Možda tražite i:
Kako iskljuciti "bele prozorcice" (balloon tips) ?
Reklamni prozorcic

MyCity » Ambulanta -> Arhiva Ambulante » Iskakanje prozorčića

Iskakanje prozorčića

Napisano na dan: 26.5.2012

Iskakanje prozorčića

Sledeća strana

Pagination

Odgovori

Mirabe Poslao: 26 Maj 2012 09:56 Idi na vrh
offline Mirabe Građanin Pridružio: 30 Dec 2008 Poruke: 193	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Od sinoć je iznenada počeo da mi iskače prozorčić na desktopu i to izgleda ovako: To se dešava samo na internetu i to svaki put kad pokušam da otvorim novi link ili bilo šta. Znači svaki put kad pokušam da nešto otvorim,iskoči ta poruka.Moram prvo da je ugasim da bi dalje mogla uopšte da nešto pokrenem.Skenirala sam sistem sa Malwarebytom.Pronašao mi je Trojana,kojeg sam uklonila ali se ovo i dalje ponavlja. OTL logfile created on: 26.5.2012 9:35:22 - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Mirjana\Desktop\New folder 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000241a \| Country: Srbija \| Language: SRM \| Date Format: d.M.yyyy 2,00 Gb Total Physical Memory \| 0,73 Gb Available Physical Memory \| 36,36% Memory free 4,00 Gb Paging File \| 2,36 Gb Available in Paging File \| 58,92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 68,36 Gb Total Space \| 12,10 Gb Free Space \| 17,70% Space Free \| Partition Type: NTFS Drive D: \| 80,68 Gb Total Space \| 6,03 Gb Free Space \| 7,47% Space Free \| Partition Type: NTFS Drive G: \| 5,68 Gb Total Space \| 0,00 Gb Free Space \| 0,00% Space Free \| Partition Type: CDFS Computer Name: MIRJANA-PC \| User Name: Mirjana \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.05.26 09:35:00 \| 000,595,968 \| ---- \| M] (OldTimer Tools) -- C:\Users\Mirjana\Desktop\New folder\OTL.exe PRC - [2012.05.17 14:45:32 \| 000,200,704 \| ---- \| M] (Facebook) -- C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe PRC - [2012.05.12 20:53:21 \| 000,880,496 \| ---- \| M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe PRC - [2012.05.08 18:39:48 \| 000,086,224 \| ---- \| M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.08 18:39:43 \| 000,348,624 \| ---- \| M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 18:39:43 \| 000,110,032 \| ---- \| M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.08 15:13:28 \| 000,185,856 \| ---- \| M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe PRC - [2012.04.04 15:56:40 \| 000,654,408 \| ---- \| M] (Malwarebytes Corporation) -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.03.12 22:25:06 \| 000,583,680 \| ---- \| M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe PRC - [2012.01.18 07:44:52 \| 000,450,848 \| ---- \| M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2012.01.03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.09.08 08:09:44 \| 000,337,408 \| ---- \| M] (Nakido) -- C:\Program Files (x86)\Nakido\nakido.exe ========== Modules (No Company Name) ========== MOD - [2012.05.23 03:56:50 \| 000,441,880 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll MOD - [2012.05.23 03:56:49 \| 003,922,456 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll MOD - [2012.05.23 03:55:35 \| 000,553,496 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll MOD - [2012.05.23 03:55:33 \| 000,117,784 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll MOD - [2012.05.23 03:55:24 \| 000,134,696 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll MOD - [2012.05.23 03:55:23 \| 000,250,408 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll MOD - [2012.05.23 03:55:21 \| 002,375,720 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll MOD - [2012.05.23 03:06:23 \| 008,743,584 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll MOD - [2012.05.11 14:47:16 \| 000,449,024 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\CefSharp.dll MOD - [2012.05.11 14:47:16 \| 000,275,456 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\CefSharp.WinForms.dll MOD - [2012.05.10 07:46:06 \| 011,833,344 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\7e50b5ce96c0efb3564962ecf9514a39\System.Web.ni.dll MOD - [2012.05.10 07:45:50 \| 006,611,456 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4e26c6b80e18c10fd21607868d6f10cd\System.Data.ni.dll MOD - [2012.05.10 07:44:46 \| 012,433,408 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\dc15a932ab494a57e7a8c4b424722c03\System.Windows.Forms.ni.dll MOD - [2012.05.10 07:44:33 \| 001,590,784 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\963f4a8ee1733775937bbd02da14ce44\System.Drawing.ni.dll MOD - [2012.05.10 07:43:58 \| 005,452,800 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb0e4de1afd3f2efbbf39a5e39f646a\System.Xml.ni.dll MOD - [2012.05.10 07:43:51 \| 000,971,264 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2a5cbab122112cd4291b684e67460c16\System.Configuration.ni.dll MOD - [2012.05.10 07:43:50 \| 007,967,232 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9447bd5b21a91081d4275b4c4401b1f9\System.ni.dll MOD - [2012.05.10 07:43:39 \| 011,493,376 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2ab531f4915cccb998c4e852fb7efd00\mscorlib.ni.dll MOD - [2012.04.25 15:21:18 \| 021,009,408 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\libcef.dll MOD - [2010.11.05 03:58:05 \| 002,927,616 \| ---- \| M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.05.08 15:13:28 \| 000,185,856 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV:64bit: - [2012.03.25 19:49:22 \| 000,204,304 \| ---- \| M] (Nitro PDF Software) [Auto \| Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2) SRV:64bit: - [2009.07.14 03:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.05.08 18:39:48 \| 000,086,224 \| ---- \| M] (Avira Operations GmbH & Co. KG) [Auto \| Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.08 18:39:43 \| 000,110,032 \| ---- \| M] (Avira Operations GmbH & Co. KG) [Auto \| Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.05 16:35:24 \| 000,257,696 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.04 15:56:40 \| 000,654,408 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.01.31 16:09:34 \| 000,158,856 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.18 07:44:52 \| 000,450,848 \| ---- \| M] (Logitech Inc.) [Auto \| Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2012.01.03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.09.08 08:09:44 \| 000,337,408 \| ---- \| M] (Nakido) [Auto \| Running] -- C:\Program Files (x86)\Nakido\nakido.exe -- (Nakido) SRV - [2010.03.18 14:16:28 \| 000,130,384 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.08 18:39:49 \| 000,132,832 \| ---- \| M] (Avira GmbH) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.08 18:39:49 \| 000,098,848 \| ---- \| M] (Avira GmbH) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.04.04 15:56:40 \| 000,024,904 \| ---- \| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.22 21:21:42 \| 000,283,200 \| ---- \| M] (DT Soft Ltd) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.03.01 08:46:16 \| 000,023,408 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.18 07:44:36 \| 004,865,568 \| ---- \| M] (Logitech Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C310(UVC) DRV:64bit: - [2011.09.16 17:09:16 \| 000,027,760 \| ---- \| M] (Avira GmbH) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.03.11 08:41:12 \| 000,107,904 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 \| 000,027,008 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 \| 000,078,720 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 \| 000,020,992 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2009.07.14 03:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.13 23:59:33 \| 005,020,672 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.06.10 22:35:42 \| 000,187,392 \| ---- \| M] (Realtek Corporation ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = mystart.incredibar.com/mb139?a=6R8tXMfz9N&i=26 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 69 F5 84 2E 71 30 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8tXMfz9N&i=26 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( ) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mirjana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mirjana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll (Facebook, Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.05.25 10:39:57 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.05.25 10:39:57 \| 000,000,000 \| ---D \| M] [2012.04.28 16:59:32 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Mirjana\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions [2012.05.25 10:40:04 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: MyStart Search (Enabled) CHR - default_search_provider: search_url = mystart.incredibar.com/mb139/?loc=IB_DS&search={searchTerms}&a=6R8tXMfz9N&i=26 CHR - default_search_provider: suggest_url = , CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Users\Mirjana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - Extension: Google Translate = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_0\ CHR - Extension: YouTube = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google \u043F\u0440\u0435\u0442\u0440\u0430\u0433\u0430 = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Web Assistant = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\ CHR - Extension: YoWindow Weather = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef\1.30_0\ CHR - Extension: 1Click Downloader = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.2_0\ CHR - Extension: Google \u043F\u0440\u043E\u0432\u0435\u0440\u0430 \u043F\u043E\u0448\u0442\u0435 = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\ CHR - Extension: Autofill = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk\5.5_0\ CHR - Extension: Fade to White Aero Skin (by Skarv) = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\oekemfmehiakocmomemagciajlikigkl\1.0_0\ CHR - Extension: Gmail = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 \| 000,000,824 \| ---- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll () O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll () O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\Mirjana\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe (Facebook) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.102.231.242 91.102.231.