07 13:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git
[2014-01-07 13:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lightspark 0.5.3-git
[2014-01-07 13:48:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmiExt
[2014-01-07 13:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Websteroids
[2014-01-07 13:47:52 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\.android
[2014-01-07 13:47:50 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\AppData\Roaming\newnext.me
[2014-01-07 13:47:50 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\AppData\Local\cache
[2014-01-07 13:47:49 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\Documents\Mobogenie
[2014-01-07 13:47:49 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\AppData\Local\Mobogenie
[2014-01-07 13:47:49 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\AppData\Local\genienext
[2014-01-07 13:45:00 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\AppData\Local\Programs
[2014-01-07 13:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2014-01-07 13:44:28 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\AppData\Roaming\ValueApps
[2014-01-07 13:44:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DP1818
[2014-01-07 10:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014-01-08 22:48:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014-01-08 22:42:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mediamarkcruqius\Desktop\OTL.exe
[2014-01-08 19:37:05 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-01-08 19:37:05 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-01-08 19:29:57 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014-01-08 19:29:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-01-08 19:29:27 | 3113,406,464 | -HS- | M] () -- C:\hiberfil.sys
[2014-01-08 14:22:13 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014-01-08 14:12:00 | 005,162,069 | R--- | M] (Swearware) -- C:\Users\mediamarkcruqius\Desktop\ComboFix.exe
[2014-01-08 14:08:36 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\mediamarkcruqius\Desktop\rkill.com
[2014-01-07 23:48:51 | 001,931,762 | ---- | M] (Farbar) -- C:\Users\mediamarkcruqius\Desktop\FRST64.exe
[2014-01-07 23:46:55 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\mediamarkcruqius\Desktop\FRSTLauncher.exe
[2014-01-07 14:28:08 | 001,233,962 | ---- | M] () -- C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe
[2014-01-07 14:18:15 | 001,036,305 | ---- | M] (Thisisu) -- C:\Users\mediamarkcruqius\Desktop\JRT.exe
[2014-01-07 13:53:05 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014-01-07 13:44:54 | 000,002,640 | ---- | M] () -- C:\Users\mediamarkcruqius\Desktop\Google Chrome.lnk
[2014-01-07 13:44:54 | 000,002,162 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-01-07 13:44:51 | 000,002,267 | ---- | M] () -- C:\Users\mediamarkcruqius\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014-01-07 13:44:51 | 000,001,660 | ---- | M] () -- C:\Users\mediamarkcruqius\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014-01-08 22:48:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014-01-08 14:12:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014-01-08 14:12:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014-01-08 14:12:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014-01-08 14:12:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014-01-08 14:12:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014-01-07 14:28:04 | 001,233,962 | ---- | C] () -- C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe
[2014-01-07 13:53:05 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014-01-07 13:53:05 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-10-24 20:30:31 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2012-10-11 11:43:48 | 000,000,260 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012-10-11 11:43:48 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012-10-11 11:43:07 | 000,000,000 | ---- | C] () -- C:\Windows\BRCALIB.INI
[2012-10-11 11:31:28 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012-10-11 11:31:28 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012-08-11 19:54:59 | 001,575,212 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-12-03 11:36:59 | 000,000,272 | ---- | C] () -- C:\ProgramData\~VSjwjCusbOjcDI
[2011-12-03 11:36:59 | 000,000,184 | ---- | C] () -- C:\ProgramData\~VSjwjCusbOjcDIr
[2011-12-03 11:36:49 | 000,000,456 | ---- | C] () -- C:\ProgramData\VSjwjCusbOjcDI
[2010-11-13 15:26:01 | 000,000,355 | ---- | C] () -- C:\Users\mediamarkcruqius\Homegroup - Shortcut.lnk
[2010-09-12 19:28:11 | 000,007,613 | -H-- | C] () -- C:\Users\mediamarkcruqius\AppData\Local\resmon.resmoncfg

