Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Reklamy v textu v prohlížeči

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Reklamy v textu v prohlížeči

#1 Příspěvek od CrieS »

Zdravím. Rád bych se zbavil reklam v textu internetového prohlížeče viz obr.1. Čekal bych, že to bude asi nějakým virem, avšak AVG 2014 žádný nenašel. Vzhledem k tomu, že Google Chrome instaluje doplňky bez vědomí uživatele, projel jsem i tuto možnost, ale žádný nepřibyl, navíc je to ve všech prohlížečích stejné (Zkoušel jsem Chrome, IE, Opera)

Obr.1
http://img.pictureup.cz/16022014/a26ba0 ... 674eb2.jpg

Dále by s tím mohlo souviset vyhledávání na google, pokud si dobře pamatuji, předtím se neukazovala stránka "1place.org" první v pořadí při zadání jakéhokoliv textu do vyhledávače.

Neměl byste někdo nějakou radu..? Kdyžtak díky :-).
_____________________________________________________
Pokud se bude hodit zpráva z RogueKiller, přikládám jí zde
_____________________________________________________
RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : CrieS [Práva správce]
Mód : Kontrola -- Datum : 02/16/2014 10:49:27
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] PirritService.exe -- C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritService.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] PirritDesktop.exe -- C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritDesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Security Updates ("C:\Users\CrieS\AppData\Local\Temp\install-security-updates.exe" [-]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-697164410-2571323111-710328384-1000\[...]\Run : Security Updates ("C:\Users\CrieS\AppData\Local\Temp\install-security-updates.exe" [-]) -> NALEZENO
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=hxxp://127.0.0.1:9880 [Country: , City: ]) -> NALEZENO
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

216.239.32.20 google.com http://www.google.com --> Potentially malicious!

216.239.32.20 google.com http://www.google.com
216.239.32.20 google.com http://www.google.ad
216.239.32.20 google.com http://www.google.ae
216.239.32.20 google.com http://www.google.com.af
216.239.32.20 google.com http://www.google.com.ag
216.239.32.20 google.com http://www.google.com.ai
216.239.32.20 google.com http://www.google.al
216.239.32.20 google.com http://www.google.am
216.239.32.20 google.com http://www.google.co.ao
216.239.32.20 google.com http://www.google.com.ar
216.239.32.20 google.com http://www.google.as
216.239.32.20 google.com http://www.google.at
216.239.32.20 google.com http://www.google.com.au
216.239.32.20 google.com http://www.google.az
216.239.32.20 google.com http://www.google.ba
216.239.32.20 google.com http://www.google.com.bd
216.239.32.20 google.com http://www.google.be
216.239.32.20 google.com http://www.google.bf
216.239.32.20 google.com http://www.google.bg
216.239.32.20 google.com http://www.google.com.bh
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST750LM022 HN-M750MBB ATA Device +++++
--- User ---
[MBR] 292cbfada444cff8f78d75fb00d3eb6f
[BSP] aa912873973331b9de04c51cef8f5930 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_02162014_104927.txt >>
RKreport[0]_S_02162014_101600.txt
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy v textu v prohlížeči

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Re: Reklamy v textu v prohlížeči

#3 Příspěvek od CrieS »

Reklamy zatím zůstaly

Zpráva
______________________________________

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : CrieS [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/16/2014 11:22:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] PirritService.exe -- C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritService.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] PirritDesktop.exe -- C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritDesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

216.239.32.20 google.com www.google.com --> Potentially malicious!

216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
216.239.32.20 google.com www.google.com.bh
[...]


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_02162014_112257.txt >>
RKreport[0]_D_02162014_112253.txt;RKreport[0]_S_02162014_101600.txt;RKreport[0]_S_02162014_104927.txt
RKreport[0]_S_02162014_112248.txt
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy v textu v prohlížeči

#4 Příspěvek od vyosek »

Log dle tohoto poprosim http://forum.viry.cz/viewtopic.php?f=13&t=130786
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Re: Reklamy v textu v prohlížeči

#5 Příspěvek od CrieS »

Už se mi to povedlo na radu kamaráda. Mohla za to nějaká aktualizace Skypu (Skype Click to Call) ^^. Smazal jsem jí a je vše "OK".
Díky za Váš čas a rady :-).
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy v textu v prohlížeči

#6 Příspěvek od vyosek »

PC vypada hodne zavirovany, ale kamarad tomu asi rozumi vice nez my s mnohaletymi zkusenostmi a mezinarodnimi certifikaty :?:

Ale Vase vec, neni zac...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Re: Reklamy v textu v prohlížeči

#7 Příspěvek od CrieS »

Aha, omlouvám se, myslel jsem, že tím se to vyřešilo. Zkusím tedy pokračovat ve Vašich radách, za chvíli doplním podle Vašich pokynů. Díky :-)
Nahoru
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Re: Reklamy v textu v prohlížeči

#8 Příspěvek od CrieS »

Logfile of random's system information tool 1.08 (written by random/random)
Run by CrieS at 2014-02-16 12:55:32
Microsoft Windows 7 Ultimate
System drive C: has 410 GB (57%) free of 715 GB
Total RAM: 3562 MB (36% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=43431d64-b66c-4308-abc8-870f3929f902 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\7edab510-223a-4a2d-b4e7-0f05e63dea64-14c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5ea3bab6-d57e-4333-9ccc-c63491c47b41 -SystemEventPortName:HostProcess-522537d1-010d-4c42-bb3f-564b9a3faed0 -IoCancelEventPortName:HostProcess-0a17e433-9abd-4a31-9d92-23bf79b50123 -NonStateChangingEventPortName:HostProcess-2a6077af-fe20-4c12-a724-87f85d046d6e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c9058ef8-db66-44f1-9b46-519168e6ae4d -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 2135408
\??\C:\Windows\system32\conhost.exe "-1525369769452316058-7247171404651174561487494333955632482-791622889-1389789382
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"taskhost.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritService.exe
"C:\Program Files (x86)\Pirrit\AutoUpdater.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\WBDesktop.Updater.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
\??\C:\Windows\system32\conhost.exe "-731938514-20697031172719818872647710921731871985932587518392397626-1175285745
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:/Users/CrieS/AppData/Local/PirritSuggestor\PirritDesktop.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" -noautoupdate --ran-launcher http://get.adobe.com/flashplayer/comple ... &appid=200
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" -noautoupdate --ran-launcher http://get.adobe.com/flashplayer/comple ... &appid=200 /crash-reporter-parent-id=3192
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=gpu-process --channel="3192.0.1051378077\2031062402" --crash-reporter-pid=1856 --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23 --gpu-vendor-id=0x1002 --gpu-device-id=0x9647 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.2.0.0 --crash-reporter-pid=1856 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --extension-process --disable-client-side-phishing-detection --crash-reporter-pid=1856 --channel="3192.2.100186604\463050737" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=1856 --channel="3192.3.1230748535\999671412" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=1856 --channel="3192.4.1581705066\1236016390" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=1856 --channel="3192.5.210088992\172836350" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=1856 --channel="3192.6.189538119\1496323366" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=1856 --channel="3192.7.1104738844\760059768" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll" --lang=cs --channel="3192.15.30394632\1243966134" --crash-reporter-pid=1856 /prefetch:-390060480
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\CrieS.exe" /silentautolog
taskeng.exe {42680A6C-8539-49CD-B36D-F75FDF68D526}
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\CrieS\Downloads\RSITx64 (4).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531136}]
FreeHDSport TV - C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-bho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]
WebCake

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}]
Fast Search - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll [2013-04-17 187352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}]
ividi Helper Object - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll [2013-07-25 301464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
IEExtension.Extension - C:\Windows\system32\mscoree.dll [2009-11-25 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"FixMyRegistry"=C:\Program Files (x86)\SmartTweak Software\FixMyRegistry\FixMyRegistry.exe [2012-10-19 1795768]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-02-11 1824000]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28 18642024]
"RGSC"=C:\Hry\GTA IV PC Version\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"CorelDRAW Graphics Suite 11b"=C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe [2003-11-25 729088]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-02-04 2552856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2013-06-05 275360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-02-16 12:38:15 ----D---- C:\rsit
2014-02-16 12:38:15 ----D---- C:\Program Files\trend micro
2014-02-16 12:21:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-16 12:21:00 ----D---- C:\Windows\system32\Macromed
2014-02-16 11:53:26 ----D---- C:\Windows\system32\appmgmt
2014-02-16 10:05:46 ----D---- C:\FRST
2014-02-16 10:03:20 ----D---- C:\Users\CrieS\AppData\Roaming\Opera Software
2014-02-16 10:03:09 ----D---- C:\Program Files (x86)\Opera
2014-02-16 03:01:55 ----D---- C:\Windows\system32\SPReview
2014-02-14 06:51:18 ----D---- C:\Users\CrieS\AppData\Roaming\TorTemp
2014-02-13 21:02:34 ----A---- C:\Windows\system32\roboot64.exe
2014-02-13 21:02:30 ----D---- C:\Users\CrieS\AppData\Roaming\systweak
2014-02-13 21:01:59 ----D---- C:\Users\CrieS\AppData\Roaming\Pirrit
2014-02-13 21:01:38 ----D---- C:\Program Files (x86)\Pirrit
2014-02-12 07:12:50 ----D---- C:\Windows\system32\%LocalAppData%
2014-02-12 06:49:54 ----SHD---- C:\found.004
2014-02-12 06:19:16 ----A---- C:\Windows\ntbtlog.txt
2014-02-06 13:07:22 ----D---- C:\Program Files (x86)\Total War Rome II CZ
2014-01-31 13:21:49 ----SHD---- C:\found.003
2014-01-25 12:42:48 ----SHD---- C:\found.002
2014-01-21 20:56:43 ----D---- C:\Program Files\Microsoft Sync Framework
2014-01-21 20:55:17 ----D---- C:\ProgramData\PreEmptive Solutions
2014-01-21 20:49:52 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-01-21 20:49:46 ----D---- C:\Program Files\IIS
2014-01-21 20:49:45 ----D---- C:\Program Files (x86)\IIS
2014-01-21 20:38:14 ----D---- C:\Program Files (x86)\Microsoft F#
2014-01-21 20:38:14 ----D---- C:\Program Files (x86)\HTML Help Workshop
2014-01-20 22:04:26 ----D---- C:\Program Files\Microsoft

