OTL logfile created on: 15.4.2012 14:55:36 - Run 3 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Sanel\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000424 | Country: Slovenija | Language: SLV | Date Format: d.M.yyyy 8,00 Gb Total Physical Memory | 5,44 Gb Available Physical Memory | 68,00% Memory free 16,00 Gb Paging File | 13,27 Gb Available in Paging File | 82,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 489,03 Gb Total Space | 124,07 Gb Free Space | 25,37% Space Free | Partition Type: NTFS Drive I: | 442,38 Gb Total Space | 442,03 Gb Free Space | 99,92% Space Free | Partition Type: NTFS Drive J: | 100,00 Mb Total Space | 60,88 Mb Free Space | 60,89% Space Free | Partition Type: NTFS Computer Name: SANEL-PC | User Name: Sanel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012.04.14 21:31:20 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Sanel\Downloads\OTL.exe PRC - [2012.04.08 18:07:25 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012.04.08 18:07:25 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.04.04 07:05:28 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012.04.04 07:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2012.04.03 19:18:00 | 001,262,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.04.03 07:15:44 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.04.02 18:34:37 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2012.04.02 18:31:38 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2012.03.23 15:17:28 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Sanel\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe PRC - [2012.03.19 13:38:46 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.03.19 13:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012.03.14 17:38:14 | 000,913,752 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe PRC - [2012.03.06 18:39:50 | 000,574,296 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe PRC - [2012.03.02 19:47:16 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.02.21 15:05:22 | 000,632,664 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Game Booster\gbtray.exe PRC - [2012.02.18 05:05:02 | 004,347,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgui.exe PRC - [2012.02.16 04:57:46 | 002,575,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe PRC - [2012.02.15 07:03:14 | 000,738,680 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2012.02.14 04:53:36 | 002,316,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe PRC - [2012.02.14 04:52:54 | 005,104,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe PRC - [2012.01.04 15:26:46 | 001,606,488 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.12.05 07:18:49 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2011.11.10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2011.10.20 15:43:56 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012.04.15 14:46:42 | 000,115,137 | ---- | M] () -- C:\Users\Sanel\AppData\Local\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll MOD - [2012.04.11 16:07:38 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\95e261d2660c662aab4306168001f3e7\PresentationFramework.ni.dll MOD - [2012.04.11 16:07:27 | 011,469,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\2a1d0ebdb3810bb2926aea930567a3ef\PresentationCore.ni.dll MOD - [2012.04.11 16:07:25 | 013,197,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\bf4d4ad3e86281bc3924d74f4e716322\System.Windows.Forms.ni.dll MOD - [2012.04.11 16:07:19 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\876000568ee47aa4407f0931161adf59\WindowsBase.ni.dll MOD - [2012.04.11 16:07:18 | 001,665,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ab9feeb2817859457fc06c4c06f32fe1\System.Drawing.ni.dll MOD - [2012.04.08 18:07:25 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012.04.04 07:05:28 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2012.04.02 18:34:37 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2012.04.02 18:34:36 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll MOD - [2012.04.02 18:34:36 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL MOD - [2012.04.02 18:34:36 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll MOD - [2012.04.02 18:34:36 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll MOD - [2012.02.15 20:27:59 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\45f56e5749f43eeb24b2094fd761a9d3\System.Management.ni.dll MOD - [2012.02.15 20:26:52 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b8f323bbcb35543dd68e9dbdd1abe69b\System.Runtime.Remoting.ni.dll MOD - [2012.02.15 20:26:46 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a6529c9ffc0303d1eee4282d18c7d7f3\System.Xaml.ni.dll MOD - [2012.02.14 20:20:44 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9bf91363906fc418ea34b30d7bf825b9\System.Core.ni.dll MOD - [2012.02.14 20:20:42 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\da0fc8ce9b2fb592b7d8065481ef5d42\System.Xml.ni.dll MOD - [2012.02.14 20:20:40 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\15e071596162d504ead0394ec971ad3b\PresentationFramework.Aero.ni.dll MOD - [2012.02.14 20:20:38 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\26430b84dfd15f788b0e39dce71ef5d1\System.ni.dll MOD - [2012.02.14 20:20:34 | 014,414,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\fe6b346d83857a3f02bda63332e66642\mscorlib.ni.dll MOD - [2011.12.15 16:16:32 | 000,516,440 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster\sqlite3.dll MOD - [2011.08.19 17:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2012.04.14 21:28:19 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.08 18:07:25 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.04.03 19:18:00 | 001,262,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.04.03 