MyCity » Ambulanta -> Arhiva Ambulante » Da li opet imam keylogger?

Da li opet imam keylogger?

Napisano na dan: 2.2.2012

Da li opet imam keylogger?

Sledeća strana

Pagination

Odgovori

dragana81 Poslao: 02 Feb 2012 17:28 Idi na vrh
offline dragana81 Novi MyCity građanin Pridružio: 02 Apr 2011 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Vec sam jedom imala problema i resila ih uz vasu pomoc, medjutim mislim da mi se opet nesto cudno desava sa kompijuterom. Prosli put su mi kasnila slova a tastaturi, sad ne kasne,a li cudo mi se ponasa kompijuter u poslednje vreme, pa bih vas molila da pogledate. Hvala unapred mycity.rs/must-login.png Nadam se da sam doro uradila sve kako je trebalo i da mozete da mi pomognete. OTL logfile created on: 02.02.2012 17:21:49 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\dragana\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 \| Country: Deutschland \| Language: DEU \| Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory \| 2,30 Gb Available Physical Memory \| 57,52% Memory free 7,99 Gb Paging File \| 5,77 Gb Available in Paging File \| 72,19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 451,07 Gb Total Space \| 387,46 Gb Free Space \| 85,90% Space Free \| Partition Type: NTFS Drive F: \| 36,22 Mb Total Space \| 0,00 Mb Free Space \| 0,00% Space Free \| Partition Type: CDFS Computer Name: DRAGANA-PC \| User Name: dragana \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.02 17:21:43 \| 000,584,192 \| ---- \| M] (OldTimer Tools) -- C:\Users\dragana\Downloads\OTL(2).exe PRC - [2011.12.22 15:16:12 \| 000,912,856 \| ---- \| M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.11.24 12:20:19 \| 000,514,048 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe PRC - [2011.11.24 12:20:19 \| 000,218,624 \| ---- \| M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe PRC - [2011.07.01 20:04:31 \| 000,269,480 \| ---- \| M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.06.01 21:44:15 \| 001,546,640 \| ---- \| M] (Bandoo Media, inc) -- C:\_OTL\MovedFiles\10282011_191103\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe PRC - [2011.04.30 12:42:53 \| 000,136,360 \| ---- \| M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.04.23 21:17:26 \| 001,994,936 \| ---- \| M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe PRC - [2011.04.23 21:17:08 \| 002,412,728 \| ---- \| M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe PRC - [2011.01.25 14:14:08 \| 001,802,472 \| ---- \| M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe PRC - [2011.01.25 14:14:08 \| 001,534,184 \| ---- \| M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe PRC - [2011.01.17 16:37:42 \| 011,322,880 \| ---- \| M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 16:37:42 \| 011,314,688 \| ---- \| M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2011.01.13 20:37:02 \| 000,705,856 \| ---- \| M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe PRC - [2011.01.10 14:22:55 \| 000,281,768 \| ---- \| M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.11.16 14:37:30 \| 000,230,912 \| ---- \| M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010.09.14 04:45:56 \| 000,219,496 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2010.09.14 04:45:44 \| 000,508,264 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010.02.09 19:34:00 \| 001,807,680 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe PRC - [2010.01.15 13:49:20 \| 000,255,536 \| ---- \| M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.07.17 17:08:00 \| 000,237,568 \| ---- \| M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe PRC - [2009.05.21 14:59:08 \| 000,206,064 \| ---- \| M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe PRC - [2009.05.21 14:59:08 \| 000,206,064 \| ---- \| M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe ========== Modules (No Company Name) ========== MOD - [2012.01.04 11:05:57 \| 001,840,640 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\be4f1d78d06979df7fd08dedf0d8c804\System.Web.Services.ni.dll MOD - [2011.12.22 15:16:12 \| 000,849,368 \| ---- \| M] () -- C:\Program Files (x86)\Mozilla Firefox\js3250.dll MOD - [2011.12.17 16:10:02 \| 006,276,768 \| ---- \| M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011.11.24 12:20:20 \| 009,515,520 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\QtGui4.dll MOD - [2011.11.24 12:20:20 \| 002,415,104 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\QtCore4.dll MOD - [2011.11.24 12:20:20 \| 001,148,416 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\QtNetwork4.dll MOD - [2011.11.24 12:20:20 \| 001,101,824 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\NDISAPI.dll MOD - [2011.11.24 12:20:20 \| 000,777,728 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\SMSUIPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,670,720 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,545,280 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\PluginContainer.dll MOD - [2011.11.24 12:20:20 \| 000,449,536 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,379,392 