======List of files/folders modified in the last 1 months======

2014-02-16 12:44:39 ----D---- C:\Windows\Temp
2014-02-16 12:41:51 ----D---- C:\Users\CrieS\AppData\Roaming\Skype
2014-02-16 12:38:15 ----RD---- C:\Program Files
2014-02-16 12:21:02 ----D---- C:\Windows\SysWOW64
2014-02-16 12:21:00 ----D---- C:\Windows\System32
2014-02-16 12:02:32 ----D---- C:\Program Files (x86)\Steam
2014-02-16 11:53:26 ----SHD---- C:\Windows\Installer
2014-02-16 11:53:25 ----RD---- C:\Program Files (x86)\Skype
2014-02-16 11:27:52 ----D---- C:\Windows\system32\config
2014-02-16 11:26:02 ----D---- C:\Windows\system32\drivers
2014-02-16 10:10:52 ----D---- C:\Windows
2014-02-16 10:03:09 ----RD---- C:\Program Files (x86)
2014-02-16 08:17:04 ----D---- C:\ProgramData\MFAData
2014-02-16 05:22:37 ----SHD---- C:\System Volume Information
2014-02-16 00:30:28 ----D---- C:\Windows\Prefetch
2014-02-16 00:30:28 ----D---- C:\Program Files (x86)\Google
2014-02-16 00:21:14 ----D---- C:\Windows\system32\Tasks
2014-02-16 00:21:12 ----D---- C:\Windows\Tasks
2014-02-16 00:20:48 ----D---- C:\Hry
2014-02-15 23:28:39 ----D---- C:\Windows\system32\catroot
2014-02-15 23:05:45 ----D---- C:\Windows\system32\catroot2
2014-02-15 22:27:32 ----D---- C:\Windows\Minidump
2014-02-15 16:07:05 ----D---- C:\Program Files (x86)\File Type Assistant
2014-02-15 05:16:00 ----D---- C:\Windows\system32\wdi
2014-02-15 03:31:35 ----D---- C:\Users\CrieS\AppData\Roaming\vlc
2014-02-14 06:12:05 ----D---- C:\ProgramData\Skype
2014-02-13 14:02:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-13 14:02:13 ----D---- C:\Windows\inf
2014-02-12 10:01:08 ----D---- C:\Windows\system32\NDF
2014-02-12 06:36:43 ----D---- C:\Windows\system32\wbem
2014-02-12 06:35:38 ----D---- C:\Windows\system32\wfp
2014-02-12 06:35:38 ----D---- C:\Windows\system32\DriverStore
2014-02-12 06:35:38 ----D---- C:\Windows\system32\CodeIntegrity
2014-02-12 06:35:33 ----D---- C:\Windows\registration
2014-02-12 06:10:54 ----RD---- C:\Users
2014-02-04 15:47:43 ----D---- C:\Program Files (x86)\AVG Secure Search
2014-01-23 03:54:57 ----D---- C:\Windows\Microsoft.NET
2014-01-23 03:37:37 ----RSD---- C:\Windows\assembly
2014-01-23 03:11:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-01-21 20:58:47 ----D---- C:\Windows\winsxs
2014-01-21 20:56:58 ----D---- C:\Program Files (x86)\Microsoft SDKs
2014-01-21 20:55:17 ----HD---- C:\ProgramData
2014-01-21 20:55:17 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-01-21 20:53:48 ----D---- C:\Program Files\MSBuild
2014-01-21 20:48:41 ----SD---- C:\Users\CrieS\AppData\Roaming\Microsoft
2014-01-21 20:48:41 ----SD---- C:\ProgramData\Microsoft
2014-01-21 20:38:49 ----D---- C:\Windows\SYSWOW64\1033
2014-01-21 20:38:14 ----D---- C:\Program Files (x86)\MSBuild
2014-01-21 20:38:14 ----D---- C:\Program Files (x86)\Common Files
2014-01-21 20:33:19 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2014-01-21 20:32:06 ----D---- C:\Windows\system32\1033

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-04-25 30488]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-05 150808]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-04 240920]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-11-07 46368]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-31 283200]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2012-10-31 30592]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-04-25 43800]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-10-31 4747840]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 361984]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-28 2413056]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 PirritDesktop;PirritDesktop; C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritService.exe [2014-02-14 52568]
R2 PirritUpdater;PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [2014-02-14 59904]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-01-09 1771544]
R2 WebCake Desktop Updater;WebCake Desktop Updater; C:\Program Files (x86)\WBDesktop.Updater.exe [2013-08-11 51992]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-09-06 240736]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 116648]
S3 hpqwmiex;HP Software Framework Service; C:\Users\CrieS\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe [2012-11-02 794112]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-27 571816]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-03 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy v textu v prohlížeči

#9 Příspěvek od vyosek »

:arrow: Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze :?:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Re: Reklamy v textu v prohlížeči

#10 Příspěvek od CrieS »

Koupil jsem tento notebook jako použitý a už bez papírů, OS jsem nepřeinstalovával a nevím, jestli je to originál...
Zkusil jsem test na microsoft.com, snad jsem udělal vše správně, prý je originální viz Obr.

Obr.
http://www.imghosting.cz/images/95orig.jpg
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy v textu v prohlížeči

#11 Příspěvek od vyosek »

:arrow: Samozrejme ze microsoft hlasi ze je legalni - to je ucel dnesnich aktivatoru

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Re: Reklamy v textu v prohlížeči

#12 Příspěvek od CrieS »

OTL.Txt
(1./2)_____________________
OTL logfile created on: 16.2.2014 13:48:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CrieS\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,48 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 39,56% Memory free
6,96 Gb Paging File | 4,25 Gb Available in Paging File | 61,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,54 Gb Total Space | 400,73 Gb Free Space | 57,37% Space Free | Partition Type: NTFS
Drive G: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: CRIES-PC | User Name: CrieS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.02.16 13:47:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CrieS\Downloads\OTL.exe
PRC - [2014.02.14 12:12:30 | 000,052,568 | ---- | M] () -- C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritService.exe
PRC - [2014.02.14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritDesktop.exe
PRC - [2014.02.14 11:29:08 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Pirrit\AutoUpdater.exe
PRC - [2014.02.10 10:41:19 | 045,198,176 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe
PRC - [2014.02.10 10:41:19 | 001,378,144 | ---- | M] () -- C:\Program Files (x86)\Opera\19.0.1326.63\opera_crashreporter.exe
PRC - [2014.02.04 15:47:44 | 002,552,856 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2014.01.09 08:24:11 | 001,771,544 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
PRC - [2014.01.09 08:24:11 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
PRC - [2013.11.11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013.11.07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013.09.24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013.08.11 14:54:08 | 000,051,992 | ---- | M] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2014.02.16 12:21:02 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014.02.14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritDesktop.exe
MOD - [2014.02.10 10:41:21 | 000,907,616 | ---- | M] () -- C:\Program Files (x86)\Opera\19.0.1326.63\libGLESv2.dll
MOD - [2014.02.10 10:41:21 | 000,108,896 | ---- | M] () -- C:\Program Files (x86)\Opera\19.0.1326.63\libEGL.dll
MOD - [2014.02.10 10:41:20 | 000,890,208 | ---- | M] () -- C:\Program Files (x86)\Opera\19.0.1326.63\ffmpegsumo.dll
MOD - [2014.02.10 10:41:19 | 001,378,144 | ---- | M] () -- C:\Program Files (x86)\Opera\19.0.1326.63\opera_crashreporter.exe
MOD - [2014.02.04 15:47:44 | 002,552,856 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2014.01.09 08:24:11 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.09.28 15:43:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012.09.28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.04.25 14:02:52 | 000,031,000 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\CrieS\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop)
SRV - [2014.02.14 11:29:08 | 000,059,904 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Pirrit\AutoUpdater.exe -- (PirritUpdater)
SRV - [2014.01.27 20:02:50 | 000,571,816 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.01.09 08:24:11 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2013.11.11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.09.24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013.09.06 01:41:08 | 000,240,736 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2013.08.11 14:54:08 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Program Files (x86)\WBDesktop.Updater.exe -- (WebCake Desktop Updater)
SRV - [2013.02.28 17:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.02 13:10:47 | 000,794,112 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Users\CrieS\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe -- (hpqwmiex)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.06.28 17:12:08 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.11.07 14:04:41 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.11.05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013.11.04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013.10.31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013.10.31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013.10.24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013.10.01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013.09.10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013.08.01 15:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.10.31 20:24:57 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.10.31 15:59:36 | 004,747,840 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.10.31 10:49:49 | 000,030,592 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2012.09.28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.09.28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.05.14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.04.25 14:02:52 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.04.25 14:02:52 | 000,030,488 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012.03.01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.05.30 16:03:34 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.17 08:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-697164410-2571323111-710328384-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=fe ... e&affilt=3
IE - HKU\S-1-5-21-697164410-2571323111-710328384-1000\..\SearchScopes,DefaultScope = {961E1816-EBD0-4139-95CB-4B55631EBC4E}
IE - HKU\S-1-5-21-697164410-2571323111-710328384-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-697164410-2571323111-710328384-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={search ... 6&tsp=4954
IE - HKU\S-1-5-21-697164410-2571323111-710328384-1000\..\SearchScopes\{961E1816-EBD0-4139-95CB-4B55631EBC4E}: "URL" = http://search.ividi.org/?q={searchTerms ... lt=3&r=744
IE - HKU\S-1-5-21-697164410-2571323111-710328384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-697164410-2571323111-710328384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-697164410-2571323111-710328384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=http://127.0.0.1:9880