07:15:44 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.04.02 18:34:37 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.03.14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5) SRV - [2012.03.02 19:47:16 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2012.02.14 04:53:36 | 002,316,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws) SRV - [2012.02.14 04:52:54 | 005,104,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012.02.22 05:25:50 | 000,382,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:[b]64bit:[/b] - [2012.02.22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2012.01.31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2011.12.23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2011.12.23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter) DRV:[b]64bit:[/b] - [2011.12.23 13:32:02 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidseha.sys -- (AVGIDSEH) DRV:[b]64bit:[/b] - [2011.12.23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2011.12.18 20:25:42 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011.09.10 15:47:17 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2011.09.10 15:45:48 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011.06.02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:[b]64bit:[/b] - [2011.06.02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV:[b]64bit:[/b] - [2011.06.02 07:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) DRV:[b]64bit:[/b] - [2011.06.02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV:[b]64bit:[/b] - [2011.05.23 01:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd) DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010.12.21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:[b]64bit:[/b] - [2010.11.26 19:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV:[b]64bit:[/b] - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010.11.15 09:15:20 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv) DRV:[b]64bit:[/b] - [2010.11.15 09:10:18 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010.04.07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64) DRV:[b]64bit:[/b] - [2009.10.20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:[b]64bit:[/b] - [2009.10.20 17:20:36 | 000,114,608 | ---- | M] (Philips Applied Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\phaudlwr.sys -- (phaudlwr) DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009.06.17 09:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:[b]64bit:[/b] - [2009.06.17 09:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2009.06.17 09:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008.05.21 14:30:58 | 000,583,168 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPC530.sys -- (SPC530) DRV:[b]64bit:[/b] - [2008.05.21 14:30:58 | 000,008,192 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPC530m.sys -- (SPC530m) DRV - [2012.01.09 14:22:44 | 000,036,792 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys -- (PfFilter) DRV - [2010.11.15 09:10:18 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/bsprpc/{4A98CE8A-F7B3-4490-8582-0FD807342FA1} IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.si/ IE - HKCU\..\URLSearchHook: {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={2A3D885E-359B-431F-AF58-57254BD93D51}&mid=c5bf2d89382047d1a541bdb90fb485fb-ae8fc96752d0a3adb97c49c3e4ce9671a789dccd&lang=en&ds=AVG&pr=pr&d=2012-04-08 18:07:28&v=10.2.0.3&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/bsprpc/{4A98CE8A-F7B3-4490-8582-0FD807342FA1}?q={searchTerms} IE - HKCU\..\SearchScopes\{99351B01-191D-4B41-A8A1-31A2EC7A8241}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=W3I4&o=41648006&src=kw&q={searchTerms}&locale=&apn_ptnrs=^A9K&apn_dtid=^YYYYYY^YY^SI&apn_uid=E6DC92A0-E5E1-416B-99FD-79C7A3976B48&apn_sauid=756923EE-6463-406E-B51B-79405087E39B IE - HKCU\..\SearchScopes\{C7DCBCDF-63C0-4097-81D7-2F2B121875A2}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2832595 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.startup.homepage: "http://eu.ask.com/?l=dis&o=41648006&gct=hp" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sanel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sanel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.12.05 07:19:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.04.11 15:56:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.04.08 18:05:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012.04.08 18:07:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.10 13:41:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.10.16 14:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sanel\AppData\Roaming\mozilla\Extensions [2012.04.14 13:46:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sanel\AppData\Roaming\mozilla\Firefox\Profiles\yrl0b4r6.default\extensions [2012.01.09 06:14:18 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Sanel\AppData\Roaming\mozilla\Firefox\Profiles\yrl0b4r6.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2011.12.14 15:47:54 | 000,002,333 | ---- | M] () -- C:\Users\Sanel\AppData\Roaming\Mozilla\Firefox\Profiles\yrl0b4r6.default\searchplugins\askcom.xml [2012.03.11 19:18:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.03.11 19:18:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.02.25 13:55:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012.01.10 13:41:33 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.04.08 18:07:23 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012.01.10 13:41:32 | 000,010,799 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ceneji.xml [2012.01.10 13:41:32 | 000,001,420 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\najdi-si.xml [2012.01.10 13:41:32 | 000,003,584 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\odpiralni.xml [2012.01.10 13:41:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml [2012.01.10 13:41:32 | 000,001,328 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.127.0_0\npBFHUpdater.dll CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.127.0_0\BFHUpdater.exe CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2111_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = I:\PFiles\Plugins\np-mswmp.