aliahmad123 | 03.05.2013 11:43 | OTL Logfile: Code:
OTL logfile created on: 03.05.2013 12:31:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\doniaali\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 47,54% Memory free
6,00 Gb Paging File | 3,75 Gb Available in Paging File | 62,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 683,54 Gb Total Space | 612,62 Gb Free Space | 89,62% Space Free | Partition Type: NTFS
Computer Name: PHONIEX2012-PC | User Name: doniaali | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\doniaali\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Iminent\Iminent.exe (Iminent)
PRC - C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent)
PRC - C:\Program Files\Common Files\Umbrella\umbrella.exe (Iminent)
PRC - C:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
PRC - C:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.)
PRC - C:\Windows\System32\dmwu.exe ()
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Java\jre7\bin\javaw.exe (Oracle Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe ()
PRC - C:\Program Files\spotflux\.\spotflux.exe ()
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe (Uniblue Systems Ltd)
PRC - C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files\Wajam\Updater\WajamUpdater.exe (Wajam)
PRC - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
MOD - C:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
MOD - c:\progra~1\search~2\datamngr\mgrldr.dll ()
MOD - C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
MOD - C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll ()
MOD - C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll ()
MOD - C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\32ecd6bef90d6da4b2b33850c3ce99e1\System.Configuration.Install.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\806c4ba7d696ab586ffd774a31f1a66b\System.Windows.Forms.ni.dll ()
MOD - C:\Program Files\spotflux\.\spotflux.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\8e092d89921648308ac103bb08bfd370\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e464dc608a88955a0edccba917d207de\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\8bf20667f0b0d4873ee748435427ca85\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d340a103e8f063a3771cbeaaec58d157\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d340a103e8f063a3771cbeaaec58d157\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\9253eb314ef2f5adada0d5fdf1d4a839\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\22c60ca3c2b18e041ebff2578c90cba3\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\48ee0e1de873152ec7e85d7456c1cc09\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cbb7db665b3ba25a931258eb702527f5\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\8167f7d08668a5859e76aa9a1124a42f\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f28a346ae10e2eec581608f591cf7116\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8983c040161b34c64474f195bff5e2de\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b83993cc955262507c8ead67567c8060\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\5dbabea688adfc665e3453561736699a\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll ()
MOD - C:\Users\doniaali\AppData\Roaming\MegaCloud\MegaCloudShellExt.dll ()
MOD - C:\Program Files\Uniblue\SpeedUpMyPC\locale\de\de.dll ()
MOD - C:\Program Files\Uniblue\SpeedUpMyPC\InstallerExtensions.dll ()
MOD - C:\Program Files\Uniblue\SpeedUpMyPC\cwebpage.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
========== Services (SafeList) ==========
SRV - (BrowserProtect) -- File not found
SRV - (SProtection) -- C:\Program Files\Common Files\Umbrella\umbrella.exe (Iminent)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (DatamngrCoordinator) -- C:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.)