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\Proxy.dll MOD - [2011.11.24 12:20:20 \| 000,370,176 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qtiff4.dll MOD - [2011.11.24 12:20:20 \| 000,350,720 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qmng4.dll MOD - [2011.11.24 12:20:20 \| 000,331,776 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,314,368 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,275,456 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,258,560 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\sdk.dll MOD - [2011.11.24 12:20:20 \| 000,229,376 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,225,280 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,217,600 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,192,000 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qjpeg4.dll MOD - [2011.11.24 12:20:20 \| 000,185,856 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll MOD - [2011.11.24 12:20:20 \| 000,179,712 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,159,232 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\XCodec.dll MOD - [2011.11.24 12:20:20 \| 000,158,720 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,156,672 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,142,336 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll MOD - [2011.11.24 12:20:20 \| 000,135,168 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\Trace.dll MOD - [2011.11.24 12:20:20 \| 000,133,120 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\OSDialup.dll MOD - [2011.11.24 12:20:20 \| 000,131,072 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\OSNDIS.dll MOD - [2011.11.24 12:20:20 \| 000,106,496 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\Win7Support.dll MOD - [2011.11.24 12:20:20 \| 000,101,376 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\OSAdapt.dll MOD - [2011.11.24 12:20:20 \| 000,093,184 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll MOD - [2011.11.24 12:20:20 \| 000,082,944 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qgif4.dll MOD - [2011.11.24 12:20:20 \| 000,081,920 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qico4.dll MOD - [2011.11.24 12:20:20 \| 000,065,536 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll MOD - [2011.11.24 12:20:20 \| 000,062,976 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\OSCall.dll MOD - [2011.11.24 12:20:19 \| 001,077,248 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,739,840 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookUIPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,550,400 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,547,840 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,514,048 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe MOD - [2011.11.24 12:20:19 \| 000,495,104 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,414,720 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,352,768 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\core.dll MOD - [2011.11.24 12:20:19 \| 000,337,408 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,300,544 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,264,704 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,245,760 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,239,104 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\LiveUpdateInterface.dll MOD - [2011.11.24 12:20:19 \| 000,238,592 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\AtCodec.dll MOD - [2011.11.24 12:20:19 \| 000,218,112 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\Common.dll MOD - [2011.11.24 12:20:19 \| 000,211,456 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,175,104 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,157,184 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll MOD - [2011.11.24 12:20:19 \| 000,123,392 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll MOD - [2011.11.24 12:20:19 \| 000,117,760 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll MOD - [2011.11.24 12:20:19 \| 000,043,008 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll MOD - [2011.11.24 12:20:19 \| 000,011,362 \| ---- \| M] () -- C:\Program Files (x86)\Mobile Partner\mingwm10.dll MOD - [2011.10.14 01:16:25 \| 001,051,136 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll MOD - [2011.10.14 00:45:42 \| 012,433,408 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011.10.14 00:45:36 \| 001,587,200 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011.10.14 00:45:20 \| 005,453,312 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011.10.14 00:45:17 \| 000,971,264 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011.10.14 00:45:16 \| 007,963,648 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011.10.14 00:45:11 \| 011,490,304 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011.04.23 21:18:10 \| 000,100,208 \| ---- \| M] () -- C:\Windows\SysWOW64\FAIEExtension.dll MOD - [2011.04.23 21:17:32 \| 000,062,136 \| ---- \| M] () -- C:\Windows\SysWOW64\FAib.dll MOD - [2011.04.23 