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll CHR - plugin: Google Update (Enabled) = C:\Users\Sanel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll CHR - Extension: Angry Birds = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\ CHR - Extension: YouTube = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Iskanje Google = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Battlefield Play4Free = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\ CHR - Extension: AdBlock = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.25_0\ CHR - Extension: QuickShift For Chrome = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijmaphaippejlhagngohjmehmanbehd\1.2.1_0\ CHR - Extension: Battlefield Heroes = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.127.0_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: AVG Safe Search = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2111_0\ CHR - Extension: Auto Replay for YouTube = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.10_0\ CHR - Extension: Skype Click to Call = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\ CHR - Extension: InnoGames International = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi\2.3.0.15_0\ CHR - Extension: Preverjevalnik za Google Mail = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\ CHR - Extension: AVG Do-Not-Track = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2126_0\ CHR - Extension: YouTube Repeat = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\piicimoiaiblachamdicgngccadhlecl\1.0.1_0\ CHR - Extension: Gmail = C:\Users\Sanel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.04.15 14:41:35 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (AVG Do-Not-Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Do-Not-Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll () O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll () O4:[b]64bit:[/b] - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: I&zvozi v Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: P&ošlji v OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: I&zvozi v Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: P&ošlji v OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O9:[b]64bit:[/b] - Extra Button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.255.209.79 84.255.210.79 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7ABE2214-9FD8-4778-AD28-40DC2A5DCE92}: DhcpNameServer = 84.255.209.79 84.255.210.79 O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll () O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.04.08 15:16:29 | 000,000,053 | -H-- | M] () - I:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012.04.08 15:16:29 | 000,000,053 | -H-- | M] () - J:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012.04.15 14:41:34 | 000,000,000 | ---D | C] -- C:\_OTL [2012.04.15 14:38:30 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Roaming\dclogs [2012.04.15 13:37:23 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Sanel\Desktop\aswMBR (1).exe [2012.04.15 13:07:13 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Documents\Cross Fire [2012.04.15 13:07:13 | 000,000,000 | ---D | C] -- C:\CFLog [2012.04.15 12:56:30 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossfire Europe [2012.04.15 12:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe [2012.04.15 12:54:11 | 000,000,000 | ---D | C] -- C:\SG Interactive [2012.04.14 20:12:15 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.04.14 20:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.04.14 20:10:09 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Local\ElevatedDiagnostics [2012.04.14 17:23:09 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Documents\samsung [2012.04.14 15:45:41 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Roaming\Malwarebytes [2012.04.14 15:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.04.14 15:18:41 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Documents\My Games [2012.04.14 13:41:20 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Roaming\com.w3i.FlipToast [2012.04.14 13:41:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fliptoast [2012.04.14 13:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2012.04.14 13:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Freely [2012.04.14 13:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\Open Freely [2012.04.14 13:40:22 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Local\APN [2012.04.10 18:52:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.04.08 20:51:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.04.08 18:08:21 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Roaming\AVG2012 [2012.04.08 18:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2012.04.08 18:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2012.04.08 18:07:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search [2012.04.08 18:07:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search [2012.04.08 18:06:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2012.04.08 18:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012 [2012.04.08 18:05:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG [2012.04.08 18:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2012.04.08 15:39:54 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Desktop\p4f