VIRY.CZ

Dobrý deň,poprosil by som o kontrolu mojho logu nakolko mi NB hádže často bluescreen(modrá smrť) vopred dakujem

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by Saimon (administrator) on SAIMON-PC on 27-05-2014 21:27:37
Running from C:\Users\Saimon\Desktop
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TUAutoUpdateCheck.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(House of Life) C:\Program Files\BitLord\Bitlord files\bitlord.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(forum.viry.cz) C:\Users\Saimon\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [Aeria Ignite] => C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2014-03-05] (Microsoft Corporation)
HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Saimon\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\...\MountPoints2: {82080c21-a360-11e3-b47a-b888e3d12056} - F:\AUTORUN.EXE
HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\...\Winlogon: [Shell]
HKU\S-1-5-21-3211541326-2053572210-2390753330-1001\...\MountPoints2: {82080c21-a360-11e3-b47a-b888e3d12056} - F:\setup.exe
IFEO\aeriaignite.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\p4admin.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\p4merge.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\p4v.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\sptdinst-x86.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT33195 ... F826&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x60E326581537CF01
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx? ... rms}&SSPV=
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx? ... rms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... earchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx? ... rms}&SSPV=
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO: ValueApps - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Shopping Suggestion - {F6C07882-D703-4DD5-905A-2C4E815A5066} - C:\Users\Saimon\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll (WW3, LLC)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP82C0CD3A-4C8A-419D-926B-314476C0F826&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Saimon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\user.js
FF SearchPlugin: C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\searchplugins\conduit-search.xml
FF Extension: Value Apps - C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\Extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd} [2014-03-03]
FF Extension: . - C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\Extensions\{4e38134d-ba98-4066-b898-e296d8acc938}.xpi [2014-03-16]
FF Extension: Shopping Suggestion - C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi [2014-03-16]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]

========================== Services (Whitelisted) =================

S3 ArcService; C:\Program Files\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-04-18] (Perfect World Entertainment Inc)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-30] (Intel Corporation)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios)
S4 Perforce; C:\Program Files\Perforce\Server\p4s.exe [2944056 2013-11-11] (Perforce Software Inc.)
S2 ProtectMonitor; C:\Program Files\PCData\StartHelp.exe [90680 2014-03-14] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1740088 2013-09-23] (AVG)
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-04-09] ()
S3 apf005; C:\Windows\system32\apf005.sys [14160 2014-04-10] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [123160 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [199960 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [150296 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22296 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [238872 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [108312 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [28440 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [211224 2014-03-31] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-04] (Disc Soft Ltd)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn00.sys [10339840 2012-02-20] (Intel Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [25376 2013-09-05] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-27 21:27 - 2014-05-27 21:27 - 00012762 _____ () C:\Users\Saimon\Desktop\FRST.txt
2014-05-27 21:27 - 2014-05-27 21:27 - 00000000 ____D () C:\FRST
2014-05-27 21:25 - 2014-05-27 21:25 - 00112640 _____ (forum.viry.cz) C:\Users\Saimon\Desktop\FRSTLauncher.exe
2014-05-27 21:24 - 2014-05-27 21:24 - 01056256 _____ (Farbar) C:\Users\Saimon\Desktop\FRST.exe
2014-05-27 18:41 - 2014-05-27 18:41 - 00159368 _____ () C:\Windows\Minidump\052714-44429-01.dmp
2014-05-27 15:50 - 2014-05-27 15:50 - 00159360 _____ () C:\Windows\Minidump\052714-46878-01.dmp
2014-05-26 18:54 - 2014-05-26 18:59 - 54362860 _____ (PWO Team ) C:\Users\Saimon\Downloads\PWOSetup194A.exe
2014-05-26 17:58 - 2014-05-26 17:59 - 05531058 _____ () C:\Users\Saimon\Downloads\POKÉMON_GENESIS.zip
2014-05-26 17:47 - 2014-05-26 17:47 - 00519979 _____ () C:\Users\Saimon\Downloads\PsgXbeta5.zip
2014-05-26 17:40 - 2014-05-26 17:40 - 00116076 _____ () C:\Users\Saimon\Downloads\A-Trainer.rar
2014-05-26 17:39 - 2007-12-02 09:24 - 00513872 _____ () C:\Users\Saimon\Desktop\Crystal Shards beta1.ips
2014-05-26 17:38 - 2014-05-26 18:53 - 00002062 _____ () C:\Users\Saimon\Desktop\vba.ini
2014-05-26 17:38 - 2005-10-01 14:08 - 01974352 _____ (None) C:\Users\Saimon\Desktop\VisualBoyAdvance.exe
2014-05-26 17:35 - 2014-05-26 17:35 - 00659797 _____ () C:\Users\Saimon\Downloads\VisualBoyAdvance-1.8.0-beta3.zip
2014-05-26 17:34 - 2014-05-26 17:34 - 00233009 _____ () C:\Users\Saimon\Downloads\pcsbeta1.zip
2014-05-24 14:31 - 2014-05-24 14:32 - 00159016 _____ () C:\Windows\Minidump\052414-40482-01.dmp
2014-05-24 11:46 - 2014-05-24 11:46 - 00158920 _____ () C:\Windows\Minidump\052414-58110-01.dmp
2014-05-24 08:55 - 2014-05-24 08:55 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-21 15:43 - 2014-05-21 15:44 - 00001743 _____ () C:\Users\Saimon\Desktop\farcry3 - Shortcut.lnk
2014-05-21 15:35 - 2014-05-21 15:35 - 00000000 ____D () C:\ProgramData\Orbit
2014-05-20 22:40 - 2014-05-20 22:40 - 00002072 _____ () C:\Users\Saimon\Desktop\Warcraft III eSK.lnk
2014-05-20 22:35 - 2014-05-20 22:40 - 00000000 ____D () C:\Program Files\Warcraft III Frozen Throne eSK
2014-05-19 21:15 - 2014-05-19 21:15 - 00000218 _____ () C:\Users\Saimon\AppData\Local\recently-used.xbel
2014-05-18 12:09 - 2014-05-18 12:09 - 00001243 _____ () C:\Users\Saimon\Desktop\Far Cry 3.lnk
2014-05-18 12:09 - 2014-05-18 12:09 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\Far Cry 3
2014-05-18 12:09 - 2014-05-18 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-05-18 09:15 - 2014-05-18 09:15 - 00000000 ____D () C:\Program Files\R.G. Mechanics
2014-05-17 13:46 - 2014-05-26 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pokemon World Online
2014-05-17 13:42 - 2014-05-17 13:43 - 51861434 _____ (PWO Team ) C:\Users\Saimon\Downloads\PWOSetup193.exe
2014-05-16 13:42 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 13:42 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 13:42 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 13:41 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 13:41 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 13:41 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 13:41 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 13:41 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 13:41 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 13:41 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 13:41 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-16 13:41 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 13:41 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 13:41 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 13:41 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 13:39 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 18:39 - 2014-05-14 18:39 - 00000000 ____D () C:\Users\Saimon\Documents\TecmoKoei
2014-05-14 14:38 - 2014-05-14 14:39 - 54213078 _____ () C:\Users\Saimon\Downloads\DW7 English Patch v1.1.rar
2014-05-14 13:31 - 2014-05-14 13:31 - 00000000 ____D () C:\Program Files\TecmoKoei
2014-05-13 22:16 - 2014-05-13 22:16 - 01182632 _____ () C:\Users\Saimon\Documents\gg.themepack
2014-05-13 16:22 - 2014-05-13 16:23 - 07818998 _____ () C:\Users\Saimon\Downloads\Grand.Theft.Auto.IV.Crack.Offline.Activation(1).zip
2014-05-13 16:18 - 2014-05-13 16:19 - 04901698 _____ () C:\Users\Saimon\Downloads\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip
2014-05-13 14:33 - 2014-05-13 14:33 - 00000000 ____D () C:\Users\Saimon\Documents\Rockstar Games
2014-05-13 06:43 - 2014-05-13 06:43 - 00107888 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
2014-05-13 06:23 - 2014-05-13 06:23 - 00000455 _____ () C:\Windows\KB926239.log
2014-05-13 06:22 - 2014-05-13 06:22 - 00000445 _____ () C:\Windows\WMFDist11.log
2014-05-13 06:22 - 2014-05-13 06:22 - 00000444 _____ () C:\Windows\Wudf01000Inst.log
2014-05-13 06:22 - 2014-05-13 06:22 - 00000000 ____D () C:\Windows\system32\xlive
2014-05-13 06:22 - 2014-05-13 06:22 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE
2014-05-12 23:45 - 2014-05-12 23:45 - 00577063 _____ () C:\Users\Saimon\Downloads\Skyrim Character Editor V1_3 Zip-3142-1-3.zip
2014-05-12 23:00 - 2014-05-18 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-05-12 23:00 - 2014-05-17 10:50 - 00000000 ____D () C:\Program Files\Rockstar Games
2014-05-12 19:05 - 2014-05-27 18:41 - 00000000 ____D () C:\Windows\Minidump
2014-05-12 19:05 - 2014-05-27 18:40 - 296293602 _____ () C:\Windows\MEMORY.DMP
2014-05-12 19:05 - 2014-05-12 19:06 - 00158920 _____ () C:\Windows\Minidump\051214-41028-01.dmp
2014-05-04 10:14 - 2014-05-04 11:27 - 00000000 ____D () C:\Users\Saimon\Documents\Prototype
2014-05-03 21:04 - 2014-05-03 21:04 - 00002393 _____ () C:\Users\Saimon\Desktop\Play PROTOTYPE.lnk
2014-05-02 19:07 - 2014-05-02 19:07 - 00001665 _____ () C:\Users\Public\Desktop\Play Hellgate.lnk
2014-05-02 18:59 - 2014-05-02 18:59 - 00000000 ____D () C:\T3Fun
2014-05-02 17:42 - 2014-05-02 17:42 - 00121266 _____ () C:\Users\Saimon\Downloads\hellgate-london-v1.0-dx9-trainer-plus7.zip
2014-05-02 17:37 - 2014-05-02 17:37 - 00000000 __RHD () C:\Users\Saimon\AppData\Roaming\SecuROM
2014-05-02 14:43 - 2014-05-02 14:43 - 00000000 ____D () C:\Program Files\Flagship Studios
2014-05-01 16:26 - 2014-05-01 16:42 - 582671666 _____ () C:\Users\Saimon\Downloads\Spider.mp4
2014-05-01 14:04 - 2014-05-01 14:04 - 00000000 ____D () C:\Users\Saimon\Documents\DayZ
2014-05-01 14:04 - 2014-05-01 14:04 - 00000000 ____D () C:\Users\Saimon\AppData\Local\DayZ
2014-05-01 13:48 - 2014-05-04 02:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZ Standalone
2014-05-01 13:35 - 2014-05-01 14:02 - 00000000 ____D () C:\Program Files\DayZ Standalone
2014-04-30 16:53 - 2014-04-30 16:53 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\krita
2014-04-30 16:52 - 2014-05-18 12:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-29 14:36 - 2014-04-29 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-27 18:47 - 2014-04-27 18:47 - 14113777 _____ () C:\Users\Saimon\Downloads\Animation_ Boeing's Crew Space Transportation (CST)-100.mov
2014-04-27 18:45 - 2014-04-27 18:46 - 08530300 _____ () C:\Users\Saimon\Downloads\Animation_ Boeing's Crew Space Transportation (CST)-100.avi
2014-04-27 14:28 - 2014-04-27 18:57 - 07579652 _____ () C:\Users\Saimon\Desktop\Budúcnosť kozmonautiky.pptx