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\CrieS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2014.02.16 10:13:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CrieS\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2014.02.13 21:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CrieS\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2013.06.30 09:44:04 | 000,242,624 | ---- | M] () (No name found) -- C:\Users\CrieS\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\fhdp3@freehdsp.tv.xpi
[2014.02.13 21:01:33 | 000,036,924 | ---- | M] () (No name found) -- C:\Users\CrieS\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\suggestor@suggestor.pirrit.com.xpi
[2013.09.26 18:39:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Search (Enabled)
CHR - default_search_provider: search_url = http://search.ividi.org/?q={searchTerms ... e&affilt=3
CHR - default_search_provider: suggest_url = ,
CHR - Extension: Dokumenty Google = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: YouTube = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Web Cake = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_1\
CHR - Extension: iVidi Chrome Toolbar = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_1\
CHR - Extension: FreeHDSport TV 3 = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn\3.1_0\
CHR - Extension: AVG Security Toolbar = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.0.49_1\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.02.16 11:22:57 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (FreeHDSport TV) - {11111111-1111-1111-1111-110311531136} - C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-bho.dll File not found
O2 - BHO: (WebCake) - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - Reg Error: Value error. File not found
O2 - BHO: (Fast Search) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (ividi Helper Object) - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (Unitech LLC)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe (Corel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-697164410-2571323111-710328384-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-697164410-2571323111-710328384-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-697164410-2571323111-710328384-1000..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak Software\FixMyRegistry\FixMyRegistry.exe ()
O4 - HKU\S-1-5-21-697164410-2571323111-710328384-1000..\Run: [RGSC] C:\Hry\GTA IV PC Version\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-697164410-2571323111-710328384-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F26202A-BAB9-43CC-A407-0C3E93954E14}: DhcpNameServer = 192.168.1.21 192.168.1.30
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73615AFA-91DF-475B-B833-F33DCEA58445}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.25 09:51:38 | 000,536,936 | R--- | M] (Gaming Minds Studios GmbH) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2012.04.25 09:51:38 | 000,420,633 | R--- | M] () - G:\autodata.zip -- [ CDFS ]
O32 - AutoRun File - [2012.04.25 09:51:38 | 000,000,047 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{16d5096a-72f2-11e2-b508-082e5f9a4fc0}\Shell - "" = AutoRun
O33 - MountPoints2\{16d5096a-72f2-11e2-b508-082e5f9a4fc0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2012.04.25 09:51:38 | 000,536,936 | R--- | M] (Gaming Minds Studios GmbH)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2012.04.25 09:51:38 | 000,536,936 | R--- | M] (Gaming Minds Studios GmbH)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.02.16 12:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.16 12:38:15 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.16 12:21:02 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.16 12:21:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014.02.16 11:53:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014.02.16 10:13:43 | 000,000,000 | ---D | C] -- C:\Users\CrieS\Desktop\RK_Quarantine
[2014.02.16 10:06:41 | 002,152,960 | ---- | C] (Farbar) -- C:\Users\CrieS\Desktop\FRST64.exe
[2014.02.16 10:05:46 | 000,000,000 | ---D | C] -- C:\FRST
[2014.02.16 10:03:21 | 000,000,000 | ---D | C] -- C:\Users\CrieS\AppData\Local\Opera Software
[2014.02.16 10:03:20 | 000,000,000 | ---D | C] -- C:\Users\CrieS\AppData\Roaming\Opera Software
[2014.02.16 10:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014.02.16 03:01:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2014.02.16 00:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.02.14 21:03:11 | 000,000,000 | ---D | C] -- C:\Users\CrieS\AppData\Local\PirritSuggestor
[2014.02.14 06:51:18 | 000,000,000 | ---D | C] -- C:\Users\CrieS\AppData\Roaming\TorTemp
[2014.02.13 21:02:34 | 000,018,816 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2014.02.13 21:02:30 | 000,000,000 | ---D | C] -- C:\Users\CrieS\AppData\Roaming\systweak
[2014.02.13 21:02:01 | 000,000,000 | ---D | C] -- C:\Users\CrieS\AppData\Local\Pirrit Suggestor
[2014.02.13 21:01:59 | 000,000,000 | ---D | C] -- C:\Users\CrieS\AppData\Roaming\Pirrit
[2014.02.13 21:01:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pirrit
[2014.02.12 07:12:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\%LocalAppData%
[2014.02.12 06:49:54 | 000,000,000 | -HSD | C] -- C:\found.004
[2013.08.11 14:54:09 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.exe
[2012.10.31 10:54:33 | 001,165,616 | ---- | C] (AMD Inc.) -- C:\Program Files\catalyst_mobility_64-bit_util.exe
[2 C:\Users\CrieS\Desktop\*.tmp files -> C:\Users\CrieS\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.02.16 13:54:05 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.16 13:52:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.16 13:39:05 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.16 13:39:05 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.16 13:37:16 | 000,229,000 | ---- | M] () -- C:\Users\CrieS\Desktop\orig.jpg
[2014.02.16 12:21:02 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.16 12:21:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.16 11:57:55 | 000,158,897 | ---- | M] () -- C:\Users\CrieS\Desktop\Bez názvu1.png
[2014.02.16 11:57:34 | 000,207,774 | ---- | M] () -- C:\Users\CrieS\Desktop\Bez názvu.jpg
[2014.02.16 11:40:10 | 000,187,461 | ---- | M] () -- C:\Users\CrieS\Desktop\obr1.jpg
[2014.02.16 11:29:13 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.16 11:28:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.16 11:28:50 | 2801,197,056 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.16 11:06:29 | 000,286,225 | ---- | M] () -- C:\Users\CrieS\Desktop\Bez názvu.png
[2014.02.16 10:36:39 | 000,294,044 | ---- | M] () -- C:\Users\CrieS\Desktop\obr.jpg
[2014.02.16 10:08:38 | 000,015,327 | ---- | M] () -- C:\Users\CrieS\Desktop\LM.bat
[2014.02.16 10:03:33 | 002,152,960 | ---- | M] (Farbar) -- C:\Users\CrieS\Desktop\FRST64.exe
[2014.02.16 10:03:10 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014.02.16 00:30:26 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.15 22:27:24 | 549,550,661 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014.02.15 22:07:28 | 000,000,219 | ---- | M] () -- C:\Users\CrieS\Desktop\Dota 2.url
[2014.02.13 14:02:14 | 001,759,824 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.13 14:02:14 | 000,731,756 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.13 14:02:14 | 000,717,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.13 14:02:14 | 000,164,510 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.13 14:02:14 | 000,145,482 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2 C:\Users\CrieS\Desktop\*.tmp files -> C:\Users\CrieS\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.02.16 13:52:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.16 13:37:16 | 000,229,000 | ---- | C] () -- C:\Users\CrieS\Desktop\orig.jpg
[2014.02.16 11:57:55 | 000,158,897 | ---- | C] () -- C:\Users\CrieS\Desktop\Bez názvu1.png
[2014.02.16 11:56:49 | 000,207,774 | ---- | C] () -- C:\Users\CrieS\Desktop\Bez názvu.jpg
[2014.02.16 11:40:10 | 000,187,461 | ---- | C] () -- C:\Users\CrieS\Desktop\obr1.jpg
[2014.02.16 11:06:20 | 000,286,225 | ---- | C] () -- C:\Users\CrieS\Desktop\Bez názvu.png
[2014.02.16 10:36:39 | 000,294,044 | ---- | C] () -- C:\Users\CrieS\Desktop\obr.jpg
[2014.02.16 10:08:38 | 000,015,327 | ---- | C] () -- C:\Users\CrieS\Desktop\LM.bat
[2014.02.16 10:03:12 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014.02.16 10:03:12 | 000,001,129 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014.02.16 00:30:26 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.15 22:07:28 | 000,000,219 | ---- | C] () -- C:\Users\CrieS\Desktop\Dota 2.url
[2014.01.23 01:30:34 | 000,000,132 | ---- | C] () -- C:\Users\CrieS\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2013.11.28 20:13:39 | 000,000,600 | ---- | C] () -- C:\Users\CrieS\AppData\Roaming\winscp.rnd
[2013.11.26 14:12:12 | 000,001,480 | ---- | C] () -- C:\Users\CrieS\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2013.09.25 14:50:49 | 000,000,132 | ---- | C] () -- C:\Users\CrieS\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
[2013.08.13 13:53:50 | 000,003,004 | ---- | C] () -- C:\Program Files (x86)\WebCakeLayers.crx
[2013.02.15 22:21:07 | 000,000,750 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2013.02.15 22:19:57 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2013.02.06 10:13:24 | 000,000,180 | ---- | C] () -- C:\Users\CrieS\.packettracer
[2012.11.26 20:16:07 | 000,000,132 | ---- | C] () -- C:\Users\CrieS\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.11.01 20:09:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.10.31 20:35:52 | 001,739,046 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.28 02:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 02:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.22 10:13:31 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\AVG2014
[2013.07.25 18:53:57 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Babylon
[2013.03.31 18:18:43 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.10.31 20:26:51 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\DAEMON Tools Lite
[2012.12.04 13:04:21 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\ESET
[2013.02.13 10:13:32 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\fizzy
[2013.09.28 17:00:56 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Kalypso Media
[2013.05.14 19:33:06 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Mount&Blade Warband
[2013.02.15 22:25:54 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\MyHeritage
[2014.02.16 10:03:20 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Opera Software
[2014.02.13 21:01:59 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Pirrit
[2012.11.01 16:04:17 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Synaptics
[2014.02.14 06:54:57 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\systweak
[2013.02.15 22:19:57 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2013.10.12 09:58:48 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\The Creative Assembly
[2014.01.14 22:08:03 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\TS3Client
[2013.09.22 10:12:25 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\TuneUp Software
[2013.09.26 18:39:08 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Unitech LLC
[2013.10.01 11:26:39 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Unity
[2012.12.03 14:54:03 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\WildTangent
[2013.09.27 10:13:29 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.09.27 10:13:29 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014.02.12 07:02:23 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\AVG2014
[2013.09.27 10:13:29 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\TuneUp Software

