| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Polizeivirus österreichWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.09.2012, 14:51
| #1 |
| |  Polizeivirus österreich Kann mir bitte jemand helfen? Seit einigen Tagen hat dieser komische Polizeivirus meinen PC überfallen. Ich kann nichts machen, sobald ich den Computer hochfahre und zum Desktop gelange tritt eine Bildschirmsperre auf und ich kann nichts mehr machen. Ich habe Windows 7, 32-Bit. Bitte um Hilfe  OTL: OTL logfile created on: 02.09.2012 14:55:06 - Run 1 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Emir\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 86,32% Memory free 6,00 Gb Paging File | 5,61 Gb Available in Paging File | 93,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 33,18 Gb Free Space | 34,01% Space Free | Partition Type: NTFS Drive D: | 1299,61 Gb Total Space | 684,65 Gb Free Space | 52,68% Space Free | Partition Type: NTFS Drive J: | 3,73 Gb Total Space | 3,73 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: FREEMAN | User Name: Emir | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Emir\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Emir\AppData\Roaming\xsecva\xsecva.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Users\Emir\AppData\Roaming\xsecva\xsecva.exe () MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF () MOD - \\?\globalroot\systemroot\system32\mswsock.DLL () MOD - \\.\globalroot\systemroot\system32\mswsock.dll () MOD - C:\Programme\Notepad++\NppShell_04.dll () MOD - C:\Programme\WinRAR\RarExt.dll () ========== Services (SafeList) ========== SRV - (NMSAccess) -- C:\Program Files\Blaze Media Pro\NMSAccess32.exe File not found SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (BstHdLogRotatorSvc) -- C:\Programme\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) SRV - (Giraffic) -- C:\Programme\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic) SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (UserAccess7) -- C:\Windows\System32\UAService7.exe () SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (Killer Port Manager) -- C:\Programme\Bigfoot Networks\Killer Driver\PortManager.exe () SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe () SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (EhttpSrv) -- C:\Programme\Eset\ESET Smart Security\EHttpSrv.exe (ESET) SRV - (ekrn) -- C:\Programme\Eset\ESET Smart Security\ekrn.exe (ESET) SRV - (lxce_device) -- C:\Windows\System32\lxcecoms.exe ( ) ========== Driver Services (SafeList) ========== DRV - (REMOVE) -- C:\Windows\system32\drivers\REMOVE.SYS File not found DRV - (DSDrv4) -- C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys File not found DRV - (adxapie) -- C:\Users\Emir\AppData\Local\Temp\adxapie.sys File not found DRV - (BstHdDrv) -- C:\Programme\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems) DRV - (ssudserd) -- C:\Windows\System32\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (sscemdm) -- C:\Windows\System32\drivers\sscemdm.sys (MCCI Corporation) DRV - (ssceserd) -- C:\Windows\System32\drivers\ssceserd.sys (MCCI Corporation) DRV - (sscebus) -- C:\Windows\System32\drivers\sscebus.sys (MCCI Corporation) DRV - (sscemdfl) -- C:\Windows\System32\drivers\sscemdfl.sys (MCCI Corporation) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (stdriver) -- C:\Windows\System32\drivers\stdriver32.sys (NCH Software) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (epfwtdi) -- C:\Windows\System32\drivers\epfwtdi.sys (ESET) DRV - (Epfwndis) -- C:\Windows\System32\drivers\epfwndis.sys (ESET) DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET) DRV - (easdrv) -- C:\Windows\System32\drivers\easdrv.sys (ESET) DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET) DRV - (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.) DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes AG) DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (MarvinBus) -- C:\Windows\System32\drivers\MarvinBus.sys (Pinnacle Systems GmbH) DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/ IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.bing.com/ [binary data] IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.bing.com/ [binary data] IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/417 IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - No CLSID value found IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100474&mntrId=c82de7b7000000000000001f3f0a9aa1 IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14197&src=crm&q={searchTerms}&locale=de_US&apn_ptnrs=FN&apn_dtid=&apn_uid=89F87693-3BB2-448C-B72D-85E217B4F748&apn_sauid=FF18D045-1B99-4394-BBBF-0A315166FBE1 IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms} IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms} IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms} IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1;<local> IE - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = : ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Emir\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Emir\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Emir\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.07.06 19:04:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.03.04 11:20:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Emir\AppData\Roaming\mozilla\Extensions File not found (No name found) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\THUNDERBIRD CONNECTOR\THUNDERBIRDEXTENSION [2009.12.03 18:40:43 | 000,000,000 | ---D | M] (WebMail) -- C:\USERS\EMIR\APPDATA\ROAMING\THUNDERBIRD\PROFILES\O621Q6DW.DEFAULT\EXTENSIONS\{3C8E8390-2CF6-11D9-9669-0800200C9A66} ========== Chrome ========== CHR - homepage: hxxp://www.facebook.com/ CHR - default_search_provider: Web Search (Enabled) CHR - default_search_provider: search_url = hxxp://www.searchqu.com/web?src=crb&appid=0&systemid=417&sr=0&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.facebook.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Emir\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Emir\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Emir\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Emir\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: OGPlanet Game Plugin (Enabled) = C:\Windows\system32\npOGPPlugin.dll CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Emir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll () O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll () O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll () O3 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ChelloBackground] C:\Program Files\chello\¨ ¢ChelloMessenger.exesync.ex File not found O4 - HKLM..\Run: [ChelloDesktop] C:\Program Files\chello\¨ ¢ChelloDesktop.exe File not found O4 - HKLM..\Run: [DATAMNGR] C:\Programme\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 4300 Series\ezprint.exe (Lexmark International Inc.) O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LXCECATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCEtime.DLL () O4 - HKLM..\Run: [lxcemon.exe] C:\Program Files\Lexmark 4300 Series\lxcemon.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [QuickTime Task] C:\Windows\System32\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [ralcav] C:\Users\Emir\AppData\Roaming\ralcav.dll () O4 - HKLM..\Run: [RestartNeroSetup] "H:\Installation\Setupx.exe" File not found O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [USBToolTip] C:\Programme\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) O4 - HKLM..\Run: [UVS12 Preload] D:\COREL\uvPL.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [XSECVA] C:\Users\Emir\AppData\Roaming\xsecva\xsecva.exe () O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [] C:\Users\Emir\AppData\Local\Temp\moewsnarxc.exe () O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [4Sync] "C:\Program Files\4Sync\4Sync.exe" -startup File not found O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [8JE5UHC6FZ] C:\Users\Emir\AppData\Local\Temp\Xtl.exe File not found O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [Facebook Update] C:\Users\Emir\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [Firewall Administrating] C:\Windows\infocard.exe File not found O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [Halo2] rundll32.exe C:\Windows\system32\sshnas21.dll,GetMainWnd File not found O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [SystemUpdate] C:\Users\Emir\Documents\System32\updater.exe File not found O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks) O4 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000..