SRV - (IBUpdaterService) -- C:\Windows\System32\dmwu.exe ()
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SolutoLauncherService) -- C:\Program Files\Soluto\SolutoLauncherService.exe (Soluto)
SRV - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)
SRV - (SolutoRemoteService) -- C:\Program Files\Soluto\SolutoRemoteService.exe (Soluto)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (SearchAnonymizer) -- C:\Users\doniaali\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (WajamUpdater) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe (Wajam)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe (Symantec Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ==========
DRV - (cpuz136) -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130412.001\BHDrvx86.sys (Symantec Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (Soluto) -- C:\Windows\System32\drivers\Soluto.sys (Soluto LTD.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130502.021\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130502.021\NAVENG.SYS (Symantec Corporation)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130502.001\IDSvix86.sys (Symantec Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (SymNetS) -- C:\Windows\System32\drivers\NIS\1207020.003\symnets.sys (Symantec Corporation)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\NIS\1207020.003\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\NIS\1207020.003\srtspx.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\System32\drivers\NIS\1207020.003\symefa.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\System32\drivers\NIS\1207020.003\symds.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\System32\drivers\NIS\1207020.003\ironx86.sys (Symantec Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
IE - HKLM\..\URLSearchHook: {77f8c945-4b74-4bd6-a073-e0d1997edce8} - C:\Program Files\midicair\prxtbmid2.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_uid=0200715572144805&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtD0F0FtD0AtC0Bzy0EtB0C0CtB0A0BtN0D0Tzu0CyEzzyBtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=144183255&ir=
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2795622
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = hxxp://websearch.good-results.info/?l=1&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10031&barid={BD70E208-D114-4C4A-85CC-AB437D59E4A6}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Delta Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=e6308829-be2f-4f46-a847-c9d78591d9e9&searchtype=ds&q={searchTerms}&installDate=25/02/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=e6308829-be2f-4f46-a847-c9d78591d9e9&searchtype=ds&q={searchTerms}&installDate=25/02/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Delta Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 51 A3 BC 40 D9 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=e6308829-be2f-4f46-a847-c9d78591d9e9&searchtype=ds&q={searchTerms}&installDate=25/02/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=e6308829-be2f-4f46-a847-c9d78591d9e9&searchtype=ds&q={searchTerms}&installDate=25/02/2013
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=e6308829-be2f-4f46-a847-c9d78591d9e9&searchtype=ds&q={searchTerms}&installDate=25/02/2013
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www2.delta-search.com/?q={searchTerms}&affID=120519&babsrc=SP_ss&mntrId=ACFD00FF0A1B9E2C
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_uid=0200715572144805&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com Search"
FF - prefs.js..browser.search.defaultenginename: "Mysearchdial"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: "midicair Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795622&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Mysearchdial"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "Mysearchdial"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406?appid=484"
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0
FF - prefs.js..extensions.enabledAddons: %7B377e5d4d-77e5-476a-8716-7e70a9272da0%7D:1.2.0.0
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6
FF - prefs.js..extensions.enabledAddons: %7B77f8c945-4b74-4bd6-a073-e0d1997edce8%7D:3.18.0.7
FF - prefs.js..extensions.enabledAddons: %7Be6308829-be2f-4f46-a847-c9d78591d9e9%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7BEB9394A3-4AD6-4918-9537-31A1FD8E8EDF%7D:2.0
FF - prefs.js..extensions.enabledAddons: lyricsmonkey%40mendoni.net:1.111
FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:5.0.0.6767
FF - prefs.js..extensions.enabledAddons: %7B0153E448-190B-4987-BDE1-F256CADA672F%7D:15.0.6
FF - prefs.js..extensions.enabledAddons: fiddlerhook%40fiddler2.com:2.4.3.7
FF - prefs.js..extensions.enabledAddons: webbooster%40iminent.com:6.16.4.4
FF - prefs.js..extensions.enabledAddons: crossriderapp2258%40crossrider.com:0.91.139
FF - prefs.js..extensions.enabledAddons: %7Bad9a41d2-9a49-4fa6-a79e-71a0785364c8%7D:7.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40mysearchdial.com:1.6.0
FF - prefs.js..extensions.enabledAddons: toolbar%40ask.com:3.15.15.100013