==================== One Month Modified Files and Folders =======

2014-05-27 21:27 - 2014-05-27 21:27 - 00012762 _____ () C:\Users\Saimon\Desktop\FRST.txt
2014-05-27 21:27 - 2014-05-27 21:27 - 00000000 ____D () C:\FRST
2014-05-27 21:25 - 2014-05-27 21:25 - 00112640 _____ (forum.viry.cz) C:\Users\Saimon\Desktop\FRSTLauncher.exe
2014-05-27 21:24 - 2014-05-27 21:24 - 01056256 _____ (Farbar) C:\Users\Saimon\Desktop\FRST.exe
2014-05-27 21:20 - 2014-03-03 22:15 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\Skype
2014-05-27 21:19 - 2014-03-03 20:43 - 02004888 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 21:19 - 2014-03-03 20:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 18:51 - 2014-03-03 20:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-27 18:49 - 2014-03-03 21:11 - 00000000 ____D () C:\Program Files\Steam
2014-05-27 18:41 - 2014-05-27 18:41 - 00159368 _____ () C:\Windows\Minidump\052714-44429-01.dmp
2014-05-27 18:41 - 2014-05-12 19:05 - 00000000 ____D () C:\Windows\Minidump
2014-05-27 18:41 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 18:41 - 2009-07-14 06:39 - 00029760 _____ () C:\Windows\setupact.log
2014-05-27 18:40 - 2014-05-12 19:05 - 296293602 _____ () C:\Windows\MEMORY.DMP
2014-05-27 17:50 - 2009-07-14 06:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 17:50 - 2009-07-14 06:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 15:50 - 2014-05-27 15:50 - 00159360 _____ () C:\Windows\Minidump\052714-46878-01.dmp
2014-05-26 22:07 - 2014-03-22 09:45 - 00000148 _____ () C:\Users\Saimon\Documents\PWOOptions.ini
2014-05-26 21:04 - 2014-05-17 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pokemon World Online
2014-05-26 21:04 - 2014-03-22 09:37 - 00000000 ____D () C:\Program Files\Pokemon World Online
2014-05-26 18:59 - 2014-05-26 18:54 - 54362860 _____ (PWO Team ) C:\Users\Saimon\Downloads\PWOSetup194A.exe
2014-05-26 18:53 - 2014-05-26 17:38 - 00002062 _____ () C:\Users\Saimon\Desktop\vba.ini
2014-05-26 17:59 - 2014-05-26 17:58 - 05531058 _____ () C:\Users\Saimon\Downloads\POKÉMON_GENESIS.zip
2014-05-26 17:47 - 2014-05-26 17:47 - 00519979 _____ () C:\Users\Saimon\Downloads\PsgXbeta5.zip
2014-05-26 17:45 - 2014-03-04 14:33 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-26 17:40 - 2014-05-26 17:40 - 00116076 _____ () C:\Users\Saimon\Downloads\A-Trainer.rar
2014-05-26 17:35 - 2014-05-26 17:35 - 00659797 _____ () C:\Users\Saimon\Downloads\VisualBoyAdvance-1.8.0-beta3.zip
2014-05-26 17:34 - 2014-05-26 17:34 - 00233009 _____ () C:\Users\Saimon\Downloads\pcsbeta1.zip
2014-05-25 17:21 - 2014-04-24 18:40 - 00000000 ____D () C:\Program Files\The Walking Dead Survival Instinct
2014-05-25 16:57 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-24 14:32 - 2014-05-24 14:31 - 00159016 _____ () C:\Windows\Minidump\052414-40482-01.dmp
2014-05-24 11:46 - 2014-05-24 11:46 - 00158920 _____ () C:\Windows\Minidump\052414-58110-01.dmp
2014-05-24 10:52 - 2014-04-08 11:03 - 00000000 ____D () C:\Users\Saimon\Documents\Games
2014-05-24 08:55 - 2014-05-24 08:55 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-24 08:55 - 2014-03-03 22:15 - 00000000 ___RD () C:\Program Files\Skype
2014-05-24 08:55 - 2014-03-03 22:15 - 00000000 ____D () C:\ProgramData\Skype
2014-05-23 20:56 - 2014-03-05 14:14 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\Tunngle
2014-05-23 20:56 - 2014-03-05 14:14 - 00000000 ____D () C:\ProgramData\Tunngle
2014-05-23 20:50 - 2014-03-05 19:26 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\TS3Client
2014-05-23 19:14 - 2014-03-05 18:03 - 00000000 _____ () C:\Windows\system32\Access.dat
2014-05-23 13:33 - 2009-07-14 06:53 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-22 21:44 - 2014-03-03 21:19 - 00000000 ____D () C:\Users\Saimon\Documents\BitLord
2014-05-22 21:41 - 2014-03-03 21:29 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\BitLord
2014-05-22 20:07 - 2014-03-03 21:11 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-05-21 16:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-05-21 15:44 - 2014-05-21 15:43 - 00001743 _____ () C:\Users\Saimon\Desktop\farcry3 - Shortcut.lnk
2014-05-21 15:35 - 2014-05-21 15:35 - 00000000 ____D () C:\ProgramData\Orbit
2014-05-20 22:42 - 2014-04-03 18:06 - 00000000 ____D () C:\Users\Saimon\Desktop\livthad
2014-05-20 22:42 - 2014-03-09 16:37 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-20 22:40 - 2014-05-20 22:40 - 00002072 _____ () C:\Users\Saimon\Desktop\Warcraft III eSK.lnk
2014-05-20 22:40 - 2014-05-20 22:35 - 00000000 ____D () C:\Program Files\Warcraft III Frozen Throne eSK
2014-05-19 21:15 - 2014-05-19 21:15 - 00000218 _____ () C:\Users\Saimon\AppData\Local\recently-used.xbel
2014-05-19 06:57 - 2014-03-05 07:44 - 00089554 _____ () C:\Windows\PFRO.log
2014-05-18 17:16 - 2014-03-03 20:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-18 12:09 - 2014-05-18 12:09 - 00001243 _____ () C:\Users\Saimon\Desktop\Far Cry 3.lnk
2014-05-18 12:09 - 2014-05-18 12:09 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\Far Cry 3
2014-05-18 12:09 - 2014-05-18 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-05-18 12:09 - 2014-04-30 16:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-18 12:09 - 2014-03-09 10:10 - 00000000 ____D () C:\Users\Saimon\Documents\My Games
2014-05-18 10:03 - 2014-04-04 15:16 - 00000000 ____D () C:\Program Files\Torchlight II
2014-05-18 10:03 - 2014-03-29 20:04 - 00000000 ____D () C:\Program Files\Thief
2014-05-18 09:58 - 2014-04-09 02:42 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-05-18 09:58 - 2014-04-09 00:20 - 00000000 ____D () C:\AeriaGames
2014-05-18 09:51 - 2014-05-12 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-05-18 09:51 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-18 09:15 - 2014-05-18 09:15 - 00000000 ____D () C:\Program Files\R.G. Mechanics
2014-05-17 15:52 - 2014-03-03 21:29 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
2014-05-17 15:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-17 13:43 - 2014-05-17 13:42 - 51861434 _____ (PWO Team ) C:\Users\Saimon\Downloads\PWOSetup193.exe
2014-05-17 10:50 - 2014-05-12 23:00 - 00000000 ____D () C:\Program Files\Rockstar Games
2014-05-16 13:56 - 2014-03-03 19:50 - 00784900 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-16 13:50 - 2014-03-03 21:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 13:44 - 2014-03-03 21:10 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 21:36 - 2014-03-03 21:29 - 00001957 _____ () C:\Users\Saimon\Desktop\BitLord.lnk
2014-05-14 18:39 - 2014-05-14 18:39 - 00000000 ____D () C:\Users\Saimon\Documents\TecmoKoei
2014-05-14 14:39 - 2014-05-14 14:38 - 54213078 _____ () C:\Users\Saimon\Downloads\DW7 English Patch v1.1.rar
2014-05-14 13:31 - 2014-05-14 13:31 - 00000000 ____D () C:\Program Files\TecmoKoei
2014-05-13 22:16 - 2014-05-13 22:16 - 01182632 _____ () C:\Users\Saimon\Documents\gg.themepack
2014-05-13 21:46 - 2014-03-03 20:42 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-13 21:46 - 2014-03-03 20:42 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-13 16:23 - 2014-05-13 16:22 - 07818998 _____ () C:\Users\Saimon\Downloads\Grand.Theft.Auto.IV.Crack.Offline.Activation(1).zip
2014-05-13 16:19 - 2014-05-13 16:18 - 04901698 _____ () C:\Users\Saimon\Downloads\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip
2014-05-13 14:33 - 2014-05-13 14:33 - 00000000 ____D () C:\Users\Saimon\Documents\Rockstar Games
2014-05-13 06:43 - 2014-05-13 06:43 - 00107888 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
2014-05-13 06:23 - 2014-05-13 06:23 - 00000455 _____ () C:\Windows\KB926239.log
2014-05-13 06:22 - 2014-05-13 06:22 - 00000445 _____ () C:\Windows\WMFDist11.log
2014-05-13 06:22 - 2014-05-13 06:22 - 00000444 _____ () C:\Windows\Wudf01000Inst.log
2014-05-13 06:22 - 2014-05-13 06:22 - 00000000 ____D () C:\Windows\system32\xlive
2014-05-13 06:22 - 2014-05-13 06:22 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE
2014-05-13 06:22 - 2014-03-05 14:48 - 00121095 _____ () C:\Windows\DirectX.log
2014-05-12 23:45 - 2014-05-12 23:45 - 00577063 _____ () C:\Users\Saimon\Downloads\Skyrim Character Editor V1_3 Zip-3142-1-3.zip
2014-05-12 19:06 - 2014-05-12 19:05 - 00158920 _____ () C:\Windows\Minidump\051214-41028-01.dmp
2014-05-12 18:54 - 2014-04-02 22:52 - 00000000 ____D () C:\Program Files\Heroes of Newerth
2014-05-12 09:54 - 2014-03-04 00:42 - 00000000 ____D () C:\Users\Saimon\Documents\DragonNest
2014-05-11 18:02 - 2014-04-05 18:00 - 00000000 ____D () C:\Users\Mamina\AppData\Roaming\Skype
2014-05-07 17:15 - 2014-03-03 19:46 - 00000000 ____D () C:\Users\Saimon
2014-05-06 01:32 - 2014-05-16 13:42 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-16 13:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 01:14 - 2014-05-16 13:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-04 11:27 - 2014-05-04 10:14 - 00000000 ____D () C:\Users\Saimon\Documents\Prototype
2014-05-04 02:13 - 2014-03-31 14:45 - 00000000 ____D () C:\Users\Saimon\AppData\Local\Microsoft Help
2014-05-04 02:11 - 2014-05-01 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZ Standalone
2014-05-03 21:04 - 2014-05-03 21:04 - 00002393 _____ () C:\Users\Saimon\Desktop\Play PROTOTYPE.lnk
2014-05-02 19:07 - 2014-05-02 19:07 - 00001665 _____ () C:\Users\Public\Desktop\Play Hellgate.lnk
2014-05-02 18:59 - 2014-05-02 18:59 - 00000000 ____D () C:\T3Fun
2014-05-02 17:42 - 2014-05-02 17:42 - 00121266 _____ () C:\Users\Saimon\Downloads\hellgate-london-v1.0-dx9-trainer-plus7.zip
2014-05-02 17:37 - 2014-05-02 17:37 - 00000000 __RHD () C:\Users\Saimon\AppData\Roaming\SecuROM
2014-05-02 14:43 - 2014-05-02 14:43 - 00000000 ____D () C:\Program Files\Flagship Studios
2014-05-02 14:39 - 2014-03-04 12:34 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\DAEMON Tools Lite
2014-05-01 16:42 - 2014-05-01 16:26 - 582671666 _____ () C:\Users\Saimon\Downloads\Spider.mp4
2014-05-01 14:04 - 2014-05-01 14:04 - 00000000 ____D () C:\Users\Saimon\Documents\DayZ
2014-05-01 14:04 - 2014-05-01 14:04 - 00000000 ____D () C:\Users\Saimon\AppData\Local\DayZ
2014-05-01 14:02 - 2014-05-01 13:35 - 00000000 ____D () C:\Program Files\DayZ Standalone
2014-05-01 12:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-30 16:53 - 2014-04-30 16:53 - 00000000 ____D () C:\Users\Saimon\AppData\Roaming\krita
2014-04-29 14:36 - 2014-04-29 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-27 18:57 - 2014-04-27 14:28 - 07579652 _____ () C:\Users\Saimon\Desktop\Budúcnosť kozmonautiky.pptx
2014-04-27 18:47 - 2014-04-27 18:47 - 14113777 _____ () C:\Users\Saimon\Downloads\Animation_ Boeing's Crew Space Transportation (CST)-100.mov
2014-04-27 18:46 - 2014-04-27 18:45 - 08530300 _____ () C:\Users\Saimon\Downloads\Animation_ Boeing's Crew Space Transportation (CST)-100.avi