aimbot [2012.04.08 14:53:48 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Desktop\XibiT Logs [2012.04.05 20:44:58 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Desktop\Project-7 v3.8 [2012.04.04 15:57:41 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Desktop\sound [2012.04.03 16:55:37 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Desktop\Berlec [2012.03.31 19:00:32 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Roaming\AnvSoft [2012.03.31 19:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft [2012.03.31 19:00:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft [2012.03.31 14:19:24 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Local\Skyrim [2012.03.31 14:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2012.03.31 14:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Elder Scrolls V Skyrim [2012.03.31 13:01:04 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Roaming\Corel [2012.03.31 13:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis [2012.03.31 13:00:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel [2012.03.29 13:55:45 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Desktop\INpact_CSS_Hud_Tweaker_1.19 [2012.03.27 16:10:09 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Desktop\Projektno delo [2012.03.25 15:40:18 | 001,761,792 | ---- | C] (MrHackTV) -- C:\Users\Sanel\Desktop\MrHackTV BlackOps Trainer 1.13.exe [2012.03.23 17:53:20 | 000,000,000 | ---D | C] -- C:\Users\Sanel\Desktop\cod4 EliteBot V6 [2012.03.22 19:49:10 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Roaming\Rovio [2012.03.22 19:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rovio [2012.03.19 21:08:13 | 000,000,000 | ---D | C] -- C:\Users\Sanel\AppData\Local\The Witcher 2 [2011.09.11 09:28:07 | 001,169,224 | ---- | C] (Microsoft Corporation) -- C:\Users\Sanel\AppData\Roaming\new.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012.04.15 14:55:14 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.04.15 14:55:14 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.04.15 14:55:07 | 000,261,192 | ---- | M] () -- C:\Users\Sanel\Desktop\virus gone.png [2012.04.15 14:44:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job [2012.04.15 14:43:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.04.15 14:43:54 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys [2012.04.15 14:41:35 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2012.04.15 14:28:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.04.15 14:22:01 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3324728189-2308745895-3182499056-1001Core.job [2012.04.15 14:22:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3324728189-2308745895-3182499056-1001UA.job [2012.04.15 14:20:39 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.04.15 14:20:39 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.04.15 13:56:42 | 000,000,512 | ---- | M] () -- C:\Users\Sanel\Desktop\MBR.dat [2012.04.15 13:37:39 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Sanel\Desktop\aswMBR (1).exe [2012.04.15 12:56:33 | 000,000,845 | ---- | M] () -- C:\Users\Sanel\Desktop\Crossfire Europe.lnk [2012.04.15 12:54:43 | 000,161,121 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012.04.15 12:54:02 | 490,642,883 | ---- | M] () -- C:\Users\Sanel\Desktop\Crossfire_Install.exe [2012.04.15 12:13:17 | 095,083,502 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012.04.14 21:42:44 | 000,231,579 | ---- | M] () -- C:\Users\Sanel\Desktop\virus.png [2012.04.14 20:12:16 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012.04.13 16:56:42 | 000,623,747 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm [2012.04.11 17:30:45 | 000,000,008 | ---- | M] () -- C:\Users\Sanel\AppData\Roaming\Lucid_player_highscore.dat [2012.04.11 17:30:39 | 000,000,212 | ---- | M] () -- C:\Users\Sanel\AppData\Roaming\Lucid_player_profiles_data.dat [2012.04.11 16:06:14 | 000,731,882 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.04.11 16:06:14 | 000,615,942 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.04.11 16:06:14 | 000,106,322 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.04.11 15:56:09 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012.04.10 14:50:27 | 000,234,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.04.08 22:58:25 | 000,215,278 | ---- | M] () -- C:\Users\Sanel\Desktop\picture of payment.png [2012.04.08 20:51:58 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.04.08 20:51:12 | 022,259,528 | ---- | M] () -- C:\Users\Sanel\Desktop\vlc-2.0.1-win32.exe [2012.04.08 18:06:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012.04.08 18:06:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012.04.08 18:06:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012.04.08 14:57:25 | 000,105,472 | ---- | M] () -- C:\Users\Sanel\Desktop\Crucial BFBC2 ESP.dll [2012.04.07 18:58:40 | 000,007,597 | ---- | M] () -- C:\Users\Sanel\AppData\Local\Resmon.ResmonCfg [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.04.03 19:18:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.04.03 19:18:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.04.03 19:18:00 | 000,014,252 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012.04.03 07:16:04 | 000,423,744 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.04.02 16:24:35 | 000,000,151 | ---- | M] () -- C:\Windows\INpact_CSS_Hud_tweaker_1.19.INI [2012.03.31 19:00:24 | 000,001,240 | ---- | M] () -- C:\Users\Sanel\Desktop\Any Video Converter.lnk [2012.03.31 14:18:59 | 000,001,137 | ---- | M] () -- C:\Users\Sanel\Desktop\atimgpud.dll - Bližnjica.lnk [2012.03.31 14:18:59 | 000,001,130 | ---- | M] () -- C:\Users\Sanel\Desktop\binkw32.dll - Bližnjica.lnk [2012.03.27 18:00:59 | 000,001,276 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk [2012.03.27 18:00:59 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012.03.22 08:11:41 | 000,000,032 | ---- | M] () -- C:\Users\Sanel\jagex_cl_runescape_LIVE.dat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012.04.15 14:55:07 | 000,261,192 | ---- | C] () -- C:\Users\Sanel\Desktop\virus gone.png [2012.04.15 13:56:42 | 000,000,512 | ---- | C] () -- C:\Users\Sanel\Desktop\MBR.dat [2012.04.15 12:56:33 | 000,000,845 | ---- | C] () -- C:\Users\Sanel\Desktop\Crossfire Europe.lnk [2012.04.15 12:54:43 | 000,161,121 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012.04.15 12:46:39 | 490,642,883 | ---- | C] () -- C:\Users\Sanel\Desktop\Crossfire_Install.exe [2012.04.15 12:13:17 | 095,083,502 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012.04.14 21:42:44 | 000,231,579 | ---- | C] () -- C:\Users\Sanel\Desktop\virus.png [2012.04.14 20:12:16 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012.04.14 13:41:04 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012.04.13 16:56:42 | 000,623,747 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm [2012.04.08 22:58:25 | 000,215,278 | ---- | C] () -- C:\Users\Sanel\Desktop\picture of payment.png [2012.04.08 20:51:58 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.04.08 20:50:42 | 022,259,528 | ---- | C] () -- C:\Users\Sanel\Desktop\vlc-2.0.1-win32.exe [2012.04.08 18:07:45 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012.04.08 18:06:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012.04.08 18:06:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012.04.08 18:06:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012.04.08 16:11:45 | 000,040,448 | ---- | C] () -- C:\Users\Sanel\Desktop\TBV4.5.dll [2012.04.08 16:11:45 | 000,000,127 | ---- | C] () -- C:\Users\Sanel\Desktop\TrollBot.ini [2012.04.08 15:43:35 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.04.08 15:40:18 | 000,099,840 | ---- | C] () -- C:\Users\Sanel\Desktop\bfbc2.dll [2012.04.08 14:57:24 | 000,105,472 | ---- | C] () -- C:\Users\Sanel\Desktop\Crucial BFBC2 ESP.dll [2012.04.07 18:58:40 | 000,007,597 | ---- | C] () -- C:\Users\Sanel\AppData\Local\Resmon.ResmonCfg [2012.04.05 06:52:01 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.04.03 07:16:04 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.03.31 19:00:24 | 000,001,240 | ---- | C] () -- C:\Users\Sanel\Desktop\Any Video Converter.lnk [2012.03.31 14:18:59 | 000,001,137 | ---- | C] () -- C:\Users\Sanel\Desktop\atimgpud.dll - Bližnjica.lnk [2012.03.31 14:18:59 | 000,001,130 | ---- | C] () -- C:\Users\Sanel\Desktop\binkw32.dll - Bližnjica.lnk [2012.03.29 13:58:16 | 000,000,151 | ---- | C] () -- C:\Windows\INpact_CSS_Hud_tweaker_1.19.INI [2012.03.02 19:23:31 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe [2012.02.29 21:21:24 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2012.01.10 16:47:52 | 000,000,212 | ---- | C] () -- C:\Users\Sanel\AppData\Roaming\Lucid_player_profiles_data.dat [2012.01.10 16:47:52 | 000,000,008 | ---- | C] () -- C:\Users\Sanel\AppData\Roaming\Lucid_player_highscore.dat [2012.01.02 19:00:13 | 002,484,592 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_p4f.exe [2011.12.18 20:32:43 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2011.10.11 06:46:37 | 000,837,192 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011.09.24 15:16:50 | 000,013,312 | ---- | C] () -- C:\Users\Sanel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.09.11 10:27:53 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat [2011.09.10 11:29:12 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.09.10 11:29:12 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.06.07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [color=#E56717]========== LOP Check ==========[/color] [2012.03.31 19:00:32 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\AnvSoft [2012.04.08 18:08:21 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\AVG2012 [2011.10.30 20:01:25 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\Babylon [2012.04.14 13:41:20 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\com.w3i.FlipToast [2012.04.09 10:49:44 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\DAEMON Tools Lite [2012.04.15 14:41:20 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\dclogs [2012.02.20 18:26:13 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\DYA_RMPLMEVIVAJHPNVTH [2012.01.27 16:56:31 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\GameRanger [2012.01.14 21:27:07 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\GetRightToGo [2011.12.08 19:15:49 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\IObit [2011.09.18 09:42:29 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\Leadertech [2012.01.04 19:28:49 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\MW3 FoV Changer [2012.01.13 16:57:20 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\NationRed [2011.10.21 18:49:48 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\Origin [2011.12.25 19:24:15 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\PunkBuster [2012.03.22 19:49:10 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\Rovio [2011.11.12 12:07:56 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\Samsung [2012.04.08 14:39:55 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\TeamViewer [2012.04.07 19:17:06 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\Temp [2011.09.10 15:39:22 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\Uniblue [2012.04.15 14:59:42 | 000,000,000 | ---D | M] -- C:\Users\Sanel\AppData\Roaming\uTorrent [2012.04.15 14:44:37 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job [2012.02.24 16:32:48 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFNBGTF67VG8YNGLF0LF6E5MV3TVFSVF7JB4VPJGV < End of report >