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,546 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.10.31 17:05:39 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.31 17:05:40 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[133 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\avg_a01288\ProgData\*.tmp files -> C:\Windows\Temp\avg_a01288\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a01288\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a01288\ProgFiles\AVG Secure Search\*.tmp -> ]
[1 C:\Windows\Temp\avg_a02672\ProgData\*.tmp files -> C:\Windows\Temp\avg_a02672\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a02672\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a02672\ProgFiles\AVG Secure Search\*.tmp -> ]
[1 C:\Windows\Temp\avg_a03796\ProgData\*.tmp files -> C:\Windows\Temp\avg_a03796\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a03796\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a03796\ProgFiles\AVG Secure Search\*.tmp -> ]
[1 C:\Windows\Temp\avg_a04336\ProgData\*.tmp files -> C:\Windows\Temp\avg_a04336\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a04336\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a04336\ProgFiles\AVG Secure Search\*.tmp -> ]
[1 C:\Windows\Temp\avg_a04932\ProgData\*.tmp files -> C:\Windows\Temp\avg_a04932\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a04932\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a04932\ProgFiles\AVG Secure Search\*.tmp -> ]
[1 C:\Windows\Temp\avg_a05476\ProgData\*.tmp files -> C:\Windows\Temp\avg_a05476\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a05476\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a05476\ProgFiles\AVG Secure Search\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.12.31 20:19:31 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Adobe
[2012.11.01 20:14:34 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\ATI
[2013.09.22 10:13:31 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\AVG2014
[2013.07.25 18:53:57 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Babylon
[2013.03.31 18:18:43 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.02.12 14:48:23 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Corel
[2012.10.31 20:26:51 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\DAEMON Tools Lite
[2012.12.04 13:04:21 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\ESET
[2013.02.13 10:13:32 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\fizzy
[2012.11.02 13:10:47 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Hewlett-Packard
[2012.11.02 13:10:46 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\hpqLog
[2012.10.31 10:18:02 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Identities
[2012.10.31 15:59:39 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\InstallShield
[2013.09.28 17:00:56 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Kalypso Media
[2012.11.06 14:32:42 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Macromedia
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Media Center Programs
[2014.01.21 20:48:41 | 000,000,000 | --SD | M] -- C:\Users\CrieS\AppData\Roaming\Microsoft
[2013.05.14 19:33:06 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Mount&Blade Warband
[2013.07.25 18:52:45 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Mozilla
[2013.02.15 22:25:54 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\MyHeritage
[2013.01.28 16:37:40 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Nero
[2014.02.16 10:03:20 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Opera Software
[2014.02.13 21:01:59 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Pirrit
[2013.09.04 20:08:20 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\PSpad
[2014.02.16 14:42:08 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Skype
[2012.11.01 16:04:17 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Synaptics
[2014.02.14 06:54:57 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\systweak
[2013.02.15 22:19:57 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2013.10.12 09:58:48 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\The Creative Assembly
[2014.02.14 06:53:14 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\TorTemp
[2014.01.14 22:08:03 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\TS3Client
[2013.09.22 10:12:25 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\TuneUp Software
[2013.09.26 18:39:08 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Unitech LLC
[2013.10.01 11:26:39 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\Unity
[2014.02.15 03:31:35 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\vlc
[2012.12.03 14:54:03 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\WildTangent
[2012.11.01 16:33:14 | 000,000,000 | ---D | M] -- C:\Users\CrieS\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.11.02 13:10:47 | 000,794,112 | ---- | M] (Hewlett-Packard Company) -- C:\Users\CrieS\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe
[2013.03.31 18:16:57 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Users\CrieS\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.09.30 21:21:39 | 000,004,286 | R--- | M] () -- C:\Users\CrieS\AppData\Roaming\Microsoft\Installer\{BDE637EA-7109-456A-BAE9-A37ABF526584}\_6FEFF9B68218417F98F549.exe
[2013.09.30 21:21:39 | 000,004,286 | R--- | M] () -- C:\Users\CrieS\AppData\Roaming\Microsoft\Installer\{BDE637EA-7109-456A-BAE9-A37ABF526584}\_7A5D72FB06F00C1AAC73EC.exe
[2013.09.30 21:21:39 | 000,004,286 | R--- | M] () -- C:\Users\CrieS\AppData\Roaming\Microsoft\Installer\{BDE637EA-7109-456A-BAE9-A37ABF526584}\_907B688FD32B11E51C14A9.exe
[2011.12.21 17:38:42 | 000,113,680 | ---- | M] () -- C:\Users\CrieS\AppData\Roaming\MyHeritage\Bin\Convert\Convertor.exe
[2011.12.21 17:38:44 | 000,113,680 | ---- | M] () -- C:\Users\CrieS\AppData\Roaming\MyHeritage\Bin\Convert\ConvertorFDB.exe
[2011.12.21 17:38:46 | 000,047,104 | ---- | M] () -- C:\Users\CrieS\AppData\Roaming\MyHeritage\Bin\Convert\depcheck.exe
[2011.12.21 17:01:20 | 000,110,592 | ---- | M] () -- C:\Users\CrieS\AppData\Roaming\MyHeritage\Bin\Convert\gbtest.exe
[2011.12.21 17:01:34 | 000,058,896 | ---- | M] () -- C:\Users\CrieS\AppData\Roaming\MyHeritage\Bin\Detect\Detect.exe
[2014.02.14 06:51:59 | 009,166,177 | ---- | M] ( ) -- C:\Users\CrieS\AppData\Roaming\TorTemp\_\install-torload.exe
[2013.09.26 20:25:05 | 004,012,152 | ---- | M] (WildTangent, Inc.) -- C:\Users\CrieS\AppData\Roaming\WildTangent\Updater\GameConsole\GameConsole-4.0.30.26.exe
[2012.11.29 02:52:04 | 000,049,824 | ---- | M] (WildTangent) -- C:\Users\CrieS\AppData\Roaming\WildTangent\Updater\GameConsole\Park-{eecd7878-6094-4c62-9ed9-25ef716b0dda}.exe
[2012.12.03 14:54:25 | 000,213,560 | ---- | M] (WildTangent, Inc.) -- C:\Users\CrieS\AppData\Roaming\WildTangent\WildTangent Games\App\Downloads\bridgeconstructor\Download\brandinfo_wildgames_1.0.0.354.exe
[2012.12.03 14:54:23 | 000,466,688 | ---- | M] (WildTangent, Inc.) -- C:\Users\CrieS\AppData\Roaming\WildTangent\WildTangent Games\App\Downloads\bridgeconstructor\Download\catalyst_1.0.0.442.exe
[2012.12.03 14:54:24 | 000,083,304 | ---- | M] (WildTangent, Inc.) -- C:\Users\CrieS\AppData\Roaming\WildTangent\WildTangent Games\App\Downloads\bridgeconstructor\Download\pkgtype_1.0.0.65.exe
[2012.12.03 14:54:26 | 000,231,912 | ---- | M] (WildTangent, Inc.) -- C:\Users\CrieS\AppData\Roaming\WildTangent\WildTangent Games\App\Downloads\bridgeconstructor\Download\prodinfo_bridgeconstructor_1.0.1.3004.exe
[2012.05.22 02:34:34 | 000,571,040 | ---- | M] (WildTangent, Inc.) -- C:\Users\CrieS\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.02.16 11:29:13 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.02.16 13:54:05 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.02.16 12:21:02 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014.02.16 12:21:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 16:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"FixMyRegistry" = C:\Program Files (x86)\SmartTweak Software\FixMyRegistry\FixMyRegistry.exe /ot /as -- [2012.10.19 19:41:12 | 001,795,768 | ---- | M] ()
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2014.02.11 06:45:53 | 001,824,000 | ---- | M] (Valve Corporation)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 17:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"RGSC" = C:\Hry\GTA IV PC Version\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.11.14 14:35:36 | 000,305,064 | R--- | M] (Take-Two Interactive Software, Inc.)
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.02.22 05:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) MD5=5640B4C10682FBC39C86C8C7A8392B5E -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.16 13:52:34 | 000,000,512 | ---- | M] () MD5=292CBFADA444CFF8F78D75FB00D3EB6F -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.10.12 07:38:55 | 057,217,859 | ---- | M] () -- \Hry\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch.rar
[2003.12.05 13:52:40 | 000,000,796 | ---- | M] () -- \Hry\GTA San Andreas\data\Decision\Craig\crack1.ped
[2009.01.19 13:27:44 | 000,083,645 | ---- | M] () -- \Hry\M&B Warband – kopie\Mount&Blade Warband\Sounds\Fire_Small_Crackle_Slick_op.ogg
[2010.05.05 19:15:06 | 000,699,192 | ---- | M] () -- \Hry\M&B Warband\Mount&Blade Warband\Modules\1860s Old America v. 0.99g\Textures\cracked_ground_a.dds
[2010.05.05 19:15:06 | 000,699,192 | ---- | M] () -- \Hry\M&B Warband\Mount&Blade Warband\Modules\1860s Old America v. 0.99g\Textures\cracked_ground_a_high.dds
[2013.04.09 17:55:20 | 002,034,060 | ---- | M] () -- \Hry\M&B Warband\Mount&Blade Warband\Modules\totsk\Sounds\Fire_Small_Crackle_Slick_op.wav
[2009.01.19 13:27:44 | 000,083,645 | ---- | M] () -- \Hry\M&B Warband\Mount&Blade Warband\Sounds\Fire_Small_Crackle_Slick_op.ogg
[2008.07.03 16:52:32 | 000,000,553 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS20\PATH\crack1.pth
[2008.07.03 16:52:32 | 000,000,664 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS20\PATH\crack2.pth
[2008.07.03 16:52:32 | 000,000,671 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS20\PATH\crack31.pth
[2008.07.03 16:52:32 | 000,000,444 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS20\PATH\crack32.pth
[2008.08.05 23:35:44 | 000,011,714 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS20\Scripts\crack.cfg
[2008.09.10 18:38:44 | 000,005,107 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS20\Scripts\sl_crack.cfg
[2008.06.28 12:48:10 | 000,000,553 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS91\PATH\crack1.pth
[2008.06.28 12:48:10 | 000,000,664 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS91\PATH\crack2.pth
[2008.06.28 12:48:10 | 000,000,671 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS91\PATH\crack31.pth
[2008.06.28 12:48:10 | 000,000,444 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS91\PATH\crack32.pth
[2008.11.16 00:31:46 | 000,011,889 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS91\Scripts\crack.cfg
[2008.11.11 21:19:10 | 000,005,930 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Areas\BIOS91\Scripts\sl_crack.cfg
[2008.11.02 15:30:18 | 000,019,998 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Models\Characters\Things\IceParts\ice_crack.CMF
[2008.09.22 19:56:06 | 000,001,467 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Scripts\emitters\emgfx\Presets\Sparks\red_crack_sparks.cfg
[2008.11.02 15:30:18 | 000,001,916 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Scripts\environments\Things\ice_crack.phys
[2008.09.10 18:38:40 | 000,385,688 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Tracks\Characters\Actors\_Hero\Hero_sledge_crack_fall.CHA
[2007.03.05 17:34:24 | 000,641,764 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Tracks\Characters\Actors\Muffled_half\Muffled_cracking_the_door.CHA
[2007.08.20 17:06:02 | 000,004,380 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Tracks\Characters\Devices\Sledge\crack_fall.CHA
[2008.06.28 16:20:32 | 000,006,760 | ---- | M] () -- \Program Files (x86)\505games\1C\Cryostasis\Data\Tracks\Characters\Devices\Sledge\crack_fall_all.CHA
[2002.12.18 17:10:46 | 000,092,827 | ---- | M] () -- \Program Files (x86)\Corel\Corel Graphics 12\Custom Data\Bumpmap\Cracks.cpt
[2002.12.16 18:44:50 | 000,016,068 | ---- | M] () -- \Program Files (x86)\Corel\Corel Graphics 12\Custom Data\Canvas\cracks2c.pcx
[2002.12.16 18:44:30 | 000,010,560 | ---- | M] () -- \Program Files (x86)\Corel\Corel Graphics 12\Custom Data\Tiles\CRACKS2M.CPT
[2014.02.15 22:11:03 | 000,015,770 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota\addons\nian\resource\flash3\images\items\firecrackers.png
[2014.02.06 16:13:11 | 000,000,748 | ---- | M] () -- \Users\CrieS\AppData\Roaming\Microsoft\Windows\Recent\Rome-total-war-2-CRACK-by-LukaSsQo.lnk
[2014.02.06 12:56:07 | 000,000,778 | ---- | M] () -- \Users\CrieS\AppData\Roaming\Microsoft\Windows\Recent\Total-War-Rome-2-(2013)-CZ-+-CRACK.part1.lnk
[2014.02.06 16:09:09 | 000,000,778 | ---- | M] () -- \Users\CrieS\AppData\Roaming\Microsoft\Windows\Recent\Total-War-Rome-2-(2013)-CZ-+-CRACK.part2.lnk
[2014.02.06 16:09:05 | 000,000,778 | ---- | M] () -- \Users\CrieS\AppData\Roaming\Microsoft\Windows\Recent\Total-War-Rome-2-(2013)-CZ-+-CRACK.part3.lnk
[2014.02.06 16:08:59 | 000,000,778 | ---- | M] () -- \Users\CrieS\AppData\Roaming\Microsoft\Windows\Recent\Total-War-Rome-2-(2013)-CZ-+-CRACK.part5.lnk
[2014.02.06 16:08:49 | 000,000,778 | ---- | M] () -- \Users\CrieS\AppData\Roaming\Microsoft\Windows\Recent\Total-War-Rome-2-(2013)-CZ-+-CRACK.part6.lnk
[2011.04.14 15:37:40 | 009,250,287 | ---- | M] () -- \Users\CrieS\Desktop\Hry\New folder (2)\SWORDS_AND_SANDALS_2_ALREADY_CRACKED_(FULL).zip
[2012.11.05 19:00:33 | 1992,294,400 | ---- | M] () -- \Users\CrieS\Downloads\Avatar-PC-(pc-hra+crack+patch).part1 (1).rar
[2012.11.06 19:51:26 | 1892,278,595 | ---- | M] () -- \Users\CrieS\Downloads\Avatar-PC-(pc-hra+crack+patch).part2 (1).rar
[2012.11.06 01:05:19 | 1892,278,595 | ---- | M] () -- \Users\CrieS\Downloads\Avatar-PC-(pc-hra+crack+patch).part2.rar
[2013.05.02 20:57:48 | 678,444,987 | ---- | M] () -- \Users\CrieS\Downloads\Mount-and-blade-Warband-(hra+patch+crack).rar
[2013.09.28 16:32:46 | 1100,000,000 | ---- | M] () -- \Users\CrieS\Downloads\Port-royale-3+crack,cestina,patch.part1 (1).rar
[2013.09.27 01:01:15 | 1100,000,000 | ---- | M] () -- \Users\CrieS\Downloads\Port-royale-3+crack,cestina,patch.part2.rar
[2013.09.28 13:19:25 | 1100,000,000 | ---- | M] () -- \Users\CrieS\Downloads\Port-royale-3+crack,cestina,patch.part3.rar
[2013.09.28 14:59:11 | 967,025,965 | ---- | M] () -- \Users\CrieS\Downloads\Port-royale-3+crack,cestina,patch.part4.rar
[2014.02.06 16:13:09 | 001,068,281 | ---- | M] () -- \Users\CrieS\Downloads\Rome-total-war-2-CRACK-by-LukaSsQo.rar
[2013.10.10 20:55:18 | 1610,612,736 | ---- | M] () -- \Users\CrieS\Downloads\Total-War-Rome-2-(2013)-CZ-+-CRACK.part1.rar
[2013.10.11 00:05:04 | 1610,612,736 | ---- | M] () -- \Users\CrieS\Downloads\Total-War-Rome-2-(2013)-CZ-+-CRACK.part2.rar
[2013.10.11 11:16:14 | 1610,612,736 | ---- | M] () -- \Users\CrieS\Downloads\Total-War-Rome-2-(2013)-CZ-+-CRACK.part3.rar
[2013.10.11 17:28:58 | 1610,612,736 | ---- | M] () -- \Users\CrieS\Downloads\Total-War-Rome-2-(2013)-CZ-+-CRACK.part4.rar
[2013.10.11 17:27:13 | 1610,612,736 | ---- | M] () -- \Users\CrieS\Downloads\Total-War-Rome-2-(2013)-CZ-+-CRACK.part5.rar
[2013.10.11 17:31:45 | 035,295,472 | ---- | M] () -- \Users\CrieS\Downloads\Total-War-Rome-2-(2013)-CZ-+-CRACK.part6.rar

