MyCity » Ambulanta -> Arhiva Ambulante » Reklamni prozorcic

Reklamni prozorcic

Napisano na dan: 14.3.2013
1

Reklamni prozorcic
Sledeća strana Pagination

Idi na vrh

Poslao: 14 Mar 2013 16:29
Idi na vrh
offline
  • qwasac 
  • Novi MyCity građanin
  • Pridružio: 17 Maj 2011
  • Poruke: 10

Prije par dana mi se ovo cudo pojavljuje ... Prozorcic se pojavljuje odozdo i nerviraaaa ...
Windows 7 64 bit
Hvala unaprijed



OTL logfile created on: 3/14/2013 4:10:31 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ciki\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 40.90% Memory free
7.60 Gb Paging File | 4.78 Gb Available in Paging File | 62.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.99 Gb Total Space | 316.24 Gb Free Space | 69.81% Space Free | Partition Type: NTFS
Drive D: | 12.48 Gb Total Space | 2.09 Gb Free Space | 16.74% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 95.09 Mb Free Space | 96.03% Space Free | Partition Type: FAT32
Drive F: | 42.90 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: CIKI-PC | User Name: ciki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\InternetCalls.com\InternetCalls\internetcalls.exe (InternetCalls)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Users\ciki\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\NlsSrv32.exe (Nalpeiron Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7E3A.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7E19.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7DC9.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7D79.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7D39.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7D18.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7F1F.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7F0D.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7EFC.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7ECB.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7CD7.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7C97.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7C66.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7C26.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7BE5.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7BC4.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7B84.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7B43.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7B03.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7AC2.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7AA1.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7A61.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7A30.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM79CF.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM794D.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM79AE.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM799D.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM791C.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7857.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7845.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7803.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM77F1.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM77DF.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM77AD.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM779B.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7788.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM76D4.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7757.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7889.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM78DB.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM77BE.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7814.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7705.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7726.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM78BA.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM7859.tmp ()
MOD - C:\Users\ciki\AppData\Local\Temp\YTMP7MC8AA\TAA7777.tmp ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll ()
MOD - C:\Program Files\Plantronics\GameCom780\VMixPLGC.dll ()
MOD - C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()


========== Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vToolbarUpdater14.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NlsSrv32.exe (Nalpeiron Ltd.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (PlantronicsGC) -- C:\Windows\SysNative\drivers\PLTGC.sys (C-Media Electronics Inc)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (s1018mdm) -- C:\Windows\SysNative\drivers\s1018mdm.sys (MCCI Corporation)
DRV:64bit: - (s1018unic) -- C:\Windows\SysNative\drivers\s1018unic.sys (MCCI Corporation)
DRV:64bit: - (s1018mgmt) -- C:\Windows\SysNative\drivers\s1018mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1018obex) -- C:\Windows\SysNative\drivers\s1018obex.sys (MCCI Corporation)
DRV:64bit: - (s1018bus) -- C:\Windows\SysNative\drivers\s1018bus.sys (MCCI Corporation)
DRV:64bit: - (s1018nd5) -- C:\Windows\SysNative\drivers\s1018nd5.sys (MCCI Corporation)
DRV:64bit: - (s1018mdfl) -- C:\Windows\SysNative\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (RTCore64) -- C:\Program Files (x86)\RMClock\RTCore64.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{EF9CB324-E56C-4449-AD2A-8B701A9A74F1}: "URL" = bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{EF9CB324-E56C-4449-AD2A-8B701A9A74F1}: "URL" = bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = giga.de/!22/ [binary data]
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = search.babylon.com/?affID=110195&tt=011.....eac0a89ary Start Pages = giga.de/!22/ [binary data]

IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = search.babylon.com/?q={searchTerms}&affID=110195&tt=0113_3&babsrc=SP_ss&mntrId=4ca62f540000000000002617feac0a89
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\..\SearchScopes\{EF9CB324-E56C-4449-AD2A-8B701A9A74F1}: "URL" = bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de/|http://www.giga.de/!22/"
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.6.3
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40Facemoods.com:1.4.0
FF - prefs.js..extensions.enabledAddons: nadir.kadem%40gmail.com:2.1
FF - prefs.js..extensions.enabledAddons: spam%40trashmail.net:2.6.2
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: wisestamp%40wisestamp.com:3.11.21
FF - prefs.js..extensions.enabledAddons: %7Bab91efd4-6975-4081-8552-1b3922ed79e2%7D:1.0.15.0
FF - prefs.js..extensions.enabledAddons: %7Be968fc70-8f95-4ab9-9e79-304de2a71ee1%7D:0.7.3
FF - prefs.js..extensions.enabledAddons: %7Bef62e1ce-d2a4-4cdd-b7ec-92b120366b66%7D:2.7.8
FF - prefs.js..extensions.enabledAddons: support%40vdownloader.com:3.9.1155
FF - prefs.js..extensions.enabledAddons: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.4
FF - prefs.js..extensions.enabledAddons: 5%40thumbpro.net:1.7
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6
FF - prefs.js..extensions.enabledAddons: %7B0b38152b-1b20-484d-a11f-5e04a9b0661f%7D:5.6.20.9215
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.2
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.01
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.3
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ciki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ciki\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ciki\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ciki\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ciki\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll (Vitzo)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/16 05:03:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files (x86)\VDownloader\Addons\FireFox [2012/05/29 21:17:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/10 10:23:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/10 10:22:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/01/28 22:09:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/10 10:23:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/10 10:22:48 | 000,000,000 | ---D | M]