\Run: [XSECVA] C:\Users\Emir\AppData\Roaming\xsecva\xsecva.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Emir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Emir\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe (Facebook) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data] O7 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - C:\Users\Emir\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Emir\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\bfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\bfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\bfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\bfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\bfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..Trusted Domains: fritz.box ([]* in Local intranet) O15 - HKU\S-1-5-21-412610040-2672726962-1626522592-1000\..Trusted Ranges: Range1 ([*] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.6.2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0D173C5-B74D-483C-AD0E-6B6800EFBB0B}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll () O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll) - C:\Programme\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll) - C:\Programme\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - ("C:\Users\Emir\AppData\Roaming\xsecva\xsecva.exe" -s) - C:\Users\Emir\AppData\Roaming\xsecva\xsecva.exe () O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{34dd9f21-2a35-11e0-94e3-001f3f0a9aa1}\Shell - "" = AutoRun O33 - MountPoints2\{34dd9f21-2a35-11e0-94e3-001f3f0a9aa1}\Shell\AutoRun\command - "" = K:\ICM_ML.exe O33 - MountPoints2\{4e1bd59d-38c6-11df-b28a-0030670c53b5}\Shell - "" = AutoRun O33 - MountPoints2\{4e1bd59d-38c6-11df-b28a-0030670c53b5}\Shell\AutoRun\command - "" = H:\setup.exe O33 - MountPoints2\{8ebc9338-dfaf-11de-9715-0030670c53b5}\Shell - "" = AutoRun O33 - MountPoints2\{8ebc9338-dfaf-11de-9715-0030670c53b5}\Shell\AutoRun\command - "" = G:\start.exe O33 - MountPoints2\{c1ca8437-6b05-11df-a4b0-0030670c53b5}\Shell - "" = AutoRun O33 - MountPoints2\{c1ca8437-6b05-11df-a4b0-0030670c53b5}\Shell\AutoRun\command - "" = I:\pushinst.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.02 14:41:58 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Emir\Desktop\OTL.exe [2012.08.31 18:33:12 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{FC5FBB12-671B-41B0-8D05-1ACBAE71571D} [2012.08.30 20:00:25 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Roaming\xsecva [2012.08.30 19:29:12 | 000,000,000 | ---D | C] -- C:\Users\Emir\Documents\FM12_temp [2012.08.30 19:22:56 | 000,000,000 | ---D | C] -- C:\Users\Emir\Documents\FIFA 12 [2012.08.30 18:44:55 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{80B0E1C3-89D9-400F-8962-74EF7981677D} [2012.08.30 06:44:31 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{CAF18D4E-A9B5-4C0F-A93E-D9CD3E0C5B46} [2012.08.29 16:39:32 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{C29323D6-7966-4465-9405-B7DF199D97DA} [2012.08.29 04:09:35 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{222D9DF6-64A4-4369-90FB-B5F4B8EABEC5} [2012.08.28 14:12:14 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{5A9D85E1-610D-4E36-BFD2-4E1FE3BD3B86} [2012.08.28 02:11:45 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{CF323D0F-BD11-4FB1-8A00-928E74334C92} [2012.08.27 13:59:06 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{9F7873E2-66FC-4FCC-9F24-21AC3E0A7A43} [2012.08.27 00:22:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sleeping Dogs [2012.08.26 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{DCB25727-CEEE-4925-A403-93CA0F1581B0} [2012.08.26 08:18:23 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{503A5A2A-6C12-4DEF-9622-2C8F9C26F5DD} [2012.08.25 19:30:54 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{85D72650-DDEA-4A0F-8650-38A1B4C23003} [2012.08.24 21:41:00 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{B262DA36-5842-4FCC-92F1-E6E8E6867F64} [2012.08.24 18:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crazy Kickers XS [2012.08.24 09:22:37 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{EB9835B7-FC55-43DA-B5B1-1AEABEFACDFA} [2012.08.23 23:39:15 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Roaming\Opera [2012.08.23 23:39:15 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\Opera [2012.08.23 23:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012.08.23 13:24:25 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{C2E52E05-9983-451A-93A6-5871F6905734} [2012.08.23 12:25:14 | 000,000,000 | -HSD | C] -- C:\Users\Emir\Documents\i68Backups [2012.08.23 12:25:03 | 000,000,000 | ---D | C] -- C:\Users\Emir\Documents\i68Fifa12 [2012.08.23 12:24:15 | 000,000,000 | ---D | C] -- C:\chants [2012.08.23 07:24:03 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{B57B1E44-10BC-4959-AFD2-0DDA6ECD8179} [2012.08.22 12:29:43 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{3F9F39A3-04FC-4B23-B310-0C5A3B28CC07} [2012.08.21 21:25:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.08.21 21:25:35 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.08.21 21:25:35 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.08.21 21:25:05 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.08.21 15:04:48 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{5CCE56A3-34AA-4C34-8BA0-92659DAA10E9} [2012.08.20 22:09:17 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{6D27635C-0217-43B0-9836-3FE9928AE685} [2012.08.19 19:37:31 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{1EA1810E-9110-4545-A357-E5ABF40529C6} [2012.08.19 07:37:05 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{0D02E31B-BE7F-4676-8D1D-BD0B2FC487E7} [2012.08.18 15:23:58 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{19F1794C-AE2B-45DE-865C-1D4C26D5AE1A} [2012.08.18 15:23:46 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{F530BACB-6518-44EC-8833-8410DC71FDC4} [2012.08.18 10:18:11 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{74F5D430-57F2-4D5B-B237-F197911B3659} [2012.08.18 10:17:59 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{7A0152A9-B508-4C31-A972-42E30F8198BC} [2012.08.17 21:02:27 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{5A6BF7A2-6430-45DA-91D7-31CEB3B3CC16} [2012.08.17 21:02:14 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{5CBABDDF-1374-459A-B6AB-A9DBF9C4AD7E} [2012.08.17 20:53:03 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{3A06DE06-9F24-431E-A9EC-FDEDC33C601C} [2012.08.17 20:52:51 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{D83E8000-7390-49E9-A503-15D7567E8804} [2012.08.17 08:33:09 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{BFD56AD8-8E94-401F-BE34-2559A3FE0A7D} [2012.08.17 08:32:57 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{A43FCB45-85D0-4ACC-800F-83BB3FC2FFA8} [2012.08.16 16:05:02 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{A70B4543-06FF-4F9E-AC3D-9123FE25F866} [2012.08.16 16:04:51 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{B7607389-527A-45B7-AD1C-824C6288B638} [2012.08.15 23:58:25 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{24CEB148-4AA3-4BF1-910B-59CA69CF1427} [2012.08.15 23:58:14 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{347C6241-5015-43E2-ADEC-C64118B9C80B} [2012.08.15 12:12:30 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.08.15 12:12:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.08.15 12:12:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.08.15 12:12:28 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.08.15 12:12:27 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.08.15 12:12:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.08.15 12:12:25 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.08.15 11:32:41 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2012.08.15 11:32:40 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.08.15 11:32:39 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll [2012.08.15 11:26:26 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{117AD69F-4950-41D0-92AC-9856418505E9} [2012.08.15 11:26:15 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{0329A5F2-0924-4450-8B15-195F84023217} [2012.08.14 02:12:58 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{A817A69B-7F66-4786-AD68-B12FF0B96D12} [2012.08.14 02:12:36 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{5E3C4D80-5C39-4255-B24A-E764942C80C2} [2012.08.13 14:12:08 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{F4B60B2D-AFA4-4968-B4D1-4F338FDEFE41} [2012.08.13 