< *keygen* /s >
[2011.10.07 16:10:26 | 000,098,304 | ---- | M] () -- \Hry\Call of Duty 4 - Modern Warfare\Keygen-COD4.exe
[2012.05.12 19:34:09 | 000,313,344 | ---- | M] () -- \Users\CrieS\Desktop\Programy\Adobe Photoshop CS5 CZ\Adobe Photoshop CS5 CZ - KEYGEN.exe
[2012.05.12 19:34:09 | 000,313,344 | ---- | M] () -- \Users\CrieS\Desktop\Programy\Adobe Photoshop CS5 CZ\Crack\Adobe Photoshop CS5 CZ - KEYGEN.exe
[2012.05.12 19:53:24 | 000,003,121 | ---- | M] () -- \Users\CrieS\Desktop\Programy\Adobe Photoshop CS5 CZ\Crack\KeyGen-Readme.txt

< *loader* /s >
[2010.11.03 18:52:14 | 000,003,153 | ---- | M] () -- \Hry\GTA San Andreas\mods\deathmatch\resources\race_model_reloader\modelreloader_client.lua
[2012.06.28 16:12:36 | 000,000,941 | ---- | M] () -- \Hry\Killing Floor\Killing Floor\KF_revLoader – zástupce.lnk
[2009.05.01 22:49:58 | 000,034,304 | ---- | M] () -- \Hry\Killing Floor\Killing Floor\KF_revLoader.exe
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.11.13 03:54:34 | 000,070,944 | ---- | M] () -- \Program Files (x86)\AGEIA Technologies\demos\physxloader.dll
[2014.01.09 08:24:09 | 000,004,178 | ---- | M] () -- \Program Files (x86)\AVG Secure Search\Chrome\content\icons\loader.gif
[2014.01.09 08:24:09 | 000,019,497 | ---- | M] () -- \Program Files (x86)\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.tlb
[2010.03.18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2012.12.06 23:38:40 | 000,268,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.12.30 04:33:17 | 002,475,304 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Kernel\CES\CES_3DLoaderFBX.dll
[2012.02.06 07:37:36 | 000,124,200 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Koan\pyloader.dll
[2011.12.30 04:33:33 | 000,006,629 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Presentation\UI\Import\ThumbnailLoader.kc
[2011.12.30 04:33:37 | 000,012,172 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\PyUploader.kc
[2011.12.30 04:33:37 | 000,188,136 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\_PyUploader.pyd
[2011.12.30 04:33:37 | 000,007,658 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\Model\SlideShowProduction\ProfileLoader.kc
[2009.07.22 09:17:52 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2010.03.18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll
[2010.03.18 01:57:18 | 000,001,373 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll.manifest
[2010.03.18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.tlb
[2009.08.31 04:51:22 | 000,001,648 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\include\afxribboninfoloader.h
[2009.08.31 04:51:22 | 000,004,525 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2013.10.23 21:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2014.01.09 22:41:42 | 000,169,384 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Half-Life\cstrike\models\qloader.mdl
[2014.01.09 21:51:43 | 000,352,548 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Half-Life\valve\models\loader.mdl
[2014.01.09 22:04:25 | 000,012,764 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Half-Life\valve\sound\ambience\loader_hydra1.wav
[2014.01.09 22:04:07 | 000,012,164 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Half-Life\valve\sound\ambience\loader_step1.wav
[2012.05.21 22:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012.07.19 00:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2013.06.13 23:04:54 | 000,009,106 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2013.06.13 23:04:54 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2012.12.06 23:38:40 | 000,364,088 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.07.22 09:17:50 | 000,027,672 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2009.07.22 09:17:50 | 000,027,672 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2012.06.09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.07.26 22:47:04 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 12:36:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012.07.09 23:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2014.02.11 06:03:29 | 000,001,206 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Windows\Tasks\FreeHDSport TV-codedownloader.job
[2012.07.26 22:47:04 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 12:36:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012.07.09 23:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2014.02.16 00:30:37 | 000,004,178 | ---- | M] () -- \Users\CrieS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.0.49_1\content\icons\loader.gif
[2014.02.15 22:44:36 | 000,111,438 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\25LQ1C2N\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014.02.15 16:46:36 | 000,001,537 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\25LQ1C2N\AdLoader[1].htm
[2014.02.15 16:46:36 | 000,111,438 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YMI8AJO\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014.02.15 21:13:20 | 000,001,537 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YMI8AJO\AdLoader[1].htm
[2014.02.16 12:18:07 | 000,000,723 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YMI8AJO\downloaderror[1].js
[2014.02.16 12:18:07 | 000,001,174 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YMI8AJO\downloader[1].js
[2014.02.16 00:20:02 | 000,005,615 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YMI8AJO\pagePlatformLoader[1].js
[2014.02.16 00:20:51 | 000,027,094 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YMI8AJO\sf_preloader[1].js
[9 \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YMI8AJO\*.tmp files -> \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YMI8AJO\*.tmp -> ]
[2014.02.13 20:53:35 | 000,001,537 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CC0GC26C\AdLoader[1].htm
[2014.02.15 22:44:35 | 000,001,537 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T186XZ2V\AdLoader[1].htm
[2014.02.15 21:13:20 | 000,111,438 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YRUOXW62\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014.01.31 19:19:23 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0CHE1FM8\iframeToasterLoader[1].htm
[2014.01.31 19:50:06 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0CHE1FM8\iframeToasterLoader[2].htm
[2014.01.31 21:06:43 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0CHE1FM8\iframeToasterLoader[3].htm
[2014.02.06 17:13:05 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0CHE1FM8\iframeToasterLoader[4].htm
[2014.02.06 17:13:05 | 000,007,246 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0CHE1FM8\mpvPopUpLoader[1].js
[2014.02.14 15:46:12 | 000,005,615 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0CHE1FM8\pagePlatformLoader[1].js
[2014.01.25 13:59:45 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0XRHWTUU\iframeToasterLoader[1].htm
[2014.01.25 16:21:23 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0XRHWTUU\iframeToasterLoader[2].htm
[2014.01.25 16:34:17 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0XRHWTUU\iframeToasterLoader[3].htm
[2014.02.07 12:48:17 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0XRHWTUU\iframeToasterLoader[4].htm
[2014.01.25 20:16:34 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\iframeToasterLoader[1].htm
[2014.01.26 08:16:39 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\iframeToasterLoader[2].htm
[2014.01.31 17:39:28 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\iframeToasterLoader[3].htm
[2014.01.31 19:39:26 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\iframeToasterLoader[4].htm
[2014.02.14 15:54:27 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\iframeToasterLoader[5].htm
[2014.02.14 15:46:47 | 000,007,246 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\mpvPopUpLoader[1].js
[2014.01.31 13:29:40 | 000,017,859 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\mpvToasterLoader[1].js
[2014.02.14 15:46:47 | 000,017,859 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\mpvToasterLoader[2].js
[2014.01.26 14:16:40 | 000,005,615 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\pagePlatformLoader[1].js
[2014.01.31 13:28:36 | 000,005,615 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\pagePlatformLoader[2].js
[2014.01.26 14:51:54 | 000,063,383 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\sf_preloader[1].js
[2014.01.31 13:29:32 | 000,066,162 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\sf_preloader[2].js
[2014.02.04 12:25:18 | 000,070,059 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7BA2BUES\sf_preloader[3].js
Nahoru
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Re: Reklamy v textu v prohlížeči

#13 Příspěvek od CrieS »