Files to move or delete:
====================
C:\Users\Saimon\AppData\Roaming\msconfig.ini


Some content of TEMP:
====================
C:\Users\Saimon\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-16 13:41] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-23 07:30




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.66 GB) (Free:140.8 GB) NTFS

Available physical RAM: 898.62 MB
Total physical RAM: 2460.36 MB
Percentage of memory in use: 63%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: EA76F37E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Saimon\Desktop" je 83 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Díky tu je OTL


OTL logfile created on: 28. 5. 2014 7:06:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Saimon\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,40 Gb Total Physical Memory | 0,27 Gb Available Physical Memory | 11,38% Memory free
4,80 Gb Paging File | 1,89 Gb Available in Paging File | 39,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 144,59 Gb Free Space | 31,05% Space Free | Partition Type: NTFS

Computer Name: SAIMON-PC | User Name: Saimon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014/05/28 07:00:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Saimon\Downloads\OTL.exe
PRC - [2014/05/15 09:14:34 | 002,472,272 | ---- | M] (Perfect World Entertainment Inc) -- C:\Program Files\Perfect World Entertainment\Arc\Arc.exe
PRC - [2014/05/13 21:46:23 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014/05/12 07:09:32 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/05/05 17:48:06 | 000,698,704 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\ArcOSOverlay.exe
PRC - [2014/04/29 18:26:42 | 000,751,952 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\ArcOSBrowser.exe
PRC - [2014/04/18 15:22:28 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2014/04/16 13:51:13 | 009,066,960 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\elementclient.exe
PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/04/06 21:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014/03/27 22:16:32 | 000,854,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2014/03/27 22:15:24 | 000,886,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2014/03/27 22:13:02 | 000,650,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2014/03/27 22:11:40 | 000,669,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/02/28 16:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) -- C:\Program Files\Hi-Rez Studios\HiPatchService.exe
PRC - [2013/09/23 12:10:16 | 001,920,824 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
PRC - [2013/09/23 12:10:14 | 001,740,088 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
PRC - [2013/05/21 13:49:20 | 000,036,864 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\reportbugs\pwprotector.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2014/05/13 21:46:23 | 016,361,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014/05/12 07:09:31 | 003,839,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/05/05 17:48:06 | 000,698,704 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\ArcOSOverlay.exe
MOD - [2014/04/29 18:26:50 | 001,288,528 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\CoreUI.dll
MOD - [2014/04/29 18:26:42 | 000,751,952 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\ArcOSBrowser.exe
MOD - [2014/04/18 18:42:06 | 000,174,416 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\ArcOverlayStub.dll
MOD - [2014/04/16 13:51:13 | 009,066,960 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\elementclient.exe
MOD - [2014/04/16 13:35:48 | 002,998,272 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\elementskill.dll
MOD - [2014/02/24 18:37:02 | 000,174,416 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\ZUnZip.dll
MOD - [2014/02/24 18:36:52 | 000,568,552 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\sqlite3.dll
MOD - [2014/02/24 18:36:32 | 000,742,736 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\libGLESv2.dll
MOD - [2014/02/24 18:36:28 | 000,136,528 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\libEGL.dll
MOD - [2014/02/24 18:36:18 | 024,984,912 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\Arc\libcef.dll
MOD - [2014/01/30 00:12:10 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2013/09/25 11:12:56 | 000,098,304 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\arcsdk.dll
MOD - [2013/05/21 13:51:08 | 000,072,704 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\zlibwapi.dll
MOD - [2013/05/21 13:50:32 | 000,450,560 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\speedtreert.dll
MOD - [2013/05/21 13:49:20 | 000,036,864 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\reportbugs\pwprotector.exe
MOD - [2013/05/21 13:38:22 | 000,024,576 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\immwrapper.dll
MOD - [2013/05/21 13:37:58 | 000,155,648 | ---- | M] () -- C:\Program Files\Perfect World Entertainment\PWI_en\element\ftdriver.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV - [2014/05/21 19:39:14 | 000,564,416 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/05/13 21:46:26 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/18 18:42:10 | 000,088,400 | ---- | M] (Perfect World Entertainment Inc) [On_Demand | Stopped] -- C:\Program Files\Perfect World Entertainment\Arc\ArcService.exe -- (ArcService)
SRV - [2014/04/18 15:22:28 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/03/14 03:54:42 | 000,090,680 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PCData\StartHelp.exe -- (ProtectMonitor)
SRV - [2014/02/28 16:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2014/01/30 00:12:30 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/11/11 19:09:54 | 002,944,056 | ---- | M] (Perforce Software Inc.) [Disabled | Stopped] -- C:\Program Files\Perforce\Server\p4s.exe -- (Perforce)
SRV - [2013/11/06 19:30:44 | 000,758,224 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/23 12:10:14 | 001,740,088 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2014/04/18 15:02:04 | 000,199,960 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014/04/10 17:02:48 | 000,014,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf005.sys -- (apf005)
DRV - [2014/04/09 17:47:37 | 000,015,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf004.sys -- (apf004)
DRV - [2014/03/31 16:11:58 | 000,211,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014/03/31 16:11:50 | 000,108,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014/03/27 22:15:18 | 000,193,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014/03/27 22:14:40 | 000,123,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014/03/27 22:04:22 | 000,150,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014/03/27 22:04:02 | 000,238,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014/03/27 22:03:22 | 000,028,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014/03/27 22:03:20 | 000,022,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2014/03/04 12:34:34 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/09/18 12:14:34 | 000,012,320 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2013/09/05 03:38:40 | 000,025,376 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2013/09/05 03:38:32 | 009,253,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/07/17 19:12:08 | 000,055,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2012/02/20 11:18:20 | 010,339,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Netwsn00.sys -- (NETwNs32)
DRV - [2012/01/19 01:30:34 | 000,370,728 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/09/16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT33195 ... F826&SSPV=
IE - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 E3 26 58 15 37 CF 01 [binary data]
IE - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx? ... rms}&SSPV=
IE - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT33195 ... F826&SSPV="
FF - prefs.js..extensions.enabledAddons: %7B94cd2cc3-083f-49ba-a218-4cda4b4829fd%7D:1.7.0.0
FF - prefs.js..extensions.enabledAddons: %7BD394D188-BAC7-4e03-8FAF-389A4D7EC6F4%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B4e38134d-ba98-4066-b898-e296d8acc938%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: C:\Program Files\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Saimon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)


[2014/03/03 20:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Saimon\AppData\Roaming\Mozilla\Extensions
[2014/03/20 21:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\extensions
[2014/03/03 21:18:14 | 000,000,000 | ---D | M] (Value Apps) -- C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
[2014/03/16 10:31:34 | 000,001,781 | ---- | M] () (No name found) -- C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\extensions\{4e38134d-ba98-4066-b898-e296d8acc938}.xpi
[2014/03/16 10:31:34 | 000,009,948 | ---- | M] () (No name found) -- C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi
[2014/03/03 22:06:17 | 000,000,975 | ---- | M] () -- C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\searchplugins\conduit-search.xml
[2014/05/24 08:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/12 07:09:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ArcPluginIEBHO Class) - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
O2 - BHO: (ValueApps) - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Shopping Suggestion) - {F6C07882-D703-4DD5-905A-2C4E815A5066} - C:\Users\Saimon\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll (WW3, LLC)
O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000..\Run: [Akamai NetSession Interface] "C:\Users\Saimon\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\..Trusted Domains: aeriagames.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3211541326-2053572210-2390753330-1000\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{627A5AB3-FB32-4246-9AFE-8F362CC4C6D4}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A80E1E4-CED3-4723-A282-BBD1E07B0E19}: DhcpNameServer = 7.254.254.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\aeriaignite.exe: Debugger - C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe (AVG)
O27 - HKLM IFEO\dtlite.exe: Debugger - C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe (AVG)
O27 - HKLM IFEO\p4admin.exe: Debugger - C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe (AVG)
O27 - HKLM IFEO\p4merge.exe: Debugger - C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe (AVG)
O27 - HKLM IFEO\p4v.exe: Debugger - C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe (AVG)
O27 - HKLM IFEO\sptdinst-x86.exe: Debugger - C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe (AVG)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{82080c21-a360-11e3-b47a-b888e3d12056}\Shell - "" = AutoRun
O33 - MountPoints2\{82080c21-a360-11e3-b47a-b888e3d12056}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
O33 - MountPoints2\{82080c21-a360-11e3-b47a-b888e3d12056}\Shell\setup\command - "" = F:\autorun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014/05/27 22:57:03 | 000,000,000 | ---D | C] -- C:\Users\Saimon\Desktop\LF2NH
[2014/05/27 22:53:22 | 000,000,000 | ---D | C] -- C:\LittleFighter2
[2014/05/27 22:50:14 | 000,000,000 | ---D | C] -- C:\Users\Saimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter
[2014/05/27 22:38:03 | 000,000,000 | ---D | C] -- C:\Users\Saimon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LF2 Starterkit v2.0
[2014/05/27 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\Saimon\Desktop\---------
[2014/05/27 21:27:07 | 000,000,000 | ---D | C] -- C:\FRST
[2014/05/27 21:24:19 | 001,056,256 | ---- | C] (Farbar) -- C:\Users\Saimon\Desktop\FRST.exe
[2014/05/26 22:48:56 | 000,000,000 | ---D | C] -- C:\Users\Saimon\Documents\DayZ Other Profiles
[2014/05/26 17:38:36 | 001,974,352 | ---- | C] (None) -- C:\Users\Saimon\Desktop\VisualBoyAdvance.exe
[2014/05/24 08:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/05/21 15:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014/05/28 07:14:20 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/28 07:09:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/05/28 06:21:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/28 06:21:13 | 1934,905,344 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/27 23:32:47 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/27 23:32:47 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/27 22:19:38 | 294,061,442 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/05/27 21:29:33 | 000,008,438 | ---- | M] () -- C:\Users\Saimon\Desktop\Addition.rar
[2014/05/27 21:26:54 | 000,015,327 | ---- | M] () -- C:\Users\Saimon\Desktop\LM.bat
[2014/05/27 21:25:09 | 000,112,640 | ---- | M] () -- C:\Users\Saimon\Desktop\FRSTLauncher.exe
[2014/05/27 21:24:25 | 001,056,256 | ---- | M] (Farbar) -- C:\Users\Saimon\Desktop\FRST.exe
[2014/05/26 22:07:54 | 000,000,148 | ---- | M] () -- C:\Users\Saimon\Documents\PWOOptions.ini
[2014/05/26 18:53:47 | 000,002,062 | ---- | M] () -- C:\Users\Saimon\Desktop\vba.ini
[2014/05/25 19:56:29 | 001,270,993 | ---- | M] () -- C:\Users\Saimon\Desktop\IMG_25052014_194841.png
[2014/05/25 00:36:33 | 000,018,385 | ---- | M] () -- C:\Users\Saimon\Desktop\8709_683821798322195_9069963431160549730_n.jpg
[2014/05/24 22:12:57 | 000,369,955 | ---- | M] () -- C:\Users\Saimon\Desktop\pokemon-world-online.png
[2014/05/23 19:14:29 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2014/05/22 14:40:07 | 000,033,232 | ---- | M] () -- C:\Users\Saimon\Desktop\1526175_3780040196204_1184962432_n.jpg
[2014/05/21 15:44:38 | 000,001,743 | ---- | M] () -- C:\Users\Saimon\Desktop\farcry3 - Shortcut.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/05/28 07:09:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/05/27 21:29:33 | 000,008,438 | ---- | C] () -- C:\Users\Saimon\Desktop\Addition.rar
[2014/05/27 21:26:54 | 000,015,327 | ---- | C] () -- C:\Users\Saimon\Desktop\LM.bat
[2014/05/27 21:25:07 | 000,112,640 | ---- | C] () -- C:\Users\Saimon\Desktop\FRSTLauncher.exe
[2014/05/26 17:39:01 | 000,513,872 | ---- | C] () -- C:\Users\Saimon\Desktop\Crystal Shards beta1.ips
[2014/05/26 17:38:47 | 000,002,062 | ---- | C] () -- C:\Users\Saimon\Desktop\vba.ini
[2014/05/25 19:56:14 | 001,270,993 | ---- | C] () -- C:\Users\Saimon\Desktop\IMG_25052014_194841.png
[2014/05/25 00:36:30 | 000,018,385 | ---- | C] () -- C:\Users\Saimon\Desktop\8709_683821798322195_9069963431160549730_n.jpg
[2014/05/24 22:12:55 | 000,369,955 | ---- | C] () -- C:\Users\Saimon\Desktop\pokemon-world-online.png
[2014/05/22 14:40:03 | 000,033,232 | ---- | C] () -- C:\Users\Saimon\Desktop\1526175_3780040196204_1184962432_n.jpg
[2014/05/21 15:43:46 | 000,001,743 | ---- | C] () -- C:\Users\Saimon\Desktop\farcry3 - Shortcut.lnk
[2014/05/19 21:15:09 | 000,000,218 | ---- | C] () -- C:\Users\Saimon\AppData\Local\recently-used.xbel
[2014/04/17 11:02:09 | 000,407,128 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/04/10 17:02:48 | 000,025,424 | ---- | C] () -- C:\Windows\System32\apl005.sys
[2014/04/10 17:02:48 | 000,014,160 | ---- | C] () -- C:\Windows\System32\apf005.sys
[2014/04/09 17:47:37 | 000,026,376 | ---- | C] () -- C:\Windows\System32\apl004.sys
[2014/04/09 17:47:37 | 000,015,112 | ---- | C] () -- C:\Windows\System32\apf004.sys
[2014/03/16 10:28:36 | 000,000,000 | ---- | C] () -- C:\Users\Saimon\AppData\Roaming\msconfig.ini
[2014/03/05 18:03:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2014/03/05 14:48:13 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2014/03/05 14:32:49 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2014/03/05 14:28:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014/01/30 00:12:28 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2014/01/30 00:12:24 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2014/01/30 00:12:16 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2014/01/30 00:12:16 | 000,077,312 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2014/01/30 00:12:10 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2014/01/30 00:12:10 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/03/12 12:39:25 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2014/03/12 12:39:25 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014/04/20 10:11:57 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\AVG
[2014/04/04 23:36:04 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\AVG2014
[2014/03/12 12:39:25 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\TuneUp Software
[2014/04/05 18:11:01 | 000,000,000 | ---D | M] -- C:\Users\Mamina\AppData\Roaming\AVG
[2014/04/05 16:53:58 | 000,000,000 | ---D | M] -- C:\Users\Mamina\AppData\Roaming\AVG2014
[2014/03/12 12:39:25 | 000,000,000 | ---D | M] -- C:\Users\Mamina\AppData\Roaming\TuneUp Software
[2014/04/25 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Arc
[2014/03/03 20:56:44 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\AVG
[2014/03/03 20:18:05 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\AVG2014
[2014/03/04 14:36:34 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Awesomium
[2014/05/22 21:41:26 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\BitLord
[2014/03/26 15:36:52 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\com.valve.FTP
[2014/03/16 10:31:34 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4
[2014/05/02 14:39:37 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\DAEMON Tools Lite
[2014/05/18 12:09:31 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Far Cry 3
[2014/04/30 16:53:37 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\krita
[2014/04/09 00:35:54 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\LolClient
[2014/04/16 19:00:37 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\OpenCandy
[2014/03/03 21:29:32 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Python-Eggs
[2014/04/08 21:10:16 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Riot Games
[2014/05/23 20:50:56 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\TS3Client
[2014/03/03 20:59:50 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\TuneUp Software
[2014/05/23 20:56:03 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Tunngle
[2014/03/04 20:12:35 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Unity