[2011/01/28 17:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Extensions
[2013/03/13 07:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions
[2013/02/16 19:15:06 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2013/02/16 19:14:45 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013/02/26 19:35:22 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2012/02/22 22:18:10 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2011/01/28 18:07:31 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2012/11/12 17:10:03 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012/05/14 17:47:51 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\fb_add_on@avm.de
[2013/01/06 19:43:31 | 000,000,000 | ---D | M] (Babylon Toolbar) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\ffxtlbr@babylon.com
[2011/04/02 17:13:55 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\support@predictad.com
[2013/02/05 15:13:43 | 000,007,926 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\5@thumbpro.net.xpi
[2012/08/23 07:17:40 | 000,101,871 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\ciuvo-extension@icq.de.xpi
[2012/08/30 16:34:51 | 000,088,614 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\extension@ciuvo.com.xpi
[2011/08/20 19:19:52 | 000,025,939 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\ffxtlbr@Facemoods.com.xpi
[2012/10/28 17:08:36 | 000,214,127 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\freehdsport@freehdsport.tv.xpi
[2013/02/04 21:48:27 | 000,224,945 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\gophoto@gophoto.it.xpi
[2011/12/01 17:37:11 | 000,006,496 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\nadir.kadem@gmail.com.xpi
[2012/08/07 19:49:05 | 000,217,069 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\spam@trashmail.net.xpi
[2013/01/23 11:08:39 | 000,538,938 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\toolbar@web.de.xpi
[2012/10/30 12:46:26 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\translator@zoli.bod.xpi
[2012/05/22 13:59:36 | 001,771,909 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\wisestamp@wisestamp.com.xpi
[2013/03/10 16:00:02 | 000,348,483 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012/12/27 21:40:20 | 000,151,038 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2013/02/28 14:27:30 | 000,115,869 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012/12/13 15:51:54 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013/02/05 15:12:27 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/02/15 19:46:16 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/23 11:09:03 | 000,000,911 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\11-suche.xml
[2013/02/16 19:15:21 | 000,002,532 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\aol-search.xml
[2013/01/06 19:43:32 | 000,002,432 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\babylon1.xml
[2011/05/17 21:39:44 | 000,002,009 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\divx-titlovicom.xml
[2013/01/23 11:09:03 | 000,002,273 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\englische-ergebnisse.xml
[2013/01/23 11:09:03 | 000,010,563 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\gmx-suche.xml
[2013/03/10 16:02:23 | 000,000,950 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\icqplugin-4.xml
[2012/10/14 08:55:51 | 000,000,950 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\icqplugin-5.xml
[2012/10/28 17:14:37 | 000,000,950 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\icqplugin-6.xml
[2013/01/23 11:09:03 | 000,002,432 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\lastminute.xml
[2012/07/13 17:28:55 | 000,000,786 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\subbiee.xml
[2013/01/23 11:09:03 | 000,005,545 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\webde-suche.xml
[2013/03/10 10:22:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/10 10:22:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/05/29 21:17:42 | 000,000,000 | ---D | M] (VDownloader) -- C:\PROGRAM FILES (X86)\VDOWNLOADER\ADDONS\FIREFOX
[2013/03/10 10:23:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/20 17:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/06/11 20:59:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/01/06 19:43:17 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/09/11 20:58:08 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/11 20:59:09 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/12/13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2012/06/11 20:59:09 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/11 20:59:09 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/11 20:59:09 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ciki\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ciki\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: VDownloader (Enabled) = C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\ciki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Entanglement = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: AdBlock = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Flash Player = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lljgnajambljdlhfnnobnmhgahejhhko\11_0\
CHR - Extension: CRX Inspector = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmlpbkpknjcnfabomjkecmkigcphgomk\0.1.0.7_0\
CHR - Extension: Poppit = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Google Mail-Checker = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [GamecomSound] C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe File not found
O4 - HKU\S-1-5-18..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1680820528-395719371-245008140-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1680820528-395719371-245008140-1000..\Run: [cfweatherStation] C:\Program Files (x86)\Weather\weather.exe (weather-life.com)
O4 - HKU\S-1-5-21-1680820528-395719371-245008140-1000..\Run: [Facebook Update] C:\Users\ciki\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1680820528-395719371-245008140-1000..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\ciki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Bewerbung-Reminder.lnk = C:\Program Files (x86)\Buhl\Bewerbung 2008\KCReminder.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ciki\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Преузми са Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ciki\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Преузми са Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} trial.trymicrosoftoffice.com/trialoaa/buyms...../wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.15.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{792D17F3-6462-4738-BC42-3242FC79F973}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/02 19:22:35 | 000,000,025 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3620eeda-6e91-11e0-a29e-c80aa906f6b3}\Shell - "" = AutoRun
O33 - MountPoints2\{3620eeda-6e91-11e0-a29e-c80aa906f6b3}\Shell\AutoRun\command - "" = G:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/14 12:04:43 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\Programs
[2013/03/14 10:19:04 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{DB776C84-08E7-46D1-87A7-D0F7D6EB5953}
[2013/03/13 18:33:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/13 18:33:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/13 18:33:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/13 18:33:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/13 18:33:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/13 18:33:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/13 18:33:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/13 18:33:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/13 18:33:34 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/13 18:33:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/13 18:33:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/13 18:33:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/13 18:33:31 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/13 18:33:31 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/13 18:33:30 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/13 13:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
[2013/03/13 13:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\Plantronics
[2013/03/13 13:50:50 | 001,327,104 | ---- | C] (C-Media Electronics Inc) -- C:\Windows\SysNative\drivers\PLTGC.sys
[2013/03/13 13:50:48 | 000,315,392 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\fltrPLTGC.dll
[2013/03/13 13:50:44 | 000,524,768 | R--- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2013/03/13 07:25:30 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{E2A05959-0D61-4DDD-855F-5330EA80FEAF}
[2013/03/12 19:14:17 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{2CC63351-B530-4AFF-8FD2-E9BABE8080F7}
[2013/03/12 10:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/03/12 10:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
[2013/03/12 10:42:29 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\ManyCam
[2013/03/12 10:42:22 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys
[2013/03/12 10:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2013/03/12 07:13:49 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{F19E3600-7E96-49D4-96E8-BC8E4260C1AC}
[2013/03/11 10:07:24 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{448B59C4-8B3A-40D0-B528-F3EDDFDD4858}
[2013/03/10 22:06:49 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{93136108-293B-4871-A2E7-29D055AFFB3A}
[2013/03/10 10:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/10 10:06:13 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{AF1523BC-FA36-4CC9-AD9A-2D3D1FE239A2}
[2013/03/09 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{88073605-0C09-4002-8C4E-A52442667FBB}
[2013/03/08 21:34:38 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{32A0BDD3-4854-416A-829E-2422DADEA14F}
[2013/03/07 22:50:14 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{DA20E60B-CFAF-40FD-BE17-E758F2070238}
[2013/03/07 10:49:48 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{6AB2F670-4C79-40B0-B7CA-398C4DB3B820}
[2013/03/06 20:41:52 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{7AA5C10B-7F00-4BC0-9A82-FCE94B1972BD}
[2013/03/06 08:14:36 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{664FD360-0275-450A-A6E6-37801CA20414}
[2013/03/05 08:11:25 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{A700C3BA-B9D0-4EEA-B2B7-1A371B3F7CD8}
[2013/03/04 20:10:57 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{894CACCD-A34E-4DFE-9943-A76142C97C24}
[2013/03/04 09:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/04 09:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/04 07:14:29 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{1CBC002A-B7C4-4C93-BB44-7461B0E750C8}
[2013/03/03 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{18E2FE13-8E24-4BD3-94ED-26F204DCBB6E}
[2013/03/02 23:35:34 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{C80446ED-4343-4BF2-8356-EB1CD5B59ACC}
[2013/03/02 07:27:55 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{2906378C-0B17-43E8-9FCC-BD07FCAD993A}
[2013/03/01 16:07:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RonyaSoft
[2013/03/01 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\AVG Secure Search
[2013/03/01 14:53:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2013/03/01 14:53:41 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/03/01 14:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/03/01 14:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2013/03/01 14:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2013/03/01 14:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013/03/01 11:24:10 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica MP3 CD Burner
[2013/03/01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica MP3 CD Burner
[2013/03/01 09:25:22 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Roaming\iPumper
[2013/03/01 07:31:58 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{B9DD8D19-97AB-40B2-8D60-14CA04B938ED}
[2013/02/28 15:34:02 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Roaming\File Scout
[2013/02/28 14:40:46 | 000,000,000 | ---D | C] -- C:\Users\ciki\Documents\flnmcb45
[2013/02/28 14:06:55 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/02/28 14:06:46 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/02/28 14:06:46 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/02/28 14:06:46 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/02/28 14:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/02/28 13:55:55 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{F8601342-B248-4F14-8B79-9926FE447569}
[2013/02/27 13:06:51 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{A570CAD6-B486-4070-8418-2AC3977ECAE8}
[2013/02/26 10:46:36 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{DDB6A411-3C51-4CED-AF04-CA5B819D322C}
[2013/02/25 10:54:17 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{73892C16-1D82-4AD2-BA49-CD1E178B02B8}
[2013/02/24 22:25:23 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{36E6FC94-B168-42AD-9038-9CD7A5933831}
[2013/02/24 09:42:57 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{7A33716A-E38A-4BF2-A073-4206C1AA8030}
[2013/02/23 09:25:23 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{D3D75E4C-7A38-4341-9B28-BF7DEC2ECEB1}
[2013/02/22 16:42:14 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{0096D5AC-1033-40C5-A6F2-A3B323D6E861}
[2013/02/21 17:30:59 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{C01FFBF9-44CD-4C5C-AE07-295B57A3EFD0}
[2013/02/20 21:44:25 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{996AEBC6-BA2D-4F7D-B017-F93C5003E932}
[2013/02/20 09:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson USB
[2013/02/20 09:44:02 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{C538DE71-399C-4966-A430-9ED1811E4644}
[2013/02/19 20:01:06 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{16C2A035-41EA-4801-B70E-FD6DF40A3FF4}
[2013/02/19 08:00:41 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{5F1986F0-137F-466D-A518-EEB8446579B5}
[2013/02/18 18:25:05 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{157143A3-C377-476B-BE4C-210962768CF3}
[2013/02/17 17:40:49 | 000,000,000 | ---D | C] -- C:\Users\ciki\Desktop\Adil Najbolji Grad Na Svetu Mp3 Download_files
[2013/02/17 11:05:48 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{365009F6-EDE9-460B-9F72-69292FF23744}
[2013/02/16 21:14:52 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{3D7D2B10-D8D0-444C-AA67-8CC745076426}
[2013/02/16 07:45:06 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{4F777A30-44E4-455D-9CB4-B1B1B81170A6}
[2013/02/15 19:44:41 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{20B32CCF-0A72-4284-8E23-32F4FAE6FF0F}
[2013/02/15 07:44:17 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{2C680047-8FD7-490E-B811-308900CBF45E}
[2013/02/14 16:49:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/02/14 16:49:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/02/14 16:49:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/02/14 16:49:37 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/02/14 16:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/02/14 16:49:36 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/02/14 16:49:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/02/14 16:49:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/02/14 16:49:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/02/14 16:49:36 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/02/14 16:49:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/02/14 16:49:35 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/02/14 16:49:35 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/02/14 16:49:35 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/02/14 16:49:35 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/02/14 16:49:35 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/02/14 16:49:35 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/02/14 16:49:35 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/02/14 16:49:35 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/02/14 16:49:35 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/02/14 16:49:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/02/14 16:49:34 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/02/14 16:49:33 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/02/14 16:49:33 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/02/14 16:49:22 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/02/14 07:53:42 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{D26D598B-DAC2-420E-9830-E6758733180E}
[2013/02/13 08:02:43 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/02/13 08:02:38 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/02/13 08:02:35 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/02/13 08:02:14 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/02/13 08:02:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/02/13 08:02:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/02/13 08:02:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/02/13 08:02:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/02/13 08:02:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/02/13 08:01:59 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/02/13 07:55:21 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{19B4EF9A-4A8E-4AA7-AA5A-C42363986142}
[2011/02/20 19:16:39 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Users\ciki\wlsetup-web.exe
[2011/02/11 19:37:31 | 002,649,016 | ---- | C] (VS Revo Group Ltd.) -- C:\Users\ciki\revo191setup.exe
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\ciki\Desktop\*.tmp files -> C:\Users\ciki\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/14 16:06:08 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1680820528-395719371-245008140-1000UA.job
[2013/03/14 16:03:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/14 15:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/14 15:23:20 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/14 15:23:20 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/14 15:23:20 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/14 15:21:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1680820528-395719371-245008140-1000UA.job
[2013/03/14 15:19:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/14 13:31:09 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 13:31:09 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 13:23:58 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/14 12:04:58 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/13 16:43:00 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 16:43:00 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/13 13:50:59 | 000,000,402 | ---- | M] () -- C:\Windows\PLTGC.ini.cfl
[2013/03/13 13:50:57 | 000,000,534 | ---- | M] () -- C:\Windows\PLTGC.ini.imi
[2013/03/13 13:50:57 | 000,000,132 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2013/03/13 13:50:47 | 000,000,432 | ---- | M] () -- C:\Windows\System\PLTGC.ini
[2013/03/12 10:42:53 | 000,001,101 | ---- | M] () -- C:\Users\ciki\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2013/03/11 19:06:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1680820528-395719371-245008140-1000Core.job
[2013/03/10 16:00:01 | 000,002,044 | ---- | M] () -- C:\Users\ciki\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/03/09 20:41:03 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForciki.job
[2013/03/05 12:44:28 | 000,184,513 | ---- | M] () -- C:\Users\ciki\Documents\gigaset.com_medias_sys_master_A31008-M2009-B101-4-19_de_DE.pdf
[2013/03/05 08:03:46 | 000,021,144 | ---- | M] () -- C:\Users\ciki\Documents\zalosnasova.jpg
[2013/03/05 08:02:42 | 000,012,143 | ---- | M] () -- C:\Users\ciki\Documents\ciko1.jpg
[2013/03/04 09:24:57 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/01 16:12:44 | 000,127,900 | ---- | M] () -- C:\Users\ciki\Documents\concert simply minds.cbs
[2013/03/01 16:07:45 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\RonyaSoft CD DVD Label Maker.lnk
[2013/03/01 14:53:35 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/03/01 11:24:10 | 000,001,876 | ---- | M] () -- C:\Users\ciki\Desktop\Acoustica MP3 CD Burner.lnk
[2013/02/28 18:42:28 | 000,121,558 | ---- | M] () -- C:\Users\ciki\Documents\stare.cbs
[2013/02/28 14:06:37 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/02/28 14:06:31 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/02/28 14:06:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/02/28 14:06:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/02/28 14:06:28 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/02/28 14:06:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/02/25 00:21:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1680820528-395719371-245008140-1000Core.job
[2013/02/14 15:52:34 | 000,445,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\ciki\Desktop\*.tmp files -> C:\Users\ciki\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/13 13:50:57 | 000,813,288 | ---- | C] () -- C:\Windows\SysNative\PLTGC.exe
[2013/03/13 13:50:57 | 000,000,402 | ---- | C] () -- C:\Windows\PLTGC.ini.cfl
[2013/03/13 13:50:57 | 000,000,132 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2013/03/13 13:50:47 | 000,359,424 | ---- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2013/03/13 13:50:47 | 000,003,489 | ---- | C] () -- C:\Windows\PLTGC.ini.cfg
[2013/03/13 13:50:47 | 000,000,534 | ---- | C] () -- C:\Windows\PLTGC.ini.imi
[2013/03/12 10:42:53 | 000,001,101 | ---- | C] () -- C:\Users\ciki\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2013/03/05 12:42:26 | 000,184,513 | ---- | C] () -- C:\Users\ciki\Documents\gigaset.com_medias_sys_master_A31008-M2009-B101-4-19_de_DE.pdf
[2013/03/05 08:03:46 | 000,021,144 | ---- | C] () -- C:\Users\ciki\Documents\zalosnasova.jpg
[2013/03/05 08:02:42 | 000,012,143 | ---- | C] () -- C:\Users\ciki\Documents\ciko1.jpg
[2013/03/04 09:24:57 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/01 16:07:45 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\RonyaSoft CD DVD Label Maker.lnk
[2013/03/01 16:06:12 | 000,127,900 | ---- | C] () -- C:\Users\ciki\Documents\concert simply minds.cbs
[2013/03/01 11:24:10 | 000,001,876 | ---- | C] () -- C:\Users\ciki\Desktop\Acoustica MP3 CD Burner.lnk
[2013/02/28 18:42:28 | 000,121,558 | ---- | C] () -- C:\Users\ciki\Documents\stare.cbs
[2012/08/12 09:46:43 | 000,000,248 | ---- | C] () -- C:\Windows\BUHL.INI
[2012/05/29 21:17:43 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2012/03/05 22:49:53 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012/01/20 11:30:09 | 000,554,496 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2012/01/10 21:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 21:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 21:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 20:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/11/16 17:40:02 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/11/16 17:40:02 | 000,012,031 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-Jardinains!.dat
[2011/10/31 11:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 11:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 11:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 11:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/10/16 16:51:38 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011/10/02 14:58:04 | 000,002,017 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011/09/29 20:27:43 | 000,000,447 | ---- | C] () -- C:\Windows\PLTGC.ini
[2011/09/13 15:09:48 | 2147,483,647 | ---- | C] () -- C:\Users\ciki\vigneta.tc
[2011/09/09 17:12:23 | 000,000,291 | ---- | C] () -- C:\Windows\pwc61s.INI
[2011/05/08 20:25:55 | 000,000,000 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\wklnhst.dat
[2011/05/01 11:31:42 | 000,006,656 | ---- | C] () -- C:\Users\ciki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/25 12:57:30 | 000,000,006 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\start
[2011/04/25 12:52:02 | 000,000,006 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\completescan
[2011/04/25 12:48:14 | 000,000,010 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\install
[2011/04/25 12:46:39 | 000,000,136 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\1.gif
[2011/03/19 11:49:37 | 000,001,854 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\GhostObjGAFix.xml
[2011/02/20 17:55:51 | 008,280,563 | ---- | C] () -- C:\Users\ciki\Dara Bubamara - 2010 - 04 - Ne Planiram.mp3
[2011/02/11 19:58:44 | 019,491,357 | ---- | C] () -- C:\Users\ciki\rsapi.exe.cgi
[2011/01/28 22:02:27 | 000,149,504 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\chrtmp
[2011/01/28 22:02:22 | 002,256,519 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\winrar-x64-393d.exe
[2011/01/28 18:28:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/30 16:16:05 | 001,796,096 | ---- | C] () -- C:\Users\ciki\Lang_de-DE.msi
[2010/09/30 16:15:33 | 218,817,640 | ---- | C] () -- C:\Users\ciki\TUU.cab
[2010/09/28 16:47:05 | 003,532,475 | ---- | C] () -- C:\Users\ciki\Handbuch.pdf