21:16:44 \| 000,250,552 \| ---- \| M] () -- C:\Windows\SysWOW64\FACrashRpt.dll MOD - [2011.02.19 19:35:06 \| 000,985,088 \| ---- \| M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2011.01.25 14:14:08 \| 001,802,472 \| ---- \| M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe MOD - [2011.01.25 14:14:08 \| 001,534,184 \| ---- \| M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe MOD - [2011.01.25 14:10:24 \| 002,225,664 \| ---- \| M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll MOD - [2011.01.25 14:10:22 \| 016,124,416 \| ---- \| M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll MOD - [2011.01.25 14:10:22 \| 007,938,048 \| ---- \| M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll MOD - [2010.11.13 01:08:41 \| 000,315,392 \| ---- \| M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 02:58:50 \| 000,212,992 \| ---- \| M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2010.02.09 19:34:00 \| 001,807,680 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe MOD - [2010.02.09 19:34:00 \| 000,365,888 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll MOD - [2010.02.09 19:34:00 \| 000,275,776 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll MOD - [2010.02.09 19:34:00 \| 000,152,896 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll MOD - [2010.02.09 19:34:00 \| 000,095,552 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll MOD - [2010.02.09 19:34:00 \| 000,062,784 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbShared.resources.dll MOD - [2010.02.09 19:34:00 \| 000,058,688 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll MOD - [2010.02.09 19:34:00 \| 000,046,400 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll MOD - [2010.02.09 19:34:00 \| 000,017,728 \| ---- \| M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.09.22 18:10:10 \| 000,057,184 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010.07.06 03:22:30 \| 000,007,168 \| ---- \| M] (Microsoft) [Auto \| Running] -- C:\Program Files\Dell\OSD\DellOSDservice.exe -- (DellOSDservice) SRV:64bit: - [2010.06.20 12:35:44 \| 000,203,264 \| ---- \| M] (AMD) [Auto \| Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.02.02 20:13:10 \| 000,048,128 \| ---- \| M] (Dell Inc.) [Auto \| Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV - [2011.11.24 12:20:19 \| 000,218,624 \| ---- \| M] () [Auto \| Stopped] -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc) SRV - [2011.07.01 20:04:31 \| 000,269,480 \| ---- \| M] (Avira GmbH) [Auto \| Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.04.30 12:42:53 \| 000,136,360 \| ---- \| M] (Avira GmbH) [Auto \| Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.04.23 21:17:08 \| 002,412,728 \| ---- \| M] (Sensible Vision ) [Auto \| Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService) SRV - [2011.02.28 18:44:14 \| 000,183,560 \| ---- \| M] (Microsoft Corporation.) [On_Demand \| Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011.01.13 20:37:02 \| 000,705,856 \| ---- \| M] (SoftThinks SAS) [Auto \| Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2010.09.14 04:45:56 \| 000,219,496 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2010.09.14 04:45:44 \| 000,508,264 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.08.24 20:27:20 \| 000,867,080 \| ---- \| M] (Acresso Software Inc.) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.03.18 13:16:28 \| 000,130,384 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.15 13:49:20 \| 000,227,232 \| ---- \| M] (McAfee, Inc.) [On_Demand \| Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.09.18 10:54:20 \| 000,169,312 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009.06.10 22:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.05.21 14:59:08 \| 000,206,064 \| ---- \| M] (SupportSoft, Inc.) [Auto \| Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) SRV - [2007.05.31 16:11:54 \| 000,443,784 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 16:11:46 \| 000,225,672 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.11.24 12:20:20 \| 000,256,000 \| ---- \| M] (Huawei Technologies Co., Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2011.11.24 12:20:20 \| 000,121,600 \| ---- \| M] (Huawei Technologies Co., Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2011.11.24 12:20:20 \| 000,117,248 \| ---- \| M] (Huawei Technologies Co., Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:64bit: - [2011.11.24 12:20:20 \| 000,085,504 \| ---- \| M] (Huawei Technologies Co., Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:64bit: - [2011.07.01 20:04:32 \| 000,123,784 \| ---- \| M] (Avira GmbH) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.07.01 20:04:32 \| 000,088,288 \| ---- \| M] (Avira GmbH) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010.11.20 14:33:35 \| 000,078,720 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.09.23 00:36:48 \| 000,048,488 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.09.14 04:45:52 \| 000,022,376 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2010.09.14 04:45:50 \| 000,025,960 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2010.09.14 04:45:48 \| 000,268,648 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2010.09.14 04:45:44 \| 000,760,168 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2010.07.15 00:17:58 \| 000,033,792 \| ---- \| M] (Nuvoton Technology Corp.