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010-11-20 14:27:25 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011-12-03 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\AVG10
[2011-12-03 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\AVG9
[2013-12-07 13:32:26 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Awyz
[2013-09-23 22:23:14 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer
[2013-09-23 22:20:52 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer Pro
[2012-10-11 11:48:48 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\ControlCenter4
[2011-10-01 11:28:14 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\DAEMON Tools Lite
[2010-07-19 09:55:46 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2011-12-03 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\GHISLER
[2013-12-07 14:11:19 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Irz
[2014-01-08 10:51:32 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\newnext.me
[2012-10-11 11:23:46 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Nuance
[2013-12-02 19:16:09 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\PhotoFiltre 7
[2012-08-11 19:52:56 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Research In Motion
[2010-07-19 09:40:53 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Toshiba
[2013-12-15 16:53:18 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\uTorrent
[2014-01-07 13:44:28 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\ValueApps
[2011-10-04 16:00:43 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009-07-14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009-07-14 06:08:49 | 000,032,574 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: ATAPI.SYS >
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010-11-20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010-11-20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009-07-14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009-07-14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010-11-20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010-11-20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011-02-26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011-02-26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011-02-26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009-10-31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011-02-26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-02-26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009-08-03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009-10-31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009-08-03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010-11-20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009-10-31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009-08-03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009-07-14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009-10-31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011-02-26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009-08-03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009-07-14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010-11-20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010-11-20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009-07-14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009-07-14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010-11-20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010-11-20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010-11-20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010-11-20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010-11-20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010-11-20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009-07-14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009-07-14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009-07-14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014-01-07 13:43:22 | 000,205,824 | ---- | M] (Host Process for Windows Services) MD5=BF5A79FD1D6C4034D4303984424F5891 -- C:\FRST\Quarantine\43D0D494-7FCC-4165-98F7-37C3B7ADF6AE\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011-04-25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011-09-29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010-11-20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011-06-21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010-06-14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011-04-25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010-06-14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009-07-14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011-04-25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011-06-21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011-09-29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011-04-25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011-06-21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011-06-21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011-09-29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011-09-29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\erdnt\cache64\tcpip.sys
[2011-09-29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011-09-29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010-11-20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010-11-20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009-07-14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010-11-20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010-11-20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014-01-08 16:13:54 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Adobe
[2013-11-23 14:09:54 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Apple Computer
[2010-06-02 09:39:37 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\ATI
[2011-12-03 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\AVG10
[2011-12-03 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\AVG9
[2010-10-07 19:35:02 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\AVS4YOU
[2013-12-07 13:32:26 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Awyz
[2012-10-11 11:49:51 | 000,000,000 | R--D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Brother
[2013-09-23 22:23:14 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer
[2013-09-23 22:20:52 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer Pro
[2012-10-11 11:48:48 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\ControlCenter4
[2011-10-01 11:28:14 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\DAEMON Tools Lite
[2013-09-17 18:42:40 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\dvdcss
[2010-07-19 09:55:46 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2012-10-11 11:47:36 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\FLEXnet
[2011-12-03 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\GHISLER
[2010-06-02 09:39:01 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Identities
[2012-10-11 11:25:13 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\InstallShield
[2010-06-03 08:34:46 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Intel
[2013-12-07 14:11:19 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Irz
[2010-04-06 10:06:22 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Macromedia
[2009-07-14 10:55:40 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Media Center Programs
[2013-09-08 21:39:54 | 000,000,000 | --SD | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Microsoft
[2011-12-03 12:11:06 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Mozilla
[2010-08-17 21:54:56 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Nero
[2014-01-08 10:51:32 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\newnext.me
[2012-10-11 11:23:46 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Nuance
[2013-12-02 19:16:09 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\PhotoFiltre 7
[2012-08-11 19:52:56 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Research In Motion
[2010-07-19 17:40:16 | 000,000,000 | RH-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\SecuROM
[2014-01-08 17:39:10 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Skype
[2011-10-17 19:54:03 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\skypePM
[2010-07-19 09:40:53 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Toshiba
[2013-12-15 16:53:18 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\uTorrent
[2014-01-07 13:44:28 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\ValueApps
[2013-12-15 20:45:52 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\vlc
[2011-10-04 16:00:43 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\Windows Live Writer
[2011-03-14 09:22:35 | 000,000,000 | -H-D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009-08-11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009-08-11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010-03-22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012-10-11 08:01:20 | 001,175,371 | ---- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010-08-14 09:42:54 | 000,113,152 | ---- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010-08-14 09:45:10 | 000,358,400 | ---- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010-08-14 09:42:06 | 000,137,728 | ---- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010-09-30 14:30:22 | 000,042,305 | ---- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2010-07-17 17:08:29 | 000,010,134 | R--- | M] () -- C:\Users\mediamarkcruqius\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013-12-15 16:30:39 | 000,904,272 | ---- | M] (BitTorrent Inc.) -- C:\Users\mediamarkcruqius\AppData\Roaming\uTorrent\uTorrent.exe
[2013-12-15 16:30:31 | 000,904,272 | ---- | M] (BitTorrent Inc.) -- C:\Users\mediamarkcruqius\AppData\Roaming\uTorrent\updates\3.3.2_30303.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014-01-08 19:29:46 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010-11-20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014-01-07 10:02:34 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=1EEA6C1B35191DC177EA83672B9C3FC0 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011-09-26 12:59:59 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014-01-08 22:48:12 | 000,000,512 | ---- | M] () MD5=B8A51002323E990BEB08EE9411B1A5B0 -- C:\PhysicalMBR.bin