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/02/15 07:12:23 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\.Tribler
[2011/03/19 20:26:44 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Acoustica
[2013/01/06 19:43:36 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\BabSolution
[2013/01/06 19:42:50 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Babylon
[2013/03/02 18:07:49 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\BitTorrent
[2012/03/05 19:08:47 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Blue Cat Audio
[2011/02/04 19:50:20 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Buhl Data Service
[2011/04/02 22:51:22 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Duden
[2012/10/13 07:48:49 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\DVDVideoSoft
[2012/01/17 09:39:51 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/10/18 21:06:10 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Ethereal
[2012/03/27 16:05:28 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\EyeballChatUserData
[2013/02/28 15:34:02 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\File Scout
[2011/05/17 21:27:45 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\GetRightToGo
[2012/05/18 07:41:01 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\gnupg
[2012/03/05 19:10:15 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\HighAndes
[2012/06/04 06:45:14 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\ICQ
[2012/05/01 00:34:30 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\ICQ Search
[2011/07/29 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\ImgBurn
[2012/02/13 15:52:42 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\InternetCalls
[2013/03/01 09:25:50 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\iPumper
[2011/11/27 08:40:13 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Jardinains 2!
[2013/03/12 10:43:04 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\ManyCam
[2011/09/08 18:23:20 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Mipony
[2012/11/11 21:32:56 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\NAVIGON Fresh
[2013/01/07 19:27:57 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\PerformerSoft
[2011/02/19 23:21:30 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Philips
[2012/06/04 07:05:19 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\RetroShare
[2011/12/03 13:18:21 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Samsung
[2012/04/26 19:49:35 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Screaming Bee
[2012/03/05 22:56:32 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\systweak
[2012/05/03 14:46:31 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Temp
[2011/10/18 20:52:39 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Thinstall
[2012/02/13 22:52:32 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Tobit
[2012/06/07 17:45:47 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\TrueCrypt
[2012/11/11 20:58:37 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\TuneUp Software
[2012/06/03 22:23:36 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\VDownloader
[2012/02/05 17:05:55 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Windows Live Writer
[2012/05/18 07:59:41 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\winpt
[2012/09/24 20:34:29 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\YourFileDownloader