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:53:46 | 000,032,638 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/03/03 20:42:51 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013/01/04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/07/06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\System32\drivers\tcpip.sys
[2013/07/06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013/07/06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2013/01/04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\System32\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/03/03 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Adobe
[2014/04/25 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Arc
[2014/03/03 20:56:44 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\AVG
[2014/03/03 20:18:05 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\AVG2014
[2014/03/04 14:36:34 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Awesomium
[2014/05/22 21:41:26 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\BitLord
[2014/03/26 15:36:52 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\com.valve.FTP
[2014/03/16 10:31:34 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4
[2014/05/02 14:39:37 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\DAEMON Tools Lite
[2014/05/18 12:09:31 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Far Cry 3
[2014/03/03 19:46:30 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Identities
[2014/04/30 16:53:37 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\krita
[2014/04/09 00:35:54 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\LolClient
[2014/03/03 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Macromedia
[2009/07/14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Media Center Programs
[2014/05/13 22:15:38 | 000,000,000 | --SD | M] -- C:\Users\Saimon\AppData\Roaming\Microsoft
[2014/03/03 20:12:20 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Mozilla
[2014/04/16 19:00:37 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\OpenCandy
[2014/03/03 21:29:32 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Python-Eggs
[2014/04/08 21:10:16 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Riot Games
[2014/05/02 17:37:21 | 000,000,000 | RH-D | M] -- C:\Users\Saimon\AppData\Roaming\SecuROM
[2014/05/28 12:39:45 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Skype
[2014/05/23 20:50:56 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\TS3Client
[2014/03/03 20:59:50 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\TuneUp Software
[2014/05/23 20:56:03 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Tunngle
[2014/03/04 20:12:35 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\Unity
[2014/03/03 20:40:04 | 000,000,000 | ---D | M] -- C:\Users\Saimon\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014/05/18 11:17:33 | 001,107,297 | ---- | M] () -- C:\Users\Saimon\AppData\Roaming\Far Cry 3\Uninstall\unins000.exe
[2013/11/27 02:12:44 | 032,773,544 | ---- | M] (TuneUp Software) -- C:\Users\Saimon\AppData\Roaming\OpenCandy\CA8E931A84674885AC72A1F149AD4876\Trial-14.0.1000.88_en-US_1004739_ROW-EN.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014/05/28 13:14:23 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/05/28 12:34:36 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/28 12:34:36 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2014/05/08 09:51:52 | 021,444,224 | R--- | M] (Skype Technologies S.A.)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/10/28 10:29:38 | 003,675,352 | ---- | M] (Disc Soft Ltd)
"Akamai NetSession Interface" = "C:\Users\Saimon\AppData\Local\Akamai\netsession_win.exe"

