MyCity » Ambulanta -> Arhiva Ambulante » Detektovan malver prilikom pretrage

Detektovan malver prilikom pretrage

Napisano na dan: 1.8.2012

Strana:
1
2

Detektovan malver prilikom pretrage

Sledeća strana

Pagination

Odgovori

Strana:
1
2

vladan314 Poslao: 01 Avg 2012 21:55 Idi na vrh
offline vladan314 Građanin Pridružio: 08 Sep 2011 Poruke: 70	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 01 Avg 2012 21:30 Zdravo, već ste mi čistili malver sličan ovom ako ne i isti koji sam dobio danas! Usporava mi komp i uvek daje istu poruku prilikom startovanja računara, poruka je ova: Ono što sam ja uradio da popravim problem: -koristio sam Sypbot search&destroy, dubinsko skeniranje Pandom i RegcleanPro i nije pomogo problem je ostao isti. Sećam se da posle vaše intervencije prošli put a to je da sam neku komandu upisao u OLT restartovao komp i te poruke više nije bilo, toliko ja znam o tome, hvala vam u napred, nadam se da ćemo rešiti problem! Koristim SBB internet kablovsku konekciju 6 mb upload. Zarazaio sam se na nacin kad sam iskljucio antivirus da bih pokrenuo program! šta ću tako je moralo... kopija OLT: OTL logfile created on: 01/08/2012 20:56:58 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Vladan\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 \| Country: United Kingdom \| Language: ENG \| Date Format: dd/MM/yyyy 7.98 Gb Total Physical Memory \| 5.95 Gb Available Physical Memory \| 74.56% Memory free 15.97 Gb Paging File \| 13.48 Gb Available in Paging File \| 84.40% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 175.68 Gb Total Space \| 126.64 Gb Free Space \| 72.08% Space Free \| Partition Type: NTFS Drive D: \| 289.98 Gb Total Space \| 289.24 Gb Free Space \| 99.75% Space Free \| Partition Type: NTFS Drive E: \| 3.08 Gb Total Space \| 0.00 Gb Free Space \| 0.00% Space Free \| Partition Type: CDFS Computer Name: VLADAN-PC \| User Name: Vladan \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/08/01 20:55:13 \| 000,597,504 \| ---- \| M] (OldTimer Tools) -- C:\Users\Vladan\Downloads\OTL.com PRC - [2012/08/01 01:24:14 \| 000,142,336 \| ---- \| M] () -- C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe PRC - [2012/07/13 07:15:56 \| 000,037,152 \| ---- \| M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe PRC - [2012/07/13 07:15:56 \| 000,036,640 \| ---- \| M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe PRC - [2012/07/13 06:57:41 \| 000,140,064 \| ---- \| M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2012/06/22 21:09:56 \| 000,603,648 \| ---- \| M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe PRC - [2012/06/06 09:14:32 \| 000,185,856 \| ---- \| M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe PRC - [2012/03/19 13:38:47 \| 002,666,880 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/03/15 22:56:50 \| 000,217,256 \| ---- \| M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe PRC - [2012/01/03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/12/09 19:22:26 \| 000,074,752 \| ---- \| M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2011/09/10 11:43:18 \| 000,018,432 \| ---- \| M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe PRC - [2011/09/10 11:43:18 \| 000,018,432 \| ---- \| M] (Apache Software Foundation) -- c:\xampp\apache\bin\httpd.exe PRC - [2011/09/09 19:46:10 \| 008,158,720 \| ---- \| M] () -- c:\xampp\mysql\bin\mysqld.exe PRC - [2010/10/05 22:04:12 \| 002,655,768 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/10/05 22:04:08 \| 000,325,656 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/05/05 20:56:42 \| 000,025,600 \| ---- \| M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe PRC - [2010/05/05 20:51:56 \| 001,212,928 \| ---- \| M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe PRC - [2009/03/05 17:07:20 \| 002,260,480 \| RHS- \| M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009/02/23 12:43:54 \| 000,307,200 \| ---- \| M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe PRC - [2009/01/26 16:31:10 \| 001,153,368 \| ---- \| M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2007/12/10 16:55:26 \| 000,323,584 \| ---- \| M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac7302\Monitor.exe ========== Modules (No Company Name) ========== MOD - [2012/08/01 01:24:14 \| 000,142,336 \| ---- \| M] () -- C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe MOD - [2012/07/31 07:36:14 \| 000,442,392 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll MOD - [2012/07/31 07:36:13 \| 012,235,288 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll MOD - [2012/07/31 07:36:12 \| 003,997,720 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll MOD - [2012/07/31 07:34:57 \| 000,526,872 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\libglesv2.dll MOD - [2012/07/31 07:34:55 \| 000,104,984 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\libegl.dll MOD - [2012/07/31 07:34:45 \| 000,144,424 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\avutil-51.dll MOD - [2012/07/31 07:34:43 \| 000,266,792 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\avformat-54.dll MOD - [2012/07/31 07:34:42 \| 002,480,680 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll MOD - [2012/02/19 10:57:30 \| 004,770,176 \| ---- \| M] () -- c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll MOD - [2012/01/08 15:41:12 \| 000,093,696 \| ---- \| M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll MOD - [2010/05/05 20:56:46 \| 000,002,560 \| ---- \| M] () -- C:\Windows\SysWOW64\CTXFIRES.DLL MOD - [2009/03/26 15:46:42 \| 000,148,480 \| ---- \| M] () -- C:\Windows\SysWOW64\APOMngr.DLL ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/06/11 19:19:14 \| 000,239,616 \| ---- \| M] (AMD) [Auto \| Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012/06/06 09:14:32 \| 000,185,856 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV:64bit: - [2010/04/06 17:30:38 \| 000,031,272 \| ---- \| M] () [On_Demand \| Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:64bit: - [2009/07/14 03:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012/07/13 13:28:36 \| 000,160,944 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/07/13 07:15:56 \| 000,036,640 \| ---- \| M] (Panda Security, S.L.) [Auto \| Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService) SRV - [2012/07/13 06:57:41 \| 000,140,064 \| ---- \| M] (Panda Security, S.L.) [Auto \| Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2012/03/19 13:38:47 \| 002,666,880 \| ---- \| M] (TeamViewer GmbH) [Auto \| Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012/01/10 13:47:10 \| 000,079,360 \| ---- \| M] (Creative Labs) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2012/01/10 13:27:03 \| 000,079,360 \| ---- \| M] (Creative Labs) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2012/01/03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/09/10 11:43:18 \| 000,018,432 \| ---- \| M] (Apache Software Foundation) [Auto \| Running] -- c:\xampp\apache\bin\httpd.exe -- (Apache2.2) SRV - [2011/09/09 19:46:10 \| 008,158,720 \| ---- \| M] () [Auto \| Running] -- c:\xampp\mysql\bin\mysqld.exe -- (mysql) SRV - [2010/10/05 22:04:12 \| 002,655,768 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/10/05 22:04:08 \| 000,325,656 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/03/18 14:16:28 \| 000,130,384 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 \| 000,517,096 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/06/10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/02/23 12:43:54 \| 000,307,200 \| ---- \| M] (Creative Technology Ltd) [Auto \| Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/07/13 07:02:53 \| 000,130,088 \| ---- \| M] (Panda Security, S.L.) [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt) DRV:64bit: - [2012/07/13 07:02:10 \| 000,205,352 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC) DRV:64bit: - [2012/07/13 07:02:10 \| 000,123,944 \| ---- \| M] (Panda Security, S.L.) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc) DRV:64bit: - [2012/07/13 07:02:09 \| 000,167,464 \| ---- \| M] (Panda Security, S.L.) [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt) DRV:64bit: - [2012/07/13 07:02:09 \| 000,119,336 \| ---- \| M] (Panda Security, S.L.) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile) DRV:64bit: - [2012/07/12 11:18:56 \| 000,219,688 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSStrm.sys -- (NNSSTRM) DRV:64bit: - [2012/06/27 15:51:24 \| 000,105,000 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNStlsc.sys -- (NNSTLSC) DRV:64bit: - [2012/06/27 15:51:23 \| 000,112,680 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSSmtp.sys -- (NNSSMTP) DRV:64bit: - [2012/06/27 15:51:23 \| 000,109,096 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSPrv.sys -- (NNSPRV) DRV:64bit: - [2012/06/27 15:51:22 \| 000,304,680 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSProt.sys -- (NNSPROT) DRV:64bit: - [2012/06/27 15:51:22 \| 000,116,776 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSPop3.sys -- (NNSPOP3) DRV:64bit: - [2012/06/27 15:51:22 \| 000,068,648 \| ---- \| M] (Panda Security, S.L.) [Kernel \| Disabled \| Stopped] -- C:\Windows\SysNative\drivers\NNSPihsw.sys -- (NNSPIHSW) DRV:64bit: - [2012/06/27 15:51:21 \| 000,093,224 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSpicc.sys -- (NNSPICC) DRV:64bit: - [2012/06/27 15:51:21 \| 000,033,320 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Stopped] -- C:\Windows\SysNative\drivers\NNSNAHSL.sys -- (NNSNAHSL) DRV:64bit: - [2012/06/27 15:51:20 \| 000,113,192 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSIds.sys -- (NNSIDS) DRV:64bit: - [2012/06/27 15:51:19 \| 000,116,776 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSHttp.sys -- (NNSHTTP) DRV:64bit: - [2012/06/27 15:51:19 \| 000,089,128 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSAlpc.sys -- (NNSALPC) DRV:64bit: - [2012/06/11 20:59:38 \| 010,248,192 \| ---- \| M] (Advanced Micro Devices, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012/06/11 18:26:14 \| 000,367,616 \| ---- \| M] (Advanced Micro Devices, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012/03/01 08:46:16 \| 000,023,408 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/23 14:32:04 \| 000,095,760 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011/08/17 11:04:34 \| 000,171,008 