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%204
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795622&SearchSource=2&CUI=SB_CUI&UM=UM_ID&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\doniaali\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\doniaali\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\doniaali\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012.10.17 23:03:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2 [2013.05.03 10:22:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.01.10 20:49:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.09 17:22:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.09 17:22:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\51026cd8674e0@51026cd867519.com: C:\Users\doniaali\AppData\Roaming\Mozilla\Firefox\Profiles\kcuhzizm.default\extensions\51026cd8674e0@51026cd867519.com [2013.01.25 13:06:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\rzfk93hww@ayifooa-zpcm.co.uk: C:\Users\doniaali\AppData\Roaming\Mozilla\Firefox\Profiles\kcuhzizm.default\extensions\rzfk93hww@ayifooa-zpcm.co.uk [2013.03.26 23:20:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\hbfx-aua@iyyiwsiyie.com: C:\Users\doniaali\AppData\Roaming\Mozilla\Firefox\Profiles\kcuhzizm.default\extensions\hbfx-aua@iyyiwsiyie.com [2013.03.27 18:39:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fiddlerhook@fiddler2.com: C:\Program Files\Fiddler2\FiddlerHook [2013.04.13 12:44:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com [2013.05.01 12:06:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.20 14:14:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lyricsmonkey@mendoni.net: C:\Program Files\LyricsMonkey\FF\ [2013.04.28 11:36:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.20 14:14:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013.04.21 11:52:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\doniaali\AppData\Roaming\mozilla\Extensions
[2013.05.01 17:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions
[2013.04.21 11:52:46 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
[2013.03.27 19:41:23 | 000,000,000 | ---D | M] (midicair Community Toolbar) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\{77f8c945-4b74-4bd6-a073-e0d1997edce8}
[2012.07.27 09:59:38 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2013.05.01 17:14:04 | 000,000,000 | ---D | M] (MySearchDial) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2013.04.12 14:49:59 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\{e6308829-be2f-4f46-a847-c9d78591d9e9}
[2013.02.25 19:11:10 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2013.01.25 13:06:35 | 000,000,000 | ---D | M] (Browse2save) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\51026cd8674e0@51026cd867519.com
[2013.05.01 17:14:09 | 000,000,000 | ---D | M] ("I Want This") -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\crossriderapp2258@crossrider.com
[2013.02.25 19:10:53 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\ffxtlbr@delta.com
[2013.05.01 17:14:06 | 000,000,000 | ---D | M] (mysearchdial.com) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\ffxtlbr@mysearchdial.com
[2013.03.27 18:39:06 | 000,000,000 | ---D | M] (Boroowsee2save) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\hbfx-aua@iyyiwsiyie.com
[2013.03.26 23:20:48 | 000,000,000 | ---D | M] (BirowwsyE2savee) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\rzfk93hww@ayifooa-zpcm.co.uk
[2013.04.03 14:42:36 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\toolbar@ask.com
[2013.05.01 17:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\doniaali\AppData\Roaming\mozilla\Firefox\Profiles\kcuhzizm.default\extensions\crossriderapp2258@crossrider.com\chrome\content\extensionCode
[2013.04.20 14:15:31 | 000,532,430 | ---- | M] () (No name found) -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.05.01 14:02:32 | 000,006,473 | ---- | M] () -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\searchplugins\babylon.xml
[2013.05.01 14:02:32 | 000,006,473 | ---- | M] () -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\searchplugins\BrowserProtect.xml
[2013.03.27 19:39:42 | 000,000,919 | ---- | M] () -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\searchplugins\conduit.xml
[2013.05.01 12:05:27 | 000,001,294 | ---- | M] () -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\searchplugins\delta.xml
[2013.05.01 17:15:19 | 000,002,389 | ---- | M] () -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\searchplugins\Mysearchdial.xml
[2013.04.30 18:53:09 | 000,002,120 | ---- | M] () -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\searchplugins\MyStart Search.xml
[2013.04.21 11:51:59 | 000,002,646 | ---- | M] () -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\searchplugins\Search_Results.xml
[2013.04.12 14:56:46 | 000,022,907 | ---- | M] () -- C:\Users\doniaali\AppData\Roaming\mozilla\firefox\profiles\kcuhzizm.default\searchplugins\Web Search.xml
[2013.04.21 11:52:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.01.26 21:42:44 | 000,000,000 | ---D | M] ("Babylon Spelling and Proofreading") -- C:\Program Files\mozilla firefox\extensions\adapter@babylontc.com