========== Files - Unicode (All) ==========
[2011-01-24 10:30:17 | 000,000,017 | ---- | M] ()(C:\Windows\SysWow64\??) -- C:\Windows\SysWow64\㾐ά
[2011-01-24 10:30:17 | 000,000,017 | ---- | M] ()(C:\Windows\System32\??) -- C:\Windows\System32\㾐ά
[2011-01-24 10:30:16 | 000,000,017 | ---- | C] ()(C:\Windows\SysWow64\??) -- C:\Windows\SysWow64\㾐ά

< End of report >
Nahoru
Ver
Návštěvník
Návštěvník
Příspěvky: 113
Registrován: 31 črc 2008 19:05

Re: Vyskakujici reklamy

#18 Příspěvek od Ver »

OTL Extras logfile created on: 8-1-2014 22:44:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mediamarkcruqius\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3,87 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 51,50% Memory free
7,73 Gb Paging File | 5,69 Gb Available in Paging File | 73,57% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,81 Gb Total Space | 8,78 Gb Free Space | 5,90% Space Free | Partition Type: NTFS
Drive D: | 148,88 Gb Total Space | 66,40 Gb Free Space | 44,60% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: mediamarkcruqius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-354615371-2128914143-2807093971-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\SysWOW64\msiexec.exe" = C:\Windows\SysWOW64\msiexec.exe:*:Generic Host Process -- (Microsoft Corporation)
"C:\Users\MEDIAM~1\AppData\Local\Temp\1349042551.exe" = C:\Users\MEDIAM~1\AppData\Local\Temp\1349042551.exe:*:Enabled:Microsoft Office
"C:\Users\MEDIAM~1\AppData\Local\Temp\tmp57755b9e\elly.exe" = C:\Users\MEDIAM~1\AppData\Local\Temp\tmp57755b9e\elly.exe:*:Enabled:Microsoft Office
"C:\Windows\SysWOW64\msiexec.exe" = C:\Windows\SysWOW64\msiexec.exe:*:Generic Host Process -- (Microsoft Corporation)
"C:\Users\MEDIAM~1\AppData\Local\Temp\1349042551.exe" = C:\Users\MEDIAM~1\AppData\Local\Temp\1349042551.exe:*:Enabled:Microsoft Office
"C:\Users\MEDIAM~1\AppData\Local\Temp\tmp57755b9e\elly.exe" = C:\Users\MEDIAM~1\AppData\Local\Temp\tmp57755b9e\elly.exe:*:Enabled:Microsoft Office