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:64bit: - [2011/08/17 11:04:28 \| 000,012,800 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:64bit: - [2011/08/17 10:58:26 \| 000,009,216 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2011/08/17 10:58:22 \| 000,009,216 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2011/08/17 10:58:20 \| 000,027,136 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011/08/17 10:58:16 \| 000,019,968 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2011/03/11 08:41:12 \| 000,107,904 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 \| 000,027,008 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/03/10 18:05:04 \| 000,057,928 \| ---- \| M] (Panda Security) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD) DRV:64bit: - [2011/01/13 13:58:00 \| 000,413,800 \| ---- \| M] (Realtek ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/01/10 19:16:08 \| 000,021,104 \| ---- \| M] () [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2010/11/20 15:33:35 \| 000,078,720 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 13:07:05 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 13:03:42 \| 000,020,992 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010/11/20 12:43:57 \| 000,032,768 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010/10/20 00:34:26 \| 000,056,344 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/05/05 22:30:52 \| 001,561,688 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k) DRV:64bit: - [2010/05/05 22:30:42 \| 000,118,360 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2010/05/05 22:30:34 \| 000,213,080 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2010/05/05 22:30:26 \| 000,015,960 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2010/05/05 22:30:18 \| 000,179,288 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2010/05/05 22:30:10 \| 000,684,376 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) DRV:64bit: - [2010/05/05 22:30:02 \| 000,580,696 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2010/05/05 22:29:52 \| 001,417,304 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS) DRV:64bit: - [2010/05/05 22:29:52 \| 001,417,304 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX) DRV:64bit: - [2010/05/05 22:29:42 \| 000,094,808 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS) DRV:64bit: - [2010/05/05 22:29:42 \| 000,094,808 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT) DRV:64bit: - [2010/05/05 22:29:34 \| 000,202,840 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS) DRV:64bit: - [2010/05/05 22:29:34 \| 000,202,840 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT) DRV:64bit: - [2009/07/14 03:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/04/28 11:07:52 \| 000,532,480 \| ---- \| M] (PixArt Imaging Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\PAC7302.SYS -- (PAC7302) DRV - [2012/01/06 17:45:24 \| 000,025,640 \| ---- \| M] (Windows (R) Server 2003 DDK provider) [Kernel \| On_Demand \| Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2012/01/06 17:45:07 \| 000,030,528 \| ---- \| M] () [Kernel \| On_Demand \| Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2009/07/14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = uk.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 14 12 DD C2 F2 EA CC 01 [binary data] IE - HKCU\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{069C9710-9EA5-48FD-8764-B683DF8C56DD}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3106777 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = search.babylon.com/?q={searchTerms}&affID=109980&babsrc=SP_ss&mntrId=427ba37200000000000050e54957c14d IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=PCAFSI1190 IE - HKCU\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = badoo.com/startpage/?source=bsb&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vladan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vladan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/07/26 21:25:12 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\5011982379c59@5011982379c92.info: C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\extensions\5011982379c59@5011982379c92.info [2012/07/26 21:23:33 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/07/26 21:25:12 \| 000,000,000 \| ---D \| M] [2012/04/27 16:44:38 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Extensions [2012/07/26 21:25:18 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\extensions [2012/07/26 21:23:33 \| 000,000,000 \| ---D \| M] (TheBflix) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\extensions\5011982379c59@5011982379c92.info ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Google Update (Enabled) = C:\Users\Vladan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - Extension: Web Developer = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.1_2\ CHR - Extension: WOT = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.0_0\ CHR - Extension: Firebug Lite for Google Chrome\\u2122 = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\ CHR - Extension: Search by Image (by Google) = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.1.1_1\ CHR - Extension: Stylish = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\ CHR - Extension: TweetDeck = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\1.5.3_0\ CHR - Extension: WhatFont = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm\1.7_0\ CHR - Extension: Window Resizer = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh\1.7.0_0\ CHR - Extension: WebRank SEO = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkhilblbmkdnapffblmecglknalglfji\3.3_0\ CHR - Extension: FastestChrome - Browse Faster = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.4.7_0\ CHR - Extension: GoPhoto.it = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\ Hosts file not found O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll () O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No CLSID value found. O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security) O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity) O4 - HKCU..\Run: [MSIDLL] C:\Windows\SysWOW64\rundll32.exe msiorg32.dll,qbhdjhhjcyM File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: intesabeograd.com ([onlinebanca] https in Trusted sites) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.216.1.30 89.216.1.50 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C19F44D5-1986-4316-855A-D67D8BC9F8DA}: DhcpNameServer = 89.216.1.30 89.216.1.50 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/05/21 17:44:56 \| 000,000,074 \| R--- \| M] () - E:\AutoRun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" % O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/08/01 20:53:05 \| 000,057,928 \| ---- \| C] (Panda Security) -- C:\Windows\SysNative\drivers\PSKMAD.sys [2012/08/01 19:29:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Proxy Finder Enterprise [2012/08/01 19:29:45 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Finder Enterprise [2012/08/01 19:28:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\ProxyFinderEnterprise [2012/08/01 14:59:27 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\StAPH [2012/08/01 14:58:29 \| 001,123,904 \| ---- \| C] (Ashes ) -- C:\Users\Vladan\AppData\Roaming\StAPH125-Setup.exe [2012/08/01 13:55:23 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Software Illusions [2012/08/01 01:24:21 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1 [2012/08/01 01:24:15 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\ZooskMessenger [2012/07/29 23:51:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Adobe [2012/07/29 23:51:25 \| 000,000,000 \| ---D \| C] -- C:\adobeTemp [2012/07/29 23:48:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Adobe [2012/07/29 23:27:38 \| 000,000,000 \| ---D \| C] -- C:\Adobe Photoshop CS6 [2012/07/27 01:06:33 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\PDAppFlex [2012/07/27 01:02:43 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012/07/26 21:26:31 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Premium [2012/07/26 21:26:03 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\OptimizerPro [2012/07/26 21:25:23 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Perion [2012/07/26 21:25:12 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Web Assistant [2012/07/26 21:23:33 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\TheBflixUpdater [2012/07/26 21:23:33 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\TheBflix [2012/07/26 21:23:09 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\InstallMate [2012/07/26 20:08:12 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Adobe Download Assistant [2012/07/26 15:05:53 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\ATI [2012/07/26 15:04:16 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\AMD [2012/07/26 15:04:14 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\AMD AVT [2012/07/26 15:04:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\AMD APP [2012/07/26 15:04:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\ATI Technologies [2012/07/26 15:04:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2012/07/26 15:03:58 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012/07/26 15:02:27 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\ATI Technologies [2012/07/26 15:01:45 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ATI Technologies [2012/07/26 14:19:34 \| 000,000,000 \| ---D \| C] -- C:\AMD [2012/07/24 06:56:52 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2012/07/22 21:36:07 \| 000,000,000 \| R--D \| C] -- C:\Users\Vladan\Desktop\mysite [2012/07/16 12:52:43 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Common Files\Java [2012/07/16 12:52:26 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Oracle [2012/07/16 12:52:06 \| 000,772,544 \| ---- \| C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012/07/16 12:52:06 \| 000,227,760 \| ---- \| C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/07/16 12:52:03 \| 000,174,064 \| ---- \| C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/07/16 12:52:03 \| 000,174,064 \| ---- \| C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/07/16 12:51:53 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Java [2012/07/14 00:25:57 