[2013.04.13 12:44:51 | 000,000,000 | ---D | M] (FiddlerHook) -- C:\PROGRAM FILES\FIDDLER2\FIDDLERHOOK
[2013.05.01 12:06:27 | 000,000,000 | ---D | M] ("Iminent Minibar") -- C:\PROGRAM FILES\IMINENT\WEBBOOSTER@IMINENT.COM
[2013.04.28 11:36:51 | 000,000,000 | ---D | M] ("Lyrics Monkey") -- C:\PROGRAM FILES\LYRICSMONKEY\FF
[2012.10.17 23:03:13 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPLGN
[2012.11.09 17:22:11 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2013.04.20 14:14:59 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.05.01 14:05:54 | 000,006,492 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.21 11:51:59 | 000,002,646 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: Mysearchdial Search
CHR - default_search_provider: Mysearchdial ()
CHR - default_search_provider: search_url = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtD0F0FtD0AtC0Bzy0EtB0C0CtB0A0BtN0D0Tzu0CyEzzyBtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=144183255&ir=
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\doniaali\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.15.37265_0\background/registryAccess.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files\OnLive\Plugin\npolgdet.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\doniaali\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Ask Toolbar = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.15.37265_0\
CHR - Extension: QuickShare Widget = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\
CHR - Extension: Google Docs = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Delta Toolbar = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.3_0\
CHR - Extension: Iminent = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Lyrics Monkey = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp\1.111_0\
CHR - Extension: SwissConverter 2.1 = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdidofdhbieclaekjnfcnfaoceobnco\10.15.0.62_0\
CHR - Extension: Skype Click to Call = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\
CHR - Extension: Google Mail = C:\Users\doniaali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013.04.30 17:31:35 | 000,010,555 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 198.167.139.193 google.com
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 198.167.139.193 Google
O1 - Hosts: 317 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Lyrics Monkey) - {18CAEA74-C7E8-4D37-967F-1D01351BA398} - C:\Program Files\LyricsMonkey\lyricsmonkey.dll (MNDi Software)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {336D0C35-8A85-403a-B9D2-65C292C39087} - No CLSID value found.
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~2\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (mixidj Helper Object) - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files\mixidj\mixidj\1.8.4.1\bh\mixidj.dll (MixiDJ)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (midicair Toolbar) - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - C:\Program Files\midicair\prxtbmid2.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\wajam.dll (Wajam)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (LyricsTube) - {B399EDE8-1525-458C-8DD9-31EADF632D06} - C:\Program Files\LyricsTube\lrcstube.dll (Hansen & Destar Apps)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Browse2save) - {B80652C1-907A-3E1D-D19E-031B4F489227} - C:\ProgramData\Browse2save\51026cd86767d.dll ()
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (mysearchdial Helper Object) - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\PROGRA~1\MYSEAR~1\bh\mysearchdial.dll (Ironsource Israel (2011) LTD)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (mysearchdial Toolbar) - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\PROGRA~1\MYSEAR~1\mysearchdialTlbr.dll (Ironsource Israel (2011) LTD)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~2\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (midicair Toolbar) - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - C:\Program Files\midicair\prxtbmid2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (MixiDJ Toolbar) - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files\mixidj\mixidj\1.8.4.1\mixidjTlbr.dll (MixiDJ)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (midicair Toolbar) - {77F8C945-4B74-4BD6-A073-E0D1997EDCE8} - C:\Program Files\midicair\prxtbmid2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Telerik)
O9 - Extra 'Tools' menuitem : Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Telerik)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A1B9E2C-DECA-458F-8A2B-CBC31C89A90C}: DhcpNameServer = 44.0.0.253 44.0.0.3 44.0.0.4 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1957BA05-6631-4A34-A85E-80CEBD0EE152}: DhcpNameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F6F9F58-CECB-4610-995C-BAFAEE0A16FC}: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (c:\progra~1\search~2\datamngr\mgrldr.dll) - c:\progra~1\search~2\datamngr\mgrldr.dll ()
O20 - AppInit_DLLs: (c:\progra~1\websea~1\sprote~1.dll) - c:\progra~1\websea~1\sprote~1.dll ()