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09750DB3-7955-4A7A-91D7-35A7B3A17988}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{151E14CA-C214-4088-9C57-1FCF40315DC7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18C9C33D-9A74-45A5-A6B7-4AEFACE62499}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1CC27B0E-21B5-4030-AE13-79E96B7AB5AD}" = rport=139 | protocol=6 | dir=out | app=system |
"{2F19EA03-83E7-40DF-8411-D26942D993CF}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FDF4095-77E0-498D-A956-53EA214CFB54}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{310B7835-9744-4C52-A791-597A81BAF8E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3A468C6E-754F-42E0-B155-94015CC32958}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3C831BF3-F37B-48D7-BC5D-F103E32F323C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{417C432D-C332-4577-97F4-69DB423105F9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{653ACE29-5225-44E1-93E0-A3A246A6EF56}" = rport=137 | protocol=17 | dir=out | app=system |
"{679E0785-1591-404A-B594-27E6E773954F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6C0A99EC-5BA0-40E3-A8B7-68744A6AA6C9}" = rport=138 | protocol=17 | dir=out | app=system |
"{6FF72C01-05EE-4BFA-8DA1-8AD3BB303FB2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7703D303-D532-4C2F-A218-A3C293F74FBE}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{81BD51C5-4B44-48CA-A148-2019ECC6B8FF}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{8518DE3E-6B19-4829-975D-5AFF1D7A7C75}" = lport=138 | protocol=17 | dir=in | app=system |
"{9679FB21-4683-4E48-84D7-5D18772691B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9683448B-6FAB-454A-99A2-D4F7ED6A8912}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{9880289F-591B-4FBD-90EF-B6781DCC9174}" = lport=137 | protocol=17 | dir=in | app=system |
"{A4DFBF88-371A-4D5A-8A3B-F2E42931D055}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B01F5B76-2D7D-426A-BF29-D365D5920362}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B401841E-45B0-4BDD-8B7A-4E941E4C5CD6}" = lport=139 | protocol=6 | dir=in | app=system |
"{BCBD2FA0-0227-4996-B26E-F6CDAE5CE3F3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3770056-3699-49E4-8AA6-678E7FC0CB85}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{CEFE853E-0B08-4A6B-AA2F-B5B8E7EC22D3}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D56E6592-E506-4972-AF55-6C4473AAF674}" = rport=2869 | protocol=6 | dir=out | app=system |
"{DADDB456-EDBB-4DC2-B763-21E16D82569D}" = rport=445 | protocol=6 | dir=out | app=system |
"{E27028C2-C01F-43C5-801C-7D42CC44E514}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E4CF8D9E-69DB-4EA0-A605-E0E5EA6AB31C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F251C875-7563-46EA-ABA4-5563AD9DE493}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7658EDF-D3DD-40DF-A011-F4488C2A9AF6}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F92810AC-F825-44CF-AA7A-F1BA9D5B4D89}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FBAB95B3-4029-4D71-84D1-FB2553A28720}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13620C9E-5D7B-4E51-A558-8B107F4D0218}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{15007068-DAB9-4B72-A3C4-BA49D395F011}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{213C591C-D5EC-4B50-900F-E6117349BAA7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{23950688-34C2-4751-AEB0-6021A705EF70}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{314F49CC-7062-48FC-BEB9-8FB5204775AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D2DAD5A-4686-4B11-AFA8-12EFFB19720A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{562AB47D-076B-4DEE-BD54-6425AA2C7610}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58ACFF3E-0657-452F-9EBC-079AC9D47551}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{5CDAEDE0-1566-4373-B0E7-0C4227C25AB7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{63354451-83C4-464A-AC14-15B11D9D0C0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{687B0B60-BC76-4511-ACED-0A6E8CC23DA1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6BF381F7-897E-45AB-9CC4-7063F9C9B6F3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6CCD0A67-9495-4AE7-BB49-FB0A69FC799A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{74E8F335-4E4A-4339-BCEC-25EC69F03F32}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7787C2D0-2088-4821-91A0-A420F47DBDA9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7A175626-5239-49AC-AD1C-6D6F037D8E73}" = protocol=6 | dir=out | app=system |
"{7F3A91FC-B3A7-4B0A-9E2A-ED27F78D88F9}" = dir=in | app=c:\users\mediamarkcruqius\appdata\roaming\irz\ymmepyh.exe |
"{8A8EFD18-FBE2-4C25-8D0C-FE91A0E3DDC2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8E3A1D0E-5AF3-4F1C-A25D-40C2F0638612}" = protocol=17 | dir=in | app=c:\users\mediamarkcruqius\appdata\roaming\utorrent\utorrent.exe |
"{90A6F928-59F8-452D-8E5A-03865B726B41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{96637453-D46D-4415-9ACE-AB7ED006A27B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{9DC7AF3F-687F-4E77-A027-C6F77FC324B8}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl10e\faxrx.exe |
"{A42BFC7D-0F6A-4392-B886-AFEF52D2241D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A4E562F8-9748-4A9C-8A75-73DB2C5FC181}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl10e\faxrx.exe |
"{A87D01FB-91D4-4919-8868-1CDAC2D200B2}" = dir=in | app=c:\users\mediamarkcruqius\appdata\roaming\seraiq\iplyyw.exe |
"{C15778E0-5B0B-49AE-BBB7-F42AE2A75207}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6890B64-9B84-4522-9C4B-B77A752802CC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C9E57E30-F990-4089-934D-DF59F167605F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CC2CDC39-FDF4-4252-96A5-B30B0F05BBF2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CEB135E2-9F0F-4B2E-A107-35114A632F25}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CF0B712E-DDF0-47D2-92E6-3EBEE57F0E3D}" = protocol=6 | dir=in | app=c:\users\mediamarkcruqius\appdata\roaming\utorrent\utorrent.exe |
"{D45772AC-6723-45A8-81F0-1F643E8BA69F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D6BEFB48-F2A0-47B2-8748-7442328A0B79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DD907004-14B9-4A35-8C00-396442E07B8B}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{EF5737BD-9AB6-4015-8ABF-225B72397E54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F352FC81-AB86-43D6-AFE5-E0CAC9A75C32}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FC3EA5AF-1D15-4CC9-8D24-B226D810581C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{2BB1DFFC-F2B7-4450-9460-76285FDFB09F}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{61D773D1-CF94-4E96-944B-E8CFDAEA91D1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{637F31E1-F214-4FDB-A112-DB8463535CE4}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"TCP Query User{EB74DA1F-EAD3-4D7F-B769-02F2CAF8ADCB}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{F7DB2563-0511-45AA-B818-0576843271C1}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{157C9211-7F36-4103-8F25-F0F2FEF93F26}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"UDP Query User{2EC56B82-43CB-487F-9397-6F1DF828A0D7}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{48A9218C-6961-42C2-967E-74E07204A075}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{CBC3F91C-453A-4AB8-A1F9-55A7D267D479}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{E78F8310-34D7-407A-80FA-9E37DDEFE565}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B5896016-3143-B94F-585D-DF75DAF1D879}" = ATI Catalyst Install Manager
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D0C56275-9E7F-4BE5-AB37-15124BF808F2}" = Windows Live Family Safety
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD-waarschuwing
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_AUDIO_HDA_HDMI" = Conexant Audio Driver For AMD HDMI Codec
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF0EA0D-F945-4958-85CC-60FF1E86D216}" = HP LaserJet Professional CM1410 Series
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{22f09566-5b10-43d2-8864-31716aac97dc}" = Nero 9 Essentials
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B000B80-A3FA-4B92-A5FF-D9AD402B6701}" = Toshiba TEMPRO
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5158F1F5-FA1B-4D49-B546-55A5004B89BD}" = Microsoft Works
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{607BE7BF-7C28-4ADB-A4A0-385962B901C3}" = TOSHIBA ConfigFree
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{795288DC-2652-44A5-99FD-2ECDF3C633BF}" = SweetIM for Messenger 3.3
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{979742CC-2CBB-49D8-9BEE-C2F7875F5393}" = Brother MFL-Pro Suite MFC-9970CDW
"{97B70991-5002-4241-8B0C-D74B8ADEB2B5}" = BlackBerry Desktop Software 7.1
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.co.uk
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Nederlands
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD-waarschuwing
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}" = Updater
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DCE2759D-DB67-0558-6A51-C54775CEED71}" = Catalyst Control Center InstallProxy
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"BSPlayerf" = BS.Player FREE
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DP1818" = DP1818
"EA Download Manager" = EA Download Manager
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD-waarschuwing
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"InternetUpdater" = Internet Updater
"Lightspark" = Lightspark 0.5.3-git
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Parrot Flash Update Wizard" = Parrot Software Update Tool
"Totalcmd" = Total Commander (Remove or Repair)
"Video Converter for Nokia Smartphones_is1" = Video Converter for Nokia Smartphones 1.1
"VLC media player" = VLC media player 2.0.8
"Webexp Enhanced" = Webexp Enhanced
"Websteroids" = Websteroids
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WPM" = WPM17.8.0.3297