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014/05/12 07:09:32 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=0DA891CB0703D912CEAFA072F54D002B -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014/03/08 02:04:01 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=7116680C2C62709EE81BDDC69EF26B93 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/05/28 07:09:59 | 000,000,512 | ---- | M] () MD5=D4AD17F6B778D92C7E0F231F1F93D8DE -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006/05/22 16:10:00 | 000,000,034 | ---- | M] () -- \GOG Games\Jade Empire\sound\vo\j04\j04_lot_crack_xsb.txt
[2006/03/24 17:45:34 | 000,000,032 | ---- | M] () -- \GOG Games\Jade Empire\sound\vo\j04\j04_lot_crack_xwb.txt
[2014/04/02 15:44:39 | 000,000,727 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\blends\cracks_base001_fall.vmt
[2014/04/02 15:44:39 | 000,000,625 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\blends\cracks_base001_winter.vmt
[2014/04/02 15:53:46 | 000,001,248 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\models\particle\cracked_boulder_color.vmt
[2014/04/02 15:53:46 | 000,175,008 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\models\particle\cracked_boulder_color.vtf
[2014/04/02 15:53:46 | 000,032,917 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\models\particle\cracked_boulder_diffusewarp.vtf
[2014/04/02 15:53:46 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\models\particle\cracked_boulder_mask1.vtf
[2014/04/02 15:53:46 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\models\particle\cracked_boulder_mask2.vtf
[2014/04/02 15:53:46 | 000,175,008 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\models\particle\cracked_boulder_normal.vtf
[2014/04/02 15:53:46 | 000,000,244 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\models\particle\firecrackers\firecracker_color.vmt
[2014/04/02 15:53:46 | 000,011,168 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\models\particle\firecrackers\firecracker_color.vtf
[2014/04/02 15:55:04 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\nature\sand_cracked001.vtf
[2014/04/02 15:55:04 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\nature\sand_cracked001_spec.vtf
[2014/04/02 15:55:04 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\nature\sand_cracked002.vtf
[2014/04/02 15:55:04 | 000,175,008 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\nature\sand_cracked002_spec.vtf
[2014/04/02 15:55:04 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\nature\sand_cracked_grass001.vtf
[2014/04/02 15:55:04 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\nature\sand_cracked_grass001_spec.vtf
[2014/04/02 15:55:08 | 000,000,218 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\overlays\crackle_green_000.vmt
[2014/04/02 15:55:09 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\overlays\crackle_green_000.vtf
[2014/04/02 15:55:36 | 000,043,896 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_01.vtf
[2014/04/02 15:55:36 | 000,043,896 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_01_normal.vtf
[2014/04/02 15:55:37 | 000,043,896 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_02.vtf
[2014/04/02 15:55:37 | 000,043,896 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_03.vtf
[2014/04/02 15:55:37 | 000,087,640 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_04.vtf
[2014/04/02 15:55:37 | 000,000,133 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_05.vmt
[2014/04/02 15:55:37 | 000,174,968 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_05.vtf
[2014/04/02 15:55:37 | 000,000,131 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_05_oriented.vmt
[2014/04/02 15:55:37 | 000,000,142 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_05_oriented_mod.vmt
[2014/04/02 15:55:37 | 000,000,133 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06.vmt
[2014/04/02 15:55:37 | 000,174,968 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06.vtf
[2014/04/02 15:55:37 | 000,000,174 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06_add.vmt
[2014/04/02 15:55:37 | 000,000,172 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06_add_oriented.vmt
[2014/04/02 15:55:37 | 000,174,968 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06_center.vtf
[2014/04/02 15:55:37 | 000,000,179 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06_center_add_ob_oriented.vmt
[2014/04/02 15:55:37 | 000,000,181 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06_center_add_oriented.vmt
[2014/04/02 15:55:37 | 000,000,162 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06_center_oriented.vmt
[2014/04/02 15:55:37 | 000,000,131 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_06_oriented.vmt
[2014/04/02 15:55:37 | 000,043,896 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_07.vtf
[2014/04/02 15:55:37 | 000,087,576 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_08.vtf
[2014/04/02 15:55:37 | 000,087,576 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_09.vtf
[2014/04/02 15:55:37 | 000,000,225 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\beam_crack_warp_01.vmt
[2014/04/02 15:55:42 | 001,398,368 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\groundcracks_light.vtf
[2014/04/02 15:55:42 | 000,087,640 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\groundcracks_light_2.vtf
[2014/04/02 15:55:42 | 000,000,098 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\groundcracks_light_2_add.vmt
[2014/04/02 15:55:42 | 000,000,120 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\groundcracks_light_2_add_ob4.vmt
[2014/04/02 15:55:42 | 000,000,152 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_01.vmt
[2014/04/02 15:55:42 | 000,000,152 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_02.vmt
[2014/04/02 15:55:42 | 000,000,149 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_02_add_oriented.vmt
[2014/04/02 15:55:42 | 000,000,180 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_02_mod.vmt
[2014/04/02 15:55:42 | 000,000,180 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_03_mod.vmt
[2014/04/02 15:55:42 | 000,000,202 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_03_mod_ob.vmt
[2014/04/02 15:55:42 | 000,000,171 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_04.vmt
[2014/04/02 15:55:42 | 000,000,182 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_04_mod.vmt
[2014/04/02 15:55:42 | 000,000,202 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_07_mod_ob.vmt
[2014/04/02 15:55:42 | 000,000,180 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_08_oriented_mod.vmt
[2014/04/02 15:55:42 | 000,000,180 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_beam_crack_09_oriented_mod.vmt
[2014/04/02 15:55:42 | 000,000,128 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_crack_01.vmt
[2014/04/02 15:55:42 | 000,087,640 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_crack_01.vtf
[2014/04/02 15:55:43 | 000,000,173 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\particle_groundcracks_additive.vmt
[2014/04/02 15:55:46 | 000,000,315 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_cracks.vmt
[2014/04/02 15:55:46 | 000,000,174 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_cracks_radial.vmt
[2014/04/02 15:55:46 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_cracks_radial.vtf
[2014/04/02 15:55:46 | 001,398,360 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks.vtf
[2014/04/02 15:55:46 | 000,000,198 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02.vmt
[2014/04/02 15:55:46 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02.vtf
[2014/04/02 15:55:46 | 000,000,196 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02_add.vmt
[2014/04/02 15:55:46 | 000,000,202 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02_light.vmt
[2014/04/02 15:55:46 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02_light.vtf
[2014/04/02 15:55:46 | 000,000,113 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02_light_noproj.vmt
[2014/04/02 15:55:46 | 000,000,110 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02_light_noproj_modulate.vmt
[2014/04/02 15:55:46 | 000,000,193 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02_modulate.vmt
[2014/04/02 15:55:46 | 000,000,199 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02_noproj.vmt
[2014/04/02 15:55:46 | 000,000,100 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_02_noproj_modulate.vmt
[2014/04/02 15:55:46 | 001,398,360 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\projected_groundcracks_light.vtf
[2014/04/02 15:55:16 | 000,000,138 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\dirt\ground_dirt\ground_dirt_cracked.vmt
[2014/04/02 15:55:16 | 000,349,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\dirt\ground_dirt\ground_dirt_cracked.vtf
[2014/04/02 15:55:24 | 000,000,108 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks.vmt
[2014/04/02 15:55:24 | 000,087,740 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks.vtf
[2014/04/02 15:55:24 | 000,087,640 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks_alpha.vtf
[2014/04/02 15:55:24 | 000,000,135 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks_alpha_oriented.vmt
[2014/04/02 15:55:24 | 000,087,640 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks_mod.vtf
[2014/04/02 15:55:24 | 000,000,142 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks_mod_oriented.vmt
[2014/04/02 15:55:24 | 000,087,640 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks_normal.vtf
[2014/04/02 15:55:24 | 000,000,125 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks_oriented.vmt
[2014/04/02 15:55:24 | 000,000,564 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\materials\particle\ground\ground_cracks_warp.vmt
[2014/04/02 16:00:15 | 000,117,854 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\cracked_boulder.dx90.vtx
[2014/04/02 16:00:15 | 000,064,336 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\cracked_boulder.mdl
[2014/04/02 16:00:15 | 000,523,520 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\cracked_boulder.vvd
[2014/04/02 16:00:15 | 000,078,742 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\cracked_boulder_v2.dx90.vtx
[2014/04/02 16:00:15 | 000,045,540 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\cracked_boulder_v2.mdl
[2014/04/02 16:00:15 | 000,350,592 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\cracked_boulder_v2.vvd
[2014/04/02 16:00:15 | 000,000,817 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\firecrackers.dx90.vtx
[2014/04/02 16:00:15 | 000,001,796 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\firecrackers.mdl
[2014/04/02 16:00:15 | 000,003,392 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\models\particle\firecrackers.vvd
[2014/04/02 16:01:47 | 000,002,347 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_1.psf
[2014/04/02 16:01:47 | 000,001,899 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_1b.psf
[2014/04/02 16:01:47 | 000,001,787 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_2.psf
[2014/04/02 16:01:47 | 000,002,571 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_2b.psf
[2014/04/02 16:01:47 | 000,002,123 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_3.psf
[2014/04/02 16:01:47 | 000,002,235 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_4.psf
[2014/04/02 16:01:47 | 000,001,899 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_5.psf
[2014/04/02 16:01:47 | 000,001,787 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_6.psf
[2014/04/02 16:01:47 | 000,002,683 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_7.psf
[2014/04/02 16:06:08 | 000,015,770 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\resource\flash3\images\items\firecrackers.png
[2014/04/02 16:08:46 | 000,142,148 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers01.wav
[2014/04/02 16:08:46 | 000,066,508 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers02.wav
[2014/04/02 16:08:46 | 000,068,530 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers03.wav
[2014/04/02 16:08:46 | 000,146,782 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers04.wav
[2014/04/02 16:08:46 | 000,072,036 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers05.wav
[2014/04/02 16:08:46 | 000,062,316 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers06.wav
[2014/04/02 16:08:46 | 000,106,990 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers07.wav
[2014/04/02 16:08:46 | 000,079,958 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers08.wav
[2014/04/02 16:08:46 | 000,134,426 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Alien Swarm\swarm\addons\Dota2Extract\sound\ambient\newyear\firecrackers09.wav
[2014/04/30 16:03:58 | 000,028,095 | ---- | M] () -- \Program Files\Steam\SteamApps\common\KritaGeminiDemo\share\apps\krita\brushes\A_crackled.gbr
[2014/04/30 16:04:21 | 000,433,948 | ---- | M] () -- \Program Files\Steam\SteamApps\common\KritaGeminiDemo\share\apps\krita\patterns\19_texture-crackle.png
[2014/04/04 14:49:59 | 000,005,540 | ---- | M] () -- \Users\Saimon\AppData\Roaming\Microsoft\Windows\Recent\3DMGAME-Contagion.Beta.Cracked-3DM.part1.lnk
[2014/04/25 14:09:30 | 000,006,425 | ---- | M] () -- \Users\Saimon\AppData\Roaming\Microsoft\Windows\Recent\a-crack.lnk
[2014/04/25 14:09:30 | 000,004,895 | ---- | M] () -- \Users\Saimon\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
[2014/05/13 16:40:45 | 000,000,726 | ---- | M] () -- \Users\Saimon\AppData\Roaming\Microsoft\Windows\Recent\Grand.Theft.Auto.IV.Crack.Offline.Activation(1).lnk
[2014/04/25 14:32:35 | 000,000,603 | ---- | M] () -- \Users\Saimon\AppData\Roaming\Microsoft\Windows\Recent\Swat-4-crack.lnk
[2014/04/04 14:46:51 | 1048,576,000 | ---- | M] () -- \Users\Saimon\Documents\BitLord\3DMGAME-Contagion.Beta.Cracked-3DM\3DMGAME-Contagion.Beta.Cracked-3DM.part1.rar
[2014/04/04 14:46:51 | 1048,576,000 | ---- | M] () -- \Users\Saimon\Documents\BitLord\3DMGAME-Contagion.Beta.Cracked-3DM\3DMGAME-Contagion.Beta.Cracked-3DM.part2.rar
[2014/04/04 14:46:51 | 363,921,413 | ---- | M] () -- \Users\Saimon\Documents\BitLord\3DMGAME-Contagion.Beta.Cracked-3DM\3DMGAME-Contagion.Beta.Cracked-3DM.part3.rar
[2011/08/07 15:25:26 | 000,000,540 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\Glass\glasswindow018a_cracked.vmt
[2011/08/07 15:25:26 | 000,022,064 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\Glass\glasswindow018a_cracked.vtf
[2014/04/24 19:35:23 | 000,137,715 | ---- | M] () -- \Users\Saimon\Documents\BitLord\SWAT 4 Gold Edition -AnCiENT\Crack\a-crack.rar
[2014/04/25 14:32:32 | 000,064,841 | ---- | M] () -- \Users\Saimon\Downloads\Swat-4-crack.rar

< *keygen* /s >
[2014/03/16 10:23:13 | 000,025,307 | ---- | M] () -- \Users\Saimon\Downloads\SmiteGemsKeyGenerator.rar