O20 - AppInit_DLLs: (c:\progra~1\browse~1\sprote~1.dll) - c:\progra~1\browse~1\sprote~1.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d8fbc4c0-8d98-11e2-a690-0025115aab59}\Shell - "" = AutoRun
O33 - MountPoints2\{d8fbc4c0-8d98-11e2-a690-0025115aab59}\Shell\AutoRun\command - "" = J:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x86 - (C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.02 17:23:27 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Malwarebytes
[2013.05.02 17:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.05.02 17:23:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.02 17:23:18 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.05.02 17:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.05.02 17:23:10 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\Programs
[2013.05.02 17:02:27 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Avira
[2013.05.02 11:49:37 | 000,066,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.05.01 19:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.05.01 19:21:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.05.01 19:21:27 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.05.01 19:21:27 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.05.01 19:21:27 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.05.01 19:21:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.05.01 19:21:26 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.05.01 18:58:09 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.05.01 15:42:52 | 000,000,000 | ---D | C] -- C:\Users\doniaali\Documents\Simply Super Software
[2013.05.01 14:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2013.05.01 14:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2013.05.01 14:32:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2013.05.01 14:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Pro
[2013.05.01 14:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Pro
[2013.05.01 14:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mysearchdial
[2013.05.01 14:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\mixiedj
[2013.05.01 14:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\mixidj
[2013.05.01 14:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\LyricsTube
[2013.05.01 12:50:57 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\ElevatedDiagnostics
[2013.05.01 12:50:07 | 000,000,000 | ---D | C] -- C:\Users\doniaali\Desktop\Neuer Ordner
[2013.05.01 12:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\DomaIQ Uninstaller
[2013.05.01 12:06:39 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Iminent
[2013.05.01 12:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2013.05.01 12:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2013.05.01 12:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2013.05.01 12:06:07 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2013.05.01 12:05:56 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.05.01 12:05:27 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\BabSolution
[2013.05.01 12:05:11 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Delta
[2013.04.30 15:43:21 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinecraftAlpha
[2013.04.30 15:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\MinecraftAlpha
[2013.04.30 15:39:07 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\.minecraft
[2013.04.30 15:08:22 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{1C1ADA15-7B69-446F-8C10-7D6E2010A37E}
[2013.04.29 20:22:52 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Google
[2013.04.29 20:22:39 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Yahoo!
[2013.04.29 20:22:19 | 000,000,000 | ---D | C] -- C:\Users\doniaali\Documents\Eigene Scans
[2013.04.29 13:36:40 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{A268B594-CC53-456B-B1A0-456E64A44864}
[2013.04.28 11:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\LyricsMonkey
[2013.04.28 11:36:45 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{3F092477-FECE-46E9-BD40-4B67F8A78BB7}
[2013.04.27 20:02:00 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{C54D09C3-86BB-410C-95C6-84C51434A766}
[2013.04.27 19:57:10 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{D412F663-6BEF-4F88-A323-0290F2DA811C}
[2013.04.22 15:08:13 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{9E5F3EB2-F431-402D-8E0C-4B866651EDF2}
[2013.04.21 12:21:08 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{51212EAF-11F2-4CFD-B2C0-BEE9F391766F}
[2013.04.21 11:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013.04.21 11:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\Search Results Toolbar
[2013.04.21 11:51:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr
[2013.04.21 11:51:25 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\iLivid
[2013.04.21 00:20:42 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{3D9A8003-C964-42E3-8111-C03E821E6307}
[2013.04.20 10:15:32 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{7AC8426E-B33E-4A95-ADF6-F2223CB393F9}
[2013.04.19 21:06:03 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{C362B9EB-5829-4D94-8F4A-76DF3C85E012}