OTL.Txt
(2./2)
_____________________
[2014.01.25 13:17:52 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8BWSYZLV\iframeToasterLoader[1].htm
[2014.01.25 16:12:46 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8BWSYZLV\iframeToasterLoader[2].htm
[2014.01.31 17:27:54 | 000,003,096 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\iframePopUpLoader[1].htm
[2014.01.31 19:40:06 | 000,003,096 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\iframePopUpLoader[2].htm
[2014.01.31 13:29:40 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\iframeToasterLoader[1].htm
[2014.01.31 17:27:47 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\iframeToasterLoader[2].htm
[2014.01.31 17:34:23 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\iframeToasterLoader[3].htm
[2014.01.31 20:08:38 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\iframeToasterLoader[4].htm
[2014.01.31 20:45:51 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\iframeToasterLoader[5].htm
[2014.02.04 12:25:17 | 000,005,615 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\pagePlatformLoader[1].js
[2014.02.06 17:12:45 | 000,070,847 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\sf_preloader[1].js
[2014.02.14 15:45:52 | 000,071,665 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FT3LPO5C\sf_preloader[2].js
[2014.01.25 13:39:09 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GCHZNFYS\iframeToasterLoader[1].htm
[2014.01.25 14:08:34 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GCHZNFYS\iframeToasterLoader[2].htm
[2014.02.16 00:27:40 | 000,025,003 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GCHZNFYS\iframeToasterLoader[3].htm
[2013.09.17 20:04:27 | 000,058,601 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GCHZNFYS\sf_preloader[2].js
[2014.01.31 21:00:08 | 000,004,448 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\Advert.Advantage.Reloader[1].js
[2014.02.14 15:50:20 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoaderCAHAJPV8.htm
[2014.02.06 17:16:49 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[10].htm
[2014.02.14 15:46:47 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[11].htm
[2014.01.31 17:31:10 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[1].htm
[2014.01.31 17:39:42 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[2].htm
[2014.01.31 17:43:33 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[3].htm
[2014.01.31 17:50:16 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[4].htm
[2014.01.31 18:02:59 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[5].htm
[2014.01.31 18:27:20 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[6].htm
[2014.01.31 20:51:43 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[7].htm
[2014.01.31 20:55:32 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[8].htm
[2014.01.31 21:00:20 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\iframeToasterLoader[9].htm
[2014.01.31 13:29:40 | 000,007,246 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\mpvPopUpLoader[1].js
[2014.02.06 17:13:05 | 000,017,859 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\mpvToasterLoader[1].js
[2014.02.06 17:12:48 | 000,005,615 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7SSJS4P\pagePlatformLoader[1].js
[2013.12.04 14:26:34 | 000,002,705 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\cssloader-libs-flashmessages-flashmessages-css-9159dc1865bfe7ae9c1951f2fe12f01d[1].css
[2013.12.04 14:26:34 | 000,000,608 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\cssloader-libs-netteajax-ajax-css-55a587e7ed21065fd9fc8df57bcd46d4[1].css
[2013.12.04 14:26:34 | 000,000,740 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\cssloader-libs-tooltip-tooltip-css-0236be5aafbf765712ab271a24c84d6b[1].css
[2014.01.25 15:57:23 | 000,003,096 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\iframePopUpLoader[1].htm
[2014.01.25 16:12:54 | 000,003,096 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\iframePopUpLoader[2].htm
[2014.01.25 12:28:45 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\iframeToasterLoader[1].htm
[2014.01.25 14:26:05 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\iframeToasterLoader[2].htm
[2014.01.25 16:30:21 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\iframeToasterLoader[3].htm
[2014.02.16 00:26:27 | 000,025,003 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\iframeToasterLoader[4].htm
[2013.12.04 14:26:36 | 000,003,808 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\jsloader-libs-tooltip-tooltip-js-5e35b75984c3a37824625f8aa7695f25[1].js
[2014.01.23 16:50:13 | 000,007,246 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\mpvPopUpLoader[1].js
[2014.01.22 22:49:46 | 000,005,615 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\pagePlatformLoader[1].js
[2014.01.23 15:44:27 | 000,063,383 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KRLZJQ4O\sf_preloader[1].js
[2013.12.04 14:26:40 | 000,021,104 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\cssloader-css-frontend-jquery-ui-1-8-24-custom-css-3f5534002fb53420275bddf701dd4fb0[1].css
[2014.01.25 13:03:57 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\iframeToasterLoader[1].htm
[2014.01.25 13:09:22 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\iframeToasterLoader[2].htm
[2014.01.25 12:55:31 | 000,271,150 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\jsloader-a587d658e955[1].js
[2013.12.04 14:26:36 | 000,033,414 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\jsloader-js-jquery-mcustomscrollbar-js-698873eba97b7579ed4e104e7b68b2b1[1].js
[2013.12.04 14:26:36 | 000,094,839 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\jsloader-libs-jquery-jquery-js-6aa6e4f3e21c67cd1c613e17c12f507a[1].js
[2013.12.04 14:26:36 | 000,005,877 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\jsloader-libs-jquery-jquery-livequery-js-1c2eee4f0affa44eb5fa250474f00699[1].js
[2013.12.04 14:26:35 | 000,000,858 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\jsloader-libs-jquery-ui-i18n-ui-datepicker-cs-js-b2ba57d47e475351ec60d873005ad71c[1].js
[2013.12.04 14:26:37 | 000,206,617 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\jsloader-libs-jquery-ui-jquery-ui-js-15e8b78992390432fc0801408bca27bb[1].js
[2013.12.04 14:26:34 | 000,005,754 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\jsloader-libs-netteajax-jquery-nette-js-d830205b32c0d344a38e466ff303039d[1].js
[2014.01.23 00:56:39 | 000,007,246 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\mpvPopUpLoader[1].js
[2014.01.23 15:44:29 | 000,005,615 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\pagePlatformLoader[1].js
[2014.01.22 22:49:39 | 000,063,356 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQDKF140\sf_preloader[1].js
[2012.10.31 17:05:06 | 000,002,756 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PZV4YIN2\RmsLoader[1].js
[2014.01.18 14:04:23 | 000,002,448 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\ajax_loader_bar[1].gif
[2013.12.04 14:26:34 | 000,005,573 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\cssloader-libs-colorbox-colorbox-css-fc0159912649370ee3911195178386b3[1].css
[2014.01.23 16:50:13 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\iframeToasterLoader[1].htm
[2014.01.25 12:13:23 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\iframeToasterLoader[2].htm
[2014.01.25 13:00:09 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\iframeToasterLoader[3].htm
[2014.01.25 13:09:26 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\iframeToasterLoader[4].htm
[2014.02.06 17:25:29 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\iframeToasterLoader[5].htm
[2013.12.04 14:26:35 | 000,000,844 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\jsloader-js-countdown-js-1a12b6a1cccd743a5df5522b1a2d066b[1].js
[2013.12.04 14:26:36 | 000,000,144 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\jsloader-js-jstranslator-jstranslator-js-dde209a6bbaa59bbb5e73b2e5681b5dd[1].js
[2013.12.04 14:26:36 | 000,006,607 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\jsloader-js-scripts-js-ee4cb0998bad8303338bfc978cb3b058[1].js
[2013.12.04 14:26:35 | 000,000,231 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\jsloader-libs-flashmessages-flashmessages-js-17312792e34408c1ee5eb858f3ce39b1[1].js
[2014.01.18 13:57:12 | 000,063,045 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RWD7AKBO\sf_preloader[1].js
[2014.01.25 14:08:30 | 000,004,178 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\ajax-loader[1].gif
[2013.12.04 14:26:34 | 000,059,846 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\cssloader-css-frontend-design-css-b51897eff313bafbb9dbeced8d6276b7[1].css
[2013.12.04 14:26:36 | 000,004,060 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\cssloader-css-frontend-jquery-mcustomscrollbar-css-765a79eefc19a72e6b9847bbf464931f[1].css
[2014.01.23 17:12:48 | 000,003,096 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\iframePopUpLoader[1].htm
[2014.01.25 12:55:51 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\iframeToasterLoader[1].htm
[2014.01.25 15:54:46 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\iframeToasterLoader[2].htm
[2014.01.25 16:38:38 | 000,005,011 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\iframeToasterLoader[3].htm
[2014.02.16 00:23:13 | 000,025,003 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\iframeToasterLoader[4].htm
[2013.12.04 14:26:36 | 000,001,392 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\jsloader-js-jquery-mousewheel-min-js-37038fd776ed8e69efcc29262917590a[1].js
[2013.12.04 14:26:36 | 000,000,369 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\jsloader-js-jstranslator-cs-cz-js-7f1698f18f768f7fdbc35a3cb77a3bb1[1].js
[2013.12.04 14:26:35 | 000,009,192 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\jsloader-libs-colorbox-jquery-colorbox-min-js-783328e48c3d43f664d5a12772f35268[1].js
[2014.01.23 16:50:13 | 000,017,859 | ---- | M] () -- \Users\CrieS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W82LSRVC\mpvToasterLoader[1].js
[2013.09.22 10:11:06 | 000,006,494 | ---- | M] () -- \Users\CrieS\AppData\Local\Temp\avg_a01216\ProgData\AVG Secure Search\FireFoxExt\15.1.0.2\modules\skin\ajax-loader.gif
[2013.09.22 10:11:06 | 000,000,729 | ---- | M] () -- \Users\CrieS\AppData\Local\Temp\avg_a01216\ProgData\AVG Secure Search\FireFoxExt\15.1.0.2\modules\skin\loader.gif
[2013.09.22 10:11:06 | 000,019,497 | ---- | M] () -- \Users\CrieS\AppData\Local\Temp\avg_a01216\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.09.22 10:11:46 | 000,006,494 | ---- | M] () -- \Users\CrieS\AppData\Local\Temp\avg_a03560\ProgData\AVG Secure Search\FireFoxExt\15.4.0.5\modules\skin\ajax-loader.gif
[2013.09.22 10:11:47 | 000,000,729 | ---- | M] () -- \Users\CrieS\AppData\Local\Temp\avg_a03560\ProgData\AVG Secure Search\FireFoxExt\15.4.0.5\modules\skin\loader.gif
[2013.09.22 10:11:47 | 000,019,497 | ---- | M] () -- \Users\CrieS\AppData\Local\Temp\avg_a03560\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2014.02.16 11:10:24 | 000,003,208 | ---- | M] () -- \Users\CrieS\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp\1.7.3_0\skin\ajax-loader.gif
[2012.11.04 16:42:18 | 000,373,432 | ---- | M] () -- \Users\CrieS\Downloads\SoftonicDownloader_for_avatar-the-game.exe
[2012.11.06 15:12:10 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.02.15 19:53:00 | 000,016,106 | ---- | M] () -- \Windows\Prefetch\FREEHDSPORT TV-CODEDOWNLOADER-BE222B74.pf
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2010.11.20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2010.11.20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.08.29 08:57:16 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2014.02.12 06:20:54 | 000,004,178 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.0.49_0\content\icons\loader.gif
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2008.08.29 08:57:16 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2014.02.12 06:20:54 | 000,004,178 | ---- | M] () -- \Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.0.49_0\content\icons\loader.gif
[2013.09.23 12:39:37 | 000,006,494 | ---- | M] () -- \Windows\Temp\avg_a01288\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\ajax-loader.gif
[2013.09.23 12:39:37 | 000,000,729 | ---- | M] () -- \Windows\Temp\avg_a01288\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\loader.gif
[2013.09.23 12:39:37 | 000,019,497 | ---- | M] () -- \Windows\Temp\avg_a01288\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2014.01.09 08:24:09 | 000,006,494 | ---- | M] () -- \Windows\Temp\avg_a02672\ProgData\AVG Secure Search\FireFoxExt\17.3.0.49\modules\skin\ajax-loader.gif
[2014.01.09 08:24:09 | 000,000,729 | ---- | M] () -- \Windows\Temp\avg_a02672\ProgData\AVG Secure Search\FireFoxExt\17.3.0.49\modules\skin\loader.gif
[2014.01.09 08:24:09 | 000,004,178 | ---- | M] () -- \Windows\Temp\avg_a02672\ProgFiles\AVG Secure Search\Chrome\content\icons\loader.gif
[2014.01.09 08:24:09 | 000,019,497 | ---- | M] () -- \Windows\Temp\avg_a02672\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.10.02 06:38:21 | 000,006,494 | ---- | M] () -- \Windows\Temp\avg_a03796\ProgData\AVG Secure Search\FireFoxExt\17.0.1.12\modules\skin\ajax-loader.gif
[2013.10.02 06:38:21 | 000,000,729 | ---- | M] () -- \Windows\Temp\avg_a03796\ProgData\AVG Secure Search\FireFoxExt\17.0.1.12\modules\skin\loader.gif
[2013.10.02 06:38:21 | 000,004,178 | ---- | M] () -- \Windows\Temp\avg_a03796\ProgFiles\AVG Secure Search\Chrome\content\icons\loader.gif
[2013.10.02 06:38:21 | 000,019,497 | ---- | M] () -- \Windows\Temp\avg_a03796\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.12.09 12:40:43 | 000,006,494 | ---- | M] () -- \Windows\Temp\avg_a04336\ProgData\AVG Secure Search\FireFoxExt\17.2.0.38\modules\skin\ajax-loader.gif
[2013.12.09 12:40:43 | 000,000,729 | ---- | M] () -- \Windows\Temp\avg_a04336\ProgData\AVG Secure Search\FireFoxExt\17.2.0.38\modules\skin\loader.gif
[2013.12.09 12:40:43 | 000,004,178 | ---- | M] () -- \Windows\Temp\avg_a04336\ProgFiles\AVG Secure Search\Chrome\content\icons\loader.gif
[2013.12.09 12:40:43 | 000,019,497 | ---- | M] () -- \Windows\Temp\avg_a04336\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.09.28 19:59:34 | 000,006,494 | ---- | M] () -- \Windows\Temp\avg_a04932\ProgData\AVG Secure Search\FireFoxExt\17.0.0.9\modules\skin\ajax-loader.gif
[2013.09.28 19:59:34 | 000,000,729 | ---- | M] () -- \Windows\Temp\avg_a04932\ProgData\AVG Secure Search\FireFoxExt\17.0.0.9\modules\skin\loader.gif
[2013.09.28 19:59:34 | 000,004,178 | ---- | M] () -- \Windows\Temp\avg_a04932\ProgFiles\AVG Secure Search\Chrome\content\icons\loader.gif
[2013.09.28 19:59:34 | 000,019,497 | ---- | M] () -- \Windows\Temp\avg_a04932\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.11.07 14:04:40 | 000,006,494 | ---- | M] () -- \Windows\Temp\avg_a05476\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\ajax-loader.gif
[2013.11.07 14:04:40 | 000,000,729 | ---- | M] () -- \Windows\Temp\avg_a05476\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\loader.gif
[2013.11.07 14:04:40 | 000,004,178 | ---- | M] () -- \Windows\Temp\avg_a05476\ProgFiles\AVG Secure Search\Chrome\content\icons\loader.gif
[2013.11.07 14:04:40 | 000,019,497 | ---- | M] () -- \Windows\Temp\avg_a05476\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.11.03 22:40:06 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2012.11.03 22:40:06 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2012.11.03 22:40:06 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2012.11.03 22:40:06 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2012.11.03 22:40:06 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:07F6D9E4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:05EE1EEF

< End of report >
Nahoru
CrieS
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 16 úno 2014 10:31

Re: Reklamy v textu v prohlížeči

#14 Příspěvek od CrieS »