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 178 bytes -> C:\ProgramData\Temp:6724CB45

< End of report >



mycity.rs/must-login.png

Poslao: 14 Mar 2013 18:42
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Pokreni opet OTL, i zabeleži opciju Extra Registry: Use SafeList, i idi na Run Scan. Dobićeš dva izveštaja, kao i prvi put(OTL.txt, i Extras.txt), prikači samo Extras.txt posto ti nedostaje...

Poslao: 15 Mar 2013 07:54
Idi na vrh
offline
  • qwasac 
  • Novi MyCity građanin
  • Pridružio: 17 Maj 2011
  • Poruke: 10

Radih nocnu i sad vidjeh da nesto fali ,nadam se da je to to ...
mycity.rs/must-login.png

Poslao: 15 Mar 2013 12:12
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Jel mozes da okacis sliku tog prozora, da vidimo kako izgleda?

Poslao: 15 Mar 2013 14:45
Idi na vrh
offline
  • qwasac 
  • Novi MyCity građanin
  • Pridružio: 17 Maj 2011
  • Poruke: 10

Napisano: 15 Mar 2013 14:16

Uspjedoh ovo nesto nadam se da ide...
file:///C:/Users/ciki/Documents/Camtasia%20Studio/prozorcic/prozorcic.html

Dopuna: 15 Mar 2013 14:45

Poslao: 15 Mar 2013 17:44
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Korak 1.

Imas ostatke AVG antivirusa, koje je potrebno ukloniti. Preuzmi AVG Uninstall Tool, restartuj racunar u safe mode po ovom uputstvu, a zatim pokreni alat i isprati uputstva.



Korak 2.

Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad.

Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok
Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Korak 3.

Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.

Poslao: 16 Mar 2013 12:58
Idi na vrh
offline
  • qwasac 
  • Novi MyCity građanin
  • Pridružio: 17 Maj 2011
  • Poruke: 10

Sve uradjeno i Safetiro i kliko i deletiro i pokreto ... i objesio ...samo jos ja da se objesim i to je to .... Evo ga opet >> iskace i zajebava opet ...
mycity.rs/must-login.png

Poslao: 16 Mar 2013 14:58
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Korak 1.

- Pokreni Google Chrome
- Kucaj chrome://extensions/, pa lupi enter.
- Pronadji eksteniziju Flash Player i klikni na kantu pored nje kako bi je uklonio.
- Restartuj racunar, pa proveri da li i dalje imas problema.



Korak 2.

- Pokreni Firefox
- Klikni na Firefor, a zatim Add-ons --> Extensions
- Pronadji PriceGong i klikni na Remove.
- Restartuj racunar.



Korak 3.

Ponovo pokreni OTL, klikni na Run Scan i dostavi mi svez OTL.txt izvestaj.

Poslao: 16 Mar 2013 15:49
Idi na vrh
offline
  • qwasac 
  • Novi MyCity građanin
  • Pridružio: 17 Maj 2011
  • Poruke: 10

Napisano: 16 Mar 2013 15:17

Op Op Balkanjeroooo op oppp ... Nigdje prozorcica ... Op OP Balkanjerooo ...
Ziv ti nama bio jos 105 pa opetttt ... Da sklonim jos Sajlu sto sam pripremio za vjesanje ... op oppp .. Balkanjerooo.... A sad ce i izvjestajjjjj

Dopuna: 16 Mar 2013 15:49

Jel to to ...