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-354615371-2128914143-2807093971-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"PhotoFiltre 7" = PhotoFiltre 7
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7-1-2014 12:17:41 | Computer Name = Admin | Source = Application Hang | ID = 1002
Description = The program adwcleaner.exe version 3.0.1.6 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: a94 Start
Time: 01cf0bac569f96dd Termination Time: 10 Application Path: C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe

Report
Id: 373b1254-77b7-11e3-9570-00266c647905

Error - 7-1-2014 16:31:22 | Computer Name = Admin | Source = Application Hang | ID = 1002
Description = The program adwcleaner.exe version 3.0.1.6 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2180 Start
Time: 01cf0bc40466a7fb Termination Time: 0 Application Path: C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe

Report
Id: a3e06569-77da-11e3-9570-00266c647905

Error - 7-1-2014 17:08:35 | Computer Name = Admin | Source = Application Hang | ID = 1002
Description = The program adwcleaner.exe version 3.0.1.6 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 307c Start
Time: 01cf0be7eca3a84f Termination Time: 0 Application Path: C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe

Report
Id: b9f9f3dc-77df-11e3-9570-00266c647905

Error - 7-1-2014 18:39:19 | Computer Name = Admin | Source = Application Hang | ID = 1002
Description = The program adwcleaner.exe version 3.0.1.6 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1768 Start
Time: 01cf0bf06d9c0db3 Termination Time: 10 Application Path: C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe

Report
Id: 89dbfed2-77ec-11e3-baa1-00266c647905

Error - 8-1-2014 6:27:28 | Computer Name = Admin | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 8-1-2014 12:48:54 | Computer Name = Admin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8-1-2014 12:48:54 | Computer Name = Admin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9438

Error - 8-1-2014 12:48:54 | Computer Name = Admin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9438

Error - 8-1-2014 12:57:59 | Computer Name = Admin | Source = Application Hang | ID = 1002
Description = The program adwcleaner.exe version 3.0.1.6 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 12dc Start
Time: 01cf0c8bcdf12fe5 Termination Time: 10 Application Path: C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe

Report
Id: 035c07cf-7886-11e3-9c59-00266c647905

Error - 8-1-2014 14:43:46 | Computer Name = Admin | Source = Application Hang | ID = 1002
Description = The program adwcleaner.exe version 3.0.1.6 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d5c Start
Time: 01cf0ca063c048ea Termination Time: 0 Application Path: C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe

Report
Id: ca0f8f30-7894-11e3-9c22-00266c647905

[ System Events ]
Error - 8-1-2014 13:58:07 | Computer Name = Admin | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 8-1-2014 13:58:07 | Computer Name = Admin | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 8-1-2014 13:59:38 | Computer Name = Admin | Source = Service Control Manager | ID = 7001
Description = The PnP-X IP Bus Enumerator service depends on the Function Discovery
Provider Host service which failed to start because of the following error: %%1068