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CBE2340-09C3-4B69-AC26-57865F06D04F}: DhcpNameServer = 91.102.231.242 91.102.231.241 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.03.11 18:52:24 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010.08.17 06:32:28 \| 000,000,047 \| R--- \| M] () - G:\Autorun.inf -- [ CDFS ] O32 - AutoRun File - [2011.03.16 11:21:42 \| 000,472,708 \| R--- \| M] () - G:\autorun.exe -- [ CDFS ] O33 - MountPoints2\{bc58c1d1-744d-11e1-8c1f-001d92270e0a}\Shell - "" = AutoRun O33 - MountPoints2\{bc58c1d1-744d-11e1-8c1f-001d92270e0a}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2011.03.16 11:21:42 \| 000,472,708 \| R--- \| M] () O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" % O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.05.25 10:40:24 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Premium [2012.05.25 10:40:05 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Incredibar.com [2012.05.25 10:40:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Mozilla Firefox [2012.05.25 10:39:57 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Web Assistant [2012.05.25 09:06:21 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\InstallMate [2012.05.22 22:13:58 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Documents\KONAMI [2012.05.22 22:05:03 \| 000,000,000 \| RH-D \| C] -- C:\Users\Mirjana\AppData\Roaming\SecuROM [2012.05.22 21:47:16 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\KONAMI [2012.05.20 22:47:28 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\KONAMI [2012.05.20 20:07:39 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Documents\GTA Vice City User Files [2012.05.19 20:40:22 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2012.05.19 12:42:42 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Symantec [2012.05.19 12:42:31 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Norton [2012.05.19 12:42:27 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\NortonInstaller [2012.05.18 10:32:47 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012.05.12 20:39:59 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Local\Diagnostics [2012.05.12 20:32:51 \| 000,000,000 \| ---D \| C] -- C:\Windows\SysWow64\Adobe [2012.05.12 18:09:51 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\PlayFirst [2012.05.12 18:09:51 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\PlayFirst [2012.05.11 23:25:29 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Desktop\New folder [2012.05.11 15:15:58 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\2K Sports [2012.05.09 12:12:15 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2012.05.09 07:56:00 \| 001,544,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012.05.09 07:55:56 \| 005,559,664 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.05.09 07:55:52 \| 003,968,368 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.05.09 07:55:51 \| 003,913,072 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.05.08 22:45:25 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Documents\The Lord of the Rings - Conquest [2012.05.04 07:35:06 \| 000,000,000 \| ---D \| C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012.05.04 00:54:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Public\Documents\EA Games [2012.05.02 00:02:59 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEP for The Sims 2 [2012.05.01 23:54:21 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sims2Pack Clean Installer [2012.05.01 23:54:21 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sims2Pack Clean Installer [2012.05.01 22:10:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Documents\EA Games [2012.05.01 22:02:18 \| 000,442,368 \| R--- \| C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll [2012.05.01 21:46:24 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO [2012.05.01 21:46:24 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO [2012.05.01 21:46:22 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\MagicISO [2012.05.01 16:11:06 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Desktop\SIMS2 [2012.04.30 18:02:08 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\tabagames [2012.04.29 15:09:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\8floor [2012.04.29 15:09:45 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\8floor [2012.04.28 23:01:16 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2012.04.28 16:59:46 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Tarma Installer [2012.04.28 16:59:32 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Mozilla [2012.04.28 16:58:22 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\1ClickDownload [2012.04.27 11:01:11 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\LegacyGames [2012.04.26 14:48:02 \| 000,071,680 \| ---- \| C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll [2012.04.26 14:48:00 \| 000,065,536 \| ---- \| C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll ========== Files - Modified Within 30 Days ========== [2012.05.26 09:32:00 \| 000,000,830 \| ---- \| M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.26 09:30:44 \| 000,010,016 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.05.26 09:30:44 \| 000,010,016 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.05.26 09:25:23 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012.05.26 09:25:17 \| 1610,113,024 \| -HS- \| M] () -- C:\hiberfil.sys [2012.05.26 09:16:00 \| 000,000,912 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1001UA.job [2012.05.26 08:59:13 \| 000,000,916 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1000UA.job [2012.05.26 08:57:00 \| 000,000,916 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1002UA.job [2012.05.26 00:16:30 \| 000,000,860 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1001Core.job [2012.05.25 23:40:59 \| 000,000,936 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1000UA.job [2012.05.25 17:40:01 \| 000,000,914 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1000Core.job [2012.05.25 12:57:00 \| 000,000,864 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1002Core.job [2012.05.25 10:40:08 \| 000,000,690 \| ---- \| M] () -- C:\user.js [2012.05.24 22:18:18 \| 000,605,280 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Slika0481.jpg [2012.05.24 22:17:38 \| 000,601,619 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Slika0484.jpg [2012.05.24 16:09:44 \| 000,002,369 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Google Chrome.lnk [2012.05.20 12:59:06 \| 775,559,975 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Downloads.rar [2012.05.20 12:32:14 \| 000,745,308 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Collections.zip [2012.05.18 10:32:47 \| 000,001,296 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012.05.14 06:59:00 \| 000,000,864 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1000Core.job [2012.05.11 10:06:58 \| 000,651,938 \| ---- \| M] () -- C:\Windows\SysNative\perfh009.dat [2012.05.11 10:06:58 \| 000,120,870 \| ---- \| M] () -- C:\Windows\SysNative\perfc009.dat [2012.05.11 10:06:57 \| 000,778,834 \| ---- \| M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.05.10 10:12:16 \| 000,040,103 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\dog-graphics-shar-pei-417475.gif [2012.05.10 07:30:19 \| 000,274,320 \| ---- \| M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.05.09 12:12:15 \| 000,000,522 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Fraps.lnk [2012.05.08 18:39:49 \| 000,132,832 \| ---- \| M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.05.08 18:39:49 \| 000,098,848 \| ---- \| M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.05.08 09:04:03 \| 000,764,302 \| ---- \| M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.05.05 16:35:16 \| 000,419,488 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.05.05 16:35:16 \| 000,070,304 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.05.05 16:33:37 \| 008,769,696 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.05.04 10:11:02 \| 000,001,107 \| ---- \| M] () -- C:\Users\Public\Desktop\The Sims™ 2 FreeTime.lnk [2012.05.04 09:36:21 \| 000,001,219 \| ---- \| M] () -- C:\Users\Public\Desktop\The Sims™ 2 Mansion and Garden Stuff.lnk [2012.05.04 07:41:10 \| 000,001,149 \| ---- \| M] () -- C:\Users\Public\Desktop\The Sims™ 2 Apartment Life.lnk [2012.05.03 22:41:36 \| 000,000,967 \| ---- \| M] () -- C:\Users\Mirjana\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2012.05.03 22:41:36 \| 000,000,943 \| ---- \| M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012.05.03 04:55:52 \| 000,028,056 \| ---- \| M] () -- C:\Windows\SysNative\xfcodec64.dll [2012.05.01 23:54:21 \| 000,000,848 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Sims2Pack Clean Installer.lnk [2012.05.01 22:20:10 \| 000,001,121 \| ---- \| M] () -- C:\Users\Public\Desktop\The Sims™ 2 Bon Voyage.lnk [2012.05.01 21:46:24 \| 000,001,799 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\MagicISO.lnk [2012.04.26 14:48:02 \| 000,071,680 \| ---- \| M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll [2012.04.26 14:48:00 \| 000,065,536 \| ---- \| M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll ========== Files Created - No Company Name ========== [2012.05.24 22:22:25 \| 000,605,280 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Slika0481.jpg [2012.05.24 22:22:23 \| 000,601,619 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Slika0484.jpg [2012.05.20 12:36:41 \| 775,559,975 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Downloads.rar [2012.05.20 12:32:12 \| 000,745,308 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Collections.zip [2012.05.10 10:12:37 \| 000,040,103 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\dog-graphics-shar-pei-417475.gif [2012.05.09 12:02:03 \| 000,000,522 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Fraps.lnk [2012.05.04 10:11:02 \| 000,001,107 \| ---- \| C] () -- C:\Users\Public\Desktop\The Sims™ 2 FreeTime.lnk [2012.05.04 09:36:21 \| 000,001,219 \| ---- \| C] () -- C:\Users\Public\Desktop\The Sims™ 2 Mansion and Garden Stuff.lnk [2012.05.04 07:41:10 \| 000,001,149 \| ---- \| C] () -- C:\Users\Public\Desktop\The Sims™ 2 Apartment Life.lnk [2012.05.04 00:44:31 \| 000,033,707 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Graphics Rules.bak.sgr [2012.05.03 23:07:45 \| 000,000,848 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Sims2Pack Clean Installer.lnk [2012.05.03 04:55:52 \| 000,028,056 \| ---- \| C] () -- C:\Windows\SysNative\xfcodec64.dll [2012.05.02 22:20:41 \| 000,250,880 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\SeeThem2.exe [2012.05.01 22:20:10 \| 000,001,121 \| ---- \| C] () -- C:\Users\Public\Desktop\The Sims™ 2 Bon Voyage.lnk [2012.05.01 21:46:24 \| 000,001,799 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\MagicISO.lnk [2012.03.23 03:28:07 \| 000,000,000 \| ---- \| C] () -- C:\Windows\ativpsrm.bin [2012.03.22 20:29:23 \| 000,764,302 \| ---- \| C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.03.22 20:28:24 \| 000,033,134 \| ---- \| C] () -- C:\Users\Mirjana\AppData\Roaming\UserTile.png [2012.01.18 07:44:00 \| 010,920,984 \| ---- \| C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 07:44:00 \| 000,336,408 \| ---- \| C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 07:44:00 \| 000,104,472 \| ---- \| C] () -- C:\Windows\SysWow64\LogiDPPApp.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:1B3549F2 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:02B823FE @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D8F9D810 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:05F547A9 < End of report > mycity.rs/must-login.png Pošto imam i troje dece koji stalno nešto skidaju verovatno je nešto pokupljeno sa interneta Hvala unapred!