[2013.04.19 19:47:55 | 000,000,000 | ---D | C] -- C:\Users\doniaali\Downloads
[2013.04.19 09:05:37 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{0856E38D-F89A-4782-9420-DAAC9AD57C15}
[2013.04.18 15:50:57 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{FA9AB740-C850-4D22-9197-AD88FA659DD8}
[2013.04.17 12:02:32 | 000,000,000 | ---D | C] -- C:\Users\doniaali\Documents\Downloads
[2013.04.17 11:30:09 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{0E01C49D-B755-4DFF-B9ED-EFC4CD171A52}
[2013.04.16 09:52:49 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{0D2051E5-78D7-49F0-A674-175AFE374E53}
[2013.04.15 09:18:40 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{0D19E352-785E-424A-AC7B-455CCEA67C27}
[2013.04.13 18:28:47 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{4FB0FDF9-6BB4-4F8C-A2DB-AAD285F0B248}
[2013.04.13 15:01:17 | 000,000,000 | --SD | C] -- C:\Users\doniaali\Documents\MicroSys
[2013.04.13 15:01:17 | 000,000,000 | -HSD | C] -- C:\Users\doniaali\Documents\MSDCSC
[2013.04.13 12:45:11 | 000,000,000 | ---D | C] -- C:\Users\doniaali\Documents\Fiddler2
[2013.04.13 12:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\Fiddler2
[2013.04.12 19:05:58 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{39DA384A-3C2F-4A93-807A-2FBD4B4CFA2F}
[2013.04.12 06:55:16 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{193CEAFA-C947-406E-AD10-DC9D97E0195B}
[2013.04.11 17:16:06 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{4E21AF9B-8E89-43B1-AE79-EB0EE7723059}
[2013.04.11 15:12:30 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.04.11 15:12:29 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.04.11 15:12:28 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.04.11 15:12:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.04.11 15:12:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.04.11 15:12:27 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.04.11 15:12:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.04.11 15:12:26 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.04.11 12:35:09 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.04.11 12:35:06 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.11 12:35:05 | 003,958,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.11 12:35:05 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.11 12:34:58 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013.04.11 12:34:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013.04.11 12:29:16 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{73076478-7532-4A83-B55F-D877A69F3623}
[2013.04.10 12:14:25 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{C07D17C0-76BE-4D3D-BE60-87809F4E2F36}
[2013.04.09 13:29:05 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{02B889D4-3C20-4D27-A3C3-FD6A7EF2860E}
[2013.04.08 12:10:22 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{20C4B2DC-C38F-48E1-8385-110EED1738C3}
[2013.04.07 02:49:55 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{F9EDD1F7-32D9-40D6-8E98-C46BF9C3776A}
[2013.04.06 11:11:07 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{0D269BC1-AF97-41EB-BF6E-B3238449D512}
[2013.04.04 10:47:28 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Local\{B5C779F1-9B81-430D-A772-820AE1DDB117}
[2013.04.03 13:59:58 | 000,000,000 | ---D | C] -- C:\Users\doniaali\Documents\My Cheat Tables
[2013.04.03 13:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2013.04.03 13:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.2
[2013.04.03 13:59:13 | 000,000,000 | ---D | C] -- C:\Users\doniaali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[2013.04.03 13:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\FilesFrog Update Checker
[2013.04.03 13:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\XingHaoLyrics
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.03 12:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.03 12:22:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1003UA.job
[2013.05.03 12:07:00 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job
[2013.05.03 11:53:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.03 11:48:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1006UA.job
[2013.05.03 11:30:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1003UA.job
[2013.05.03 10:29:58 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.03 10:29:58 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.03 10:22:34 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.03 10:22:30 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\spmonitor.job
[2013.05.03 10:22:30 | 000,000,252 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2013.05.03 10:22:29 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\schedule!3036567561.job
[2013.05.03 10:22:29 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2013.05.03 10:22:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.03 10:21:57 | 2415,316,992 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.02 19:56:21 | 000,000,000 | ---- | M] () -- C:\END