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\nuviocir_win7_x64.sys -- (nuviocir) DRV:64bit: - [2010.06.23 23:10:56 \| 000,344,680 \| ---- \| M] (Realtek ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.06.20 16:20:54 \| 006,858,240 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.06.20 12:02:04 \| 000,264,192 \| ---- \| M] (Advanced Micro Devices, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.04.07 14:57:08 \| 000,073,784 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.04.07 14:57:08 \| 000,028,728 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.03.24 07:13:00 \| 000,371,072 \| ---- \| M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\AVerPola.sys -- (AVerPola) DRV:64bit: - [2010.03.10 08:33:52 \| 000,016,440 \| ---- \| M] (Advanced Micro Devices Inc.) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2010.02.02 20:13:08 \| 000,022,520 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:64bit: - [2010.02.02 20:13:08 \| 000,020,984 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL) DRV:64bit: - [2010.02.02 20:13:06 \| 003,058,168 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.07.14 02:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:09:50 \| 000,019,968 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2009.07.09 09:00:00 \| 000,055,280 \| ---- \| M] (Sonic Solutions) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.06.10 21:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.09.25 01:36:14 \| 000,238,848 \| ---- \| M] (Sensible Vision ) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP) DRV:64bit: - [2007.05.14 16:06:18 \| 000,027,520 \| ---- \| M] (Research In Motion Limited) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV:64bit: - [2006.11.01 18:51:00 \| 000,151,656 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009.07.14 02:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.uk.msn.com/USCON/8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = search.conduit.com?SearchSource=10&ctid=CT2325506 IE - HKCU\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.08.24 20:02:02 \| 000,000,000 \| ---D \| M] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.08.24 20:02:02 \| 000,000,000 \| ---D \| M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\dragana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011.06.26 07:49:25 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.22 15:16:12 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.22 15:16:12 \| 000,000,000 \| ---D \| M] [2011.10.28 13:50:24 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\dragana\AppData\Roaming\Mozilla\Extensions [2011.02.03 22:32:00 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\dragana\AppData\Roaming\Mozilla\Extensions\{SbX-136198-9783706830751-stu10} [2012.02.02 17:17:02 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions [2011.09.24 20:55:47 \| 000,000,000 \| ---D \| M] (www.Freeware-download.com Community Toolbar) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions\{26647ca4-a2a7-4eac-8a72-761aa9141de7} [2011.03.03 13:00:12 \| 000,000,000 \| ---D \| M] (Yahoo! Toolbar) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011.09.24 20:55:46 \| 000,000,000 \| ---D \| M] (Conduit Engine) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions\engine@conduit.com [2011.10.28 13:50:24 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.03.03 12:59:36 \| 000,000,000 \| ---D \| M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.02.02 21:40:24 \| 000,472,808 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.11.10 18:34:59 \| 000,001,392 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.11.10 18:34:59 \| 000,002,344 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.11.10 18:34:59 \| 000,006,805 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.28 14:54:36 \| 000,002,501 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml [2011.11.10 18:34:59 \| 000,001,178 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.11.10 18:34:59 \| 000,001,105 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 \| 000,000,824 \| ---- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll File not found O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision ) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll File not found O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" File not found O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision ) O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll File not found O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" File not found O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll File not found O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.) O4:64bit: - HKLM..