OTL logfile created on: 3/16/2013 3:15:01 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ciki\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 56.60% Memory free
7.60 Gb Paging File | 5.61 Gb Available in Paging File | 73.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.99 Gb Total Space | 320.67 Gb Free Space | 70.79% Space Free | Partition Type: NTFS
Drive D: | 12.48 Gb Total Space | 2.09 Gb Free Space | 16.74% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 95.09 Mb Free Space | 96.03% Space Free | Partition Type: FAT32

Computer Name: CIKI-PC | User Name: ciki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/03/01 14:53:35 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013/02/12 09:35:36 | 005,402,960 | ---- | M] (ManyCam LLC) -- C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
PRC - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe
PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/07 19:45:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ciki\Desktop\OTL.exe
PRC - [2011/12/01 20:15:42 | 000,777,448 | ---- | M] () -- C:\Program Files\Plantronics\GameCom780\GameCom780.exe
PRC - [2010/11/20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/11/04 17:15:50 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010/08/23 09:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/10/01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NlsSrv32.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/16 15:13:49 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM3DD.tmp
MOD - [2013/03/16 15:13:49 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM3BC.tmp
MOD - [2013/03/16 15:13:49 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM37C.tmp
MOD - [2013/03/16 15:13:49 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM33B.tmp
MOD - [2013/03/16 15:13:49 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM30B.tmp
MOD - [2013/03/16 15:13:49 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM2E9.tmp
MOD - [2013/03/16 15:13:49 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM28A.tmp
MOD - [2013/03/16 15:13:49 | 000,085,504 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM4A3.tmp
MOD - [2013/03/16 15:13:49 | 000,085,504 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM491.tmp
MOD - [2013/03/16 15:13:49 | 000,085,504 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM47F.tmp
MOD - [2013/03/16 15:13:49 | 000,085,504 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM43F.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFF08.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFEB7.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMF0.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMBF.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM259.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM238.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM217.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM1E6.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM1C5.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM1A3.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM173.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM142.tmp
MOD - [2013/03/16 15:13:48 | 000,120,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEM111.tmp
MOD - [2013/03/16 15:13:48 | 000,072,192 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFE86.tmp
MOD - [2013/03/16 15:13:48 | 000,072,192 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFE75.tmp
MOD - [2013/03/16 15:13:47 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFCC2.tmp
MOD - [2013/03/16 15:13:47 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFC91.tmp
MOD - [2013/03/16 15:13:47 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFC2F.tmp
MOD - [2013/03/16 15:13:47 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFC1E.tmp
MOD - [2013/03/16 15:13:47 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFBFC.tmp
MOD - [2013/03/16 15:13:47 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFBAA.tmp
MOD - [2013/03/16 15:13:47 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFB89.tmp
MOD - [2013/03/16 15:13:47 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFB78.tmp
MOD - [2013/03/16 15:13:47 | 000,072,704 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFE25.tmp
MOD - [2013/03/16 15:13:47 | 000,072,192 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFDD5.tmp
MOD - [2013/03/16 15:13:47 | 000,068,608 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFB28.tmp
MOD - [2013/03/16 15:13:47 | 000,064,000 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFD23.tmp
MOD - [2013/03/16 15:13:47 | 000,057,344 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFD94.tmp
MOD - [2013/03/16 15:13:47 | 000,056,832 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFBCC.tmp
MOD - [2013/03/16 15:13:47 | 000,056,320 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFC50.tmp
MOD - [2013/03/16 15:13:47 | 000,056,320 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFA87.tmp
MOD - [2013/03/16 15:13:47 | 000,055,296 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFAE7.tmp
MOD - [2013/03/16 15:13:47 | 000,053,760 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFD64.tmp
MOD - [2013/03/16 15:13:47 | 000,053,760 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMFCD3.tmp
MOD - [2013/03/16 15:13:46 | 000,075,776 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\XTMP1MC3VE\DEMF95B.tmp
MOD - [2013/03/16 15:13:46 | 000,033,792 | ---- | M] () -- C:\Users\ciki\AppData\Local\Temp\YTMP7MC8AA\TAAF9D9.tmp
MOD - [2013/03/11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013/03/11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013/03/11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013/03/11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013/03/11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013/03/11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013/02/12 09:31:06 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2013/02/12 09:31:06 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2013/02/12 09:31:06 | 000,775,680 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll
MOD - [2013/02/12 09:31:06 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll
MOD - [2013/02/12 09:31:06 | 000,201,216 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll
MOD - [2011/12/01 20:16:00 | 000,150,760 | ---- | M] () -- C:\Program Files\Plantronics\GameCom780\VMixPLGC.dll
MOD - [2011/12/01 20:15:42 | 000,777,448 | ---- | M] () -- C:\Program Files\Plantronics\GameCom780\GameCom780.exe
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/19 10:29:40 | 000,037,216 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010/11/04 17:18:12 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010/11/04 17:15:50 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/11/18 03:14:00 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/13 16:43:00 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/10 10:23:12 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/01 14:53:35 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/09/19 10:29:44 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/09/19 10:29:40 | 000,029,536 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/10/01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NlsSrv32.exe -- (nlsX86cc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/03/01 14:53:35 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/01/31 10:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/10/11 04:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012/09/19 09:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/06/20 08:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 21:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/11/05 01:47:58 | 001,327,104 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PLTGC.sys -- (PlantronicsGC)
DRV:64bit: - [2011/10/14 03:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/13 14:55:48 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011/07/29 13:57:23 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/18 07:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/03 06:13:46 | 000,170,104 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/07/29 12:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/07/29 12:31:26 | 000,126,320 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010/07/01 13:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/01/27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/30 15:56:34 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/10/13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/23 02:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/29 17:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/03/25 16:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009/03/25 16:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic)
DRV:64bit: - [2009/03/25 16:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV:64bit: - [2009/03/25 16:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009/03/25 16:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus)
DRV:64bit: - [2009/03/25 16:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5)
DRV:64bit: - [2009/03/25 16:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2012/08/28 15:22:34 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/09/23 02:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/09/08 12:05:56 | 000,014,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RMClock\RTCore64.sys -- (RTCore64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{EF9CB324-E56C-4449-AD2A-8B701A9A74F1}: "URL" = bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{EF9CB324-E56C-4449-AD2A-8B701A9A74F1}: "URL" = bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = giga.de/!22/ [binary data]
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\..\SearchScopes\{EF9CB324-E56C-4449-AD2A-8B701A9A74F1}: "URL" = bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1680820528-395719371-245008140-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de/|http://www.giga.de/!22/"
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.6.3
FF - prefs.js..extensions.enabledAddons: nadir.kadem%40gmail.com:2.1
FF - prefs.js..extensions.enabledAddons: spam%40trashmail.net:2.6.2
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: wisestamp%40wisestamp.com:3.11.21
FF - prefs.js..extensions.enabledAddons: %7Bab91efd4-6975-4081-8552-1b3922ed79e2%7D:1.0.15.0
FF - prefs.js..extensions.enabledAddons: %7Be968fc70-8f95-4ab9-9e79-304de2a71ee1%7D:0.7.3
FF - prefs.js..extensions.enabledAddons: %7Bef62e1ce-d2a4-4cdd-b7ec-92b120366b66%7D:2.7.8
FF - prefs.js..extensions.enabledAddons: support%40vdownloader.com:3.9.1155
FF - prefs.js..extensions.enabledAddons: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.4
FF - prefs.js..extensions.enabledAddons: 5%40thumbpro.net:1.7
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.2
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.01
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.3
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ciki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ciki\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ciki\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ciki\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ciki\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll (Vitzo)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/16 05:03:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files (x86)\VDownloader\Addons\FireFox [2012/05/29 21:17:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/10 10:23:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/10 10:22:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/01/28 22:09:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/10 10:23:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/10 10:22:48 | 000,000,000 | ---D | M]