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\Documents\Unnamed Site 2 [2012/07/13 10:42:55 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC [2012/07/13 07:02:53 \| 000,130,088 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProt.sys [2012/07/13 07:02:10 \| 000,205,352 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINKNC.sys [2012/07/13 07:02:10 \| 000,123,944 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProc.sys [2012/07/13 07:02:09 \| 000,167,464 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINAflt.sys [2012/07/13 07:02:09 \| 000,119,336 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINFile.sys [2012/07/12 11:18:56 \| 000,219,688 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\NNSStrm.sys [2012/07/12 01:41:28 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\X-Chat 2 [2012/07/09 17:09:19 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield [2012/07/09 17:09:17 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\MCShield [2012/07/09 17:09:17 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\MCShield [2012/07/09 12:57:58 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\Systweak [2012/07/09 12:57:50 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro [2012/07/09 12:57:50 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\RegClean Pro [2012/07/09 12:02:57 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\ParetoLogic [2012/07/09 12:02:57 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\DriverCure [2012/07/09 12:02:51 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\ParetoLogic [2012/07/07 16:16:24 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Gophoto.it [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/08/01 20:57:12 \| 000,014,512 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/01 20:57:12 \| 000,014,512 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/01 20:56:37 \| 000,726,316 \| ---- \| M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/01 20:56:37 \| 000,628,024 \| ---- \| M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/01 20:56:37 \| 000,110,208 \| ---- \| M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/01 20:52:33 \| 000,001,035 \| ---- \| M] () -- C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2012/08/01 20:52:02 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012/08/01 20:51:57 \| 2134,450,175 \| -HS- \| M] () -- C:\hiberfil.sys [2012/08/01 20:51:31 \| 000,061,520 \| ---- \| M] () -- C:\Windows\SysNative\BMXStateBkp-{00000004-00000000-00000002-00001102-00000005-00231102}.rfx [2012/08/01 20:51:31 \| 000,061,520 \| ---- \| M] () -- C:\Windows\SysNative\BMXState-{00000004-00000000-00000002-00001102-00000005-00231102}.rfx [2012/08/01 20:51:31 \| 000,000,788 \| ---- \| M] () -- C:\Windows\SysNative\DVCState-{00000004-00000000-00000002-00001102-00000005-00231102}.rfx [2012/08/01 20:41:00 \| 000,000,912 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-622041102-657345544-561382794-1000UA.job [2012/08/01 19:56:34 \| 000,002,641 \| ---- \| M] () -- C:\Users\Vladan\Desktop\ProxyFinder - Shortcut.lnk [2012/08/01 19:42:49 \| 000,001,095 \| ---- \| M] () -- C:\Users\Vladan\Documents\Documents - Shortcut.lnk [2012/08/01 19:29:45 \| 000,002,019 \| ---- \| M] () -- C:\Users\Vladan\Desktop\Proxy Finder Enterprise.lnk [2012/08/01 19:07:23 \| 000,001,208 \| ---- \| M] () -- C:\Users\Vladan\Desktop\Install Proxy Finder.lnk [2012/08/01 16:49:01 \| 000,000,860 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-622041102-657345544-561382794-1000Core.job [2012/08/01 16:42:46 \| 000,002,412 \| ---- \| M] () -- C:\Users\Vladan\Desktop\Google Chrome.lnk [2012/08/01 14:58:29 \| 001,123,904 \| ---- \| M] (Ashes ) -- C:\Users\Vladan\AppData\Roaming\StAPH125-Setup.exe [2012/08/01 14:22:09 \| 001,032,192 \| ---- \| M] () -- C:\Users\Vladan\AppData\Roaming\chrtmp [2012/08/01 01:24:17 \| 000,000,931 \| ---- \| M] () -- C:\Users\Public\Desktop\ZooskMessenger.lnk [2012/07/30 01:15:15 \| 005,036,536 \| ---- \| M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/30 01:14:26 \| 000,006,400 \| ---- \| M] () -- C:\ProgramData\NanoRepository.bin [2012/07/26 22:36:12 \| 000,000,521 \| ---- \| M] () -- C:\Windows\wininit.ini [2012/07/26 21:25:21 \| 000,003,436 \| ---- \| M] () -- C:\user.js [2012/07/26 20:08:12 \| 000,001,031 \| ---- \| M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk [2012/07/26 01:58:09 \| 000,010,707 \| ---- \| M] () -- C:\Users\Vladan\.recently-used.xbel [2012/07/24 06:04:37 \| 000,000,000 \| ---- \| M] () -- C:\Users\Vladan\.gtk-bookmarks [2012/07/16 12:51:55 \| 000,174,064 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/07/16 12:51:54 \| 000,174,064 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/07/13 07:02:53 \| 000,130,088 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProt.sys [2012/07/13 07:02:10 \| 000,205,352 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINKNC.sys [2012/07/13 07:02:10 \| 000,123,944 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProc.sys [2012/07/13 07:02:09 \| 000,167,464 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINAflt.sys [2012/07/13 07:02:09 \| 000,119,336 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINFile.sys [2012/07/12 11:18:56 \| 000,219,688 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\NNSStrm.sys [2012/07/09 12:57:54 \| 000,001,978 \| ---- \| M] () -- C:\Users\Vladan\Desktop\Check PC For Errors.lnk [2012/07/09 12:57:54 \| 000,001,962 \| ---- \| M] () -- C:\Users\Vladan\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk [2012/07/05 22:06:48 \| 000,227,760 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/07/05 22:06:30 \| 000,772,544 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012/07/05 22:06:20 \| 000,687,544 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] ========== Files Created - No Company Name ========== [2012/08/01 19:56:34 \| 000,002,641 \| ---- \| C] () -- C:\Users\Vladan\Desktop\ProxyFinder - Shortcut.lnk [2012/08/01 19:42:49 \| 000,001,095 \| ---- \| C] () -- C:\Users\Vladan\Documents\Documents - Shortcut.lnk [2012/08/01 19:29:45 \| 000,002,019 \| ---- \| C] () -- C:\Users\Vladan\Desktop\Proxy Finder Enterprise.lnk [2012/08/01 19:07:23 \| 000,001,208 \| ---- \| C] () -- C:\Users\Vladan\Desktop\Install Proxy Finder.lnk [2012/08/01 14:58:30 \| 001,032,192 \| ---- \| C] () -- C:\Users\Vladan\AppData\Roaming\chrtmp [2012/08/01 01:24:22 \| 000,001,035 \| ---- \| C] () -- C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2012/08/01 01:24:17 \| 000,000,943 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZooskMessenger.lnk [2012/08/01 01:24:17 \| 000,000,931 \| ---- \| C] () -- C:\Users\Public\Desktop\ZooskMessenger.lnk [2012/07/30 01:14:26 \| 000,006,400 \| ---- \| C] () -- C:\ProgramData\NanoRepository.bin [2012/07/29 23:53:04 \| 000,001,075 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2012/07/29 23:52:42 \| 000,001,203 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk [2012/07/29 23:52:16 \| 000,001,037 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2012/07/29 23:51:47 \| 000,001,165 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk [2012/07/29 23:50:24 \| 000,001,349 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2012/07/29 23:50:21 \| 000,001,515 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2012/07/26 22:36:11 \| 000,000,521 \| ---- \| C] () -- C:\Windows\wininit.ini [2012/07/26 20:08:12 \| 000,001,043 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012/07/26 20:08:12 \| 000,001,031 \| ---- \| C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk [2012/07/26 01:58:09 \| 000,010,707 \| ---- \| C] () -- C:\Users\Vladan\.recently-used.xbel [2012/07/24 06:04:37 \| 000,000,000 \| ---- \| C] () -- C:\Users\Vladan\.gtk-bookmarks [2012/07/09 12:57:54 \| 000,001,978 \| ---- \| C] () -- C:\Users\Vladan\Desktop\Check PC For Errors.lnk [2012/07/09 12:57:54 \| 000,001,962 \| ---- \| C] () -- C:\Users\Vladan\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk [2012/06/11 18:50:16 \| 000,204,952 \| ---- \| C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/06/11 18:50:16 \| 000,157,144 \| ---- \| C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/05/10 16:35:16 \| 000,029,184 \| ---- \| C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012/04/22 05:06:35 \| 000,050,547 \| ---- \| C] () -- C:\Users\Vladan\AppData\Local\recently-used.xbel [2012/04/22 00:26:07 \| 000,000,632 \| RHS- \| C] () -- C:\Users\Vladan\ntuser.pol [2012/04/18 16:19:29 \| 000,000,169 \| ---- \| C] () -- C:\Users\Vladan\.gtkrc-2.0 [2012/01/21 17:28:45 \| 000,187,432 \| -H-- \| C] () -- C:\Windows\SysWow64\mlfcache.dat [2012/01/11 00:00:54 \| 000,000,885 \| ---- \| C] () -- C:\Windows\SysWow64\SP7302.ini [2012/01/10 13:26:11 \| 000,148,480 \| ---- \| C] () -- C:\Windows\SysWow64\APOMngr.DLL [2012/01/10 13:26:11 \| 000,073,728 \| ---- \| C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2012/01/06 17:56:15 \| 000,000,000 \| ---- \| C] () -- C:\Windows\ativpsrm.bin [2012/01/06 17:45:07 \| 000,030,528 \| ---- \| C] () -- C:\Windows\GVTDrv64.sys [2012/01/06 17:34:01 \| 000,008,192 \| ---- \| C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2012/01/06 17:31:19 \| 000,000,010 \| ---- \| C] () -- C:\Windows\GSetup.ini [2011/09/13 00:06:16 \| 000,003,917 \| ---- \| C] () -- C:\Windows\SysWow64\atipblag.dat < End of report > i prikačio sam fajl. mycity.rs/must-login.png Dopuna: 01 Avg 2012 21:55 READ THIS: Error - 01/08/2012 13:11:16 \| Computer Name = Vladan-PC \| Source = Application Error \| ID = 1000 Description = Faulting application name: Proxy.Finder.Enterprise.Editio.(zabranjeno).by.orion.exe, version: 6.0.6000.16384, time stamp: 0x50195d4b Faulting module name: Proxy.Finder.Enterprise.Editio.(zabranjeno).by.orion.exe, version: 6.0.6000.16384, time stamp: 0x50195d4b Exception code: 0xc0000005 Fault offset: 0x00002a78 Faulting process id: 0x3d34 Faulting application start time: 0x01cd70089e1c2b14 Faulting application path: C:\Users\Vladan\Downloads\Proxy.Finder.Enterprise.Editio.(zabranjeno).by.orion\Proxy.Finder.Enterprise.Editio.(zabranjeno).by.orion.exe <--------OVO JE FAJL KADA je komp zaražen Faulting module path: C:\Users\Vladan\Downloads\Proxy.Finder.Enterprise.Editio.(zabranjeno).by.orion\Proxy.Finder.Enterprise.Editio.(zabranjeno).by.orion.exe Report Id: e69eac5b-dbfb-11e1-8427-50e54957c14d