\Run: [CisPostUninstall] C:\Users\dragana\AppData\Local\Temp\cis5CD0.exe (COMODO) O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [FAStartup] File not found O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision ) O4 - HKLM..\Run: [ShwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe (Alcor Micro Corp.) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S116F.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [Facebook Update] C:\Users\dragana\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell) O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks) O4 - Startup: C:\Users\dragana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31EC44A4-6EBA-4B46-BAD2-DA865AD19ACA}: NameServer = 194.24.128.100 81.3.216.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{589A08A9-74F4-4F46-BD6D-FC5F643462A4}: NameServer = 194.24.128.100 81.3.216.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93C96FE5-0937-4050-902B-11536F72D2B8}: DhcpNameServer = 10.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93C96FE5-0937-4050-902B-11536F72D2B8}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8A27CD0-BF31-4883-B977-14F69BD5F255}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B50416DB-FA6C-4E43-8E5A-E21278E80077}: NameServer = 194.24.128.100 81.3.216.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7AF8766-634F-4AB2-B8E5-3FEAC20B69C9}: NameServer = 194.24.128.100 81.3.216.100 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.11.18 06:37:37 \| 000,142,336 \| R--- \| M] () - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2010.12.22 07:44:40 \| 000,000,047 \| R--- \| M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{5aa83b8b-168d-11e1-8471-5cac4c27d523}\Shell - "" = AutoRun O33 - MountPoints2\{5aa83b8b-168d-11e1-8471-5cac4c27d523}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 \| 000,142,336 \| R--- \| M] () O33 - MountPoints2\{6da632ee-1795-11e1-a997-5cac4c27d523}\Shell - "" = AutoRun O33 - MountPoints2\{6da632ee-1795-11e1-a997-5cac4c27d523}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 \| 000,142,336 \| R--- \| M] () O33 - MountPoints2\{7dd4214f-50e2-11e0-a1a2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{7dd4214f-50e2-11e0-a1a2-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 \| 000,142,336 \| R--- \| M] () O33 - MountPoints2\{a55f7d07-4db6-11e0-86ff-00a0c6000000}\Shell - "" = AutoRun O33 - MountPoints2\{a55f7d07-4db6-11e0-86ff-00a0c6000000}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{d25a6277-4dab-11e0-8ce3-001e101f8924}\Shell - "" = AutoRun O33 - MountPoints2\{d25a6277-4dab-11e0-8ce3-001e101f8924}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 \| 000,142,336 \| R--- \| M] () O33 - MountPoints2\{d25a62a0-4dab-11e0-8ce3-001e101f8924}\Shell - "" = AutoRun O33 - MountPoints2\{d25a62a0-4dab-11e0-8ce3-001e101f8924}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{d25a62ab-4dab-11e0-8ce3-001e101f8924}\Shell - "" = AutoRun O33 - MountPoints2\{d25a62ab-4dab-11e0-8ce3-001e101f8924}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{e31ee032-167d-11e1-a80b-00a0c6000000}\Shell - "" = AutoRun O33 - MountPoints2\{e31ee032-167d-11e1-a80b-00a0c6000000}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 \| 000,142,336 \| R--- \| M] () O33 - MountPoints2\{fa1af997-2ed8-11e0-be3d-5cac4c27d523}\Shell - "" = AutoRun O33 - MountPoints2\{fa1af997-2ed8-11e0-be3d-5cac4c27d523}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{fa1af9ab-2ed8-11e0-be3d-5cac4c27d523}\Shell - "" = AutoRun O33 - MountPoints2\{fa1af9ab-2ed8-11e0-be3d-5cac4c27d523}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 \| 000,142,336 \| R--- \| M] () O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" % O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.02 16:53:56 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{7BE13DBD-3EDF-49E6-A2B8-CFC882EB70FC} [2012.02.02 16:53:51 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{7677272B-D2E0-4974-A777-187B00948092} [2012.01.31 15:09:00 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{71905FC8-7284-416E-B5AC-42091DBAC4F0} [2012.01.31 15:07:56 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{EEC36A69-CDC7-41EC-A998-9B10B959FE2F} [2012.01.29 23:33:07 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{C28C9480-F90C-423C-AE1B-FC2BDAAD303F} [2012.01.29 23:32:34 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{81B2D211-CF8C-4873-88C7-16BDEDFFA705} [2012.01.27 12:03:12 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{1C6DFC18-9A47-492D-A4FD-28F11163F44F} [2012.01.27 07:32:25 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{B4828FA3-2212-418D-A583-2B574B7EB3B7} [2012.01.27 07:31:53 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{A8E10215-41D5-4EEF-93F2-10FFF85A37CA} [2012.01.27 00:46:28 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{61817FE6-004C-4F91-9571-AE06D8CF8660} [2012.01.26 12:46:27 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{33D3D7A6-B7AE-4E35-951B-03FA88458E15} [2012.01.26 00:40:03 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{F6E87F5C-E73D-4B1F-A0CE-F9674E9803F1} [2012.01.25 12:44:38 