Error - 8-1-2014 14:07:38 | Computer Name = Admin | Source = DCOM | ID = 10005
Description =

Error - 8-1-2014 14:07:38 | Computer Name = Admin | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1320.0 Update Source: %%859 Update Stage:
%%852 Source Path: Default URL Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM

Current
Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x8007043c Error
description: This service cannot be started in Safe Mode

Error - 8-1-2014 14:30:02 | Computer Name = Admin | Source = ipnathlp | ID = 31004
Description =

Error - 8-1-2014 14:30:08 | Computer Name = Admin | Source = WMPNetworkSvc | ID = 866314
Description =

Error - 8-1-2014 14:30:08 | Computer Name = Admin | Source = WMPNetworkSvc | ID = 866314
Description =

Error - 8-1-2014 14:30:43 | Computer Name = Admin | Source = DCOM | ID = 10016
Description =

Error - 8-1-2014 14:39:44 | Computer Name = Admin | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1320.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0

Error
code: 0x80070005 Error description: Access is denied.


< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vyskakujici reklamy

#19 Příspěvek od vyosek »

:arrow: Pokud tam jeste je, tak odinstalujte Spybot - Search & Destroy

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{4D4A2FD4-59FA-4487-B5CC-CA223493E1B4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes\{7FA6D6DA-F503-48DC-9540-5212D4F27FF1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
CHR - Extension: No name found = C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\crossrider
CHR - Extension: No name found = C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\
CHR - Extension: No name found = C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp\3.0_0\
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Webexp Enhanced) - {fd9425ac-8ec0-4faf-8f6c-3033cc2ddd26} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha2360\ie\WebexpEnhancedV1alpha2360.dll File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
[2014-01-08 16:13:03 | 000,000,000 | ---D | C] -- C:\Users\mediamarkcruqius\AppData\Local\{53F42C59-892D-4705-B187-15FC376FA380}
[2014-01-08 14:11:18 | 005,162,069 | R--- | C] (Swearware) -- C:\Users\mediamarkcruqius\Desktop\ComboFix.exe
[2014-01-08 14:08:22 | 001,933,048 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\mediamarkcruqius\Desktop\rkill.com
[2014-01-07 23:48:40 | 001,931,762 | ---- | C] (Farbar) -- C:\Users\mediamarkcruqius\Desktop\FRST64.exe
[2014-01-07 23:46:54 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\mediamarkcruqius\Desktop\FRSTLauncher.exe
[2014-01-07 14:28:04 | 001,233,962 | ---- | C] () -- C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe
[2014-01-07 14:18:13 | 001,036,305 | ---- | C] (Thisisu) -- C:\Users\mediamarkcruqius\Desktop\JRT.exe
[2011-12-03 11:36:59 | 000,000,272 | ---- | C] () -- C:\ProgramData\~VSjwjCusbOjcDI
[2011-12-03 11:36:59 | 000,000,184 | ---- | C] () -- C:\ProgramData\~VSjwjCusbOjcDIr
[2011-12-03 11:36:49 | 000,000,456 | ---- | C] () -- C:\ProgramData\VSjwjCusbOjcDI
[2011-12-03 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\AVG10
[2011-12-03 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\mediamarkcruqius\AppData\Roaming\AVG9
[2011-01-24 10:30:17 | 000,000,017 | ---- | M] ()(C:\Windows\SysWow64\??) -- C:\Windows\SysWow64\㾐ά
[2011-01-24 10:30:17 | 000,000,017 | ---- | M] ()(C:\Windows\System32\??) -- C:\Windows\System32\㾐ά
[2011-01-24 10:30:16 | 000,000,017 | ---- | C] ()(C:\Windows\SysWow64\??) -- C:\Windows\SysWow64\㾐ά

:files
C:\Program Files (x86)\Spybot - Search & Destroy
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Ver
Návštěvník
Návštěvník
Příspěvky: 113
Registrován: 31 črc 2008 19:05

Re: Vyskakujici reklamy

#20 Příspěvek od Ver »