Profil

Sass Drake Poslao: 01 Avg 2012 22:06 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U toku rješavanja slučaja, zamolio bih te da se pridržavaš sljedećeg: Detaljno čitati moja uputstva ( ili uputstva kolega koji će me zamjenjivati) i raditi isključivo po njima; Ne tražiti istovremeno pomoć na drugom mjestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budeš dobio uputstvo; U toku intervencije ne koristiti USB memorijske uređaje, dok to ne budem zatražio; Ukoliko ne odgovorim u roku od 48h, osvježi temu novim post-om; Ukoliko se ne javiš u roku od 5 dana, zatvorićemo slučaj. Za više informacija o pravilima Ambulante MyCity foruma: LINK Korak 1 Ponovo pokreni program OTL dvoklikom na ikonu. U bijeli okvir prozora gdje piše Custom Scans/Fixes iskopirati sljedeći tekst: `:reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSIDLL"=- :commands [emptytemp]` Klikni taster Run Fix; Izvještaj koji dobiješ iskopiraj ovde u poruci. Korak 2 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe ako ti ne trebaju: Incredibar Toolbar on IE Web Assistant 2.0.0.455 Korak 3 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Search. Kada program završi analizu otvoriće se Notepad sa izvještajem. Kopiraj sadržaj tog izvještaja u temu. Napomena: Izvještaj ce takođe biti sačuvan na C:\AdwCleaner[R1].txt Što se tiče fajla koji ti prijavljuje: koliko se da zaključiti iz teksta koji si zalijepio u pitanju je piratski softver. Na ovom forumu piraterija je zabranjena te stoga nećeš dobiti pomoć oko iste. S obzirom da se isti nalazi u Download folderu i da si ga lično preuzeo sa Interneta, možeš ga bez problema izbrisati i savjetovao bih ti da, ukoliko ne želiš ili nisi u stanju da kupiš taj program, pređeš na besplatne ili open source alternative.

Profil

vladan314 Poslao: 01 Avg 2012 22:51 Idi na vrh
offline vladan314 Građanin Pridružio: 08 Sep 2011 Poruke: 70	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo poruke: All processes killed ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSIDLL deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Vladan ->Temp folder emptied: 19525978 bytes ->Temporary Internet Files folder emptied: 23419250 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 11134809 bytes ->Google Chrome cache emptied: 495215388 bytes ->Flash cache emptied: 60226 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 8232 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 45310 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 755 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes RecycleBin emptied: 2049571225 bytes Total Files Cleaned = 2,479.00 mb OTL by OldTimer - Version 3.2.55.0 log created on 08012012_223816 Files\Folders moved on Reboot... C:\Users\Vladan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\Vladan\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... Hvala ovo mi znači

Profil

Sass Drake Poslao: 01 Avg 2012 22:53 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu. Uradi još preostale korake.