< *loader* /s >
[2012/02/07 18:11:22 | 000,008,192 | ---- | M] () -- \Program Files\BitLord\Bitlord files\_win32sysloader.pyd
[2014/01/20 08:33:32 | 000,005,612 | ---- | M] () -- \Program Files\BitLord\Bitlord files\deluge-2.3.2_254-py2.6.egg\deluge\httpdownloader.pyc
[2011/07/06 14:32:14 | 000,001,878 | ---- | M] () -- \Program Files\BitLord\Bitlord files\etc\gtk-2.0\gdk-pixbuf.loaders
[2011/07/06 14:32:14 | 000,014,336 | ---- | M] () -- \Program Files\BitLord\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009/10/22 01:01:42 | 000,249,672 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009/10/22 01:01:42 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014/01/27 10:30:28 | 000,128,800 | ---- | M] () -- \Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll
[1 \Program Files\Conduit\ValueApps\IE\*.tmp files -> \Program Files\Conduit\ValueApps\IE\*.tmp -> ]
[2014/03/28 23:58:11 | 000,065,344 | ---- | M] () -- \Program Files\Goat Simulator\Binaries\Win32\PhysXLoader.dll
[2014/04/03 14:21:29 | 000,077,824 | ---- | M] () -- \Program Files\Heroes of Newerth\hon_crash_uploader.exe
[2013/02/01 01:16:50 | 000,065,344 | R--- | M] () -- \Program Files\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\PhysXLoader.dll
[2014/02/24 18:36:08 | 000,195,920 | ---- | M] () -- \Program Files\Perfect World Entertainment\Arc\HttpDownloader.dll
[2009/12/23 22:21:28 | 000,069,632 | ---- | M] () -- \Program Files\Perfect World Entertainment\Neverwinter_en\Neverwinter\Live\PhysXLoader.dll
[2013/05/21 13:49:20 | 000,064,352 | ---- | M] () -- \Program Files\Perfect World Entertainment\PWI_en\element\physxloader.dll
[2012/12/26 14:48:38 | 000,209,920 | ---- | M] () -- \Program Files\R.G. Mechanics\Far Cry 3\bin\ubiorbitapi_r2_loader.dll
[2013/02/04 08:16:26 | 000,003,584 | ---- | M] () -- \Program Files\R.G. Mechanics\Far Cry 3\bin\uplay_r1_loader.dll
[2013/10/23 22:07:40 | 000,007,825 | ---- | M] () -- \Program Files\Steam\remoteui\static\libs\images\ajax-loader.gif
[2014/04/08 22:04:02 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\assets\storeImages\layout\small_loader.gif
[2011/05/25 18:17:32 | 000,229,376 | ---- | M] () -- \T3Fun\Hellgate\HGLHPLoader.exe
[2013/02/01 02:16:50 | 000,065,344 | ---- | M] () -- \UDK\UDK-2014-02\Binaries\Win32\PhysXLoader.dll
[2013/02/01 02:17:41 | 000,067,904 | ---- | M] () -- \UDK\UDK-2014-02\Binaries\Win64\PhysXLoader64.dll
[2011/10/08 01:09:20 | 000,057,856 | ---- | M] () -- \UDK\UDK-2014-02\Development\Flash\AS2\CLIK\components\UILoader.fla
[2011/09/27 22:01:20 | 000,141,824 | ---- | M] () -- \UDK\UDK-2014-02\Development\Flash\AS2\CLIK\demosTBD\PreloaderRadial.fla
[2011/09/27 22:01:20 | 000,528,384 | ---- | M] () -- \UDK\UDK-2014-02\Development\Flash\AS2\CLIK\demosTBD\UILoader.fla
[2011/10/08 01:09:24 | 000,008,430 | ---- | M] () -- \UDK\UDK-2014-02\Development\Flash\AS2\CLIK\gfx\controls\UILoader.as
[2012/04/10 16:44:26 | 000,011,753 | ---- | M] () -- \UDK\UDK-2014-02\Development\Flash\AS3\CLIK\scaleform\clik\controls\UILoader.as
[2014/01/21 20:15:49 | 000,008,042 | ---- | M] () -- \UDK\UDK-2014-02\Development\Src\IpDrv\Classes\OnlineImageDownloaderWeb.uc
[2014/01/28 19:35:56 | 000,072,638 | ---- | M] () -- \Users\Mamina\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/01/28 19:35:56 | 000,003,032 | ---- | M] () -- \Users\Mamina\AppData\Local\Skype\Apps\login\images\loader.png
[2014/01/28 19:35:56 | 000,006,012 | ---- | M] () -- \Users\Mamina\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/01/28 19:35:56 | 000,021,956 | ---- | M] () -- \Users\Mamina\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/01/28 19:35:56 | 000,009,772 | ---- | M] () -- \Users\Mamina\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/05/27 16:38:15 | 000,001,976 | ---- | M] () -- \Users\Saimon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\85A3RQOK\AdLoader[1].htm
[2014/05/27 21:20:32 | 000,001,976 | ---- | M] () -- \Users\Saimon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GCKEHNMB\AdLoader[1].htm
[2014/05/27 22:22:45 | 000,017,912 | ---- | M] () -- \Users\Saimon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MDZCX3U3\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014/05/27 22:22:43 | 000,001,976 | ---- | M] () -- \Users\Saimon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MDZCX3U3\AdLoader[1].htm
[2014/05/27 16:37:00 | 000,017,912 | ---- | M] () -- \Users\Saimon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NR2C5IA6\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014/05/27 21:20:32 | 000,017,912 | ---- | M] () -- \Users\Saimon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X91OVRI3\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014/05/27 16:37:00 | 000,001,976 | ---- | M] () -- \Users\Saimon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZMKYFA6V\AdLoader[1].htm
[2014/02/18 18:46:42 | 000,072,638 | ---- | M] () -- \Users\Saimon\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/02/18 18:46:42 | 000,003,032 | ---- | M] () -- \Users\Saimon\AppData\Local\Skype\Apps\login\images\loader.png
[2014/02/18 18:46:42 | 000,006,012 | ---- | M] () -- \Users\Saimon\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/02/18 18:46:42 | 000,021,956 | ---- | M] () -- \Users\Saimon\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/02/18 18:46:42 | 000,009,772 | ---- | M] () -- \Users\Saimon\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2011/08/07 15:26:02 | 000,000,179 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loaderCHROME.vmt
[2011/08/07 15:26:02 | 000,002,936 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loaderCHROME.vtf
[2011/08/07 15:26:02 | 000,000,073 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_base.vmt
[2011/08/07 15:26:02 | 000,011,128 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_base.vtf
[2011/08/07 15:26:02 | 000,000,080 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_base_panels.vmt
[2011/08/07 15:26:02 | 000,002,936 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_base_panels.vtf
[2011/08/07 15:26:02 | 000,000,079 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_base_sides.vmt
[2011/08/07 15:26:02 | 000,002,936 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_base_sides.vtf
[2011/08/07 15:26:02 | 000,000,079 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_body_hatch.vmt
[2011/08/07 15:26:02 | 000,011,128 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_body_hatch.vtf
[2011/08/07 15:26:02 | 000,000,078 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_body_side.vmt
[2011/08/07 15:26:02 | 000,011,128 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_body_side.vtf
[2011/08/07 15:26:02 | 000,000,184 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_darkCHROME.vmt
[2011/08/07 15:26:02 | 000,002,936 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_darkCHROME.vtf
[2011/08/07 15:26:02 | 000,000,073 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_head.vmt
[2011/08/07 15:26:02 | 000,002,936 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_head.vtf
[2011/08/07 15:26:02 | 000,000,078 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_leg_hydro.vmt
[2011/08/07 15:26:02 | 000,001,512 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_leg_hydro.vtf
[2011/08/07 15:26:02 | 000,000,082 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_leg_hydro_cut.vmt
[2011/08/07 15:26:02 | 000,000,888 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_leg_hydro_cut.vtf
[2011/08/07 15:26:02 | 000,000,078 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_leg_side1.vmt
[2011/08/07 15:26:02 | 000,011,048 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_leg_side1.vtf
[2011/08/07 15:26:02 | 000,000,186 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_steelchrome1.vmt
[2011/08/07 15:26:02 | 000,002,936 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Half-Life 2 Deathmatch multiplayer + SP v_35 ^^nosTEAM^^\Half-Life 2 Deathmatch\hl2\materials\PerfTest\loader\loader_steelchrome1.vtf
[2014/04/03 21:54:56 | 000,236,032 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Trials Fusion - Closed Beta\datapack\uplay_r1_loader.dll
[2014/04/03 21:44:02 | 000,500,128 | ---- | M] () -- \Users\Saimon\Documents\BitLord\Trials Fusion - Closed Beta\datapack\uplay_r1_loader64.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2014/03/05 21:05:08 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2014/03/05 21:05:08 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2014/03/05 21:05:08 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

a tu je extras



OTL Extras logfile created on: 28. 5. 2014 7:06:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Saimon\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,40 Gb Total Physical Memory | 0,27 Gb Available Physical Memory | 11,38% Memory free
4,80 Gb Paging File | 1,89 Gb Available in Paging File | 39,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 144,59 Gb Free Space | 31,05% Space Free | Partition Type: NTFS