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{D25BA0DD-89DA-4CA0-8102-F9DE9048B5D8} [2012.01.25 12:44:05 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{F79B74E4-6840-454E-AC9E-96DF251D4AF8} [2012.01.25 08:26:51 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{A3284C1D-86D3-4702-A820-547F02B0CAAF} [2012.01.25 07:29:01 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{908D3A87-5B30-46E6-AC23-665A45107F47} [2012.01.25 07:26:59 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{52BD1346-CCB8-486C-B2F8-A2B4383232EE} [2012.01.24 11:16:32 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{A676778F-3BB0-4F22-80E4-371C893B7B8D} [2012.01.24 11:15:57 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{EDB4E22A-BD48-41EB-BA52-838BA26D3F09} [2012.01.22 12:41:10 \| 001,071,088 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX [2012.01.22 12:41:10 \| 000,372,736 \| ---- \| C] (Intel Corporation) -- C:\Windows\SysWow64\IJL_11.DLL [2012.01.22 12:41:10 \| 000,212,240 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX [2012.01.22 12:41:10 \| 000,124,688 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX [2012.01.22 12:41:10 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL [2012.01.21 22:35:10 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{3F2D9122-F6DB-453A-95B5-CE9508CD20B9} [2012.01.21 22:33:37 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{A07A3AF4-937F-4F76-B0DA-E7E0A94CBB10} [2012.01.20 18:27:50 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{DEB77445-F175-4AC1-AD20-75DB5603CE95} [2012.01.20 18:18:35 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{59A08577-062A-403E-83B7-820B246B93FE} [2012.01.18 14:44:58 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{F2798F0E-95DF-492B-8545-AB47C79DCFAD} [2012.01.18 14:42:45 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{8B26D2C2-3272-4221-93A8-94E515D1D32E} [2012.01.17 07:15:25 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{35F05F2A-15D4-4938-896A-C8491B983379} [2012.01.17 07:13:21 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{2938C808-E462-4F9F-9BC3-52A851A5C2AD} [2012.01.16 14:59:33 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{17AC68A1-4979-4AAE-ABD6-518DD28694C3} [2012.01.16 07:11:35 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{143D1EE7-B1A1-4AC7-99A2-67B1D686D113} [2012.01.16 07:11:02 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{4EDC429C-DF6F-4C61-97B5-02071E156784} [2012.01.15 14:03:05 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\ElevatedDiagnostics [2012.01.15 13:58:19 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraStar [2012.01.15 13:58:19 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraStar [2012.01.15 13:58:15 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\UltraStar [2012.01.15 13:32:36 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player [2012.01.15 13:32:34 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Recisio [2012.01.15 13:32:34 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\KaraFun Player [2012.01.14 12:03:17 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{2EF51517-C315-4440-8A2D-01770B28402A} [2012.01.13 07:15:30 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{317F6534-275D-4517-A5C5-7B5980B05BAB} [2012.01.13 07:14:28 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{8BD3A8AB-6B0C-4CCA-82DC-235AFC38249E} [2012.01.12 08:26:51 \| 001,447,936 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.12 08:26:50 \| 000,314,880 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.12 08:26:49 \| 000,395,776 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.12 08:26:49 \| 000,136,192 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.12 08:26:49 \| 000,029,184 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.12 08:26:49 \| 000,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.12 08:26:37 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{B1571DE0-3052-4075-98E0-471C7FCF8C95} [2012.01.12 08:24:33 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{8A770AA7-B97F-495B-A681-55E6E331AD3C} [2012.01.11 10:47:17 \| 001,572,864 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.11 10:47:16 \| 001,328,128 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.11 10:47:16 \| 000,514,560 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.11 10:47:16 \| 000,366,592 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.11 10:47:15 \| 000,918,528 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.01.11 10:47:14 \| 000,716,800 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.01.11 10:47:13 \| 001,731,920 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.11 10:47:13 \| 000,077,312 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.11 10:47:13 \| 000,067,072 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012.01.05 12:37:49 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{29C21AD7-CB27-4289-98ED-2515A54CCA3B} [2012.01.05 12:37:12 \| 000,000,000 \| ---D \| C] -- C:\Users\dragana\AppData\Local\{028A20EB-080F-4E40-9128-272CA9EF3500} ========== Files - Modified