Profil

vladan314 Poslao: 01 Avg 2012 23:20 Idi na vrh
offline vladan314 Građanin Pridružio: 08 Sep 2011 Poruke: 70	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! # AdwCleaner v1.800 - Logfile created 08/01/2012 at 23:18:12 # Updated 01/08/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Vladan - VLADAN-PC # Running from : C:\Users\Vladan\Downloads\adwcleaner.exe # Option [Search] *** [Services] * * [Files / Folders] * Folder Found : C:\Users\Vladan\AppData\Local\Conduit Folder Found : C:\Users\Vladan\AppData\LocalLow\Conduit Folder Found : C:\ProgramData\InstallMate Folder Found : C:\Program Files (x86)\Conduit * [Registry] *** [] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3106777 Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\IM Key Found : HKCU\Software\ImInstaller Key Found : HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1 Key Found : HKLM\SOFTWARE\Classes\I Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1 Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1 Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1 Key Found : HKLM\SOFTWARE\Conduit Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Iminent Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Found : HKLM\SOFTWARE\Web Assistant Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] [x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit [x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes [x64] Key Found : HKCU\Software\IM [x64] Key Found : HKCU\Software\ImInstaller [x64] Key Found : HKCU\Software\Softonic [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE [x64] Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc [x64] Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1 [x64] Key Found : HKLM\SOFTWARE\Classes\I [x64] Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd [x64] Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1 [x64] Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr [x64] Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1 [x64] Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore [x64] Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1 [x64] Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [x64] Key Found : HKLM\SOFTWARE\Software [x64] Key Found : HKLM\SOFTWARE\Web Assistant [x64] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ** [Registre - GUID] * Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} Key Found : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179} Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}] [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} * [Internet Browsers] * -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v [Unable to get version] Profile name : default File : C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\prefs.js [OK] File is clean. -\\ Google Chrome v21.0.1180.60 File : C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. Evo sadržaja: *********************** AdwCleaner[R1].txt - [9395 octets] - [01/08/2012 23:18:12] ########## EOF - C:\AdwCleaner[R1].txt - [9523 octets] ##########

Profil

Sass Drake Poslao: 01 Avg 2012 23:29 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Ponovo pokreni AdwCleaner. Klikni na dugme [Delete] i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni na Ok kao potvrdu. Na sledeća dva prozora koja se otvore (Informations i Restart required ) klikni Ok. Računar će se restartovati. Otvoriće se Notepad sa izvještajem. Kopiraj sadržaj tog izvještaja u temu. Napomena: Izvještaj ce takođe biti sačuvan na C:\AdwCleaner[S1].txt Korak 2 Postavi mi svjež OTL izvještaj.

Profil

vladan314 Poslao: 01 Avg 2012 23:42 Idi na vrh
offline vladan314 Građanin Pridružio: 08 Sep 2011 Poruke: 70	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! # AdwCleaner v1.800 - Logfile created 08/01/2012 at 23:38:22 # Updated 01/08/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Vladan - VLADAN-PC # Running from : C:\Users\Vladan\Downloads\adwcleaner.exe # Option [Delete] *** [Services] * * [Files / Folders] * Folder Deleted : C:\Users\Vladan\AppData\Local\Conduit Folder Deleted : C:\Users\Vladan\AppData\LocalLow\Conduit Folder Deleted : C:\ProgramData\InstallMate Folder Deleted : C:\Program Files (x86)\Conduit * [Registry] *** [] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3106777 Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\I Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\Iminent Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Deleted : HKLM\SOFTWARE\Web Assistant Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] [x64] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [x64] Key Deleted : HKLM\SOFTWARE\Software [x64] Key Deleted : HKLM\SOFTWARE\Web Assistant ** [Registre - GUID] * Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}] [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} * [Internet Browsers] * -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v [Unable to get version] Profile name : default File : C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\prefs.js C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\user.js ... Deleted ! [OK] File is clean. -\\ Google Chrome v21.0.1180.60 File : C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. *********************** AdwCleaner[R1].txt - [9426 octets] - [01/08/2012 23:18:12] AdwCleaner[S1].txt - [7232 octets] - [01/08/2012 23:38:22] ########## EOF - C:\AdwCleaner[S1].txt - [7360 octets] ##########

Profil

Sass Drake Poslao: 01 Avg 2012 23:54 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Čekam da odradiš drugi korak.