Computer Name: SAIMON-PC | User Name: Saimon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3211541326-2053572210-2390753330-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2949D4B2-4D59-4AC7-97A6-EC58024D4C1D}" = lport=58355 | protocol=6 | dir=in | name=pando media booster |
"{5D63797F-925F-454F-A093-1956FA70DA61}" = lport=58355 | protocol=17 | dir=in | name=pando media booster |
"{6BDA778B-326B-4D8B-BB83-EAC19E8AFB67}" = lport=58355 | protocol=17 | dir=in | name=pando media booster |
"{8CD5F50E-547A-4610-BE2D-93BD6D5AD05B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{8EC57949-F243-414F-8602-1C6E9C438AB4}" = lport=58355 | protocol=6 | dir=in | name=pando media booster |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{056BE016-B76D-40C1-9651-B2002CAD3DCB}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\free to play\ftp.exe |
"{0EA4638F-1374-485D-82E9-FBB2107E6BC4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{1DE2452F-2473-456D-A2F3-F29C9EC1DD25}" = protocol=17 | dir=in | app=c:\t3fun\hellgate\hgllauncher.exe |
"{20E83CB2-A16E-4478-8D65-E72F575E3EE9}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{2354B043-3712-414A-AD54-41288E6FCD4E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\garrysmod\hl2.exe |
"{2BE035F6-D8FE-453A-8EEA-286EB12EED20}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\you have to win the game\thegame.exe |
"{2C20A020-8257-4F2E-A9A7-4245A4236E1D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{34C363D4-50ED-4E93-84D8-BC05E63C6716}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35B0DB08-C09C-49B3-8A6C-D00289AECB6B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dungeonland\dungeonland.exe |
"{38DA52F6-DBDC-473D-9459-DF5AF2FABF85}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike source\hl2.exe |
"{3A7227D4-3A3B-4B18-8F5C-DFA679DB929D}" = protocol=6 | dir=in | app=c:\udk\udk-2014-02\binaries\win32\udk.exe |
"{410730E1-0C19-4012-9AB4-5F00CB10DF83}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{422AA5BE-C1D5-4364-A6B6-608B6C4B15F7}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4473305E-1370-435E-957B-802563901D3F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{466583BD-205E-4A5B-A0BC-ABAAA37F26FC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\kritageminidemo\bin\kritasketch.exe |
"{4732DB2D-D763-4B6F-98C7-0D276CF70962}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{487F7897-FB00-4D8B-BC41-C7A29BFA8236}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{4B622BFE-44FE-4117-ABBD-ED12923C58F0}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{4B85FCE5-AC95-454D-97B6-CAD2707EAE0E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{5D663206-511B-4CEC-8187-41B9E6183CEC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{61C2B5CE-9E14-4C62-AE1D-7837140C63CD}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{643A9477-F2DE-4495-843A-041377B42D07}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{64E06179-AF25-401C-83BF-CD23C6341C4A}" = protocol=6 | dir=in | app=c:\t3fun\hellgate\hgllauncher.exe |
"{6681873F-A0C5-4494-ABA1-6551145EFBAC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{68F87B34-6DDD-4580-97C1-0DAAF2E46BC3}" = protocol=6 | dir=in | app=c:\program files\sdgi europe\dragon nest europe\dragonnest.exe |
"{6B889EF0-88D6-473D-8B06-386FBE6BB8ED}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{6F42A192-4FEA-4B0A-8670-6C7838DB4EDF}" = protocol=17 | dir=in | app=c:\udk\udk-2014-02\binaries\win64\udk.exe |
"{6FF6F4A0-67DF-476F-B8EB-5ED6AF947183}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{74D0EE64-23B2-4F81-AC04-FD62C2F3DCC4}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{79A8FFF0-8CE5-42E9-8854-081045DF8BAA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\free to play\ftp.exe |
"{826824FB-15E9-49C5-B495-975CC760D8BF}" = protocol=6 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe |
"{82CB38AC-4D5D-404E-AC20-21DEFB566A1F}" = protocol=17 | dir=in | app=c:\udk\udk-2014-02\binaries\win32\udk.exe |
"{83E3AE69-4B1F-4628-A9D9-A267039109C1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\garrysmod\hl2.exe |
"{8E47B895-C05E-42BC-8417-186F0672938C}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{9C1DB47A-B9EC-43AE-8882-57EB80DC0630}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A5972DBB-5360-4AAE-BF63-C7B92BC7B539}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{C719A43F-CFD4-435B-A0D0-B0E600FFCC87}" = protocol=17 | dir=in | app=c:\program files\sdgi europe\dragon nest europe\dragonnest.exe |
"{C71FFFB1-47E5-498E-9A7A-8104C9EBD67E}" = protocol=17 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe |
"{D68E7F06-CA78-4782-B1FA-66D0EFCEA5EF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\kritageminidemo\bin\kritasketch.exe |
"{D847914E-4D86-4C2D-B3C2-41340C479D58}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{E335CA91-1DCE-4CAF-AA9B-87D003317051}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{E7CFDC9A-72C0-45AB-956A-15F91A287C15}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{EC3766B4-0B1C-460C-8708-3327489A7DD0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dungeonland\dungeonland.exe |
"{F0C64D4B-C255-4CC0-9158-465F377D45BF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\you have to win the game\thegame.exe |
"{F0F62EA1-9DB3-4D88-84CE-C0A3DFFEE685}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike source\hl2.exe |
"{F86F0347-36EE-48AE-94D2-32B441EEE0EC}" = protocol=6 | dir=in | app=c:\udk\udk-2014-02\binaries\win64\udk.exe |
"{FC392BDC-E818-4C3A-935B-0A649483425A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{FFC5F6C9-4C76-4F1E-AD25-16F063FAB20F}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"TCP Query User{101EF7E6-E587-4A91-B064-C470C770805B}C:\users\saimon\documents\bitlord\3dmgame-contagion.beta.cracked-3dm\contagionbeta\contagion.exe" = protocol=6 | dir=in | app=c:\users\saimon\documents\bitlord\3dmgame-contagion.beta.cracked-3dm\contagionbeta\contagion.exe |
"TCP Query User{16847E9A-EAF0-4CA1-AE43-DB2C50B0100B}C:\program files\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=c:\program files\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe |
"TCP Query User{1E510BDE-03B6-4313-AD40-FF4E7A6D4033}C:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"TCP Query User{2E8A54AB-FBA4-4916-95E6-53924AD5BA59}C:\program files\goat simulator\binaries\win32\goatgame-win32-shipping.exe" = protocol=6 | dir=in | app=c:\program files\goat simulator\binaries\win32\goatgame-win32-shipping.exe |
"TCP Query User{55445C4E-E9CA-4DD9-AE46-F482DB9437E5}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{6D41E926-1372-4267-A53A-DFC6C2107662}C:\program files\dayz standalone\dayz.exe" = protocol=6 | dir=in | app=c:\program files\dayz standalone\dayz.exe |
"TCP Query User{75BD71CD-A964-4B6C-9215-D8A58314AAEF}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{AC6B963E-910A-4714-BBE7-FEE3A69A9A20}C:\program files\bitlord\bitlord files\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord files\bitlord.exe |
"TCP Query User{AEA7B527-3C8C-420C-BA0F-41191226E495}C:\program files\r.g. mechanics\far cry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=c:\program files\r.g. mechanics\far cry 3\bin\farcry3.exe |
"TCP Query User{C55B95F6-B6BC-4AB6-99FD-32D39CB8E734}C:\program files\sierra\swat 4\content\system\swat4.exe" = protocol=6 | dir=in | app=c:\program files\sierra\swat 4\content\system\swat4.exe |
"TCP Query User{F29616AF-94B5-404C-965E-2391E3950B23}C:\program files\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"TCP Query User{FEF882EB-D505-433B-B1CF-3BE214642F05}C:\program files\warcraft iii frozen throne esk\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii frozen throne esk\war3.exe |
"UDP Query User{29B2DD20-0249-44ED-AB25-C5878883987B}C:\program files\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"UDP Query User{2A0ED7A9-5408-44A2-A14F-8CCE03274533}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{49666023-135D-4730-B5E3-419A264F94B5}C:\program files\bitlord\bitlord files\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord files\bitlord.exe |
"UDP Query User{68CCCE93-1266-4838-9AD6-BFB6D59815D5}C:\program files\r.g. mechanics\far cry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=c:\program files\r.g. mechanics\far cry 3\bin\farcry3.exe |
"UDP Query User{73354CCA-A084-42C3-B966-8D7B5AE5EB3F}C:\users\saimon\documents\bitlord\3dmgame-contagion.beta.cracked-3dm\contagionbeta\contagion.exe" = protocol=17 | dir=in | app=c:\users\saimon\documents\bitlord\3dmgame-contagion.beta.cracked-3dm\contagionbeta\contagion.exe |
"UDP Query User{7CC53D63-387B-4BB8-BFE2-3A2FC0442BB0}C:\program files\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=c:\program files\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe |
"UDP Query User{9266AA55-8539-4D1C-8473-A69F6A382509}C:\program files\warcraft iii frozen throne esk\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii frozen throne esk\war3.exe |
"UDP Query User{B1579B95-658F-4C0C-A608-4419991F7871}C:\program files\dayz standalone\dayz.exe" = protocol=17 | dir=in | app=c:\program files\dayz standalone\dayz.exe |
"UDP Query User{B411809C-CDF3-4510-85D2-73B438467330}C:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{B6CD8CB9-0470-4B5F-B2AE-6065A9D6925D}C:\program files\sierra\swat 4\content\system\swat4.exe" = protocol=17 | dir=in | app=c:\program files\sierra\swat 4\content\system\swat4.exe |
"UDP Query User{C42CAB44-B605-4A4A-9A54-F86DE6B06AC6}C:\program files\goat simulator\binaries\win32\goatgame-win32-shipping.exe" = protocol=17 | dir=in | app=c:\program files\goat simulator\binaries\win32\goatgame-win32-shipping.exe |
"UDP Query User{DAFA6C35-8FF2-4B8A-BB11-A8565AAB5C97}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" = AVG PC TuneUp 2014
"{01db25f3-1b76-4d97-88c8-1c90634d88fb}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False
"{58FA82F2-5FAA-4036-9129-C97DDCAC6A1B}_is1" = Pokemon World Online version 1.94
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False
"{615bc16d-60f5-482e-91b3-b51d8130963b}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False
"{65DF3688-6EF3-4C86-83DE-54AB46029F07}" = Hellgate
"{6B67E1A1-1D62-4BDC-8C60-07FDF25CA975}_is1" = Pokémon World Online version 1.82
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False
"{6c95b50e-cb5a-4a1f-a7b4-8a6004f8dd6a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7A8B5F7D-6736-4DC4-A7A5-223BE131EB34}" = AVG PC TuneUp 2014 (cs-CZ)
"{7F1AD376-F6A0-4C2D-B93B-6FECC45620D2}" = AVG 2014
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False
"{8907E06D-E074-47CE-959E-66C3FFF2D41F}" = Perforce Server Components
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91569630-3DDC-43EB-9425-E6C41431D535}" = AVG 2014
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CED8E25B-122A-4E80-B612-7F99B93284B3}" = Arc
"{DCB46B42-723F-350E-B18A-449BC6C21636}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FC56C8F8-5683-44F4-8C94-0B22B3F69878}" = Perforce Visual Components
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False
"{FE2D627E-D7E0-46EA-93A6-8583420285FA}" = Aeria Ignite
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False
"4795C4A805590BF1276BCED3EB2478E5BF545E83" = Windows Driver Package - Intel (NETwNs32) net (01/22/2012 14.3.2.1)
"695CFD288064D5B9D072C610E63BDD3D3E4DE666" = Windows Driver Package - Intel (NETwLv32) net (10/07/2010 13.4.0.139)
"ADD23BB4846CE97156B46B74EA84848F347B09FE" = Windows Driver Package - Intel (NETwNs32) net (02/20/2012 15.1.0.18)
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Aeria Ignite 1.13.3296" = Aeria Ignite
"AVG" = AVG 2014
"AVG PC TuneUp 2014" = AVG PC TuneUp 2014
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.1.12
"DAEMON Tools Lite" = DAEMON Tools Lite
"DayZ Standalone_is1" = DayZ Standalone
"Dragon Nest Europe" = Dragon Nest Europe
"Eden Eternal" = Eden Eternal
"Far Cry 3_R.G. Mechanics_is1" = Far Cry 3
"Fraps" = Fraps (remove only)
"GIF Viewer" = GIF Viewer
"GOGPACKJADEEMPIRE_is1" = Jade Empire Special Edition
"hon" = Heroes of Newerth
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"Killing Floor v.1055_is1" = Killing Floor v.1055 version 1.0.5.5
"League of Legends 3.0.1" = League of Legends
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PCData App" = PC Data App
"Reborn Full Client 2014-02-28_is1" = Reborn Full Client 2014-02-28 version 1
"SeriousSam2" = Serious Sam 2
"Steam" = Steam
"Steam App 218130" = Dungeonland
"Steam App 22330" = The Elder Scrolls IV: Oblivion
"Steam App 240" = Counter-Strike: Source
"Steam App 245550" = Free to Play
"Steam App 286100" = You Have to Win the Game
"Steam App 289970" = Krita Gemini Demo
"Steam App 4000" = Garry's Mod
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tunngle beta_is1" = Tunngle beta
"UDK-76bebb92-49f3-4eb9-b4b1-7b1447bbfa45" = Unreal Development Kit: 2014-02
"VGhlIFdhbGtpbmcgRGVhZCBTdXJ2aXZhbCBJbnN0aW5jdCAo~1255DFC2_is1" = The Walking Dead Survival Instinct (c) Activision version 1
"Warcraft III eSK 1.26.0.6401" = Warcraft III eSK 1.26.0.6401
"WinRAR archiver" = WinRAR 5.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3211541326-2053572210-2390753330-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"ValueApps" = ValueApps

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18. 5. 2014 3:51:09 | Computer Name = Saimon-PC | Source = VSS | ID = 8193
Description =

Error - 18. 5. 2014 3:51:09 | Computer Name = Saimon-PC | Source = System Restore | ID = 8193
Description =

Error - 18. 5. 2014 5:50:42 | Computer Name = Saimon-PC | Source = VSS | ID = 8194
Description =

Error - 19. 5. 2014 12:26:44 | Computer Name = Saimon-PC | Source = Application Hang | ID = 1002
Description = The program PWO.exe version 1.9.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: f68 Start Time:
01cf7377a0168975 Termination Time: 34 Application Path: C:\Program Files\Pokemon
World Online\PWO.exe Report Id: 558a0121-df72-11e3-8299-b888e3d12056

Error - 19. 5. 2014 15:15:27 | Computer Name = Saimon-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17514,
time stamp: 0x4ce796f3 Faulting module name: Explorer.EXE, version: 6.1.7601.17514,
time stamp: 0x4ce796f3 Exception code: 0xc0000005 Fault offset: 0x0005f751 Faulting
process id: 0xb58 Faulting application start time: 0x01cf736fca5218c9 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\Explorer.EXE Report
Id: ef0e8070-df89-11e3-8299-b888e3d12056

Error - 23. 5. 2014 13:14:29 | Computer Name = Saimon-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 25. 5. 2014 10:52:26 | Computer Name = Saimon-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\UDK\udk-2014-02\Binaries\Win64\UDK.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 27. 5. 2014 9:51:21 | Computer Name = Saimon-PC | Source = Application Error | ID = 1000
Description = Faulting application name: TuneUpUtilitiesService32.exe, version:
14.0.1001.174, time stamp: 0x524004b7 Faulting module name: TuneUpUtilitiesService32.exe,
version: 14.0.1001.174, time stamp: 0x524004b7 Exception code: 0xc0000005 Fault offset:
0x000190f5 Faulting process id: 0x998 Faulting application start time: 0x01cf79b2abe84d82
Faulting
application path: C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
Faulting
module path: C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe Report
Id: fbb829f7-e5a5-11e3-8b9a-b888e3d12056

Error - 27. 5. 2014 16:54:22 | Computer Name = Saimon-PC | Source = Application Error | ID = 1000
Description = Faulting application name: lf2.exe, version: 0.0.0.0, time stamp:
0x3d932d84 Faulting module name: lf2.exe, version: 0.0.0.0, time stamp: 0x3d932d84
Exception
code: 0xc0000005 Fault offset: 0x0003ca28 Faulting process id: 0x1220 Faulting application
start time: 0x01cf79edd2eb7ae5 Faulting application path: C:\LITTLE~1\LF2_SWU\lf2.exe
Faulting
module path: C:\LITTLE~1\LF2_SWU\lf2.exe Report Id: 13d56ad4-e5e1-11e3-863a-b888e3d12056

Error - 27. 5. 2014 16:54:38 | Computer Name = Saimon-PC | Source = Application Error | ID = 1000
Description = Faulting application name: lf2.exe, version: 0.0.0.0, time stamp:
0x3d932d84 Faulting module name: lf2.exe, version: 0.0.0.0, time stamp: 0x3d932d84
Exception
code: 0xc0000005 Fault offset: 0x0003ca28 Faulting process id: 0x13bc Faulting application
start time: 0x01cf79eddd90dfa2 Faulting application path: C:\LittleFighter2\LF2_SWU\lf2.exe
Faulting
module path: C:\LittleFighter2\LF2_SWU\lf2.exe Report Id: 1d6ed945-e5e1-11e3-863a-b888e3d12056

[ System Events ]
Error - 27. 5. 2014 12:41:01 | Computer Name = Saimon-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 18:10:50 on ?27. ?5. ?2014 was unexpected.

Error - 27. 5. 2014 12:41:23 | Computer Name = Saimon-PC | Source = BugCheck | ID = 1001
Description =

Error - 27. 5. 2014 12:41:42 | Computer Name = Saimon-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Protect
Monitor service to connect.

Error - 27. 5. 2014 12:41:42 | Computer Name = Saimon-PC | Source = Service Control Manager | ID = 7000
Description = The Protect Monitor service failed to start due to the following error:
%%1053

Error - 27. 5. 2014 16:19:47 | Computer Name = Saimon-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 22:18:07 on ?27. ?5. ?2014 was unexpected.

Error - 27. 5. 2014 16:19:59 | Computer Name = SAIMON-PC | Source = BugCheck | ID = 1001
Description =

Error - 27. 5. 2014 16:20:13 | Computer Name = Saimon-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Protect
Monitor service to connect.

Error - 27. 5. 2014 16:20:13 | Computer Name = Saimon-PC | Source = Service Control Manager | ID = 7000
Description = The Protect Monitor service failed to start due to the following error:
%%1053

Error - 28. 5. 2014 0:21:43 | Computer Name = Saimon-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Protect
Monitor service to connect.