14:11:56 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{900DCB0F-292F-42D5-9B5C-32947F0C70A4} [2012.08.13 01:48:00 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{2F50608D-6F45-4FB3-B0CA-76E0282465BB} [2012.08.13 01:47:38 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{6EB87FBE-F63F-42A0-817D-78F38586A242} [2012.08.12 13:47:08 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{8DC3C6F8-BDFF-4814-AAF8-6A612AD8CB97} [2012.08.12 13:46:57 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{ACE6FD89-BDCB-44FA-B66D-74453489269D} [2012.08.12 13:37:31 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{72BD860E-485E-4F58-9985-4F228CE230F3} [2012.08.12 13:37:17 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{94889AB5-B98F-4C0B-BC7A-60C04140BBE9} [2012.08.11 14:19:56 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{31BCFBE9-6209-4818-971D-EA5433D980A7} [2012.08.11 14:19:33 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{02E2B854-C63A-418E-A29B-1AB449B2DCDF} [2012.08.11 02:19:05 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{73730092-5EDA-4A83-B12F-899E91B08D99} [2012.08.11 02:18:43 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{AFB1B819-E550-47C1-8CDD-2D14DC96C08A} [2012.08.10 14:18:13 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{718AF687-284B-41AA-BE57-512D318A7458} [2012.08.10 14:18:01 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{4D9C26A1-F24E-4567-BC64-CE42070CDF0F} [2012.08.09 15:00:03 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{CCFB81BA-3A79-4C89-A844-ECED21BE948A} [2012.08.09 14:59:51 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{142EFDE3-EF79-4F56-9214-A5F9BEC67507} [2012.08.08 23:23:19 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{5112CC24-99F8-4349-BDE9-4F81FC721202} [2012.08.08 23:23:03 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{13F18241-1CAE-489A-9C86-614B2E4D1973} [2012.08.08 14:24:48 | 000,000,000 | ---D | C] -- C:\Users\Emir\Documents\Bully Scholarship Edition [2012.08.08 08:56:16 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{379BA6BD-61BE-44F8-BADF-DBA168CD5D6D} [2012.08.08 08:56:05 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{9F7572AA-B680-434A-98CA-409224184DCD} [2012.08.07 21:39:58 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\NFS Underground 2 [2012.08.07 21:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2012.08.07 17:38:20 | 000,000,000 | ---D | C] -- C:\Users\Emir\Documents\FIFA 2004 [2012.08.07 15:13:16 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{927C8CB5-B996-41D3-A7F4-6A762CD85501} [2012.08.07 15:13:03 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{AB007311-07BA-4EE0-BB1C-9F0F214E887B} [2012.08.07 02:31:39 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{F716D295-086F-4414-93D7-338A89BDE7BD} [2012.08.07 02:31:20 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{C096FAC1-9E3D-4BE6-A029-C22EFA25C594} [2012.08.06 12:05:38 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{139C2A5A-CF29-4422-AAD3-E5CD6EF3148C} [2012.08.06 12:05:26 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{8BF175FF-22B9-4D19-BB63-F1ED846867B2} [2012.08.05 17:40:53 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{2BC9DC8B-B226-4201-B8E3-C4F5939AABC9} [2012.08.05 17:40:38 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{5F45523B-214E-4B80-9A3B-B672CF966E7A} [2012.08.04 15:11:59 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{9BDB6E18-BAF0-4706-AFD6-6E1FE581963A} [2012.08.04 15:11:44 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{14629D48-AFCB-449D-8CD6-467449AD40CD} [2012.08.04 02:06:07 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{D650AF0A-87A9-4F8A-BE94-F2A628122034} [2012.08.04 02:05:45 | 000,000,000 | ---D | C] -- C:\Users\Emir\AppData\Local\{5EBF0491-C287-4045-B58E-B8688A9DE994} [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [3 C:\Users\Emir\Documents\*.tmp files -> C:\Users\Emir\Documents\*.tmp -> ] [2 C:\Users\Emir\AppData\Local\*.tmp files -> C:\Users\Emir\AppData\Local\*.tmp -> ] [13 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [13 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [12 C:\Users\Emir\Desktop\*.tmp files -> C:\Users\Emir\Desktop\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.02 14:45:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.02 14:45:04 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys [2012.09.02 14:42:16 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Emir\Desktop\OTL.exe [2012.08.31 22:29:12 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.08.31 22:25:49 | 000,000,160 | ---- | M] () -- C:\Users\Emir\AppData\Local\Bandwidth.xml [2012.08.31 22:25:02 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2012.08.31 22:24:14 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.31 22:24:08 | 000,000,244 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2012.08.31 15:15:43 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml [2012.08.31 15:15:43 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml [2012.08.31 14:17:54 | 004,040,716 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.08.31 14:17:54 | 001,637,318 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.08.31 14:17:54 | 001,188,312 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.08.31 14:17:54 | 001,055,480 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.08.30 23:08:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-412610040-2672726962-1626522592-1000UA.job [2012.08.30 21:46:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-412610040-2672726962-1626522592-1000UA.job [2012.08.30 21:32:03 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.30 21:32:03 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.30 20:02:06 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012.08.30 20:00:26 | 000,157,184 | ---- | M] () -- C:\Users\Emir\AppData\Roaming\ralcav.dll [2012.08.30 19:20:40 | 000,000,612 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 12.lnk [2012.08.29 18:00:00 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Emir.job [2012.08.29 17:08:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-412610040-2672726962-1626522592-1000Core.job [2012.08.29 12:46:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-412610040-2672726962-1626522592-1000Core.job [2012.08.23 23:39:13 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012.08.22 13:12:09 | 000,002,406 | ---- | M] () -- C:\Users\Emir\Desktop\Google Chrome.lnk [2012.08.21 21:24:58 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.08.21 21:24:57 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.08.21 21:24:57 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.08.21 21:24:57 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.08.21 21:24:57 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.08.21 21:24:57 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.08.15 15:36:01 | 003,914,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.08.09 18:44:17 | 000,004,582 | ---- | M] () -- C:\Users\Emir\.recently-used.xbel [2012.08.06 15:07:27 | 000,000,560 | ---- | M] () -- C:\Users\Emir\Desktop\PhotoScape.lnk [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [3 C:\Users\Emir\Documents\*.tmp files -> C:\Users\Emir\Documents\*.tmp -> ] [2 C:\Users\Emir\AppData\Local\*.tmp files -> C:\Users\Emir\AppData\Local\*.tmp -> ] [13 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [13 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [12 C:\Users\Emir\Desktop\*.tmp files -> C:\Users\Emir\Desktop\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.31 15:15:23 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml [2012.08.31 15:15:23 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml [2012.08.30 20:00:27 | 000,157,184 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\ralcav.dll [2012.08.30 19:20:40 | 000,000,612 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 12.lnk [2012.08.30 19:20:40 | 000,000,612 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 12.lnk [2012.08.23 23:39:13 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012.08.23 23:39:13 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012.08.23 16:30:16 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.08.17 21:56:41 | 000,055,296 | ---- | C] () -- C:\Users\Emir\Desktop\MultiLoaderX_v5.65.exe [2012.08.09 18:44:17 | 000,004,582 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel [2012.07.28 12:12:20 | 000,000,046 | ---- | C] () -- C:\Windows\Speed.INI [2012.07.26 16:39:00 | 000,000,556 | ---- | C] () -- C:\Windows\ODBC.INI [2012.07.26 16:39:00 | 000,000,210 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012.03.28 22:11:08 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.03.28 22:11:06 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.03.28 22:11:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.03.28 22:11:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.03.28 22:11:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.03.04 11:00:09 | 000,065,583 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\Camdata.ini [2012.03.04 11:00:09 | 000,000,408 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\CamShapes.ini [2012.03.04 11:00:09 | 000,000,408 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\CamLayout.ini [2012.03.04 10:58:55 | 000,004,416 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\CamStudio.cfg [2012.03.04 10:58:42 | 000,001,206 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\CamStudio.Producer.ini [2012.03.04 10:58:42 | 000,000,000 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\CamStudio.Producer.Data.ini [2011.11.26 11:40:42 | 000,000,000 | ---- | C] () -- C:\Users\Emir\AppData\Local\{A7143D3C-4A29-4472-ABF1-AB970ACC5E58} [2011.11.16 14:33:22 | 000,000,000 | ---- | C] () -- C:\Users\Emir\AppData\Local\{C38A128B-AD51-4F76-8353-46E37F94D015} [2011.10.16 21:14:40 | 000,209,040 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2011.10.16 21:14:40 | 000,196,752 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2011.10.16 21:14:40 | 000,196,752 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2011.10.16 21:14:40 | 000,192,656 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2011.10.16 21:14:39 | 000,204,944 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2011.10.16 21:14:39 | 000,024,720 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2011.09.28 20:17:21 | 054,518,440 | ---- | C] () -- C:\Users\Emir\In My Head (karaoke instrumental) by Jason Derulo with on screen lyrics.mp4 [2011.09.27 15:03:01 | 000,000,000 | ---- | C] () -- C:\Windows\homeDVD-MovieMaker_dlx_3.INI [2011.09.27 14:56:36 | 000,000,887 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.09.27 14:56:36 | 000,000,136 | ---- | C] () -- C:\Windows\magix.ini [2011.09.27 00:08:28 | 016,697,658 | ---- | C] () -- C:\Users\Emir\Walt Disney Pictures Intro (HD).avi [2011.09.26 17:33:18 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll [2011.09.26 17:33:18 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll [2011.09.26 17:33:18 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll [2011.09.26 17:31:07 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2011.09.26 17:31:07 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2011.09.26 17:27:09 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SysDVDtoAVI.dat [2011.09.26 17:27:05 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll [2011.09.26 17:27:05 | 000,000,400 | ---- | C] () -- C:\Windows\dvdtoaviconverter2.ini [2011.09.26 17:27:04 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011.09.26 17:27:04 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2011.09.26 17:27:04 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011.09.26 17:27:04 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll [2011.09.25 11:41:39 | 000,000,275 | ---- | C] () -- C:\Users\Emir\AppData\Local\HamsterVideoConverterSettings.cfg [2011.07.28 11:20:51 | 000,000,020 | ---- | C] () -- C:\Windows\SIERRA.INI [2011.07.18 19:39:58 | 000,000,012 | ---- | C] () -- C:\ProgramData\ReminderNextRun [2011.07.17 18:53:54 | 000,126,976 | ---- | C] () -- C:\Windows\System32\UAService7.exe [2011.07.13 16:13:35 | 000,000,000 | ---- | C] () -- C:\Users\Emir\AppData\Local\{CAB05D06-D320-4462-A613-D57FA7B1810E} [2011.06.27 18:08:09 | 000,000,160 | ---- | C] () -- C:\Users\Emir\AppData\Local\Bandwidth.xml [2011.06.27 18:06:30 | 000,000,586 | ---- | C] () -- C:\Users\Emir\AppData\Local\menu.new [2011.06.27 18:06:30 | 000,000,586 | ---- | C] () -- C:\Users\Emir\AppData\Local\menu.bfm [2011.06.27 16:33:42 | 000,002,651 | ---- | C] () -- C:\Users\Emir\AppData\Local\KillerWallConfig.xml [2011.06.24 14:26:36 | 000,000,000 | ---- | C] () -- C:\Users\Emir\AppData\Local\{1804F7E0-70E5-428E-8E94-EC9930B6D94B} [2011.06.08 23:36:01 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.06.08 17:47:05 | 000,000,000 | ---- | C] () -- C:\Users\Emir\AppData\Local\{1E86A230-67D6-4AB1-BCB9-C64174A76117} [2011.06.01 11:44:44 | 000,000,000 | ---- | C] () -- C:\Users\Emir\AppData\Local\{258F56E8-D385-4E0F-A466-AEEBCC8816C9} [2011.05.16 13:43:08 | 000,000,000 | ---- | C] () -- C:\Users\Emir\AppData\Local\{A9CBCCF8-4D6C-4069-B456-C143DAAA82EB} [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.02.20 11:09:22 | 000,000,276 | ---- | C] () -- C:\Windows\thug2.ini [2011.02.12 15:59:26 | 000,000,274 | ---- | C] () -- C:\Windows\thug.ini [2011.02.11 18:28:16 | 000,000,735 | ---- | C] () -- C:\Windows\MHPB.ini [2010.11.25 18:48:13 | 000,035,846 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.K4JMMV [2010.11.14 02:39:07 | 000,000,000 | ---- | C] () -- C:\Windows\MusicEditor.INI [2010.10.30 22:01:05 | 002,601,752 | ---- | C] () -- C:\Windows\System32\pbsvc_moh.exe [2010.10.24 10:27:44 | 000,039,891 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.J0C5KV [2010.10.23 11:51:28 | 000,000,000 | ---- | C] () -- C:\Windows\graphedit.INI [2010.10.08 15:22:43 | 050,210,020 | ---- | C] () -- C:\Users\Emir\BMW (Bushido. Fler. Kay One) - Berlins Most Wanted (1. Video).mpg [2010.08.10 18:04:38 | 000,003,938 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.I9NGHV [2010.08.10 18:03:47 | 000,003,311 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.EMDAHV [2010.08.09 18:40:36 | 000,002,076 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.G72FHV [2010.08.07 00:19:08 | 000,016,396 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.URQWGV [2010.08.07 00:18:25 | 000,015,771 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KRRNGV [2010.08.07 00:00:44 | 000,015,771 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SZOKGV [2010.08.05 21:19:46 | 000,014,532 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.4C0LGV [2010.08.05 20:52:32 | 000,014,532 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HE2QGV [2010.08.05 20:52:26 | 000,013,905 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SA5QGV [2010.08.01 02:17:26 | 000,012,657 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.06KLGV [2010.08.01 02:04:59 | 000,011,416 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.EFZ1GV [2010.07.30 00:00:03 | 000,010,136 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KY7LGV [2010.07.29 21:20:34 | 000,009,512 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.973MGV [2010.07.24 22:56:08 | 000,008,892 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.AFN8FV [2010.07.24 14:02:10 | 000,008,281 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0337FV [2010.07.23 10:56:08 | 000,007,670 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZSGAGV [2010.07.23 10:52:10 | 000,007,065 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HVQ1FV [2010.07.23 10:46:48 | 000,006,438 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.X2HEGV [2010.07.23 10:36:12 | 000,005,810 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MA6FGV [2010.07.22 21:22:28 | 000,004,571 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BMTEGV [2010.07.22 21:21:22 | 000,003,950 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9PZCGV [2010.07.22 17:08:10 | 000,002,714 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.TA4DGV [2010.07.22 16:42:41 | 000,002,091 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2PNFGV [2010.07.22 11:09:35 | 000,001,467 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DV7CGV [2010.07.22 11:05:12 | 000,001,467 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.S56BGV [2010.07.22 10:48:32 | 000,000,846 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8SQ6FV [2010.07.19 21:26:20 | 000,000,839 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MZO4FV [2010.07.19 21:21:25 | 000,000,652 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\burnaware.ini [2010.07.19 16:30:13 | 000,004,561 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.EJA4FV [2010.07.19 16:28:58 | 000,004,561 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.LD3XFV [2010.07.19 16:27:43 | 000,003,927 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SYXIGV [2010.07.19 16:06:30 | 000,002,737 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.RPC4FV [2010.07.19 15:58:29 | 000,002,109 