[2011/01/28 17:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Extensions
[2013/03/16 12:47:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions
[2013/02/16 19:14:45 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012/02/22 22:18:10 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2011/01/28 18:07:31 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2012/11/12 17:10:03 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012/05/14 17:47:51 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\fb_add_on@avm.de
[2013/02/05 15:13:43 | 000,007,926 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\5@thumbpro.net.xpi
[2012/08/23 07:17:40 | 000,101,871 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\ciuvo-extension@icq.de.xpi
[2012/08/30 16:34:51 | 000,088,614 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\extension@ciuvo.com.xpi
[2012/10/28 17:08:36 | 000,214,127 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\freehdsport@freehdsport.tv.xpi
[2013/02/04 21:48:27 | 000,224,945 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\gophoto@gophoto.it.xpi
[2011/12/01 17:37:11 | 000,006,496 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\nadir.kadem@gmail.com.xpi
[2012/08/07 19:49:05 | 000,217,069 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\spam@trashmail.net.xpi
[2013/01/23 11:08:39 | 000,538,938 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\toolbar@web.de.xpi
[2012/10/30 12:46:26 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\translator@zoli.bod.xpi
[2012/05/22 13:59:36 | 001,771,909 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\wisestamp@wisestamp.com.xpi
[2013/03/10 16:00:02 | 000,348,483 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012/12/27 21:40:20 | 000,151,038 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2013/02/28 14:27:30 | 000,115,869 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012/12/13 15:51:54 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013/02/05 15:12:27 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/02/15 19:46:16 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/02/16 19:15:21 | 000,002,532 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\aol-search.xml
[2011/05/17 21:39:44 | 000,002,009 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\divx-titlovicom.xml
[2013/01/23 11:09:03 | 000,002,273 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\englische-ergebnisse.xml
[2013/01/23 11:09:03 | 000,010,563 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\gmx-suche.xml
[2013/03/10 16:02:23 | 000,000,950 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\icqplugin-4.xml
[2012/10/14 08:55:51 | 000,000,950 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\icqplugin-5.xml
[2012/10/28 17:14:37 | 000,000,950 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\icqplugin-6.xml
[2013/01/23 11:09:03 | 000,002,432 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\lastminute.xml
[2012/07/13 17:28:55 | 000,000,786 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\subbiee.xml
[2013/01/23 11:09:03 | 000,005,545 | ---- | M] () -- C:\Users\ciki\AppData\Roaming\Mozilla\Firefox\Profiles\6iaw2c7p.default\searchplugins\webde-suche.xml
[2013/03/10 10:22:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/10 10:22:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/05/29 21:17:42 | 000,000,000 | ---D | M] (VDownloader) -- C:\PROGRAM FILES (X86)\VDOWNLOADER\ADDONS\FIREFOX
[2013/03/10 10:23:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/20 17:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/06/11 20:59:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/09/11 20:58:08 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/11 20:59:09 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/12/13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2012/06/11 20:59:09 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/11 20:59:09 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/11 20:59:09 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ciki\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ciki\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: VDownloader (Enabled) = C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\ciki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Entanglement = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: AdBlock = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: CRX Inspector = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmlpbkpknjcnfabomjkecmkigcphgomk\0.1.0.7_0\
CHR - Extension: Poppit = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Google Mail-Checker = C:\Users\ciki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [GamecomSound] C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" File not found
O4 - HKU\.DEFAULT..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe File not found
O4 - HKU\S-1-5-18..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1680820528-395719371-245008140-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1680820528-395719371-245008140-1000..\Run: [cfweatherStation] C:\Program Files (x86)\Weather\weather.exe (weather-life.com)
O4 - HKU\S-1-5-21-1680820528-395719371-245008140-1000..\Run: [Facebook Update] C:\Users\ciki\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1680820528-395719371-245008140-1000..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\ciki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Bewerbung-Reminder.lnk = C:\Program Files (x86)\Buhl\Bewerbung 2008\KCReminder.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ciki\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Преузми са Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ciki\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Преузми са Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} trial.trymicrosoftoffice.com/trialoaa/buyms...../wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.15.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{792D17F3-6462-4738-BC42-3242FC79F973}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3620eeda-6e91-11e0-a29e-c80aa906f6b3}\Shell - "" = AutoRun
O33 - MountPoints2\{3620eeda-6e91-11e0-a29e-c80aa906f6b3}\Shell\AutoRun\command - "" = G:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/16 12:34:37 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\ciki\Desktop\TFC.exe
[2013/03/16 12:31:42 | 003,222,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\ciki\Desktop\avg_remover_stf_x64_2013_2706.exe
[2013/03/16 12:27:07 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{6C4D4BE6-E81B-41C6-9B13-BA3033C473CE}
[2013/03/15 14:38:44 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2013/03/15 14:37:38 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Roaming\IrfanView
[2013/03/15 14:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2013/03/15 07:21:35 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{CE94A7CB-1BF4-4BCC-BFA0-08B503010682}
[2013/03/14 12:04:43 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\Programs
[2013/03/14 10:19:04 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{DB776C84-08E7-46D1-87A7-D0F7D6EB5953}
[2013/03/13 18:33:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/13 18:33:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/13 18:33:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/13 18:33:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/13 18:33:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/13 18:33:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/13 18:33:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/13 18:33:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/13 18:33:34 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/13 18:33:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/13 18:33:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/13 18:33:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/13 18:33:31 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/13 18:33:31 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/13 18:33:30 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/13 13:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
[2013/03/13 13:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\Plantronics
[2013/03/13 13:50:50 | 001,327,104 | ---- | C] (C-Media Electronics Inc) -- C:\Windows\SysNative\drivers\PLTGC.sys
[2013/03/13 13:50:48 | 000,315,392 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\fltrPLTGC.dll
[2013/03/13 13:50:44 | 000,524,768 | R--- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2013/03/13 07:25:30 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{E2A05959-0D61-4DDD-855F-5330EA80FEAF}
[2013/03/12 19:14:17 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{2CC63351-B530-4AFF-8FD2-E9BABE8080F7}
[2013/03/12 10:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
[2013/03/12 10:42:29 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\ManyCam
[2013/03/12 10:42:22 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys
[2013/03/12 10:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2013/03/12 07:13:49 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{F19E3600-7E96-49D4-96E8-BC8E4260C1AC}
[2013/03/11 10:07:24 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{448B59C4-8B3A-40D0-B528-F3EDDFDD4858}
[2013/03/10 22:06:49 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{93136108-293B-4871-A2E7-29D055AFFB3A}
[2013/03/10 10:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/10 10:06:13 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{AF1523BC-FA36-4CC9-AD9A-2D3D1FE239A2}
[2013/03/09 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{88073605-0C09-4002-8C4E-A52442667FBB}
[2013/03/08 21:34:38 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{32A0BDD3-4854-416A-829E-2422DADEA14F}
[2013/03/07 22:50:14 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{DA20E60B-CFAF-40FD-BE17-E758F2070238}
[2013/03/07 10:49:48 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{6AB2F670-4C79-40B0-B7CA-398C4DB3B820}
[2013/03/06 20:41:52 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{7AA5C10B-7F00-4BC0-9A82-FCE94B1972BD}
[2013/03/06 08:14:36 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{664FD360-0275-450A-A6E6-37801CA20414}
[2013/03/05 08:11:25 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{A700C3BA-B9D0-4EEA-B2B7-1A371B3F7CD8}
[2013/03/04 20:10:57 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{894CACCD-A34E-4DFE-9943-A76142C97C24}
[2013/03/04 09:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/04 09:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/04 07:14:29 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{1CBC002A-B7C4-4C93-BB44-7461B0E750C8}
[2013/03/03 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{18E2FE13-8E24-4BD3-94ED-26F204DCBB6E}
[2013/03/02 23:35:34 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{C80446ED-4343-4BF2-8356-EB1CD5B59ACC}
[2013/03/02 07:27:55 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{2906378C-0B17-43E8-9FCC-BD07FCAD993A}
[2013/03/01 16:07:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RonyaSoft
[2013/03/01 14:53:41 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/03/01 14:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/03/01 14:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2013/03/01 14:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013/03/01 11:24:10 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica MP3 CD Burner
[2013/03/01 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica MP3 CD Burner
[2013/03/01 09:25:22 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Roaming\iPumper
[2013/03/01 07:31:58 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{B9DD8D19-97AB-40B2-8D60-14CA04B938ED}
[2013/02/28 14:40:46 | 000,000,000 | ---D | C] -- C:\Users\ciki\Documents\flnmcb45
[2013/02/28 14:06:55 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/02/28 14:06:46 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/02/28 14:06:46 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/02/28 14:06:46 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/02/28 14:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/02/28 13:55:55 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{F8601342-B248-4F14-8B79-9926FE447569}
[2013/02/27 13:06:51 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{A570CAD6-B486-4070-8418-2AC3977ECAE8}
[2013/02/26 10:46:36 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{DDB6A411-3C51-4CED-AF04-CA5B819D322C}
[2013/02/25 10:54:17 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{73892C16-1D82-4AD2-BA49-CD1E178B02B8}
[2013/02/24 22:25:23 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{36E6FC94-B168-42AD-9038-9CD7A5933831}