Extras.Txt
___________________
OTL Extras logfile created on: 16.2.2014 13:48:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CrieS\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,48 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 39,56% Memory free
6,96 Gb Paging File | 4,25 Gb Available in Paging File | 61,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,54 Gb Total Space | 400,73 Gb Free Space | 57,37% Space Free | Partition Type: NTFS
Drive G: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: CRIES-PC | User Name: CrieS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-697164410-2571323111-710328384-1000\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D4A324A-8A40-455F-9029-0857DD68111C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{10B3943A-F415-465C-8FA3-F2337EB8D103}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1271F3A1-CD07-44BB-A665-EC045018FBE1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{189518F4-310C-4E8D-B5C5-76DE37D9D2D0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{196BD468-A1D0-464E-BF30-598229C2BA8D}" = rport=138 | protocol=17 | dir=out | app=system |
"{237253CE-A953-4833-85D0-1F15289863DF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{254ED8C4-173E-49D9-8C3E-DD28F462FC3B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{27D7F26F-3D57-42D0-A934-C7AB58199783}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{299C3D2C-8E5C-4F58-84AD-955AB140525E}" = lport=138 | protocol=17 | dir=in | app=system |
"{32F01B75-565C-49D4-B743-8B091A91E7B0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3E772D3E-B14F-445C-BA4D-9CDA51D2B9CE}" = rport=137 | protocol=17 | dir=out | app=system |
"{44AE8511-AD2F-4AEC-BD88-BF38E2F70135}" = rport=139 | protocol=6 | dir=out | app=system |
"{4C590143-5424-4CC9-8E8C-A6C878E9D720}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6405ECA9-8A2C-4469-83B8-8A4DEFEAE731}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{641E3D02-6640-4A52-A480-5BC4B98F1A3D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7F60219A-0652-42F7-B661-FFE4CE5E793D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7FE9D749-4C8D-4A7A-A2C2-117E374A0B8A}" = lport=445 | protocol=6 | dir=in | app=system |
"{85F57385-C4ED-445E-A255-992A3DF554F5}" = rport=445 | protocol=6 | dir=out | app=system |
"{860EDAC9-00EE-4EA9-9F61-A9EE9A87A4E8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{91430328-7AF2-4E82-8212-1E4BF6859CC3}" = lport=139 | protocol=6 | dir=in | app=system |
"{A0EE8C32-76F5-4059-B9D1-12421CEF1C31}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5F9A270-5805-43A2-8037-80E24226870B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B1BC7AA6-110F-4A6C-82F2-3ADEAD520639}" = lport=137 | protocol=17 | dir=in | app=system |
"{B241376F-D2FB-41B1-A25F-C47EF601170D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F6DC70F5-18AB-44CC-AD40-C67165CEC376}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{036643C0-6F2A-4BAF-A5E5-9F041E340E9F}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{0475CA1B-BC51-4450-8C6E-A20A961BDEF1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{079CD490-934B-4DBC-AD37-5C401BB33C80}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{08A446E9-7389-45DD-B2DF-055D5818E809}" = protocol=17 | dir=in | app=c:\users\cries\appdata\local\temp\torload.exe |
"{0903C563-0047-4F7B-9FB6-9302E6F72615}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{0AA1C06A-5E00-4420-BEA9-B1CF604FBAE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0C18D37B-D3DE-4157-BA41-38D797AD8DC3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{0F3D689D-EFA4-4B24-8D0F-88B6F1257323}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{0FF93C2C-27BD-4F1D-BDFA-DA837032D023}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1061C1CD-39EC-434D-8F57-1C418F98B6C8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{16C60545-86EB-4BB6-9944-7316405335DB}" = protocol=6 | dir=in | app=c:\hry\gta iv pc version\grand theft auto iv\launchgtaiv.exe |
"{1951D126-64DE-4AC8-BCFD-8B1F88EB5525}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D7AB131-D434-4374-B06C-7E23E69D309B}" = protocol=6 | dir=out | app=system |
"{1E843418-1A7F-462A-A227-FA7ADBD47755}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe |
"{216A98EC-7D35-4BCD-B8D5-5535C45598FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{228094DC-202E-4F11-81A3-1AA12BBA3238}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{231F8046-5C1A-4A91-9FAD-2DA05D142FAB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{23780585-B976-4CAB-89DF-ED81385E1B9E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{26BA44CA-6747-46E3-BD48-2BF83EA74A28}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{3431D1C5-E83F-4978-9D64-3BAAE5C9412C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{34561515-25C6-4F9A-A70A-51FD198FFD31}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{35D99313-4988-48FE-837C-33F1C339CBE0}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{3715843A-A9DB-48C2-AEC3-BB172149CD1E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{373558EA-07EF-42C3-85D3-9E91B42AB4B3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\crazyw0lfcs\counter-strike\hl.exe |
"{3829B9F1-20DB-43D0-A718-D3688A7A43C7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3C70C5C4-C725-4695-BFCC-76341FE863A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\crazyw0lfcs\counter-strike\hl.exe |
"{40766486-F16E-456E-B66D-C802A4B1C771}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{40D31F3A-6E9E-4644-B04B-E71F3682DEFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{42BEBEBF-45AA-48F0-87A9-D4D89DE6F139}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4C031AC0-8FBD-495A-8B1D-6A16878C7FEE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F05A9AA-8170-4302-8D5A-99CA266F8DD7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{500CB979-FBE8-4667-9044-3958C09DD030}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter.exe |
"{5088F03E-8D39-4DB1-97C6-49D59CCEAC51}" = protocol=6 | dir=in | app=c:\users\cries\appdata\local\temp\torload.exe |
"{52336776-4EE7-4910-ABA0-3147CBC59047}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{5294EF00-A28C-4D91-9F52-FDBFB761CFFA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5A898E9D-C981-4EFA-90ED-4B3C1016D3EE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{5AAC2821-81D6-4936-9E3D-72FE6193C500}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5C0F9B9B-4430-4CB4-93B5-10B3A66B2B36}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C6A095F-6B9D-49EC-A654-E4166AB63D58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{5D4E741C-06F7-478D-B75D-43C373C3A085}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5E81C143-AA6D-40FF-B8EE-A5DF3C69882F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{65F45C5C-E8B0-4872-8D0B-B6CA3453BC14}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{781E1206-16B0-4072-BAD1-61C2FD544F2D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{792D67CB-4C51-488B-91DC-850E98AD4E09}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{7ACEF76B-423F-4FEA-9097-B138F526A0E2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe |
"{7AD2444A-ED54-4118-813F-3C75E84B9D70}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{7BA55B9A-A853-46CB-AF8F-209F38CB6FF8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{7BAC4E18-6936-4347-BC33-5330517FFED9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{81103F32-281A-458B-B8EA-FE9E57A15CC0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{81F05821-7859-448E-9BC3-D8DD980220EE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8391ACF8-E823-483E-A7B4-94608868BE5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8C7DB2B0-3B53-42E5-B599-0AE99DAE9336}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\crazyw0lfcs\counter-strike\hl.exe |
"{93D35393-8139-4FF3-B55A-597108559BA5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{97EF73F4-B407-4BC3-8A6F-8D74C7C46876}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{9B72B0B6-E61E-44BE-A397-A0386D71AE04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter.exe |
"{9C625AD6-04FE-4A96-8516-F05BD5FC4AFE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A18E2471-C354-4542-AF18-EC17FBA167A8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A314CE77-6D06-4837-A2B5-80F14936EA60}" = protocol=6 | dir=in | app=c:\hry\gta iv pc version\rockstar games social club\rgsclauncher.exe |
"{A53D0B21-4587-4B28-8EB2-5912DF4BE2A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A85F777E-AAB7-4AC7-BD53-C7BC700D5ADF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA7C3808-33F5-4667-B82B-AED8B1B7ECB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{B0736526-AFA2-4D18-98D4-530E709DF7DB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B08B9210-6226-4EE2-B57E-20B2FB4E6DB8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{B446F722-3F95-4975-8EB6-699500A8BFB6}" = protocol=17 | dir=in | app=c:\hry\gta iv pc version\grand theft auto iv\launchgtaiv.exe |
"{B5374C90-ABFE-4373-B0AF-A08CBAA2CD3A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{BF8EF135-CE46-4C5D-A2C3-FA25D7FCA3C7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C4FD5CBB-C4E9-48C4-99B8-8030315ED8F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C76BA7F5-A558-452E-9DE8-047094CAC843}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CB2A6BBF-9B4E-4561-B46A-EBB28B2031F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CCC2AD24-0A53-4D57-9BDB-026E0F6EF51B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CD20B0D2-E548-4387-B65E-01FD3E0DEB03}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D368F4AC-26E1-44D1-AB05-7087C7398FCE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D63F8C2C-AA4E-42CB-B408-F85A51E3877E}" = protocol=17 | dir=in | app=c:\hry\gta iv pc version\rockstar games social club\rgsclauncher.exe |
"{DD4E2239-7998-4009-8245-7D60831481F0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E07854FF-16AC-4E52-8259-60130932E8F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E0E841DA-71FB-4CD8-8E2F-40F5D5E280A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\crazyw0lfcs\counter-strike\hl.exe |
"{E2CD7826-5032-4842-A061-270E133C61C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{E2D38838-A92C-4A94-B665-4ABEC3E8E123}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E379F87B-E24B-4047-98E7-2831C0A23B64}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{E7D750FF-DC29-4913-906C-FBD174F4EAEC}" = dir=in | app=c:\program files (x86)\kalypso media\port royale 3\portroyale3.exe |
"{EE84441A-ED5E-4607-B2EA-3F6AF9F66FD1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EED486F7-872B-499D-B26C-37E932E374A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F0B8BCC7-9E63-4B11-9917-7ED532D056BB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F83D9B67-AAB5-415E-8928-313A149FD461}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter.exe |
"{FD539914-1908-4087-8C52-F90B6729AEE5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{FF082F5E-6873-4190-B090-5170B16557D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FF5482F7-720B-4FB9-80F0-C54489DDF76A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter.exe |
"TCP Query User{1816900A-486C-47F3-B5EC-348664C0CF7A}C:\hry\rld-fifa13\game\game\fifa13.exe" = protocol=6 | dir=in | app=c:\hry\rld-fifa13\game\game\fifa13.exe |
"TCP Query User{4128D91A-9A14-47F5-BBBC-0DA3D012C39D}C:\hry\rld-fifa13\game\game\fifa13.exe" = protocol=6 | dir=in | app=c:\hry\rld-fifa13\game\game\fifa13.exe |
"TCP Query User{5021B3E7-2955-4102-A246-E93D06DE7634}C:\hry\killing floor\killing floor\system\killingfloor.exe" = protocol=6 | dir=in | app=c:\hry\killing floor\killing floor\system\killingfloor.exe |
"TCP Query User{5B4D3034-CB95-49C6-BA4C-30D61FB1EB6E}C:\hry\avatar\bin\avatar.exe" = protocol=6 | dir=in | app=c:\hry\avatar\bin\avatar.exe |
"TCP Query User{60829940-59F1-4648-8AC6-A40D32D04B34}C:\hry\cod2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\hry\cod2\cod2mp_s.exe |
"TCP Query User{694A66FD-82E8-4FFE-B335-6F14703220F2}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe |
"TCP Query User{7F1614B0-F1D5-45F9-98E8-AEA91536C87F}C:\hry\nfsmostwanted\speed.exe" = protocol=6 | dir=in | app=c:\hry\nfsmostwanted\speed.exe |
"TCP Query User{977071FA-0598-4A4E-99EA-270F840D6620}C:\program files (x86)\total war rome ii cz\total war rome ii\rome2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\total war rome ii cz\total war rome ii\rome2.exe |
"TCP Query User{BE2D1669-9B96-43FD-B4C0-DC99FA0329FF}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"TCP Query User{DCAEF49F-08F3-486A-BAA8-340777A9870E}C:\hry\nhl 09\nhl2009 (2).exe" = protocol=6 | dir=in | app=c:\hry\nhl 09\nhl2009 (2).exe |
"TCP Query User{DDC5A590-A40B-4DF2-9105-B70F65A6D25B}C:\program files (x86)\total war rome ii cz\total war rome ii\rome2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\total war rome ii cz\total war rome ii\rome2.exe |
"TCP Query User{E248DB2D-B5F9-4B13-BE78-65357EF94F04}C:\hry\nhl 09\nhl2009.exe" = protocol=6 | dir=in | app=c:\hry\nhl 09\nhl2009.exe |
"UDP Query User{32EC5D60-7BCE-42EC-9A46-79649C80DCE5}C:\hry\killing floor\killing floor\system\killingfloor.exe" = protocol=17 | dir=in | app=c:\hry\killing floor\killing floor\system\killingfloor.exe |
"UDP Query User{372A973E-4B60-4D1F-A468-440D1B993896}C:\hry\nfsmostwanted\speed.exe" = protocol=17 | dir=in | app=c:\hry\nfsmostwanted\speed.exe |
"UDP Query User{391EE351-82B2-48F5-837D-66E62C1151EC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe |
"UDP Query User{71B8DBB2-4DFB-4170-BC75-F1777EF029D1}C:\hry\avatar\bin\avatar.exe" = protocol=17 | dir=in | app=c:\hry\avatar\bin\avatar.exe |
"UDP Query User{91EC7D33-1911-40E1-AD2B-9C092741B306}C:\hry\nhl 09\nhl2009 (2).exe" = protocol=17 | dir=in | app=c:\hry\nhl 09\nhl2009 (2).exe |
"UDP Query User{A3A8B749-CE43-4734-922E-0383AF1901B7}C:\hry\nhl 09\nhl2009.exe" = protocol=17 | dir=in | app=c:\hry\nhl 09\nhl2009.exe |
"UDP Query User{A521B36C-ADB3-408F-A95E-4CC7AA3DC87D}C:\program files (x86)\total war rome ii cz\total war rome ii\rome2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\total war rome ii cz\total war rome ii\rome2.exe |
"UDP Query User{A8C4A3EF-717B-4D2F-AF5B-15EF3C08D6F5}C:\program files (x86)\total war rome ii cz\total war rome ii\rome2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\total war rome ii cz\total war rome ii\rome2.exe |
"UDP Query User{BC48AB4A-CAE4-4C24-ACAE-9E6F2885A026}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"UDP Query User{D28D0DF8-6DE6-468C-BDEB-AB7D0377B35A}C:\hry\rld-fifa13\game\game\fifa13.exe" = protocol=17 | dir=in | app=c:\hry\rld-fifa13\game\game\fifa13.exe |
"UDP Query User{D44DB893-547A-4AB8-9F7B-02CD6F1F383E}C:\hry\rld-fifa13\game\game\fifa13.exe" = protocol=17 | dir=in | app=c:\hry\rld-fifa13\game\game\fifa13.exe |
"UDP Query User{DBCA4FDC-4636-4B6E-88D6-C2949F2BE017}C:\hry\cod2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\hry\cod2\cod2mp_s.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{16C7D2AD-20CA-491E-80BC-8607A9AACED9}" = Microsoft Web Platform Installer 4.6
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{34883B9C-CDFE-46F0-9C5B-935484C218C3}" = AVG 2014
"{41253317-0BF1-8A3C-2CED-0C7D8037E97E}" = AMD Fuel
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{79174AF2-6CB1-42F5-981E-66DCA49391D0}" = Validity WBF DDK
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{852B1308-4E5A-B54D-637D-F710D92C6930}" = AMD Accelerated Video Transcoding
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95518B59-44D9-430A-B12C-A582F18F5752}" = HP 3D DriveGuard
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ABFC0970-7FDF-9E49-C049-5D24CB1F150E}" = AMD Catalyst Install Manager
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = WebCake 3.00
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CE470020-CCCF-4C09-9AB9-B710A4FBE2C8}" = AVG 2014
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DE7BAEF8-C639-381A-D835-95BD517ED602}" = AMD Media Foundation Decoders
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{E88AD18B-D467-F11F-C431-99DE36FCACC7}" = ccc-utility64
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F972FD73-47FC-55F7-5EF1-8CA5311FF96E}" = AMD Drag and Drop Transcoding
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"AVG" = AVG 2014
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"HWiNFO64_is1" = HWiNFO64 Version 4.06
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"SynTPDeinstKey" = Synaptics TouchPad Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{11210BD7-A8EF-79EE-D18F-021D1E04A689}" = CCC Help Dutch
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{118AD615-8BCF-11D6-1700-B6763A0EA713}" = CCC Help Polish
"{145238D6-1ADD-15DD-4499-744215DCCD18}" = Catalyst Control Center InstallProxy
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15DEA4E9-E4AD-2A1A-4B59-89CA65D5075B}" = CCC Help Finnish
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{1AFD9DDB-FB24-F8C4-E792-03901C50490D}" = CCC Help Swedish
"{1B0FF612-0E07-4AB2-DD95-EB7651AEB3A1}" = CCC Help Italian
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{376A622B-F0FA-DDAB-9635-05D9F3F634D6}" = CCC Help Norwegian
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector 2011
"{48BA11B4-3E38-FA74-2D5A-003475844AA3}" = CCC Help Spanish
"{4DD75A56-D9DA-DD49-3507-470C7CA7B43F}" = CCC Help Chinese Standard
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5DB24244-5ABE-A87B-5FB1-95CF09F801A8}" = CCC Help German
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{61D73C02-EF3F-45D2-7F01-DCC4B1B39CC3}" = CCC Help Korean
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6DDC515D-1FE6-C5FC-E872-24D1B8B4C1A1}" = CCC Help Russian
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{7427941A-51A3-E2EB-BCD2-A1981DBCA4AD}" = Catalyst Control Center Graphics Previews Common
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{79A16F82-9F79-E47E-C6D4-206E7CC1D593}" = CCC Help Czech
"{8153BA0E-719E-3829-3B06-DC1412933BD6}" = CCC Help Japanese
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B7D9B66-1B53-D729-FD0C-ED38629FA407}" = CCC Help Greek
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A8C4B4-2B50-42D1-AFE6-5E8433185436}_is1" = Cryostasis (Remove Only)
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A4A550A8-4EEF-8577-1C15-E3C914FF4AD9}" = CCC Help Portuguese
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{A866F37D-0E46-1812-3E3C-9778D4A458B2}" = AMD VISION Engine Control Center
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF7FFC8-20C4-CB57-4982-68EB410EBBC7}" = CCC Help Danish
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AD4B6B20-11CE-2C81-9615-2DCAABF15966}" = CCC Help French
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BDE637EA-7109-456A-BAE9-A37ABF526584}" = PURE CSS Menu Maker - Free 1.12
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2872E18-8799-44A3-B6BD-AC535F1982A6}_is1" = Total War Rome II CZ version 1.0.0.
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1931310-EEF5-3B7A-0C57-01127888E4E4}" = CCC Help Turkish
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E7A94CD8-526B-FDD3-E16F-CB40A0747C70}" = CCC Help Chinese Traditional
"{E91BD0CF-EFA8-477C-8207-A026E70BBED9}" = CCC Help English
"{ECD4DCC1-C03F-8CC2-432B-317ECB9D6A09}" = Catalyst Control Center Localization All
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C1383A-4925-426C-88A6-E384E007DD24}" = FixMyRegistry
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F9F07F00-FF55-7752-7FF8-F512AF641BA9}" = CCC Help Thai
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFE0A7EE-0627-307D-F102-519B5B367703}" = CCC Help Hungarian
"1ClickDownload" = FirstRowSportApp
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AVG Secure Search" = AVG Security Toolbar
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Family Tree Builder" = MyHeritage Family Tree Builder
"FixMyRegistry" = FixMyRegistry
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector 2011
"ividi" = Unitech LLC toolbar
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mount&Blade Warband" = Mount&Blade Warband
"Mount&Blade: Warband - Napoleonic Wars" = Mount&Blade: Warband - Napoleonic Wars
"Opera 19.0.1326.63" = Opera Stable 19.0.1326.63
"Packet Tracer 5.1_is1" = Packet Tracer 5.1
"PokerStars" = PokerStars
"PROR" = Microsoft Office Professional 2007 Trial
"PSPad editor_is1" = PSPad editor
"Romae Bellum" = Romae Bellum 2.3
"Steam" = Steam
"Steam App 10" = Counter-Strike
"Steam App 109600" = Neverwinter
"Steam App 221100" = DayZ
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive
"Surf Canyon" = Fast Search
"Trusted Software Assistant_is1" = File Type Assistant
"VLC media player" = VLC media player 2.0.4
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"winscp3_is1" = WinSCP 5.1.7
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-697164410-2571323111-710328384-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4.10.2013 3:08:52 | Computer Name = CrieS-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 4.10.2013 5:29:06 | Computer Name = CrieS-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 4.10.2013 5:45:42 | Computer Name = CrieS-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 4.10.2013 5:49:57 | Computer Name = CrieS-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 4.10.2013 6:29:43 | Computer Name = CrieS-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 4.10.2013 8:14:52 | Computer Name = CrieS-PC | Source = Application Hang | ID = 1002
Description = Program gta_sa.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
166c Čas spuštění: 01cec0fae5066dd2 Čas ukončení: 385 Cesta k aplikaci: C:\Hry\GTA
San Andreas\gta_sa.exe ID hlášení:

Error - 4.10.2013 10:23:21 | Computer Name = CrieS-PC | Source = ESENT | ID = 447
Description = Catalog Database (1588) Catalog Database: V B-stromu (ObjectId: 8,
PgnoRoot: 35) v databázi C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
(1099 => 1985, 5806) bylo zjištěno chybné propojení stránek (chyba: -327).

Error - 4.10.2013 10:24:32 | Computer Name = CrieS-PC | Source = ESENT | ID = 447
Description = Catalog Database (1588) Catalog Database: V B-stromu (ObjectId: 8,
PgnoRoot: 35) v databázi C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
(1099 => 1985, 5806) bylo zjištěno chybné propojení stránek (chyba: -327).

Error - 5.10.2013 5:26:47 | Computer Name = CrieS-PC | Source = ESENT | ID = 447
Description = Catalog Database (1796) Catalog Database: V B-stromu (ObjectId: 8,
PgnoRoot: 35) v databázi C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
(1099 => 1985, 5806) bylo zjištěno chybné propojení stránek (chyba: -327).

Error - 5.10.2013 5:27:28 | Computer Name = CrieS-PC | Source = ESENT | ID = 447
Description = Catalog Database (1796) Catalog Database: V B-stromu (ObjectId: 8,
PgnoRoot: 35) v databázi C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
(1099 => 1985, 5806) bylo zjištěno chybné propojení stránek (chyba: -327).

[ System Events ]
Error - 16.2.2014 5:23:51 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7022
Description = Služba PirritUpdater přestala během spouštění reagovat.

Error - 16.2.2014 5:24:30 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Presentation Foundation Font
Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error - 16.2.2014 5:24:30 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla
při spuštění v důsledku následující chyby: %%1053

Error - 16.2.2014 5:46:47 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7034
Description = Služba PirritDesktop byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 16.2.2014 5:56:10 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7022
Description = Služba PirritDesktop přestala během spouštění reagovat.

Error - 16.2.2014 5:56:11 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7022
Description = Služba PirritUpdater přestala během spouštění reagovat.

Error - 16.2.2014 5:57:07 | Computer Name = CrieS-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 16.2.2014 6:20:03 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7034
Description = Služba PirritDesktop byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 16.2.2014 6:31:57 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7022
Description = Služba PirritDesktop přestala během spouštění reagovat.

Error - 16.2.2014 6:31:57 | Computer Name = CrieS-PC | Source = Service Control Manager | ID = 7022
Description = Služba PirritUpdater přestala během spouštění reagovat.


< End of report >

____________________________

Dneska už se sem nedostanu, tak prosím o trochu trpělivosti, než znova odpovím, tipoval bych to na zítřejší odpoledne.
Ještě jednou děkuji mockrát za čas, který mi obětujete :-).
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy v textu v prohlížeči

#15 Příspěvek od vyosek »

Tak se ted kamarada zeptejte, jak si zlegalizovat system :wink:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“