Profil

vladan314 Poslao: 02 Avg 2012 00:23 Idi na vrh
offline vladan314 Građanin Pridružio: 08 Sep 2011 Poruke: 70	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OTL logfile created on: 01/08/2012 23:55:42 - Run 2 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Vladan\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 \| Country: United Kingdom \| Language: ENG \| Date Format: dd/MM/yyyy 7.98 Gb Total Physical Memory \| 5.42 Gb Available Physical Memory \| 67.87% Memory free 15.97 Gb Paging File \| 12.75 Gb Available in Paging File \| 79.87% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 175.68 Gb Total Space \| 128.57 Gb Free Space \| 73.18% Space Free \| Partition Type: NTFS Drive D: \| 289.98 Gb Total Space \| 289.21 Gb Free Space \| 99.73% Space Free \| Partition Type: NTFS Drive E: \| 3.08 Gb Total Space \| 0.00 Gb Free Space \| 0.00% Space Free \| Partition Type: CDFS Computer Name: VLADAN-PC \| User Name: Vladan \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/08/01 20:55:13 \| 000,597,504 \| ---- \| M] (OldTimer Tools) -- C:\Users\Vladan\Downloads\OTL.com PRC - [2012/08/01 01:24:14 \| 000,142,336 \| ---- \| M] () -- C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe PRC - [2012/07/13 07:15:56 \| 000,037,152 \| ---- \| M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe PRC - [2012/07/13 07:15:56 \| 000,036,640 \| ---- \| M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe PRC - [2012/06/22 21:09:56 \| 000,603,648 \| ---- \| M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe PRC - [2012/03/19 13:38:47 \| 002,666,880 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/03/15 22:56:50 \| 000,217,256 \| ---- \| M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe PRC - [2012/01/03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/12/09 19:22:26 \| 000,074,752 \| ---- \| M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2011/09/10 11:43:18 \| 000,018,432 \| ---- \| M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe PRC - [2011/09/10 11:43:18 \| 000,018,432 \| ---- \| M] (Apache Software Foundation) -- c:\xampp\apache\bin\httpd.exe PRC - [2011/09/09 19:46:10 \| 008,158,720 \| ---- \| M] () -- c:\xampp\mysql\bin\mysqld.exe PRC - [2010/10/05 22:04:12 \| 002,655,768 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/10/05 22:04:08 \| 000,325,656 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/05/05 20:56:42 \| 000,025,600 \| ---- \| M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe PRC - [2010/05/05 20:51:56 \| 001,212,928 \| ---- \| M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe PRC - [2009/03/05 17:07:20 \| 002,260,480 \| RHS- \| M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009/02/23 12:43:54 \| 000,307,200 \| ---- \| M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe PRC - [2009/01/26 16:31:10 \| 001,153,368 \| ---- \| M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2007/12/10 16:55:26 \| 000,323,584 \| ---- \| M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac7302\Monitor.exe ========== Modules (No Company Name) ========== MOD - [2012/08/01 01:24:14 \| 000,142,336 \| ---- \| M] () -- C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe MOD - [2012/07/31 07:36:14 \| 000,442,392 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll MOD - [2012/07/31 07:36:13 \| 012,235,288 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll MOD - [2012/07/31 07:36:12 \| 003,997,720 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll MOD - [2012/07/31 07:34:57 \| 000,526,872 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\libglesv2.dll MOD - [2012/07/31 07:34:55 \| 000,104,984 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\libegl.dll MOD - [2012/07/31 07:34:45 \| 000,144,424 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\avutil-51.dll MOD - [2012/07/31 07:34:43 \| 000,266,792 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\avformat-54.dll MOD - [2012/07/31 07:34:42 \| 002,480,680 \| ---- \| M] () -- C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll MOD - [2012/02/19 10:57:30 \| 004,770,176 \| ---- \| M] () -- c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll MOD - [2012/01/08 15:41:12 \| 000,093,696 \| ---- \| M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll MOD - [2010/05/05 20:56:46 \| 000,002,560 \| ---- \| M] () -- C:\Windows\SysWOW64\CTXFIRES.DLL MOD - [2009/03/26 15:46:42 \| 000,148,480 \| ---- \| M] () -- C:\Windows\SysWOW64\APOMngr.DLL ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/06/11 19:19:14 \| 000,239,616 \| ---- \| M] (AMD) [Auto \| Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010/04/06 17:30:38 \| 000,031,272 \| ---- \| M] () [On_Demand \| Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:64bit: - [2009/07/14 03:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012/07/13 13:28:36 \| 000,160,944 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/07/13 07:15:56 \| 000,036,640 \| ---- \| M] (Panda Security, S.L.) [Auto \| Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService) SRV - [2012/07/13 06:57:41 \| 000,140,064 \| ---- \| M] (Panda Security, S.L.) [Auto \| Stopped] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2012/03/19 13:38:47 \| 002,666,880 \| ---- \| M] (TeamViewer GmbH) [Auto \| Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012/01/10 13:47:10 \| 000,079,360 \| ---- \| M] (Creative Labs) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2012/01/10 13:27:03 \| 000,079,360 \| ---- \| M] (Creative Labs) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2012/01/03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/09/10 11:43:18 \| 000,018,432 \| ---- \| M] (Apache Software Foundation) [Auto \| Running] -- c:\xampp\apache\bin\httpd.exe -- (Apache2.2) SRV - [2011/09/09 19:46:10 \| 008,158,720 \| ---- \| M] () [Auto \| Running] -- c:\xampp\mysql\bin\mysqld.exe -- (mysql) SRV - [2010/10/05 22:04:12 \| 002,655,768 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/10/05 22:04:08 \| 000,325,656 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/03/18 14:16:28 \| 000,130,384 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 \| 000,517,096 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/06/10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/02/23 12:43:54 \| 000,307,200 \| ---- \| M] (Creative Technology Ltd) [Auto \| Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/07/13 07:02:53 \| 000,130,088 \| ---- \| M] (Panda Security, S.L.) [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt) DRV:64bit: - [2012/07/13 07:02:10 \| 000,205,352 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC) DRV:64bit: - [2012/07/13 07:02:10 \| 000,123,944 \| ---- \| M] (Panda Security, S.L.) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc) DRV:64bit: - [2012/07/13 07:02:09 \| 000,167,464 \| ---- \| M] (Panda Security, S.L.) [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt) DRV:64bit: - [2012/07/13 07:02:09 \| 000,119,336 \| ---- \| M] (Panda Security, S.L.) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile) DRV:64bit: - [2012/07/12 11:18:56 \| 000,219,688 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSStrm.sys -- (NNSSTRM) DRV:64bit: - [2012/06/27 15:51:24 \| 000,105,000 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNStlsc.sys -- (NNSTLSC) DRV:64bit: - [2012/06/27 15:51:23 \| 000,112,680 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSSmtp.sys -- (NNSSMTP) DRV:64bit: - [2012/06/27 15:51:23 \| 000,109,096 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSPrv.sys -- (NNSPRV) DRV:64bit: - [2012/06/27 15:51:22 \| 000,304,680 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSProt.sys -- (NNSPROT) DRV:64bit: - [2012/06/27 15:51:22 \| 000,116,776 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSPop3.sys -- (NNSPOP3) DRV:64bit: - [2012/06/27 15:51:22 \| 000,068,648 \| ---- \| M] (Panda Security, S.L.) [Kernel \| Disabled \| Stopped] -- C:\Windows\SysNative\drivers\NNSPihsw.sys -- (NNSPIHSW) DRV:64bit: - [2012/06/27 15:51:21 \| 000,093,224 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSpicc.sys -- (NNSPICC) DRV:64bit: - [2012/06/27 15:51:21 \| 000,033,320 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Stopped] -- C:\Windows\SysNative\drivers\NNSNAHSL.sys -- (NNSNAHSL) DRV:64bit: - [2012/06/27 15:51:20 \| 000,113,192 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSIds.sys -- (NNSIDS) DRV:64bit: - [2012/06/27 15:51:19 \| 000,116,776 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSHttp.sys -- (NNSHTTP) DRV:64bit: - [2012/06/27 15:51:19 \| 000,089,128 \| ---- \| M] (Panda Security, S.L.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\NNSAlpc.sys -- (NNSALPC) DRV:64bit: - [2012/06/11 20:59:38 \| 010,248,192 \| ---- \| M] (Advanced Micro Devices, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012/06/11 18:26:14 \| 000,367,616 \| ---- \| M] (Advanced Micro Devices, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012/03/01 08:46:16 \| 000,023,408 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/23 14:32:04 \| 000,095,760 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011/08/17 11:04:34 \| 000,171,008 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:64bit: - [2011/08/17 11:04:28 \| 000,012,800 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:64bit: - [2011/08/17 10:58:26 \| 000,009,216 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2011/08/17 10:58:22 \| 000,009,216 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2011/08/17 10:58:20 \| 000,027,136 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011/08/17 10:58:16 \| 000,019,968 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2011/03/11 08:41:12 \| 000,107,904 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 \| 000,027,008 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/03/10 18:05:04 \| 000,057,928 \| ---- \| M] (Panda Security) [Kernel \| On_Demand \| Unknown] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD) DRV:64bit: - [2011/01/13 13:58:00 \| 000,413,800 \| ---- \| M] (Realtek ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/01/10 19:16:08 \| 000,021,104 \| ---- \| M] () [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2010/11/20 15:33:35 \| 000,078,720 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 13:07:05 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 13:03:42 \| 000,020,992 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010/11/20 12:43:57 \| 000,032,768 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010/10/20 00:34:26 \| 000,056,344 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/05/05 22:30:52 \| 001,561,688 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k) DRV:64bit: - [2010/05/05 22:30:42 \| 000,118,360 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2010/05/05 22:30:34 \| 000,213,080 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2010/05/05 22:30:26 \| 000,015,960 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2010/05/05 22:30:18 \| 000,179,288 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2010/05/05 22:30:10 \| 000,684,376 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) DRV:64bit: - [2010/05/05 22:30:02 \| 000,580,696 \| ---- \| M] (Creative Technology Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2010/05/05 22:29:52 \| 001,417,304 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS) DRV:64bit: - [2010/05/05 22:29:52 \| 001,417,304 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX) DRV:64bit: - [2010/05/05 22:29:42 \| 000,094,808 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS) DRV:64bit: - [2010/05/05 22:29:42 \| 000,094,808 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT) DRV:64bit: - [2010/05/05 22:29:34 \| 000,202,840 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS) DRV:64bit: - [2010/05/05 22:29:34 \| 000,202,840 \| ---- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT) DRV:64bit: - [2009/07/14 03:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/04/28 11:07:52 \| 000,532,480 \| ---- \| M] (PixArt Imaging Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\PAC7302.SYS -- (PAC7302) DRV - [2012/01/06 17:45:24 \| 000,025,640 \| ---- \| M] (Windows (R) Server 2003 DDK provider) [Kernel \| On_Demand \| Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2012/01/06 17:45:07 \| 000,030,528 \| ---- \| M] () [Kernel \| On_Demand \| Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2009/07/14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = uk.