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KCS1FV [2010.07.19 15:46:55 | 000,000,840 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.5PV5FV [2010.07.19 13:30:54 | 000,002,684 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DNEYFV [2010.07.17 11:34:37 | 000,005,193 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.LRPBGV [2010.07.17 11:34:12 | 000,005,193 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.QHZCGV [2010.07.17 11:12:48 | 000,004,581 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.EC7AGV [2010.07.17 11:12:14 | 000,004,581 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BKL1FV [2010.07.14 21:28:03 | 000,002,149 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WGMTFV [2010.07.07 14:41:07 | 000,000,879 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0T5WFV [2010.07.05 14:19:23 | 000,001,503 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8CLBFV [2010.06.27 08:30:54 | 000,001,481 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.11K5EV [2010.06.27 08:30:45 | 000,000,850 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2N21EV [2010.06.25 17:33:41 | 000,002,065 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WCY0EV [2010.06.25 17:32:02 | 000,002,065 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.XEHPEV [2010.06.20 09:55:12 | 000,000,839 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.P1VEEV [2010.06.19 19:07:59 | 000,002,071 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.27XNEV [2010.06.19 18:58:06 | 000,002,071 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.3R22DV [2010.06.19 18:57:53 | 000,002,071 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.5PIJEV [2010.06.19 18:26:05 | 000,001,446 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.CUQJEV [2010.06.14 21:16:35 | 000,005,201 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.PE05DV [2010.06.14 21:09:12 | 000,004,594 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BDLLEV [2010.06.14 20:22:24 | 000,003,963 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.PDCOEV [2010.06.14 19:55:52 | 000,002,709 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.S5JCEV [2010.06.14 19:42:15 | 000,002,105 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.6N9NEV [2010.06.14 19:42:08 | 000,001,474 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FDBMEV [2010.06.12 17:47:54 | 000,008,872 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ELH5DV [2010.06.09 20:16:39 | 000,008,232 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9JJPDV [2010.06.07 15:41:15 | 000,005,750 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.LRAWDV [2010.06.07 15:27:57 | 000,005,133 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WOGVDV [2010.06.07 15:20:58 | 000,004,516 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.AAUTDV [2010.06.07 15:18:01 | 000,004,516 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SJBQDV [2010.06.07 15:13:00 | 000,003,899 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.UCTHDV [2010.06.07 15:10:24 | 000,003,906 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.H6XRDV [2010.06.06 09:58:29 | 000,002,678 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.VIUPDV [2010.06.03 20:00:32 | 000,002,059 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.OWJXDV [2010.06.03 19:50:43 | 000,000,839 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.NCXUDV [2010.06.02 22:43:47 | 000,001,448 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HMB1DV [2010.06.02 22:42:17 | 000,001,448 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.R1ZXDV [2010.06.01 21:39:03 | 000,000,837 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.R1PMDV [2010.05.31 22:59:59 | 000,003,911 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BBLKDV [2010.05.31 22:43:09 | 000,003,300 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.3M1ZDV [2010.05.31 22:12:17 | 000,002,689 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.6FPIDV [2010.05.30 14:56:51 | 000,000,849 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DEMLDV [2010.05.30 14:56:09 | 000,002,077 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.OS4IDV [2010.05.30 14:44:13 | 000,000,841 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.VYBYDV [2010.05.24 17:18:01 | 000,008,783 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.C8BFDV [2010.05.24 17:14:44 | 000,008,790 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.7HR0CV [2010.05.24 10:39:30 | 000,008,180 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.QOX3CV [2010.05.24 10:35:34 | 000,007,563 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MG8YCV [2010.05.24 10:34:19 | 000,007,570 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.T7CXCV [2010.05.24 10:29:07 | 000,006,960 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.D9C6CV [2010.05.21 19:17:19 | 000,006,350 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.IHJVCV [2010.05.21 17:16:58 | 000,005,740 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.RDEWCV [2010.05.21 17:14:13 | 000,005,130 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0PH5CV [2010.05.21 17:09:51 | 000,004,520 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.5M0UCV [2010.05.21 17:06:23 | 000,003,910 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ECJ4CV [2010.05.20 15:14:46 | 000,002,697 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HBN9CV [2010.05.20 15:13:34 | 000,002,697 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.JI98CV [2010.05.20 15:13:23 | 000,002,074 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.6X4SCV [2010.05.19 18:20:32 | 000,001,458 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FPCTCV [2010.05.17 21:06:08 | 000,000,842 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.Q4D3CV [2010.05.12 19:45:58 | 000,006,383 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.S6HRCV [2010.05.12 19:41:46 | 000,006,383 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZGZFCV [2010.05.05 16:32:04 | 000,001,090 | ---- | C] () -- C:\Users\Emir\AppData\Local\F1C3C386.il [2010.05.05 16:32:04 | 000,000,280 | ---- | C] () -- C:\Users\Emir\AppData\Local\IndexIE_F1C3C386.il [2010.05.04 16:29:28 | 000,000,092 | ---- | C] () -- C:\Users\Emir\AppData\Local\fusioncache.dat [2010.04.28 20:17:59 | 000,002,036 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.Q76JBV [2010.04.28 19:48:20 | 000,000,824 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MY63BV [2010.04.28 16:56:30 | 000,004,524 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HWPSBV [2010.04.28 16:54:16 | 000,004,524 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.TEJZBV [2010.04.26 16:14:25 | 000,003,910 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FFMPBV [2010.04.26 16:12:40 | 000,003,296 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.I4RQBV [2010.04.26 16:08:03 | 000,002,682 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ESFSBV [2010.04.26 15:57:09 | 000,002,068 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZK85BV [2010.04.26 15:51:36 | 000,000,840 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.3L9TBV [2010.04.25 17:41:27 | 000,006,345 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8EGNBV [2010.04.25 17:41:04 | 000,006,345 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.22P2BV [2010.04.25 17:34:04 | 000,006,359 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KS55BV [2010.04.25 17:33:25 | 000,006,359 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WK6LBV [2010.04.25 17:33:13 | 000,005,740 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.IY7OBV [2010.04.25 08:27:43 | 000,005,128 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.915MBV [2010.04.25 08:17:32 | 000,004,516 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0N63BV [2010.04.25 08:13:39 | 000,003,904 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.3Q7NBV [2010.04.25 08:11:25 | 000,003,285 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.RN3UBV [2010.04.25 08:10:07 | 000,003,292 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.3IVXBV [2010.04.25 08:10:01 | 000,003,292 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.IJFLBV [2010.04.25 08:07:22 | 000,002,680 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.QTSMBV [2010.04.24 09:15:26 | 000,002,068 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FSXNBV [2010.04.24 09:15:21 | 000,002,068 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.T7S3BV [2010.04.24 09:12:16 | 000,001,454 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.JIWMBV [2010.04.24 09:10:40 | 000,000,840 