[2013/02/24 09:42:57 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{7A33716A-E38A-4BF2-A073-4206C1AA8030}
[2013/02/23 09:25:23 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{D3D75E4C-7A38-4341-9B28-BF7DEC2ECEB1}
[2013/02/22 16:42:14 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{0096D5AC-1033-40C5-A6F2-A3B323D6E861}
[2013/02/21 17:30:59 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{C01FFBF9-44CD-4C5C-AE07-295B57A3EFD0}
[2013/02/20 21:44:25 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{996AEBC6-BA2D-4F7D-B017-F93C5003E932}
[2013/02/20 09:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson USB
[2013/02/20 09:44:02 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{C538DE71-399C-4966-A430-9ED1811E4644}
[2013/02/19 20:01:06 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{16C2A035-41EA-4801-B70E-FD6DF40A3FF4}
[2013/02/19 08:00:41 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{5F1986F0-137F-466D-A518-EEB8446579B5}
[2013/02/18 18:25:05 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{157143A3-C377-476B-BE4C-210962768CF3}
[2013/02/17 17:40:49 | 000,000,000 | ---D | C] -- C:\Users\ciki\Desktop\Adil Najbolji Grad Na Svetu Mp3 Download_files
[2013/02/17 11:05:48 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{365009F6-EDE9-460B-9F72-69292FF23744}
[2013/02/16 21:14:52 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{3D7D2B10-D8D0-444C-AA67-8CC745076426}
[2013/02/16 07:45:06 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{4F777A30-44E4-455D-9CB4-B1B1B81170A6}
[2013/02/15 19:44:41 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{20B32CCF-0A72-4284-8E23-32F4FAE6FF0F}
[2013/02/15 07:44:17 | 000,000,000 | ---D | C] -- C:\Users\ciki\AppData\Local\{2C680047-8FD7-490E-B811-308900CBF45E}
[2013/02/14 16:49:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/02/14 16:49:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/02/14 16:49:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/02/14 16:49:37 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/02/14 16:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/02/14 16:49:36 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/02/14 16:49:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/02/14 16:49:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/02/14 16:49:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/02/14 16:49:36 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/02/14 16:49:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/02/14 16:49:35 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/02/14 16:49:35 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/02/14 16:49:35 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/02/14 16:49:35 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/02/14 16:49:35 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/02/14 16:49:35 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/02/14 16:49:35 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/02/14 16:49:35 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/02/14 16:49:35 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/02/14 16:49:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/02/14 16:49:34 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/02/14 16:49:33 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/02/14 16:49:33 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/02/14 16:49:22 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011/02/20 19:16:39 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Users\ciki\wlsetup-web.exe
[2011/02/11 19:37:31 | 002,649,016 | ---- | C] (VS Revo Group Ltd.) -- C:\Users\ciki\revo191setup.exe
[1 C:\Users\ciki\Desktop\*.tmp files -> C:\Users\ciki\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/16 15:13:20 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/16 15:13:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/16 15:06:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1680820528-395719371-245008140-1000UA.job
[2013/03/16 15:03:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/16 14:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/16 13:00:52 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/16 13:00:52 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/16 12:47:24 | 000,000,121 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/03/16 12:34:49 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\ciki\Desktop\TFC.exe
[2013/03/16 12:33:32 | 000,597,667 | ---- | M] () -- C:\Users\ciki\Desktop\adwcleaner.exe
[2013/03/16 12:31:46 | 003,222,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\ciki\Desktop\avg_remover_stf_x64_2013_2706.exe
[2013/03/15 18:21:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1680820528-395719371-245008140-1000UA.job
[2013/03/15 14:43:07 | 000,021,179 | ---- | M] () -- C:\Users\ciki\Documents\prozorcic.jpg
[2013/03/15 14:43:07 | 000,021,179 | ---- | M] () -- C:\Users\ciki\Documents\prozorcic - Copy.jpg
[2013/03/15 14:38:44 | 000,001,890 | ---- | M] () -- C:\Users\ciki\Desktop\IrfanView Thumbnails.lnk
[2013/03/15 14:38:44 | 000,000,998 | ---- | M] () -- C:\Users\ciki\Desktop\IrfanView.lnk
[2013/03/15 14:17:22 | 000,007,168 | ---- | M] () -- C:\Users\ciki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/15 08:38:21 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/15 08:38:21 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/15 08:38:21 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/14 16:21:53 | 000,297,960 | ---- | M] () -- C:\Users\ciki\Documents\Kako sačuvati sadržaj ekrana kao sliku.pdf
[2013/03/14 12:04:58 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/13 16:43:00 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 16:43:00 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/13 13:50:59 | 000,000,402 | ---- | M] () -- C:\Windows\PLTGC.ini.cfl
[2013/03/13 13:50:57 | 000,000,534 | ---- | M] () -- C:\Windows\PLTGC.ini.imi
[2013/03/13 13:50:57 | 000,000,132 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2013/03/13 13:50:47 | 000,000,432 | ---- | M] () -- C:\Windows\System\PLTGC.ini
[2013/03/12 10:42:53 | 000,001,101 | ---- | M] () -- C:\Users\ciki\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2013/03/11 19:06:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1680820528-395719371-245008140-1000Core.job
[2013/03/10 16:00:01 | 000,002,044 | ---- | M] () -- C:\Users\ciki\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/03/09 20:41:03 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForciki.job
[2013/03/05 12:44:28 | 000,184,513 | ---- | M] () -- C:\Users\ciki\Documents\gigaset.com_medias_sys_master_A31008-M2009-B101-4-19_de_DE.pdf
[2013/03/05 08:03:46 | 000,021,144 | ---- | M] () -- C:\Users\ciki\Documents\zalosnasova.jpg
[2013/03/05 08:02:42 | 000,012,143 | ---- | M] () -- C:\Users\ciki\Documents\ciko1.jpg
[2013/03/04 09:24:57 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/01 16:12:44 | 000,127,900 | ---- | M] () -- C:\Users\ciki\Documents\concert simply minds.cbs
[2013/03/01 16:07:45 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\RonyaSoft CD DVD Label Maker.lnk
[2013/03/01 14:53:35 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/03/01 11:24:10 | 000,001,876 | ---- | M] () -- C:\Users\ciki\Desktop\Acoustica MP3 CD Burner.lnk
[2013/02/28 18:42:28 | 000,121,558 | ---- | M] () -- C:\Users\ciki\Documents\stare.cbs
[2013/02/28 14:06:37 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/02/28 14:06:31 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/02/28 14:06:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/02/28 14:06:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/02/28 14:06:28 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/02/28 14:06:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/02/25 00:21:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1680820528-395719371-245008140-1000Core.job
[2013/02/14 15:52:34 | 000,445,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Users\ciki\Desktop\*.tmp files -> C:\Users\ciki\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/16 12:47:04 | 000,000,121 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/03/16 12:33:16 | 000,597,667 | ---- | C] () -- C:\Users\ciki\Desktop\adwcleaner.exe
[2013/03/15 14:43:48 | 000,021,179 | ---- | C] () -- C:\Users\ciki\Documents\prozorcic - Copy.jpg
[2013/03/15 14:43:07 | 000,021,179 | ---- | C] () -- C:\Users\ciki\Documents\prozorcic.jpg
[2013/03/15 14:38:44 | 000,001,890 | ---- | C] () -- C:\Users\ciki\Desktop\IrfanView Thumbnails.lnk
[2013/03/15 14:38:44 | 000,000,998 | ---- | C] () -- C:\Users\ciki\Desktop\IrfanView.lnk
[2013/03/14 16:21:53 | 000,297,960 | ---- | C] () -- C:\Users\ciki\Documents\Kako sačuvati sadržaj ekrana kao sliku.pdf
[2013/03/13 13:50:57 | 000,813,288 | ---- | C] () -- C:\Windows\SysNative\PLTGC.exe
[2013/03/13 13:50:57 | 000,000,402 | ---- | C] () -- C:\Windows\PLTGC.ini.cfl
[2013/03/13 13:50:57 | 000,000,132 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2013/03/13 13:50:47 | 000,359,424 | ---- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2013/03/13 13:50:47 | 000,003,489 | ---- | C] () -- C:\Windows\PLTGC.ini.cfg
[2013/03/13 13:50:47 | 000,000,534 | ---- | C] () -- C:\Windows\PLTGC.ini.imi
[2013/03/12 10:42:53 | 000,001,101 | ---- | C] () -- C:\Users\ciki\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2013/03/05 12:42:26 | 000,184,513 | ---- | C] () -- C:\Users\ciki\Documents\gigaset.com_medias_sys_master_A31008-M2009-B101-4-19_de_DE.pdf
[2013/03/05 08:03:46 | 000,021,144 | ---- | C] () -- C:\Users\ciki\Documents\zalosnasova.jpg
[2013/03/05 08:02:42 | 000,012,143 | ---- | C] () -- C:\Users\ciki\Documents\ciko1.jpg
[2013/03/04 09:24:57 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/01 16:07:45 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\RonyaSoft CD DVD Label Maker.lnk
[2013/03/01 16:06:12 | 000,127,900 | ---- | C] () -- C:\Users\ciki\Documents\concert simply minds.cbs
[2013/03/01 11:24:10 | 000,001,876 | ---- | C] () -- C:\Users\ciki\Desktop\Acoustica MP3 CD Burner.lnk
[2013/02/28 18:42:28 | 000,121,558 | ---- | C] () -- C:\Users\ciki\Documents\stare.cbs
[2012/08/12 09:46:43 | 000,000,248 | ---- | C] () -- C:\Windows\BUHL.INI
[2012/05/29 21:17:43 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2012/03/05 22:49:53 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012/01/20 11:30:09 | 000,554,496 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2012/01/10 21:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 21:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 21:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 20:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/11/16 17:40:02 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/11/16 17:40:02 | 000,012,031 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-Jardinains!.dat
[2011/10/31 11:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 11:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 11:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 11:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/10/16 16:51:38 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011/10/02 14:58:04 | 000,002,017 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011/09/29 20:27:43 | 000,000,447 | ---- | C] () -- C:\Windows\PLTGC.ini
[2011/09/13 15:09:48 | 2147,483,647 | ---- | C] () -- C:\Users\ciki\vigneta.tc
[2011/09/09 17:12:23 | 000,000,291 | ---- | C] () -- C:\Windows\pwc61s.INI
[2011/05/08 20:25:55 | 000,000,000 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\wklnhst.dat
[2011/05/01 11:31:42 | 000,007,168 | ---- | C] () -- C:\Users\ciki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/25 12:57:30 | 000,000,006 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\start
[2011/04/25 12:52:02 | 000,000,006 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\completescan
[2011/04/25 12:48:14 | 000,000,010 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\install
[2011/04/25 12:46:39 | 000,000,136 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\1.gif
[2011/03/19 11:49:37 | 000,001,854 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\GhostObjGAFix.xml
[2011/02/20 17:55:51 | 008,280,563 | ---- | C] () -- C:\Users\ciki\Dara Bubamara - 2010 - 04 - Ne Planiram.mp3
[2011/02/11 19:58:44 | 019,491,357 | ---- | C] () -- C:\Users\ciki\rsapi.exe.cgi
[2011/01/28 22:02:27 | 000,149,504 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\chrtmp
[2011/01/28 22:02:22 | 002,256,519 | ---- | C] () -- C:\Users\ciki\AppData\Roaming\winrar-x64-393d.exe
[2011/01/28 18:28:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/30 16:16:05 | 001,796,096 | ---- | C] () -- C:\Users\ciki\Lang_de-DE.msi
[2010/09/30 16:15:33 | 218,817,640 | ---- | C] () -- C:\Users\ciki\TUU.cab
[2010/09/28 16:47:05 | 003,532,475 | ---- | C] () -- C:\Users\ciki\Handbuch.pdf