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 14 12 DD C2 F2 EA CC 01 [binary data] IE - HKCU\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{069C9710-9EA5-48FD-8764-B683DF8C56DD}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3106777 IE - HKCU\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = badoo.com/startpage/?source=bsb&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vladan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vladan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\5011982379c59@5011982379c92.info: C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\extensions\5011982379c59@5011982379c92.info [2012/07/26 21:23:33 \| 000,000,000 \| ---D \| M] [2012/04/27 16:44:38 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Extensions [2012/07/26 21:25:18 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\extensions [2012/07/26 21:23:33 \| 000,000,000 \| ---D \| M] (TheBflix) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\uo9afk6u.default\extensions\5011982379c59@5011982379c92.info ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vladan\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Google Update (Enabled) = C:\Users\Vladan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - Extension: Web Developer = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.1_2\ CHR - Extension: WOT = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.0_0\ CHR - Extension: Firebug Lite for Google Chrome\\u2122 = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\ CHR - Extension: Search by Image (by Google) = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.1.1_1\ CHR - Extension: Stylish = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\ CHR - Extension: TweetDeck = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\1.5.3_0\ CHR - Extension: WhatFont = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm\1.7_0\ CHR - Extension: Window Resizer = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh\1.7.0_0\ CHR - Extension: WebRank SEO = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkhilblbmkdnapffblmecglknalglfji\3.3_0\ CHR - Extension: FastestChrome - Browse Faster = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.4.7_0\ CHR - Extension: GoPhoto.it = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\ Hosts file not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No CLSID value found. O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security) O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: intesabeograd.com ([onlinebanca] https in Trusted sites) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.216.1.30 89.216.1.50 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C19F44D5-1986-4316-855A-D67D8BC9F8DA}: DhcpNameServer = 89.216.1.30 89.216.1.50 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/05/21 17:44:56 \| 000,000,074 \| R--- \| M] () - E:\AutoRun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" % O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/08/01 23:39:50 \| 000,057,928 \| ---- \| C] (Panda Security) -- C:\Windows\SysNative\drivers\PSKMAD.sys [2012/08/01 22:38:16 \| 000,000,000 \| ---D \| C] -- C:\_OTL [2012/08/01 19:29:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Proxy Finder Enterprise [2012/08/01 19:29:45 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Finder Enterprise [2012/08/01 19:28:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\ProxyFinderEnterprise [2012/08/01 14:59:27 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\StAPH [2012/08/01 14:58:29 \| 001,123,904 \| ---- \| C] (Ashes ) -- C:\Users\Vladan\AppData\Roaming\StAPH125-Setup.exe [2012/08/01 13:55:23 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Software Illusions [2012/08/01 01:24:21 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1 [2012/08/01 01:24:15 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\ZooskMessenger [2012/07/29 23:51:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Adobe [2012/07/29 23:51:25 \| 000,000,000 \| ---D \| C] -- C:\adobeTemp [2012/07/29 23:48:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Adobe [2012/07/29 23:27:38 \| 000,000,000 \| ---D \| C] -- C:\Adobe Photoshop CS6 [2012/07/27 01:06:33 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\PDAppFlex [2012/07/27 01:02:43 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012/07/26 21:26:31 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Premium [2012/07/26 21:26:03 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\OptimizerPro [2012/07/26 21:25:23 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Perion [2012/07/26 21:23:33 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\TheBflixUpdater [2012/07/26 21:23:33 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\TheBflix [2012/07/26 20:08:12 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Adobe Download Assistant [2012/07/26 15:05:53 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\ATI [2012/07/26 15:04:16 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\AMD [2012/07/26 15:04:14 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\AMD AVT [2012/07/26 15:04:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\AMD APP [2012/07/26 15:04:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\ATI Technologies [2012/07/26 15:04:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2012/07/26 15:03:58 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012/07/26 15:02:27 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\ATI Technologies [2012/07/26 15:01:45 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ATI Technologies [2012/07/26 14:19:34 \| 000,000,000 \| ---D \| C] -- C:\AMD [2012/07/24 06:56:52 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2012/07/22 21:36:07 \| 000,000,000 \| R--D \| C] -- C:\Users\Vladan\Desktop\mysite [2012/07/16 12:52:43 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Common Files\Java [2012/07/16 12:52:26 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Oracle [2012/07/16 12:52:06 \| 000,772,544 \| ---- \| C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012/07/16 12:52:06 \| 000,227,760 \| ---- \| C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/07/16 12:52:03 \| 000,174,064 \| ---- \| C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/07/16 12:52:03 \| 000,174,064 \| ---- \| C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/07/16 12:51:53 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Java [2012/07/14 00:25:57 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\Documents\Unnamed Site 2 [2012/07/13 10:42:55 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC [2012/07/13 07:02:53 \| 000,130,088 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProt.sys [2012/07/13 07:02:10 \| 000,205,352 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINKNC.sys [2012/07/13 07:02:10 \| 000,123,944 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProc.sys [2012/07/13 07:02:09 \| 000,167,464 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINAflt.sys [2012/07/13 07:02:09 \| 000,119,336 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINFile.sys [2012/07/12 11:18:56 \| 000,219,688 \| ---- \| C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\NNSStrm.sys [2012/07/12 01:41:28 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\X-Chat 2 [2012/07/09 17:09:19 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield [2012/07/09 17:09:17 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\MCShield [2012/07/09 17:09:17 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\MCShield [2012/07/09 12:57:58 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\Systweak [2012/07/09 12:57:50 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro [2012/07/09 12:57:50 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\RegClean Pro [2012/07/09 12:02:57 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\ParetoLogic [2012/07/09 12:02:57 \| 000,000,000 \| ---D \| C] -- C:\Users\Vladan\AppData\Roaming\DriverCure [2012/07/09 12:02:51 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\ParetoLogic [2012/07/07 16:16:24 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Gophoto.it ========== Files - Modified Within 30 Days ========== [2012/08/01 23:45:46 \| 000,726,316 \| ---- \| M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/01 23:45:46 \| 000,628,024 \| ---- \| M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/01 23:45:46 \| 000,110,208 \| ---- \| M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/01 23:44:34 \| 000,014,512 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/01 23:44:34 \| 000,014,512 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/01 23:41:01 \| 000,000,912 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-622041102-657345544-561382794-1000UA.job [2012/08/01 23:39:52 \| 000,001,035 \| ---- \| M] () -- C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2012/08/01 23:39:27 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012/08/01 23:39:23 \| 2134,450,175 \| -HS- \| M] () -- C:\hiberfil.sys [2012/08/01 23:38:57 \| 000,061,520 \| ---- \| M] () -- C:\Windows\SysNative\BMXStateBkp-{00000004-00000000-00000002-00001102-00000005-00231102}.rfx [2012/08/01 23:38:57 \| 000,061,520 \| ---- \| M] () -- C:\Windows\SysNative\BMXState-{00000004-00000000-00000002-00001102-00000005-00231102}.rfx [2012/08/01 23:38:57 \| 000,000,788 \| ---- \| M] () -- C:\Windows\SysNative\DVCState-{00000004-00000000-00000002-00001102-00000005-00231102}.rfx [2012/08/01 19:56:34 \| 000,002,641 \| ---- \| M] () -- C:\Users\Vladan\Desktop\ProxyFinder - Shortcut.lnk [2012/08/01 19:42:49 \| 000,001,095 \| ---- \| M] () -- C:\Users\Vladan\Documents\Documents - Shortcut.lnk [2012/08/01 19:29:45 \| 000,002,019 \| ---- \| M] () -- C:\Users\Vladan\Desktop\Proxy Finder Enterprise.lnk [2012/08/01 19:07:23 \| 000,001,208 \| ---- \| M] () -- C:\Users\Vladan\Desktop\Install Proxy Finder.lnk [2012/08/01 16:49:01 \| 000,000,860 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-622041102-657345544-561382794-1000Core.job [2012/08/01 16:42:46 \| 000,002,412 \| ---- \| M] () -- C:\Users\Vladan\Desktop\Google Chrome.lnk [2012/08/01 14:58:29 \| 001,123,904 \| ---- \| M] (Ashes ) -- C:\Users\Vladan\AppData\Roaming\StAPH125-Setup.exe [2012/08/01 14:22:09 \| 001,032,192 \| ---- \| M] () -- C:\Users\Vladan\AppData\Roaming\chrtmp [2012/08/01 01:24:17 \| 000,000,931 \| ---- \| M] () -- C:\Users\Public\Desktop\ZooskMessenger.lnk [2012/07/30 01:15:15 \| 005,036,536 \| ---- \| M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/30 01:14:26 \| 000,006,400 \| ---- \| M] () -- C:\ProgramData\NanoRepository.bin [2012/07/26 22:36:12 \| 000,000,521 \| ---- \| M] () -- C:\Windows\wininit.ini [2012/07/26 21:25:21 \| 000,003,436 \| ---- \| M] () -- C:\user.js [2012/07/26 20:08:12 \| 000,001,031 \| ---- \| M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk [2012/07/26 01:58:09 \| 000,010,707 \| ---- \| M] () -- C:\Users\Vladan\.recently-used.xbel [2012/07/24 06:04:37 \| 000,000,000 \| ---- \| M] () -- C:\Users\Vladan\.gtk-bookmarks [2012/07/16 12:51:55 \| 000,174,064 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/07/16 12:51:54 \| 000,174,064 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/07/13 07:02:53 \| 000,130,088 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProt.sys [2012/07/13 07:02:10 \| 000,205,352 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINKNC.sys [2012/07/13 07:02:10 \| 000,123,944 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINProc.sys [2012/07/13 07:02:09 \| 000,167,464 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINAflt.sys [2012/07/13 07:02:09 \| 000,119,336 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSINFile.sys [2012/07/12 11:18:56 \| 000,219,688 \| ---- \| M] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\NNSStrm.sys [2012/07/09 12:57:54 \| 000,001,978 \| ---- \| M] () -- C:\Users\Vladan\Desktop\Check PC For Errors.lnk [2012/07/09 12:57:54 \| 000,001,962 \| ---- \| M] () -- C:\Users\Vladan\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk [2012/07/05 22:06:48 \| 000,227,760 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/07/05 22:06:30 \| 000,772,544 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012/07/05 22:06:20 \| 000,687,544 \| ---- \| M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll ========== Files Created - No Company Name ========== [2012/08/01 19:56:34 \| 000,002,641 \| ---- \| C] () -- C:\Users\Vladan\Desktop\ProxyFinder - Shortcut.lnk [2012/08/01 19:42:49 \| 000,001,095 \| ---- \| C] () -- C:\Users\Vladan\Documents\Documents - Shortcut.lnk [2012/08/01 19:29:45 \| 000,002,019 \| ---- \| C] () -- C:\Users\Vladan\Desktop\Proxy Finder Enterprise.lnk [2012/08/01 19:07:23 \| 000,001,208 \| ---- \| C] () -- C:\Users\Vladan\Desktop\Install Proxy Finder.lnk [2012/08/01 14:58:30 \| 001,032,192 \| ---- \| C] () -- C:\Users\Vladan\AppData\Roaming\chrtmp [2012/08/01 01:24:22 \| 000,001,035 \| ---- \| C] () -- C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2012/08/01 01:24:17 \| 000,000,943 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZooskMessenger.lnk [2012/08/01 01:24:17 \| 000,000,931 \| ---- \| C] () -- C:\Users\Public\Desktop\ZooskMessenger.lnk [2012/07/30 01:14:26 \| 000,006,400 \| ---- \| C] () -- C:\ProgramData\NanoRepository.bin [2012/07/29 23:53:04 \| 000,001,075 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2012/07/29 23:52:42 \| 000,001,203 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk [2012/07/29 23:52:16 \| 000,001,037 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2012/07/29 23:51:47 \| 000,001,165 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk [2012/07/29 23:50:24 \| 000,001,349 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2012/07/29 23:50:21 \| 000,001,515 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2012/07/26 22:36:11 \| 000,000,521 \| ---- \| C] () -- C:\Windows\wininit.ini [2012/07/26 20:08:12 \| 000,001,043 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012/07/26 20:08:12 \| 000,001,031 \| ---- \| C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk [2012/07/26 01:58:09 \| 000,010,707 \| ---- \| C] () -- C:\Users\Vladan\.recently-used.xbel [2012/07/24 06:04:37 \| 000,000,000 \| ---- \| C] () -- C:\Users\Vladan\.gtk-bookmarks [2012/07/09 12:57:54 \| 000,001,978 \| ---- \| C] () -- C:\Users\Vladan\Desktop\Check PC For Errors.lnk [2012/07/09 12:57:54 \| 000,001,962 \| ---- \| C] () -- C:\Users\Vladan\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk [2012/06/11 18:50:16 \| 000,204,952 \| ---- \| C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/06/11 18:50:16 \| 000,157,144 \| ---- \| C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/05/10 16:35:16 \| 000,029,184 \| ---- \| C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012/04/22 05:06:35 \| 000,050,547 \| ---- \| C] () -- C:\Users\Vladan\AppData\Local\recently-used.xbel [2012/04/22 00:26:07 \| 000,000,632 \| RHS- \| C] () -- C:\Users\Vladan\ntuser.pol [2012/04/18 16:19:29 \| 000,000,169 \| ---- \| C] () -- C:\Users\Vladan\.gtkrc-2.0 [2012/01/21 17:28:45 \| 000,187,432 \| -H-- \| C] () -- C:\Windows\SysWow64\mlfcache.dat [2012/01/11 00:00:54 \| 000,000,885 \| ---- \| C] () -- C:\Windows\SysWow64\SP7302.ini [2012/01/10 13:26:11 \| 000,148,480 \| ---- \| C] () -- C:\Windows\SysWow64\APOMngr.DLL [2012/01/10 13:26:11 \| 000,073,728 \| ---- \| C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2012/01/06 17:56:15 \| 000,000,000 \| ---- \| C] () -- C:\Windows\ativpsrm.bin [2012/01/06 17:45:07 \| 000,030,528 \| ---- \| C] () -- C:\Windows\GVTDrv64.sys [2012/01/06 17:34:01 \| 000,008,192 \| ---- \| C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2012/01/06 17:31:19 \| 000,000,010 \| ---- \| C] () -- C:\Windows\GSetup.ini [2011/09/13 00:06:16 \| 000,003,917 \| ---- \| C] () -- C:\Windows\SysWow64\atipblag.dat < End of report >