[2013.05.02 18:59:59 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2013.05.02 17:40:18 | 000,735,702 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2013.05.02 17:40:18 | 000,698,008 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.02 17:40:18 | 000,654,880 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.02 17:40:18 | 000,152,474 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2013.05.02 17:40:18 | 000,148,632 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.02 17:40:18 | 000,121,752 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.02 17:33:48 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1003Core.job
[2013.05.02 17:23:21 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.02 15:39:20 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1006Core.job
[2013.05.02 15:11:28 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1003Core.job
[2013.05.02 15:11:28 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2013.05.02 11:49:24 | 000,066,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.05.01 19:21:40 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.05.01 14:07:08 | 000,000,368 | ---- | M] () -- C:\Users\Public\Desktop\MySearchDial.url
[2013.05.01 13:13:58 | 000,002,343 | ---- | M] () -- C:\Users\doniaali\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.05.01 12:06:29 | 000,000,596 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013.04.30 17:31:35 | 000,010,555 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.04.28 17:38:04 | 000,002,408 | ---- | M] () -- C:\{91CC7DA9-1967-46BE-AE98-27D5CCAF8CCA}
[2013.04.21 11:52:54 | 000,001,001 | ---- | M] () -- C:\Users\doniaali\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013.04.20 17:09:15 | 000,002,304 | ---- | M] () -- C:\{8037E2D3-8763-4391-8F4E-5A4B5674A00E}
[2013.04.11 17:12:11 | 000,401,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.04.07 10:54:58 | 001,156,400 | ---- | M] () -- C:\Windows\System32\dmwu.exe
[2013.04.07 10:52:34 | 000,027,136 | ---- | M] () -- C:\Windows\System32\ImHttpComm.dll
[2013.04.04 14:57:45 | 000,002,960 | ---- | M] () -- C:\{178BCE50-8EF4-4611-93D1-37D2578FBC49}
[2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.02 17:23:21 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.01 19:21:40 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.05.01 14:07:53 | 000,000,284 | ---- | C] () -- C:\Windows\tasks\MySearchDial.job
[2013.05.01 14:07:08 | 000,000,368 | ---- | C] () -- C:\Users\Public\Desktop\MySearchDial.url
[2013.05.01 13:38:11 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1006UA.job
[2013.05.01 13:38:09 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1006Core.job
[2013.05.01 13:13:58 | 000,002,343 | ---- | C] () -- C:\Users\doniaali\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.05.01 13:11:32 | 000,001,132 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1003UA.job
[2013.05.01 13:11:31 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284104535-1330685443-564435093-1003Core.job
[2013.05.01 12:06:22 | 000,000,596 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013.04.28 17:38:02 | 000,002,408 | ---- | C] () -- C:\{91CC7DA9-1967-46BE-AE98-27D5CCAF8CCA}
[2013.04.21 11:52:54 | 000,001,007 | ---- | C] () -- C:\Users\doniaali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[2013.04.21 11:52:53 | 000,001,001 | ---- | C] () -- C:\Users\doniaali\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013.04.20 17:09:12 | 000,002,304 | ---- | C] () -- C:\{8037E2D3-8763-4391-8F4E-5A4B5674A00E}
[2013.04.13 12:44:51 | 000,001,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler2.lnk
[2013.04.04 14:57:45 | 000,002,960 | ---- | C] () -- C:\{178BCE50-8EF4-4611-93D1-37D2578FBC49}
[2013.03.23 15:19:19 | 000,007,600 | ---- | C] () -- C:\Users\doniaali\AppData\Local\Resmon.ResmonCfg
[2013.03.23 14:29:56 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.10.01 21:12:18 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat.temp
[2012.09.27 16:46:01 | 001,156,400 | ---- | C] () -- C:\Windows\System32\dmwu.exe
[2012.08.31 13:13:21 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ImHttpComm.dll
[2012.08.13 14:24:51 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2012.07.26 16:41:26 | 000,000,600 | ---- | C] () -- C:\Users\doniaali\PUTTY.RND
[2012.01.10 21:08:56 | 000,698,008 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2012.01.10 21:08:56 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2012.01.10 21:08:56 | 000,148,632 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2012.01.10 21:08:56 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2012.01.10 20:35:34 | 000,238,935 | ---- | C] () -- C:\Windows\hpwins26.dat
[2012.01.10 20:15:47 | 000,735,702 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2012.01.10 20:15:47 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2012.01.10 20:15:47 | 000,152,474 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2012.01.10 20:15:47 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2012.01.10 19:35:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.01.10 19:35:05 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:373E1720
< End of report > --- --- --- |