Error - 28. 5. 2014 0:21:43 | Computer Name = Saimon-PC | Source = Service Control Manager | ID = 7000
Description = The Protect Monitor service failed to start due to the following error:
%%1053


< End of report >

Pouzijte WhoCrash dle kolegy

Roli píše:použij WhoCrashed

po spuštění klikni na Analyze,

aplikace po chvilce vytvoří zprávu o příčině pádu, kterou mi sem nakopíruj.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Díky tu je ten adw


# AdwCleaner v3.211 - Report created 31/05/2014 at 12:28:05
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Saimon - SAIMON-PC
# Running from : C:\Users\Saimon\Downloads\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Windows\system32\SearchProtect
Folder Deleted : C:\Users\Saimon\AppData\Local\Conduit
Folder Deleted : C:\Users\Saimon\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Saimon\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4
Folder Deleted : C:\Users\Saimon\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Saimon\Documents\Mobogenie
Folder Deleted : C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\ValueApps
Folder Deleted : C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\Extensions\{94CD2CC3-083F-49BA-A218-4CDA4B4829FD}
File Deleted : C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\Extensions\{4e38134d-ba98-4066-b898-e296d8acc938}.xpi
File Deleted : C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi
File Deleted : C:\Users\Saimon\daemonprocess.txt
File Deleted : C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\5z14i2r8.default\prefs.js ]


[ File : C:\Users\Mamina\AppData\Roaming\Mozilla\Firefox\Profiles\o6lelkn8.default\prefs.js ]


[ File : C:\Users\Saimon\AppData\Roaming\Mozilla\Firefox\Profiles\4jl7uqad.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP82C0CD3A-4C8A-419D-926B-314476C0F826&SSPV=");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E+x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E+x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E,x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E,x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E-x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E-x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E.:2z527", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E.:2z527.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E.x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E.x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E/x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E/x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E06CG5EL8:", "6E6D686F6B6D6E756E70");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E06CG5EL8:.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E757173747B7476242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E06CG5EL;8I:K.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E0x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E0x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E1x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E1x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E2x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E2x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E3x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E3x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E4x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E4x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E5x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E5x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E6x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E6x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E7x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E7x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E8x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E8x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E9x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E9x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E:x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E:x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E;x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E;x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E<x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E<x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E=x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E=x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E>x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E>x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E?x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E?x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7E@x305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7E@x305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7EAx305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7EAx305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("valueApps.ct3317212./9B+7EBE3G=;D9N9=D.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7EBx305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7EBx305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7ECx305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7ECx305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7EDx305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7EDx305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B+7Etx305", "2423");
Line Deleted : user_pref("valueApps.ct3317212./9B+7Etx305.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B-0?3G>D", "6D3E703F737472427A6F437372207C797B4B257A4D21242A242927222629592E5E5F2B32");
Line Deleted : user_pref("valueApps.ct3317212./9B-0?3G>D.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B-0?3G@6:5;", "");
Line Deleted : user_pref("valueApps.ct3317212./9B-0?3G@6:5;.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B-0?3GFA7EF", "2B2E2C3D");
Line Deleted : user_pref("valueApps.ct3317212./9B-0?3GFA7EF.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E6857705A6C60606B6668563F73796F697861");
Line Deleted : user_pref("valueApps.ct3317212./9B-3=3ECCJA=F>.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B/>01=9A6K6<IM;KRIE@PDAWM", "6E6A68707374757677");
Line Deleted : user_pref("valueApps.ct3317212./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B3=>@44I48?", "372C2D32697576334236334148474C213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
Line Deleted : user_pref("valueApps.ct3317212./9B3=>@44I48?.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B5BA==9CJAG", "3E3D696C6B6C6E447A734575737C4B7B777D217E51");
Line Deleted : user_pref("valueApps.ct3317212./9B5BA==9CJAG.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B6B11G4C56B>F;P;ANR@P", "6E6C7171706D756F777676767A");
Line Deleted : user_pref("valueApps.ct3317212./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
Line Deleted : user_pref("valueApps.ct3317212./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B9643G3/9E", "6A");
Line Deleted : user_pref("valueApps.ct3317212./9B9643G3/9E.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B;45>:BI9I7IE", "2B2E2C3D");
Line Deleted : user_pref("valueApps.ct3317212./9B;45>:BI9I7IE.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B<:222H64<", "393F352F3E");
Line Deleted : user_pref("valueApps.ct3317212./9B<:222H64<.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B<:222H64<L8DAJ", "6D70706E7674727977752A787B727D78757D79");
Line Deleted : user_pref("valueApps.ct3317212./9B<:222H64<L8DAJ.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B=+03EH8H8J?:", "4443");
Line Deleted : user_pref("valueApps.ct3317212./9B=+03EH8H8J?:.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("valueApps.ct3317212./9B?+E2A52D8.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9B?B0D:8AJ62<H", "6D");
Line Deleted : user_pref("valueApps.ct3317212./9B?B0D:8AJ62<H.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212./9BA@0<0BI6A7GN:6@L?", "6C");
Line Deleted : user_pref("valueApps.ct3317212./9BA@0<0BI6A7GN:6@L?.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.PG_ENABLE", "74727565");
Line Deleted : user_pref("valueApps.ct3317212.PG_ENABLE.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212._key_cl_active", "36666265653537312D613130342D343532392D623936612D646363333130663333323137");
Line Deleted : user_pref("valueApps.ct3317212._key_cl_active.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.cb_experience_000", "3538");
Line Deleted : user_pref("valueApps.ct3317212.cb_experience_000.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.cb_firstuse0100", "31");
Line Deleted : user_pref("valueApps.ct3317212.cb_firstuse0100.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.cb_user_id_000", "434237323932313239333031325F313339343033373638323131365F46697265666F78");
Line Deleted : user_pref("valueApps.ct3317212.cb_user_id_000.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.cbfirsttime", "4D6F6E204D617220303320323031342032313A30363A333420474D542B30313030202843656E7472616C204575726F7065205374616E646172642054696D6529");
Line Deleted : user_pref("valueApps.ct3317212.cbfirsttime.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_appStateReportTime", "31343031353236333734323736");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_appStateReportTime.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_appState_Clarity_Active", "6F6E");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_appState_Clarity_Active.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_appsConfig.storedInFile", true);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_appsDefaultEnabled", "6E756C6C");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_appsDefaultEnabled.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_calledSetupService", "31");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_calledSetupService.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_currentVersion", "312E31332E302E3137");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_first_time", "31");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_first_time.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_lastInstallationSessionGuid", "7B39656262313064322D346561352D343039362D393035312D3131633361636665333139317D");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_lastInstallationSessionGuid.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_lastLoginTime", "31343031353236333735363536");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_lastLoginTime.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_localization.storedInFile", true);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_mamEnabled", "66616C7365");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_mamEnabled.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_settings1.13.0.17.storedInFile", true);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_showWelcomeGadget", "66616C7365");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_showWelcomeGadget.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_stamp", "35345F30");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_stamp.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_userBornDate", "3230313430333033");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_userBornDate.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_userId", "36333637396539312D646339372D346664612D386461372D306139323261656632613631");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_userId.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_user_approval_interacted", "");
Line Deleted : user_pref("valueApps.ct3317212.mam_gk_user_approval_interacted.storedInFile", false);
Line Deleted : user_pref("valueApps.ct3317212.url_history0001", "687474703A2F2F7777772E736B7970652E636F6D2F656E2F646F776E6C6F61642D736B7970652F3A3A3A636C69636B68616E646C65723A3A3A313339333837373631323035332C2C2C6874[...]
Line Deleted : user_pref("valueApps.ct3317212.url_history0001.storedInFile", true);

*************************

AdwCleaner[R0].txt - [17368 octets] - [31/05/2014 11:01:48]
AdwCleaner[S0].txt - [17518 octets] - [31/05/2014 12:28:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17579 octets] ##########

Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Tue 27. 5. 2014 20:18:19 GMT your computer crashed
crash dump file: C:\Windows\Minidump\052714-41917-01.dmp
This was probably caused by the following module: netwsn00.sys (Netwsn00+0x81F8)
Bugcheck code: 0xD1 (0xFFFFFFFFC77AE000, 0x2, 0x0, 0xFFFFFFFF954431F8)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\netwsn00.sys
product: Intel® Wireless WiFi Link Adapter
company: Intel Corporation
description: Intel® Wireless WiFi Link Driver
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: netwsn00.sys (Intel® Wireless WiFi Link Driver, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Tue 27. 5. 2014 20:18:19 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: netwsn00.sys (Netwsn00+0x81F8)
Bugcheck code: 0xD1 (0xFFFFFFFFC77AE000, 0x2, 0x0, 0xFFFFFFFF954431F8)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\netwsn00.sys
product: Intel® Wireless WiFi Link Adapter
company: Intel Corporation
description: Intel® Wireless WiFi Link Driver
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: netwsn00.sys (Intel® Wireless WiFi Link Driver, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Tue 27. 5. 2014 16:11:22 GMT your computer crashed
crash dump file: C:\Windows\Minidump\052714-44429-01.dmp
This was probably caused by the following module: netwsn00.sys (Netwsn00+0x81F8)
Bugcheck code: 0xD1 (0xFFFFFFFF8B482000, 0x2, 0x0, 0xFFFFFFFF962091F8)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\netwsn00.sys
product: Intel® Wireless WiFi Link Adapter
company: Intel Corporation
description: Intel® Wireless WiFi Link Driver
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: netwsn00.sys (Intel® Wireless WiFi Link Driver, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Tue 27. 5. 2014 13:48:48 GMT your computer crashed
crash dump file: C:\Windows\Minidump\052714-46878-01.dmp
This was probably caused by the following module: netwsn00.sys (Netwsn00+0x81F8)
Bugcheck code: 0xD1 (0xFFFFFFFF8DCB5000, 0x2, 0x0, 0xFFFFFFFF954221F8)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\netwsn00.sys
product: Intel® Wireless WiFi Link Adapter
company: Intel Corporation
description: Intel® Wireless WiFi Link Driver
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: netwsn00.sys (Intel® Wireless WiFi Link Driver, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Sat 24. 5. 2014 12:30:33 GMT your computer crashed
crash dump file: C:\Windows\Minidump\052414-40482-01.dmp
This was probably caused by the following module: netwsn00.sys (Netwsn00+0x81F8)
Bugcheck code: 0xD1 (0xFFFFFFFFB74F6000, 0x2, 0x0, 0xFFFFFFFF962151F8)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\netwsn00.sys
product: Intel® Wireless WiFi Link Adapter
company: Intel Corporation
description: Intel® Wireless WiFi Link Driver
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: netwsn00.sys (Intel® Wireless WiFi Link Driver, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Sat 24. 5. 2014 9:44:59 GMT your computer crashed
crash dump file: C:\Windows\Minidump\052414-58110-01.dmp
This was probably caused by the following module: netwsn00.sys (Netwsn00+0x81F8)
Bugcheck code: 0xD1 (0xFFFFFFFFBB2CE000, 0x2, 0x0, 0xFFFFFFFF9543C1F8)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\netwsn00.sys
product: Intel® Wireless WiFi Link Adapter
company: Intel Corporation
description: Intel® Wireless WiFi Link Driver
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: netwsn00.sys (Intel® Wireless WiFi Link Driver, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Mon 12. 5. 2014 17:03:12 GMT your computer crashed
crash dump file: C:\Windows\Minidump\051214-41028-01.dmp
This was probably caused by the following module: netwsn00.sys (Netwsn00+0x81F8)
Bugcheck code: 0xD1 (0xFFFFFFFFCC79D000, 0x2, 0x0, 0xFFFFFFFF946261F8)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\drivers\netwsn00.sys
product: Intel® Wireless WiFi Link Adapter
company: Intel Corporation
description: Intel® Wireless WiFi Link Driver
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: netwsn00.sys (Intel® Wireless WiFi Link Driver, Intel Corporation).
Google query: Intel Corporation DRIVER_IRQL_NOT_LESS_OR_EQUAL

Pady zpusobuje ovladac k Wi-Fi, aktualizujte jej z webu vyrobce