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4D4A2FD4-59FA-4487-B5CC-CA223493E1B4}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D4A2FD4-59FA-4487-B5CC-CA223493E1B4}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7FA6D6DA-F503-48DC-9540-5212D4F27FF1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FA6D6DA-F503-48DC-9540-5212D4F27FF1}\ not found.
File C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\crossrider not found.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\js\lib\popupResource folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\js\lib folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\js\api folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\js folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\icons\actions folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\icons folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\extensionData\userCode folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\extensionData\plugins folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0\extensionData folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafckphhinbbcdnnjllcbnkcgbegcoid\1.26.5_0 folder moved successfully.
File C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 not found.
File C:\Users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp\3.0_0 not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ not found.
File C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}\ deleted successfully.
C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fd9425ac-8ec0-4faf-8f6c-3033cc2ddd26}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd9425ac-8ec0-4faf-8f6c-3033cc2ddd26}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\ not found.
File C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
C:\Users\mediamarkcruqius\AppData\Local\{53F42C59-892D-4705-B187-15FC376FA380} folder moved successfully.
C:\Users\mediamarkcruqius\Desktop\ComboFix.exe moved successfully.
C:\Users\mediamarkcruqius\Desktop\rkill.com moved successfully.
C:\Users\mediamarkcruqius\Desktop\FRST64.exe moved successfully.
C:\Users\mediamarkcruqius\Desktop\FRSTLauncher.exe moved successfully.
C:\Users\mediamarkcruqius\Desktop\adwcleaner.exe moved successfully.
C:\Users\mediamarkcruqius\Desktop\JRT.exe moved successfully.
C:\ProgramData\~VSjwjCusbOjcDI moved successfully.
C:\ProgramData\~VSjwjCusbOjcDIr moved successfully.
C:\ProgramData\VSjwjCusbOjcDI moved successfully.
C:\Users\mediamarkcruqius\AppData\Roaming\AVG10\cfgall folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Roaming\AVG10 folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Roaming\AVG9\cfgall folder moved successfully.
C:\Users\mediamarkcruqius\AppData\Roaming\AVG9 folder moved successfully.
C:\Windows\SysWOW64\㾐ά moved successfully.
File C:\Windows\System32\㾐ά not found.
File C:\Windows\SysWow64\㾐ά not found.
========== FILES ==========
C:\Program Files (x86)\Spybot - Search & Destroy\Help folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: mediamarkcruqius
->Temp folder emptied: 1605283 bytes
->Temporary Internet Files folder emptied: 6839983 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 236736246 bytes
->Google Chrome cache emptied: 11040267 bytes
->Flash cache emptied: 24690 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49298188 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 291,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: mediamarkcruqius
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: mediamarkcruqius
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01092014_223955