Profil

Sass Drake Poslao: 26 Maj 2012 10:25 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe: Incredibar Toolbar on IE Nakido i program koji ti pravi problem koji si opisala: Web Assistant 2.0.0.439 Korak 2 Postavi novi OTL izvještaj.

Profil

Mirabe Poslao: 26 Maj 2012 11:25 Idi na vrh
offline Mirabe Građanin Pridružio: 30 Dec 2008 Poruke: 193	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 26 Maj 2012 10:54 Obrisala sam sve što si mi rekao i evo: OTL logfile created on: 26.5.2012 10:46:53 - Run 2 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Mirjana\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000241a \| Country: Srbija \| Language: SRM \| Date Format: d.M.yyyy 2,00 Gb Total Physical Memory \| 0,82 Gb Available Physical Memory \| 41,10% Memory free 4,00 Gb Paging File \| 2,40 Gb Available in Paging File \| 59,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 68,36 Gb Total Space \| 12,10 Gb Free Space \| 17,71% Space Free \| Partition Type: NTFS Drive D: \| 80,68 Gb Total Space \| 6,03 Gb Free Space \| 7,47% Space Free \| Partition Type: NTFS Drive G: \| 5,68 Gb Total Space \| 0,00 Gb Free Space \| 0,00% Space Free \| Partition Type: CDFS Computer Name: MIRJANA-PC \| User Name: Mirjana \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.05.26 09:35:00 \| 000,595,968 \| ---- \| M] (OldTimer Tools) -- C:\Users\Mirjana\Desktop\OTL.exe PRC - [2012.05.17 14:45:32 \| 000,200,704 \| ---- \| M] (Facebook) -- C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe PRC - [2012.05.12 20:53:21 \| 000,880,496 \| ---- \| M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe PRC - [2012.05.08 18:39:48 \| 000,086,224 \| ---- \| M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.08 18:39:43 \| 000,348,624 \| ---- \| M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 18:39:43 \| 000,110,032 \| ---- \| M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.04.04 15:56:40 \| 000,654,408 \| ---- \| M] (Malwarebytes Corporation) -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.03.12 22:25:06 \| 000,583,680 \| ---- \| M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe PRC - [2012.01.18 07:44:52 \| 000,450,848 \| ---- \| M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2012.01.03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ========== Modules (No Company Name) ========== MOD - [2012.05.23 03:56:50 \| 000,441,880 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll MOD - [2012.05.23 03:56:49 \| 003,922,456 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll MOD - [2012.05.23 03:55:35 \| 000,553,496 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll MOD - [2012.05.23 03:55:33 \| 000,117,784 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll MOD - [2012.05.23 03:55:24 \| 000,134,696 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll MOD - [2012.05.23 03:55:23 \| 000,250,408 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll MOD - [2012.05.23 03:55:21 \| 002,375,720 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll MOD - [2012.05.23 03:06:23 \| 008,743,584 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll MOD - [2012.05.11 14:47:16 \| 000,449,024 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\CefSharp.dll MOD - [2012.05.11 14:47:16 \| 000,275,456 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\CefSharp.WinForms.dll MOD - [2012.05.10 07:46:06 \| 011,833,344 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\7e50b5ce96c0efb3564962ecf9514a39\System.Web.ni.dll MOD - [2012.05.10 07:45:50 \| 006,611,456 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4e26c6b80e18c10fd21607868d6f10cd\System.Data.ni.dll MOD - [2012.05.10 07:44:46 \| 012,433,408 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\dc15a932ab494a57e7a8c4b424722c03\System.Windows.Forms.ni.dll MOD - [2012.05.10 07:44:33 \| 001,590,784 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\963f4a8ee1733775937bbd02da14ce44\System.Drawing.ni.dll MOD - [2012.05.10 07:43:58 \| 005,452,800 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb0e4de1afd3f2efbbf39a5e39f646a\System.Xml.ni.dll MOD - [2012.05.10 07:43:51 \| 000,971,264 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2a5cbab122112cd4291b684e67460c16\System.Configuration.ni.dll MOD - [2012.05.10 07:43:50 \| 007,967,232 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9447bd5b21a91081d4275b4c4401b1f9\System.ni.dll MOD - [2012.05.10 07:43:39 \| 011,493,376 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2ab531f4915cccb998c4e852fb7efd00\mscorlib.ni.dll MOD - [2012.04.25 15:21:18 \| 021,009,408 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\libcef.dll MOD - [2010.11.05 03:58:05 \| 002,927,616 \| ---- \| M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.03.25 19:49:22 \| 000,204,304 \| ---- \| M] (Nitro PDF Software) [Auto \| Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2) SRV:64bit: - [2009.07.14 03:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.05.08 18:39:48 \| 000,086,224 \| ---- \| M] (Avira Operations GmbH & Co. KG) [Auto \| Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.08 18:39:43 \| 000,110,032 \| ---- \| M] (Avira Operations GmbH & Co. KG) [Auto \| Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.05 16:35:24 \| 000,257,696 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.04 15:56:40 \| 000,654,408 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.01.31 16:09:34 \| 000,158,856 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.18 07:44:52 \| 000,450,848 \| ---- \| M] (Logitech Inc.) [Auto \| Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2012.01.03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.03.18 14:16:28 \| 000,130,384 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.08 18:39:49 \| 000,132,832 \| ---- \| M] (Avira GmbH) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.08 18:39:49 \| 000,098,848 \| ---- \| M] (Avira GmbH) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.04.04 15:56:40 \| 000,024,904 \| ---- \| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.22 21:21:42 \| 000,283,200 \| ---- \| M] (DT Soft Ltd) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.03.01 08:46:16 \| 000,023,408 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.18 07:44:36 \| 004,865,568 \| ---- \| M] (Logitech Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C310(UVC) DRV:64bit: - [2011.09.16 17:09:16 \| 000,027,760 \| ---- \| M] (Avira GmbH) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.03.11 08:41:12 \| 000,107,904 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 \| 000,027,008 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 \| 000,078,720 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 \| 000,020,992 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2009.07.14 03:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.13 23:59:33 \| 005,020,672 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.06.10 22:35:42 \| 000,187,392 \| ---- \| M] (Realtek Corporation ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = mystart.incredibar.com/mb139?a=6R8tXMfz9N&i=26 