Within 30 Days ========== [2012.02.02 17:25:48 \| 000,014,240 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.02 17:25:48 \| 000,014,240 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.02 16:54:02 \| 000,000,936 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4266239424-3780804206-1686896964-1000UA.job [2012.02.02 16:52:33 \| 000,065,536 \| ---- \| M] () -- C:\Windows\SysNative\Ikeext.etl [2012.02.02 16:52:29 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012.02.02 16:52:23 \| 3218,042,880 \| -HS- \| M] () -- C:\hiberfil.sys [2012.02.02 16:20:01 \| 000,000,940 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4266239424-3780804206-1686896964-1001UA.job [2012.02.01 22:20:00 \| 000,000,918 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4266239424-3780804206-1686896964-1001Core.job [2012.02.01 19:54:00 \| 000,000,914 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4266239424-3780804206-1686896964-1000Core.job [2012.01.18 20:54:55 \| 001,500,254 \| ---- \| M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.18 20:54:55 \| 000,654,594 \| ---- \| M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.18 20:54:55 \| 000,616,476 \| ---- \| M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.18 20:54:55 \| 000,130,208 \| ---- \| M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.18 20:54:55 \| 000,106,598 \| ---- \| M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.15 13:58:19 \| 000,000,985 \| ---- \| M] () -- C:\Users\dragana\Desktop\UltraStar.lnk [2012.01.15 13:32:36 \| 000,000,964 \| ---- \| M] () -- C:\Users\dragana\Desktop\KaraFun Player.lnk ========== Files Created - No Company Name ========== [2012.01.15 13:58:19 \| 000,000,985 \| ---- \| C] () -- C:\Users\dragana\Desktop\UltraStar.lnk [2012.01.15 13:32:36 \| 000,000,964 \| ---- \| C] () -- C:\Users\dragana\Desktop\KaraFun Player.lnk [2011.04.23 21:18:10 \| 000,100,208 \| ---- \| C] () -- C:\Windows\SysWow64\FAIEExtension.dll [2011.04.23 21:17:32 \| 000,062,136 \| ---- \| C] () -- C:\Windows\SysWow64\FAib.dll [2011.04.23 21:16:44 \| 000,250,552 \| ---- \| C] () -- C:\Windows\SysWow64\FACrashRpt.dll [2011.02.08 13:37:32 \| 000,111,932 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2011.02.08 13:37:32 \| 000,031,053 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2011.02.08 13:37:32 \| 000,027,417 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2011.02.08 13:37:32 \| 000,026,154 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2011.02.08 13:37:32 \| 000,024,903 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2011.02.08 13:37:32 \| 000,021,390 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2011.02.08 13:37:32 \| 000,020,148 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2011.02.08 13:37:32 \| 000,011,811 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2011.02.08 13:37:32 \| 000,004,943 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2011.02.08 13:37:32 \| 000,001,146 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2011.02.08 13:37:32 \| 000,001,139 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2011.02.08 13:37:32 \| 000,001,139 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2011.02.08 13:37:32 \| 000,001,136 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2011.02.08 13:37:32 \| 000,001,129 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2011.02.08 13:37:32 \| 000,001,129 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2011.02.08 13:37:32 \| 000,001,120 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2011.02.08 13:37:32 \| 000,001,107 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2011.02.08 13:37:32 \| 000,001,104 \| ---- \| C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2011.02.08 13:37:32 \| 000,000,097 \| ---- \| C] () -- C:\Windows\SysWow64\PICSDK.ini [2011.02.05 02:17:13 \| 001,526,060 \| ---- \| C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.02.05 00:16:55 \| 000,000,056 \| -H-- \| C] () -- C:\ProgramData\ezsidmv.dat [2011.01.15 01:18:57 \| 000,147,456 \| ---- \| C] () -- C:\Windows\SysWow64\msagcno-d.dll [2010.10.02 12:42:36 \| 000,147,456 \| ---- \| C] () -- C:\Windows\SysWow64\msauncerp.dll [2010.08.24 12:55:42 \| 000,000,000 \| ---- \| C] () -- C:\Windows\ativpsrm.bin [2010.08.11 20:25:45 \| 000,002,189 \| ---- \| C] () -- C:\Windows\SysWow64\atipblag.dat [2010.05.09 14:54:41 \| 000,009,855 \| ---- \| C] () -- C:\Windows\SysWow64\mswgnno-e.dll [2009.07.14 06:38:36 \| 000,067,584 \| --S- \| C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 \| 000,000,741 \| ---- \| C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 \| 000,215,943 \| ---- \| C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 \| 000,043,131 \| ---- \| C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 \| 000,064,000 \| ---- \| C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 \| 000,364,544 \| ---- \| C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 \| 000,673,088 \| ---- \| C] () -- C:\Windows\SysWow64\mlang.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:8927A071 < End of report >