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.PA4PBV [2010.04.24 09:09:14 | 000,006,981 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.UOQWBV [2010.04.24 09:08:36 | 000,006,981 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ERGTBV [2010.04.23 22:22:28 | 000,006,381 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.UKRZBV [2010.04.23 22:22:22 | 000,005,760 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.6B44BV [2010.04.23 22:22:17 | 000,005,139 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.TJPSBV [2010.04.22 14:37:53 | 000,004,539 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BFWXBV [2010.04.22 14:36:36 | 000,004,539 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.O9VZBV [2010.04.22 14:36:32 | 000,003,919 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0NTRBV [2010.04.22 14:36:25 | 000,003,299 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KGW4BV [2010.04.19 20:16:56 | 000,001,463 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KJN8AV [2010.04.19 20:15:00 | 000,001,463 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.GS94AV [2010.04.19 20:14:56 | 000,000,841 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SRNGBV [2010.04.17 09:50:39 | 000,009,460 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.A6PCBV [2010.04.17 09:49:53 | 000,008,841 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2Y5ABV [2010.04.17 09:37:38 | 000,008,213 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HB7ZAV [2010.04.17 09:36:21 | 000,008,213 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KG3IBV [2010.04.17 09:36:15 | 000,007,591 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0HUHBV [2010.04.17 09:36:07 | 000,006,969 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2HSDBV [2010.04.15 14:26:36 | 000,006,354 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.09NXAV [2010.04.13 18:02:12 | 000,005,106 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.UFYDBV [2010.04.11 19:17:59 | 000,004,493 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.PBYABV [2010.04.08 15:26:14 | 000,003,887 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.1RFWAV [2010.04.08 14:50:55 | 000,003,271 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.II6KAV [2010.04.08 14:49:45 | 000,003,271 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.IJXWAV [2010.04.07 16:34:38 | 000,002,655 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DOUIAV [2010.04.07 16:34:29 | 000,002,655 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FTKOAV [2010.04.07 16:28:39 | 000,002,683 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9L0SAV [2010.04.07 16:28:32 | 000,002,067 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.22YCAV [2010.04.07 16:28:26 | 000,001,451 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0YHNAV [2010.04.07 16:28:21 | 000,000,835 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8WHJAV [2010.04.01 16:56:21 | 000,010,682 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SU8DAV [2010.04.01 16:55:35 | 000,010,682 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HUPOAV [2010.04.01 16:51:33 | 000,010,060 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DF4DAV [2010.04.01 16:50:17 | 000,010,060 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KVUIAV [2010.04.01 16:39:59 | 000,009,438 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.PT9TAV [2010.04.01 16:36:03 | 000,009,445 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.11YVAV [2010.03.29 22:35:43 | 000,008,210 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.QW2DAV [2010.03.29 03:02:07 | 000,008,217 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.1M9S9U [2010.03.29 02:45:14 | 000,007,604 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YMV99U [2010.03.29 02:38:49 | 000,007,604 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SUT29U [2010.03.26 20:39:39 | 000,007,005 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.III29U [2010.03.26 20:39:33 | 000,006,383 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.71Y29U [2010.03.26 20:39:27 | 000,005,761 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.GD0U9U [2010.03.26 11:14:02 | 000,004,553 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.QG459U [2010.03.26 11:08:49 | 000,003,908 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.I84X9U [2010.03.26 10:54:47 | 000,003,281 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.IHH19U [2010.03.26 10:54:30 | 000,002,063 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9IAW9U [2010.03.22 21:22:45 | 000,001,454 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.Y5NX9U [2010.03.22 17:55:46 | 000,000,840 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.NXSO9U [2010.03.22 17:51:51 | 000,002,675 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DHCAAV [2010.03.22 17:50:26 | 000,002,675 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.7FFR9U [2010.03.22 17:40:38 | 000,002,703 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.CG299U [2010.03.22 17:40:28 | 000,002,082 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.P4W89U [2010.03.22 17:40:19 | 000,001,461 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.EJMU9U [2010.03.22 17:40:11 | 000,000,840 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.86O99U [2010.03.21 17:18:32 | 000,012,585 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZGP59U [2010.03.21 17:17:46 | 000,012,585 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HL3S9U [2010.03.21 16:59:41 | 000,011,362 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SUF69U [2010.03.19 22:24:08 | 000,010,762 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BVER9U [2010.03.19 22:21:55 | 000,010,118 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.E2WS9U [2010.03.19 21:47:52 | 000,009,494 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.X0869U [2010.03.19 10:36:49 | 000,008,873 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.GBIP9U [2010.03.19 10:35:41 | 000,008,873 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FZSY9U [2010.03.19 10:25:57 | 000,008,260 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SAN89U [2010.03.19 10:25:45 | 000,008,260 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.IIP89U [2010.03.19 10:25:38 | 000,007,638 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9Y8X9U [2010.03.18 11:37:24 | 000,005,773 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.O21T9U [2010.03.18 11:35:25 | 000,005,164 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WTYU9U [2010.03.14 11:03:42 | 000,002,709 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WVF38U [2010.03.14 09:29:43 | 000,002,079 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.PB328U [2010.03.14 09:29:20 | 000,002,079 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YJT78U [2010.03.08 21:13:13 | 000,006,516 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.92NM9U [2010.03.05 20:13:07 | 000,001,498 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.CVCC9U [2010.03.05 15:05:22 | 000,000,862 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.GIC78U [2010.03.05 15:04:00 | 000,000,862 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.QCKA9U [2010.03.05 13:04:16 | 000,003,375 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.GUE38U [2010.03.05 12:47:03 | 000,002,148 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.N9Q78U [2010.03.05 12:34:46 | 000,001,505 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KIQB9U [2010.03.05 12:25:27 | 000,000,862 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.15SL9U [2010.03.05 12:09:37 | 000,006,517 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.APFE9U [2010.03.05 12:09:14 | 000,005,259 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8SU68U [2010.03.05 12:09:05 | 000,004,616 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.GJVC9U [2010.03.05 12:08:58 | 000,003,973 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BGL28U [2010.03.04 20:54:52 | 000,003,337 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.GHIA9U [2010.03.04 20:43:12 | 000,002,701 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.I80I8U [2010.03.03 20:42:29 | 000,002,079 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FR3S8U [2010.03.03 20:42:22 | 000,001,459 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DVAQ8U [2010.03.03 20:42:09 | 000,000,839 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.595W8U [2010.03.02 21:01:56 | 000,002,074 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.R1WM8U [2010.03.02 20:06:20 | 000,001,450 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.VFLW8U [2010.03.02 19:53:10 | 000,000,838 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WUVS8U [2010.02.28 12:18:48 | 000,007,547 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZWN18U [2010.02.28 11:58:51 | 000,007,575 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0Q5X8U [2010.02.28 11:57:13 | 000,007,575 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.TKFP8U [2010.02.28 11:57:06 | 000,006,956 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.338Y8U [2010.02.28 11:56:58 | 000,006,337 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.1DTT8U [2010.02.28 11:56:52 | 000,005,718 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.E66P8U [2010.02.25 18:03:54 | 000,005,106 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8FRV8U [2010.02.23 21:24:19 | 000,004,494 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.R1LP8U [2010.02.23 21:23:46 | 000,004,494 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.QLMG8U [2010.02.23 21:21:45 | 000,004,494 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DCNI8U [2010.02.23 20:42:19 | 000,003,892 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.14RI8U [2010.02.22 20:51:22 | 000,002,041 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.RW608U [2010.02.22 20:50:16 | 000,000,831 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.EQ8Y8U [2010.02.22 20:19:06 | 000,010,701 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.320Y8U [2010.02.21 20:07:57 | 000,009,477 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BAVK8U [2010.02.21 14:23:55 | 000,008,251 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.40PL8U [2010.02.21 14:14:03 | 000,007,618 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.5XEQ8U [2010.02.21 14:13:09 | 000,007,618 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.D9PR8U [2010.02.21 14:01:19 | 000,006,994 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9D2K8U [2010.02.21 13:39:49 | 000,006,379 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YOZS8U [2010.02.21 13:03:32 | 000,005,764 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.37IH8U [2010.02.19 21:48:22 | 000,005,152 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZYN27U [2010.02.19 10:28:54 | 000,003,310 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.N6EU7U [2010.02.19 10:13:39 | 000,002,723 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.7JB87U [2010.02.19 10:06:00 | 000,002,092 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.1LV67U [2010.02.19 09:57:54 | 000,001,463 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.K1YB8U [2010.02.19 09:57:47 | 000,000,841 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.35367U [2010.02.18 20:33:31 | 000,020,077 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DK5Y7U [2010.02.18 19:56:22 | 000,019,453 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FG087U [2010.02.17 19:43:55 | 000,017,610 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.3BEC8U [2010.02.17 19:14:59 | 000,016,927 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2UJ27U [2010.02.15 18:43:44 | 000,016,294 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.JA5W7U [2010.02.14 21:18:09 | 000,015,661 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.U23B8U [2010.02.14 20:01:27 | 000,015,052 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZRWT7U [2010.02.14 19:52:45 | 000,014,412 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KDE47U [2010.02.14 19:51:09 | 000,014,412 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FCG17U [2010.02.14 14:06:03 | 000,013,157 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.338U7U [2010.02.14 13:34:58 | 000,011,911 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.O46V7U [2010.02.13 13:22:00 | 000,010,666 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BTJ07U [2010.02.10 21:37:13 | 000,009,423 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MHF67U [2010.02.10 20:53:12 | 000,008,810 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.4AU17U [2010.02.10 20:40:19 | 000,008,197 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YFVE8U [2010.02.04 21:01:13 | 000,005,125 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.58XB7U [2010.02.04 18:59:58 | 000,003,301 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MUMF7U [2010.02.04 18:26:11 | 000,002,087 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.IZ3N7U [2010.02.04 18:26:05 | 000,001,465 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZC7C7U [2010.01.31 21:20:56 | 000,013,777 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.H99F7U [2010.01.31 21:17:45 | 000,013,150 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.OF6P7U [2010.01.31 21:09:34 | 000,012,519 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WFTR7U [2010.01.31 21:08:04 | 000,012,519 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KCJA7U [2010.01.31 13:43:02 | 000,011,902 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.75KH7U [2010.01.31 13:42:18 | 000,011,902 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YX6M7U [2010.01.31 13:37:00 | 000,011,290 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.7NJJ7U [2010.01.31 13:36:18 | 000,010,658 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.VS696U [2010.01.31 13:15:51 | 000,010,052 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.RC5S7U [2010.01.31 13:08:49 | 000,008,833 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.L0MD7U [2010.01.31 13:08:43 | 000,008,197 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SZ8A7U [2010.01.30 21:07:06 | 000,007,566 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.CGKH7U [2010.01.30 20:55:39 | 000,006,353 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZJTR7U [2010.01.30 20:48:13 | 000,005,732 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZH5K7U [2010.01.29 21:34:13 | 000,004,533 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZY5D7U [2010.01.29 21:32:54 | 000,003,906 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YOUJ7U [2010.01.29 21:25:36 | 000,003,284 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.P2Y86U [2010.01.29 19:50:24 | 000,001,436 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9QZH7U [2010.01.28 18:32:14 | 000,012,490 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DDZI7U [2010.01.27 21:34:53 | 000,011,260 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.PXNC7U [2010.01.24 15:04:07 | 000,007,574 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HMSX6U [2010.01.24 14:49:26 | 000,006,962 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YS146U [2010.01.23 18:17:02 | 000,005,755 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MZUN6U [2010.01.23 17:59:00 | 000,005,102 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8SIK6U [2010.01.23 17:41:02 | 000,004,497 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KXRT6U [2010.01.22 18:30:16 | 000,003,285 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.JP4Z6U [2010.01.22 17:55:21 | 000,001,456 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9FJ36U [2010.01.19 18:39:15 | 000,007,589 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.V0AM6U [2010.01.18 21:44:27 | 000,006,984 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.T9H56U [2010.01.17 20:26:09 | 000,005,779 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YYN16U [2010.01.17 20:25:33 | 000,005,153 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2QKX6U [2010.01.17 19:44:34 | 000,002,691 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.QCM56U [2010.01.17 19:42:40 | 000,002,059 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KACZ6U [2010.01.17 19:19:48 | 000,001,436 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.CE336U [2010.01.16 18:23:29 | 000,002,701 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2KTW6U [2010.01.16 18:00:31 | 000,002,046 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BNF36U [2010.01.16 17:57:44 | 000,001,434 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.5LL16U [2010.01.14 20:30:20 | 000,006,295 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9XOH6U [2010.01.14 19:50:49 | 000,005,077 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9MWB6U [2010.01.14 19:50:44 | 000,005,077 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.YG895U [2010.01.11 20:37:35 | 000,002,661 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.LSW65U [2010.01.08 19:28:04 | 000,000,830 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.VSG75U [2010.01.06 20:15:36 | 000,008,813 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.H1D05U [2010.01.06 20:08:36 | 000,008,197 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KWV25U [2010.01.06 20:08:26 | 000,007,568 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.LHHZ5U [2010.01.06 20:05:04 | 000,006,925 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.LKI05U [2010.01.06 20:01:09 | 000,005,696 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.XIKJ6U [2010.01.06 20:00:18 | 000,005,059 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.TDO35U [2010.01.06 19:33:29 | 000,003,844 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.23345U [2009.12.26 16:00:56 | 000,000,018 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\sys386g1.dat [2009.12.26 15:38:16 | 000,000,010 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\axprot3 [2009.12.26 15:03:30 | 000,002,635 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8U2C5U [2009.12.25 16:51:24 | 000,001,443 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.SNIG5U [2009.12.25 16:47:02 | 000,000,831 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.UKPJ5U [2009.12.24 14:29:10 | 000,002,650 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.TRMM5U [2009.12.24 14:16:51 | 000,001,448 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FJUE5U [2009.12.24 13:58:54 | 000,000,831 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FFTW5U [2009.12.23 14:48:25 | 000,000,853 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0VZC5U [2009.12.22 19:13:32 | 000,013,651 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.PT5D5U [2009.12.22 18:57:29 | 000,013,041 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9V5B5U [2009.12.22 18:57:09 | 000,012,430 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.D2PF5U [2009.12.22 18:47:57 | 000,011,773 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.S8ND5U [2009.12.22 18:42:45 | 000,011,165 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9XAO5U [2009.12.22 18:34:49 | 000,011,165 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.V2AT5U [2009.12.22 18:34:17 | 000,010,559 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0SFM5U [2009.12.22 18:15:56 | 000,008,741 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.AD2I5U [2009.12.22 18:15:32 | 000,008,741 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.W53U5U [2009.12.21 15:17:21 | 000,006,144 | ---- | C] () -- C:\Users\Emir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.12.21 12:29:35 | 000,006,920 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MCRZ4U [2009.12.21 12:28:48 | 000,006,920 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.D8D84U [2009.12.21 12:22:09 | 000,005,714 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.EQYU4U [2009.12.21 12:21:22 | 000,005,714 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8IPZ4U [2009.12.21 12:02:18 | 000,004,488 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.RB384U [2009.12.21 12:01:23 | 000,004,488 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.LBBX4U [2009.12.21 11:53:46 | 000,003,905 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.E76X4U [2009.12.21 11:52:52 | 000,003,905 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WDT94U [2009.12.21 11:45:22 | 000,003,262 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.33814U [2009.12.21 11:45:14 | 000,002,650 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.5ZVW4U [2009.12.21 11:15:35 | 000,001,440 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.JHIQ4U [2009.12.20 17:06:36 | 000,006,927 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.XRA44U [2009.12.20 17:06:27 | 000,006,315 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.Q85P4U [2009.12.20 16:50:54 | 000,005,105 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.N97V4U [2009.12.20 16:37:27 | 000,003,261 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BN8X4U [2009.12.20 15:55:00 | 000,002,656 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.03YA5U [2009.12.17 17:26:06 | 000,001,453 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZEB94U [2009.12.17 17:13:18 | 000,000,831 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.5LW14U [2009.12.17 17:06:34 | 000,009,962 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.I7RU4U [2009.12.17 16:51:14 | 000,009,350 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KFYP4U [2009.12.17 16:50:59 | 000,009,350 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.FFI74U [2009.12.16 21:27:09 | 000,008,138 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.WHSZ4U [2009.12.16 21:14:20 | 000,007,526 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZR2U4U [2009.12.16 20:42:02 | 000,007,526 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DFL94U [2009.12.15 17:01:05 | 000,006,341 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.U2D94U [2009.12.15 17:00:56 | 000,005,729 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.0MW04U [2009.12.15 17:00:40 | 000,005,094 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.24E24U [2009.12.15 16:51:11 | 000,004,483 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.5WUW4U [2009.12.15 16:41:41 | 000,003,857 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.DUWZ4U [2009.12.15 16:37:49 | 000,003,252 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.XZAQ4U [2009.12.13 19:44:01 | 000,002,647 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.B5J44U [2009.12.13 19:21:42 | 000,000,831 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.BNAY4U [2009.12.12 15:35:29 | 000,002,642 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.1IRW4U [2009.12.12 14:14:18 | 000,002,055 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.9TIV4U [2009.12.12 13:37:36 | 000,001,443 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ERT14U [2009.12.12 13:37:29 | 000,000,831 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8XGW4U [2009.12.12 13:30:18 | 000,001,420 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.C1Z94U [2009.12.08 16:39:47 | 000,000,829 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MQFE4U [2009.12.08 16:39:09 | 000,000,823 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KSD23U [2009.12.07 21:49:11 | 000,004,545 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.8H0D4U [2009.12.07 21:36:02 | 000,003,969 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.JDJ23U [2009.12.07 21:32:34 | 000,003,357 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.ZMVH4U [2009.12.07 21:32:06 | 000,002,700 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.HBAF4U [2009.12.07 11:08:50 | 000,000,826 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.372B4U [2009.12.06 12:04:13 | 000,006,993 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2PS63U [2009.12.06 11:59:22 | 000,006,403 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.1GKG4U [2009.12.06 11:48:03 | 000,005,168 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.M06L4U [2009.12.06 11:43:17 | 000,004,577 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.KLAO4U [2009.12.06 11:43:04 | 000,003,929 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.AZL23U [2009.12.06 11:33:34 | 000,003,305 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.XA1K4U [2009.12.05 14:14:09 | 000,002,114 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.2EZF4U [2009.12.05 14:10:25 | 000,001,502 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.MO3E4U [2009.12.05 14:04:18 | 000,000,831 | ---- | C] () -- C:\Users\Emir\.recently-used.xbel.RLZK4U [2009.12.03 16:34:17 | 000,138,056 | ---- | C] () -- C:\Users\Emir\AppData\Roaming\PnkBstrK.sys < End of report > |
|
03.09.2012, 13:04
| #2 |
| /// Selecta Jahrusso   | Polizeivirus österreich Mein Name ist Daniel und ich werde dir mit deinem Malware Relevanten Problemen helfen. Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Code:
ATTFilter :otl
O4 - HKLM..\Run: [XSECVA] C:\Users\Emir\AppData\Roaming\xsecva
:commands
[reboot]
Sag mir mal, ob der Normalmodus wieder läuft.
__________________ |
|
09.09.2012, 15:26
| #3 |
| /// Selecta Jahrusso | Polizeivirus österreich Fehlende Rückmeldung
__________________Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ |
|
| Themen zu Polizeivirus österreich |
| bandoo, bho, bildschirmsperre, bingbar, bluestacks, browser, cdburnerxp, computer, converter, desktop, document, error, eset smart security, explorer, firefox, firewall, format, google earth, homepage, installation, intranet, logfile, mp3, nvidia, plug-in, polizeivirus österreich, programme, registry, rundll, scan, searchcore, security, senden, stick, temp, windows |
Textbox.
Linear-Darstellung