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 69 F5 84 2E 71 30 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8tXMfz9N&i=26 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( ) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mirjana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mirjana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll (Facebook, Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.04.28 16:59:32 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Mirjana\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions [2012.05.25 10:40:04 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: MyStart Search (Enabled) CHR - default_search_provider: search_url = mystart.incredibar.com/mb139/?loc=IB_DS&search={searchTerms}&a=6R8tXMfz9N&i=26 CHR - default_search_provider: suggest_url = , CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mirjana\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Users\Mirjana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - Extension: Google Translate = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_0\ CHR - Extension: YouTube = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google \u043F\u0440\u0435\u0442\u0440\u0430\u0433\u0430 = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: YoWindow Weather = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef\1.30_0\ CHR - Extension: 1Click Downloader = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.2_0\ CHR - Extension: Google \u043F\u0440\u043E\u0432\u0435\u0440\u0430 \u043F\u043E\u0448\u0442\u0435 = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\ CHR - Extension: Autofill = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk\5.5_0\ CHR - Extension: Fade to White Aero Skin (by Skarv) = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\oekemfmehiakocmomemagciajlikigkl\1.0_0\ CHR - Extension: Gmail = C:\Users\Mirjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 \| 000,000,824 \| ---- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\Mirjana\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Mirjana\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe (Facebook) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.102.231.242 91.102.231.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CBE2340-09C3-4B69-AC26-57865F06D04F}: DhcpNameServer = 91.102.231.242 91.102.231.241 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.03.11 18:52:24 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010.08.17 06:32:28 \| 000,000,047 \| R--- \| M] () - G:\Autorun.inf -- [ CDFS ] O32 - AutoRun File - [2011.03.16 11:21:42 \| 000,472,708 \| R--- \| M] () - G:\autorun.exe -- [ CDFS ] O33 - MountPoints2\{bc58c1d1-744d-11e1-8c1f-001d92270e0a}\Shell - "" = AutoRun O33 - MountPoints2\{bc58c1d1-744d-11e1-8c1f-001d92270e0a}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2011.03.16 11:21:42 \| 000,472,708 \| R--- \| M] () O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" % O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.05.26 10:33:40 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Desktop\OTL [2012.05.26 09:34:57 \| 000,595,968 \| ---- \| C] (OldTimer Tools) -- C:\Users\Mirjana\Desktop\OTL.exe [2012.05.25 10:40:24 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Premium [2012.05.25 10:40:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Mozilla Firefox [2012.05.25 09:06:21 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\InstallMate [2012.05.22 22:13:58 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Documents\KONAMI [2012.05.22 22:05:03 \| 000,000,000 \| RH-D \| C] -- C:\Users\Mirjana\AppData\Roaming\SecuROM [2012.05.22 21:47:16 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\KONAMI [2012.05.20 22:47:28 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\KONAMI [2012.05.20 20:07:39 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Documents\GTA Vice City User Files [2012.05.19 20:40:22 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2012.05.19 12:42:42 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Symantec [2012.05.19 12:42:31 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Norton [2012.05.19 12:42:27 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\NortonInstaller [2012.05.18 10:32:47 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012.05.12 20:39:59 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Local\Diagnostics [2012.05.12 20:32:51 \| 000,000,000 \| ---D \| C] -- C:\Windows\SysWow64\Adobe [2012.05.12 18:09:51 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\PlayFirst [2012.05.12 18:09:51 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\PlayFirst [2012.05.11 23:25:29 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Desktop\New folder [2012.05.11 15:15:58 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\2K Sports [2012.05.09 12:12:15 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2012.05.09 07:56:00 \| 001,544,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012.05.09 07:55:56 \| 005,559,664 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.05.09 07:55:52 \| 003,968,368 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.05.09 07:55:51 \| 003,913,072 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.05.08 22:45:25 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Documents\The Lord of the Rings - Conquest [2012.05.04 07:35:06 \| 000,000,000 \| ---D \| C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012.05.04 00:54:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Public\Documents\EA Games [2012.05.02 00:02:59 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEP for The Sims 2 [2012.05.01 23:54:21 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sims2Pack Clean Installer [2012.05.01 23:54:21 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sims2Pack Clean Installer [2012.05.01 22:10:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Documents\EA Games [2012.05.01 22:02:18 \| 000,442,368 \| R--- \| C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll [2012.05.01 21:46:24 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO [2012.05.01 21:46:24 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO [2012.05.01 21:46:22 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\MagicISO [2012.05.01 16:11:06 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\Desktop\SIMS2 [2012.04.30 18:02:08 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\tabagames [2012.04.29 15:09:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\8floor [2012.04.29 15:09:45 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\8floor [2012.04.28 23:01:16 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2012.04.28 16:59:46 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Tarma Installer [2012.04.28 16:59:32 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\Mozilla [2012.04.28 16:58:22 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\1ClickDownload [2012.04.27 11:01:11 \| 000,000,000 \| ---D \| C] -- C:\Users\Mirjana\AppData\Roaming\LegacyGames [2012.04.26 14:48:02 \| 000,071,680 \| ---- \| C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll [2012.04.26 14:48:00 \| 000,065,536 \| ---- \| C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll ========== Files - Modified Within 30 Days ========== [2012.05.26 10:32:01 \| 000,000,830 \| ---- \| M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.26 10:16:00 \| 000,000,912 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1001UA.job [2012.05.26 09:59:00 \| 000,000,916 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1000UA.job [2012.05.26 09:57:00 \| 000,000,916 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1002UA.job [2012.05.26 09:35:00 \| 000,595,968 \| ---- \| M] (OldTimer Tools) -- C:\Users\Mirjana\Desktop\OTL.exe [2012.05.26 09:30:44 \| 000,010,016 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.05.26 09:30:44 \| 000,010,016 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.05.26 09:25:23 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012.05.26 09:25:17 \| 1610,113,024 \| -HS- \| M] () -- C:\hiberfil.sys [2012.05.26 00:16:30 \| 000,000,860 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1001Core.job [2012.05.25 23:40:59 \| 000,000,936 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1000UA.job [2012.05.25 17:40:01 \| 000,000,914 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1000Core.job [2012.05.25 12:57:00 \| 000,000,864 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1002Core.job [2012.05.25 10:40:08 \| 000,000,690 \| ---- \| M] () -- C:\user.js [2012.05.24 22:18:18 \| 000,605,280 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Slika0481.jpg [2012.05.24 22:17:38 \| 000,601,619 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Slika0484.jpg [2012.05.24 16:09:44 \| 000,002,369 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Google Chrome.lnk [2012.05.20 12:59:06 \| 775,559,975 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Downloads.rar [2012.05.20 12:32:14 \| 000,745,308 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Collections.zip [2012.05.18 10:32:47 \| 000,001,296 \| ---- \| M] () -- C:\Users\Mirjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012.05.14 06:59:00 \| 000,000,864 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-424014716-4226924264-1167033291-1000Core.job [2012.05.11 10:06:58 \| 000,651,938 \| ---- \| M] () -- C:\Windows\SysNative\perfh009.dat [2012.05.11 10:06:58 \| 000,120,870 \| ---- \| M] () -- C:\Windows\SysNative\perfc009.dat [2012.05.11 10:06:57 \| 000,778,834 \| ---- \| M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.05.10 10:12:16 \| 000,040,103 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\dog-graphics-shar-pei-417475.gif [2012.05.10 07:30:19 \| 000,274,320 \| ---- \| M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.05.09 12:12:15 \| 000,000,522 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Fraps.lnk [2012.05.08 18:39:49 \| 000,132,832 \| ---- \| M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.05.08 18:39:49 \| 000,098,848 \| ---- \| M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.05.08 09:04:03 \| 000,764,302 \| ---- \| M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.05.05 16:35:16 \| 000,419,488 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.05.05 16:35:16 \| 000,070,304 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.05.05 16:33:37 \| 008,769,696 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.05.04 10:11:02 \| 000,001,107 \| ---- \| M] () -- C:\Users\Public\Desktop\The Sims™ 2 FreeTime.lnk [2012.05.04 09:36:21 \| 000,001,219 \| ---- \| M] () -- C:\Users\Public\Desktop\The Sims™ 2 Mansion and Garden Stuff.lnk [2012.05.04 07:41:10 \| 000,001,149 \| ---- \| M] () -- C:\Users\Public\Desktop\The Sims™ 2 Apartment Life.lnk [2012.05.03 22:41:36 \| 000,000,967 \| ---- \| M] () -- C:\Users\Mirjana\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2012.05.03 22:41:36 \| 000,000,943 \| ---- \| M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012.05.03 04:55:52 \| 000,028,056 \| ---- \| M] () -- C:\Windows\SysNative\xfcodec64.dll [2012.05.01 23:54:21 \| 000,000,848 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\Sims2Pack Clean Installer.lnk [2012.05.01 22:20:10 \| 000,001,121 \| ---- \| M] () -- C:\Users\Public\Desktop\The Sims™ 2 Bon Voyage.lnk [2012.05.01 21:46:24 \| 000,001,799 \| ---- \| M] () -- C:\Users\Mirjana\Desktop\MagicISO.lnk [2012.04.26 14:48:02 \| 000,071,680 \| ---- \| M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll [2012.04.26 14:48:00 \| 000,065,536 \| ---- \| M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll ========== Files Created - No Company Name ========== [2012.05.24 22:22:25 \| 000,605,280 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Slika0481.jpg [2012.05.24 22:22:23 \| 000,601,619 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Slika0484.jpg [2012.05.20 12:36:41 \| 775,559,975 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Downloads.rar [2012.05.20 12:32:12 \| 000,745,308 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Collections.zip [2012.05.10 10:12:37 \| 000,040,103 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\dog-graphics-shar-pei-417475.gif [2012.05.09 12:02:03 \| 000,000,522 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Fraps.lnk [2012.05.04 10:11:02 \| 000,001,107 \| ---- \| C] () -- C:\Users\Public\Desktop\The Sims™ 2 FreeTime.lnk [2012.05.04 09:36:21 \| 000,001,219 \| ---- \| C] () -- C:\Users\Public\Desktop\The Sims™ 2 Mansion and Garden Stuff.lnk [2012.05.04 07:41:10 \| 000,001,149 \| ---- \| C] () -- C:\Users\Public\Desktop\The Sims™ 2 Apartment Life.lnk [2012.05.04 00:44:31 \| 000,033,707 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Graphics Rules.bak.sgr [2012.05.03 23:07:45 \| 000,000,848 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\Sims2Pack Clean Installer.lnk [2012.05.03 04:55:52 \| 000,028,056 \| ---- \| C] () -- C:\Windows\SysNative\xfcodec64.dll [2012.05.02 22:20:41 \| 000,250,880 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\SeeThem2.exe [2012.05.01 22:20:10 \| 000,001,121 \| ---- \| C] () -- C:\Users\Public\Desktop\The Sims™ 2 Bon Voyage.lnk [2012.05.01 21:46:24 \| 000,001,799 \| ---- \| C] () -- C:\Users\Mirjana\Desktop\MagicISO.lnk [2012.03.23 03:28:07 \| 000,000,000 \| ---- \| C] () -- C:\Windows\ativpsrm.bin [2012.03.22 20:29:23 \| 000,764,302 \| ---- \| C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.03.22 20:28:24 \| 000,033,134 \| ---- \| C] () -- C:\Users\Mirjana\AppData\Roaming\UserTile.png [2012.01.18 07:44:00 \| 010,920,984 \| ---- \| C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 07:44:00 \| 000,336,408 \| ---- \| C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 07:44:00 \| 000,104,472 \| ---- \| C] () -- C:\Windows\SysWow64\LogiDPPApp.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:1B3549F2 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:02B823FE @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D8F9D810 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:05F547A9 < End of report > Dopuna: 26 Maj 2012 11:24 Ne pojavljuje mi se više prozorćić! Dopuna: 26 Maj 2012 11:25 Mislila sam prozorčić