Profil

ivance95 Poslao: 02 Feb 2012 22:05 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Napisala si da ti se kompjuter čudno ponaša, na šta konkretno misliš, kakav problem imaš?

Profil

dragana81 Poslao: 03 Feb 2012 09:17 Idi na vrh
offline dragana81 Novi MyCity građanin Pridružio: 02 Apr 2011 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pa na primer kad kucam a tastaturi ovaj kursor od misa (ili kako se to vec zove) mi igra po ekranu, kad sam bila na Skajpu kad kucam ponekad mi se pored kursora pojavi "dragana" u kockici ili npr. kad nista ne radim kursor mi se okrece, kao kad cekam da mi stranica nesto otvori ili umemorise i tad se cuje neki zvuk ( to pre ikad nije bilo). Eto nadam se da sam koliko toliko uspela da objasim u cemu je problem

Profil

1l padr1n0 Poslao: 04 Feb 2012 17:12 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav. Izvinjavam se sto kasnimo sa odgovorom - kolega ima nekih obaveza; pa cu ti ja odgovoriti. Ponovo pokreni program OTL dvoklikom na ikonicu; U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst: :OTL O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll File not found O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll File not found O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll File not found O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll File not found O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found :Commands [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA] [REBOOT] Klikni taster Run Fix; Log koji dobiješ iskopiraj ovde u poruci. Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). goran9888 (AMF Tim)

Profil

dragana81 Poslao: 05 Feb 2012 12:12 Idi na vrh
offline dragana81 Novi MyCity građanin Pridružio: 02 Apr 2011 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: evo OTL log mycity.rs/must-login.png i log od malware-a mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 05 Feb 2012 15:07 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Tvoj sistem je cist sto se malware-a tice. Ukoliko i dalje imas problema sa sistemom, otvori temu u odgovarajucem potforumu. Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sve aplikacije koje ne koristis. Takodje deinstaliraj i sve toolbar-ove ako ih imas u listi instaliranih aplikacija. Potrebno je da ponovo pokrenes program OTL i u njegovom prozoru izaberes opciju CleanUp. ----------------------------------------- - Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan. Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/ Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html - Poseti temu "Testirajte da li vam je pretrazivac ranjiv", procitaj i isprati link koji stoji u njoj. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html - Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje. Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu. Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Da li opet imam keylogger?

Ko je trenutno na forumu

Ukupno su 1018 korisnika na forumu :: 34 registrovanih, 5 sakrivenih i 979 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: amaterSRB, Apok, babaroga2, Ben Roj, Bobrock1, bokisha253, Boris90, Bubimir, darcaud, Denaya, havoc995, ivan979, JohnnyBoii, Koridor, Kruger, kybonacci, loon123, milenko crazy north, moldway, nedeljkovici, operniki, opt1, Parker, Prašinar, prle122, raptorsi, sasakrajina, Srle993, stankolich, Stanlio, vathra, VladaKG1980, yrraf, zastavnik

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by