Files\Folders moved on Reboot...
C:\Users\mediamarkcruqius\AppData\Local\Temp\Excel8.0\MSForms.exd moved successfully.
C:\Users\mediamarkcruqius\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\mediamarkcruqius\AppData\Local\Temp\~DFFF2821A1033E66A9.TMP not found!
File\Folder C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\16FEEEA0.emf not found!
File\Folder C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\319664FD.png not found!
File\Folder C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\BA5DE21.emf not found!
File\Folder C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\E154485B.emf not found!
File\Folder C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\F97A9D42.emf not found!
C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MNGHE3VW\PAVEL SELLING 2013.xlsx moved successfully.
File\Folder C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MNGHE3VW\~$PAVEL SELLING 2013.xlsx not found!
C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AB5XZVMM\OPOS KW 2 Pavel (1).xlsx moved successfully.
File\Folder C:\Users\mediamarkcruqius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AB5XZVMM\~$OPOS KW 2 Pavel (1).xlsx not found!
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\atmosphere.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\atmosphere.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\atmosphere.glsllib scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\color.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\hammer_aitoff.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\hammer_aitoff.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\lighting.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\precipitation_double_cone.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\precipitation_double_cone.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\speedtree_configuration_glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\speedtree_utils_glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stars.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stars.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stcommonobjects.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\viewshed.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\water.glsllib scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\watersurface.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\watersurface.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\planet\earth.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\keyboard\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\keyboard\sr22.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\hud\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\hud\sr22.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\genius_maxfighter_f16u.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_attack3.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_extreme_3d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_force_3d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_freedom.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\saitek_cyborg_evo.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\saitek_x52.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_black_hawk.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_black_widow.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_cougar_flightstick.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_dark_tornado.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\xbox_360.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\aircraft\f16.acf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\aircraft\sr22.acf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\flightsim.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\application.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\balloons.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\builtin_webdata.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\cursor_crosshair_inverse.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\cursor_crosshair_thick.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\doppler.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\effects.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\filmstrip.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\leftpanel-common.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\leftpanel-layer.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\localshapes.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\mouse3dgui.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\navcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\notifications.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\print.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\progress.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\renderui.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\search.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\spin_icon.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\statusbar.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\terrainmgr.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\tmcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\toolbar.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\tourcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\unknown_plugin.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\userpalette.kml scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\webbrowser.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ar.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\bg.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ca.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\cs.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\da.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\de.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\el.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\en.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\es-419.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\es.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\fa.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\fi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\fil.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\fr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\he.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\hi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\hr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\hu.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\id.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\it.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ja.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ko.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\lt.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\lv.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\nl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\no.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\pl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\pt-PT.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\pt.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ro.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ru.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\sk.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\sl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\sr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\sv.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\th.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\tr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\uk.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\vi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\zh-Hans.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\zh-Hant-HK.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\zh-Hant.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\drivers.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\googleearth.exe.local scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\google_earth.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\gpl.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\ImporterGlobalSettings.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\ImporterUISettings.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\kh20 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\PCOptimizations.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\uninstall.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\atmosphere.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\atmosphere.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\atmosphere.glsllib scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\color.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\hammer_aitoff.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\hammer_aitoff.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\lighting.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\precipitation_double_cone.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\precipitation_double_cone.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\speedtree_configuration_glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\speedtree_utils_glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stars.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stars.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stcommonobjects.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\viewshed.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\water.glsllib scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\watersurface.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\watersurface.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\planet\earth.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\keyboard\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\keyboard\sr22.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\hud\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\hud\sr22.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\genius_maxfighter_f16u.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\logitech_attack3.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\logitech_extreme_3d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\logitech_force_3d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\logitech_freedom.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\saitek_cyborg_evo.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\saitek_x52.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\speed_link_black_hawk.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\speed_link_black_widow.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\speed_link_cougar_flightstick.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\speed_link_dark_tornado.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\xbox_360.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\aircraft\f16.acf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\aircraft\sr22.acf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\flightsim.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\application.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\balloons.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\builtin_webdata.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\cursor_crosshair_inverse.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\cursor_crosshair_thick.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\default_myplaces.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\doppler.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\effects.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\filmstrip.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\leftpanel-common.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\leftpanel-layer.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\localshapes.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\mouse3dgui.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\navcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\notifications.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\print.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\progress.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\renderui.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\search.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\spin_icon.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\startinglocations-nonmac.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\startinglocations.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\statusbar.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\terrainmgr.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\tmcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\toolbar.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\tourcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\unknown_plugin.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\userpalette.kml scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\webbrowser.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ar.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\bg.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ca.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\cs.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\da.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\de.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\el.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\en.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\es-419.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\es.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\fa.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\fi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\fil.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\fr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\he.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\hi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\hr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\hu.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\id.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\it.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ja.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ko.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\lt.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\lv.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\nl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\no.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\pl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\pt-PT.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\pt.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ro.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ru.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\sk.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\sl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\sr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\sv.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\th.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\tr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\uk.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\vi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\zh-Hans.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\zh-Hant-HK.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\zh-Hant.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\drivers.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\googleearth.exe.local scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\google_earth.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\gpl.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\ImporterGlobalSettings.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\ImporterUISettings.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\kh20 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\kml_file.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\kmz_file.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\PCOptimizations.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\uninstall.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\LocalAppData\Google\Custom Buttons\toolbar.google.com_MXE8GT6B9RBHXCGLZ06L.xml scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0402.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0403.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0404.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0405.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0406.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0407.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0408.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0409.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040b.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040c.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040e.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0410.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0411.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0412.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0413.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0414.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0415.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0416.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0418.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0419.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041b.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041e.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041f.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0421.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0422.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0424.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0426.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0427.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x042a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0804.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0809.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x080a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0816.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0c01.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0c0a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0c1a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x100a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x140a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x180a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x1c0a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x200a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x240a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x280a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x2c0a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x300a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x340a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x380a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x3c0a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\10250.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1026.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1027.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1028.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1029.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1030.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1031.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1032.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1033.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1034.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1035.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1036.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1037.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1038.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1040.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1041.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1042.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1043.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1044.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1045.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1046.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1048.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1049.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1050.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1051.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1053.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1054.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1055.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1057.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1058.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1060.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1062.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1063.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1066.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\11274.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\12298.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\13322.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\14346.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\15370.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\2052.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\2057.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\2058.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\2070.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\3073.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\3082.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\3098.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\4106.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\5130.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\6154.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\7178.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\8202.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\9226.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\Google Earth.msi scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\Setup.ini scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vyskakujici reklamy

#21 Příspěvek od vyosek »

Jak se chova PC???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Ver
Návštěvník
Návštěvník
Příspěvky: 113
Registrován: 31 črc 2008 19:05

Re: Vyskakujici reklamy

#22 Příspěvek od Ver »

uz je to dobre akorat kdyz zapnu jakykoliv prohlizec tak se mi vzdy spusti stranka nation zoom i kdyz
mam nastavene seznam.cz, nevite cim to muze byt?
jinak moc dekuji :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vyskakujici reklamy

#23 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: To spatne zobrazeni domovske stranky je v jakem prohlizeci??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Ver
Návštěvník
Návštěvník
Příspěvky: 113
Registrován: 31 črc 2008 19:05

Re: Vyskakujici reklamy

#24 Příspěvek od Ver »

Super ted je to pryc.

dekuji vam moc :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vyskakujici reklamy

#25 Příspěvek od vyosek »

Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat :lock:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“