Profil

Sass Drake Poslao: 26 Maj 2012 11:55 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni program OTL dvoklikom na ikonu. U bijeli okvir prozora gdje piše Custom Scans/Fixes iskopirati sljedeći tekst: `:OTL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb139?a=6R8tXMfz9N&i=26 IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8tXMfz9N&i=26` Klikni taster Run Fix; Izvještaj koji dobiješ iskopiraj ovde u poruci.

Profil

Mirabe Poslao: 27 Maj 2012 16:17 Idi na vrh
offline Mirabe Građanin Pridružio: 30 Dec 2008 Poruke: 193	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page\| /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope\| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. OTL by OldTimer - Version 3.2.43.1 log created on 05272012_161731

Profil

Sass Drake Poslao: 27 Maj 2012 16:20 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni OTL i klikni na dugme CleanUp. Obavezno posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj. To bi bilo to. Pozdrav.

Profil

Mirabe Poslao: 27 Maj 2012 22:38 Idi na vrh
offline Mirabe Građanin Pridružio: 30 Dec 2008 Poruke: 193	2Ovo se svidja korisnicima: ThePhilosopher, Sass Drake Registruj se da bi pohvalio/la poruku! Hvala na pomoći,svakako ću pogledati temu!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Iskakanje prozorčića

Ko je trenutno na forumu

Ukupno su 963 korisnika na forumu :: 5 registrovanih, 1 sakriven i 957 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: draganl, LUDI, mnn2, pein, saputnik plavetnila

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by