Profil

Sass Drake Poslao: 02 Avg 2012 09:22 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni program OTL dvoklikom na ikonu. U bijeli okvir prozora gdje piše Custom Scans/Fixes iskopirati sljedeći tekst: :OTL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 14 12 DD C2 F2 EA CC 01 [binary data] IE - HKCU\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - No CLSID value found IE - HKCU\..\SearchScopes\{069C9710-9EA5-48FD-8764-B683DF8C56DD}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3106777 IE - HKCU\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms} O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No CLSID value found. Klikni taster Run Fix; Izvještaj koji dobiješ iskopiraj ovde u poruci.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Detektovan malver prilikom pretrage

Ko je trenutno na forumu

Ukupno su 1080 korisnika na forumu :: 50 registrovanih, 5 sakrivenih i 1025 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Apok, armor, avijacija, bobomicek, Bobrock1, bokisha253, DeerHunter, Denaya, Dragan777, dragoljub11987, elenemste, Fisherman, goxin, Haris, ivan979, ivica976, Koridor, Kubovac, kybonacci, Milometer, Milos ZA, milos.cbr, MiroslavD, mkukoleca, mnn2, Motocar, nebidrag, pein, pirke96, Povratak1912, repac, ruger357, Saratoga, shone34, Sir Budimir, Snorks, solic, SOVO515, Srle993, ss10, StepskiVuk, styg, t.mile, theNedjeljko, Tila Painen, Trpe Grozni, vasa.93, vathra, YugoSlav, zodiac94

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by