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/02/15 07:12:23 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\.Tribler
[2011/03/19 20:26:44 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Acoustica
[2013/03/02 18:07:49 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\BitTorrent
[2012/03/05 19:08:47 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Blue Cat Audio
[2011/02/04 19:50:20 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Buhl Data Service
[2011/04/02 22:51:22 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Duden
[2012/10/13 07:48:49 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\DVDVideoSoft
[2011/10/18 21:06:10 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Ethereal
[2012/03/27 16:05:28 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\EyeballChatUserData
[2011/05/17 21:27:45 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\GetRightToGo
[2012/05/18 07:41:01 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\gnupg
[2012/03/05 19:10:15 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\HighAndes
[2012/06/04 06:45:14 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\ICQ
[2012/05/01 00:34:30 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\ICQ Search
[2011/07/29 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\ImgBurn
[2012/02/13 15:52:42 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\InternetCalls
[2013/03/01 09:25:50 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\iPumper
[2013/03/15 14:37:38 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\IrfanView
[2011/11/27 08:40:13 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Jardinains 2!
[2013/03/12 10:43:04 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\ManyCam
[2011/09/08 18:23:20 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Mipony
[2012/11/11 21:32:56 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\NAVIGON Fresh
[2011/02/19 23:21:30 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Philips
[2012/06/04 07:05:19 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\RetroShare
[2011/12/03 13:18:21 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Samsung
[2012/04/26 19:49:35 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Screaming Bee
[2012/03/05 22:56:32 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\systweak
[2012/05/03 14:46:31 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Temp
[2011/10/18 20:52:39 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Thinstall
[2012/02/13 22:52:32 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Tobit
[2012/06/07 17:45:47 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\TrueCrypt
[2012/11/11 20:58:37 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\TuneUp Software
[2012/06/03 22:23:36 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\VDownloader
[2012/02/05 17:05:55 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\Windows Live Writer
[2012/05/18 07:59:41 | 000,000,000 | ---D | M] -- C:\Users\ciki\AppData\Roaming\winpt

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 178 bytes -> C:\ProgramData\Temp:6724CB45

< End of report >




mycity.rs/must-login.png

Poslao: 16 Mar 2013 20:21
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Korak 1.

Nisi dobro uklonio AVG. I dalje ima ostataka, probaj ponovo...



Korak 2.

Ponovo pokreni program OTL dvoklikom na ikonu.

U bijeli okvir prozora gdje piše Custom Scans/Fixes iskopirati sljedeći tekst:

:commands
[emptytemp]


Klikni taster Run Fix;

Izvještaj koji dobiješ iskopiraj ovde u poruci.



Korak 3.

Postavi svez OTL izvestaj.

MyCity » Ambulanta -> Arhiva Ambulante » Reklamni prozorcic

Ko je trenutno na forumu
 

Ukupno su 761 korisnika na forumu :: 24 registrovanih, 1 sakriven i 736 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., Apok, Ben Roj, CikaKURE, djboj, Duh sa sekirom, hooraay, Ilija Cvorovic, jackreacher011011, kokan0905, kolle.the.kid, Kubovac, libellule_dk, mercedesamg, Metanoja, mrav pesadinac, naki011, nuke92, Panonsky, raptorsi, Srki94, vathra, vlajkox