MyCity » Ambulanta -> Arhiva Ambulante » Ponovo keylogger

Ponovo keylogger

Napisano na dan: 22.1.2013

Ponovo keylogger
Sledeća strana Pagination

Idi na vrh

Poslao: 22 Jan 2013 16:09
Idi na vrh
offline
  • Pridružio: 22 Jan 2013
  • Poruke: 3

Pozdrav svima Smile
vec sam jednom imala problem sa keyloggerom i vi ste mi pomogli da ga resim.
Sinoc sam upalila Aviru i ona mi je pronasla ovo
mickrokeylogger.zip i
frxpsrxcrlmsghb.exe (tr/rogue.kdv.829819)
to mi je sada u karantinu

vec neko vreme, mozda dve nedelje, primetim da kad kliknem misom ili nece da prihvati ili mu treba vremena i kad otvaram program kad ga startujem u lajsni dole (taskleiste) bude ikonica od poslednjeg otvorenog programa, pa jedno prazno mesto (na par sekundi) pa tek onda onaj koji se sad otvara ( ja ne znam da li je to normalno, ali reko bolje da spomenem).

Juce sam skinula Malwarebytes i on mi je nasao 55 ne znam ni ja cega Sad to sam ocistila (nadam se).
I ne znam da li to moze, ali volelabih da znam datum od kada imam keylogger.

Izvestaj OTL izgleda ovako:


OTL logfile created on: 22.01.2013 15:33:14 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Klinceze\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 40,58% Memory free
7,99 Gb Paging File | 5,12 Gb Available in Paging File | 64,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,07 Gb Total Space | 388,00 Gb Free Space | 86,02% Space Free | Partition Type: NTFS
Drive E: | 499,41 Mb Total Space | 387,44 Mb Free Space | 77,58% Space Free | Partition Type: FAT
Drive F: | 36,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DRAGANA-PC | User Name: dragana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.01.22 15:16:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Klinceze\Desktop\OTL.exe
PRC - [2013.01.19 22:49:07 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Users\Klinceze\AppData\Local\Mozilla Firefox\firefox.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:49:28 | 000,824,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012.08.08 22:14:57 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.12 00:21:04 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Klinceze\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.01 23:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.01.04 19:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011.11.24 12:20:19 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
PRC - [2011.11.24 12:20:19 | 000,218,624 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.04.23 21:17:26 | 001,994,936 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2011.04.23 21:17:26 | 000,098,488 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2011.04.23 21:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2011.01.25 14:14:08 | 001,802,472 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
PRC - [2011.01.25 14:14:08 | 001,534,184 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
PRC - [2011.01.17 16:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 16:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2011.01.13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010.11.16 14:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.02.28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010.02.09 19:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009.10.15 09:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009.07.17 17:08:00 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
PRC - [2009.05.21 14:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009.05.21 14:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe


========== Modules (No Company Name) ==========

MOD - [2013.01.19 22:49:07 | 003,022,232 | ---- | M] () -- C:\Users\Klinceze\AppData\Local\Mozilla Firefox\mozjs.dll
MOD - [2013.01.11 19:23:13 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013.01.09 22:29:31 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\aa0c82eddc6cc12961a92835f777dcc0\System.Web.Services.ni.dll
MOD - [2013.01.09 22:28:55 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.09 22:28:49 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 22:28:33 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 22:28:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.09 22:28:29 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 22:28:19 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011.11.24 12:20:20 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtGui4.dll
MOD - [2011.11.24 12:20:20 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtCore4.dll
MOD - [2011.11.24 12:20:20 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtNetwork4.dll
MOD - [2011.11.24 12:20:20 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
MOD - [2011.11.24 12:20:20 | 000,777,728 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SMSUIPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\PluginContainer.dll
MOD - [2011.11.24 12:20:20 | 000,449,536 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,379,392 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Proxy.dll
MOD - [2011.11.24 12:20:20 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qtiff4.dll
MOD - [2011.11.24 12:20:20 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qmng4.dll
MOD - [2011.11.24 12:20:20 | 000,331,776 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,314,368 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,275,456 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,258,560 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\sdk.dll
MOD - [2011.11.24 12:20:20 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qjpeg4.dll
MOD - [2011.11.24 12:20:20 | 000,185,856 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll
MOD - [2011.11.24 12:20:20 | 000,179,712 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XCodec.dll
MOD - [2011.11.24 12:20:20 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll
MOD - [2011.11.24 12:20:20 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Trace.dll
MOD - [2011.11.24 12:20:20 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSDialup.dll
MOD - [2011.11.24 12:20:20 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSNDIS.dll
MOD - [2011.11.24 12:20:20 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Win7Support.dll
MOD - [2011.11.24 12:20:20 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSAdapt.dll
MOD - [2011.11.24 12:20:20 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
MOD - [2011.11.24 12:20:20 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qgif4.dll
MOD - [2011.11.24 12:20:20 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qico4.dll
MOD - [2011.11.24 12:20:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll
MOD - [2011.11.24 12:20:20 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSCall.dll
MOD - [2011.11.24 12:20:19 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,739,840 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookUIPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,550,400 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
MOD - [2011.11.24 12:20:19 | 000,495,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,414,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,352,768 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\core.dll
MOD - [2011.11.24 12:20:19 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,239,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LiveUpdateInterface.dll
MOD - [2011.11.24 12:20:19 | 000,238,592 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AtCodec.dll
MOD - [2011.11.24 12:20:19 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Common.dll
MOD - [2011.11.24 12:20:19 | 000,211,456 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,175,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll
MOD - [2011.11.24 12:20:19 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll
MOD - [2011.11.24 12:20:19 | 000,117,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll
MOD - [2011.11.24 12:20:19 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll
MOD - [2011.11.24 12:20:19 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\mingwm10.dll
MOD - [2011.04.23 21:18:10 | 000,100,208 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2011.04.23 21:17:32 | 000,062,136 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2011.04.23 21:16:44 | 000,250,552 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll
MOD - [2011.02.19 19:35:06 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.01.25 14:14:08 | 001,802,472 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
MOD - [2011.01.25 14:14:08 | 001,534,184 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
MOD - [2011.01.25 14:10:24 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
MOD - [2011.01.25 14:10:22 | 016,124,416 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll
MOD - [2011.01.25 14:10:22 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:58:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.02.28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
MOD - [2010.02.09 19:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2010.02.09 19:34:00 | 000,365,888 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
MOD - [2010.02.09 19:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2010.02.09 19:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2010.02.09 19:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2010.02.09 19:34:00 | 000,062,784 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbShared.resources.dll
MOD - [2010.02.09 19:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2010.02.09 19:34:00 | 000,046,400 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
MOD - [2010.02.09 19:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009.10.15 09:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe


========== Services (SafeList) ==========

SRV:64bit: - [2010.06.20 12:35:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.02.02 20:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2013.01.21 07:35:34 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.01 23:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.11.24 12:20:19 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.04.23 21:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.01.13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010.11.16 14:38:16 | 000,339,456 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.08.24 20:27:20 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.07.06 03:22:30 | 000,007,168 | ---- | M] (Microsoft) [Auto | Running] -- C:\Programme\Dell\OSD\DellOSDservice.exe -- (DellOSDservice)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.18 10:54:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.21 14:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.05.02 14:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.04.27 09:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.04.24 23:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.24 12:20:20 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2011.11.24 12:20:20 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011.11.24 12:20:20 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011.11.24 12:20:20 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.07.15 00:17:58 | 000,033,792 | ---- | M] (Nuvoton Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuviocir_win7_x64.sys -- (nuviocir)
DRV:64bit: - [2010.06.23 23:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.06.20 16:20:54 | 006,858,240 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.06.20 12:02:04 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.07 14:57:08 | 000,073,784 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.04.07 14:57:08 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.03.24 07:13:00 | 000,371,072 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerPola.sys -- (AVerPola)
DRV:64bit: - [2010.03.10 08:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010.02.22 09:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2010.02.02 20:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2010.02.02 20:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2010.02.02 20:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.09.19 05:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 05:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 05:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.09 09:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.09.25 01:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2007.05.14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2006.11.01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{13ABDE1C-98BC-433B-A67C-2C9922CB4926}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{56F2DBB3-EC9B-4035-86CA-F88681202C85}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2325506

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
IE - HKCU\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {FD04748B-B92F-437D-96E2-E3EA6275C2BE}
IE - HKCU\..\SearchScopes\{21B038EE-2E26-4D30-A2BA-94F4C7ABA278}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&locale=de_AT&apn_ptnrs=^ABV&apn_dtid=^YYYYYY^YY^AT&apn_uid=CD45FF3B-52AE-4054-AAB4-7CF075C13327&apn_sauid=7350A6F2-CE71-47B5-BE54-81E55D5FFA0E
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT2325506
IE - HKCU\..\SearchScopes\{FD04748B-B92F-437D-96E2-E3EA6275C2BE}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "www.Freeware-download.com Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o=10148&l=dis&tb=AVR-3"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..extensions.enabledItems: [Link mogu videti samo ulogovani korisnici]:1.29
FF - prefs.js..extensions.enabledItems: {26647ca4-a2a7-4eac-8a72-761aa9141de7}:3.11.0.3
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.08.24 20:02:02 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.08.24 20:02:02 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\dragana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011.06.26 07:49:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7df87622-0565-4b6d-b160-75a339bc64cb}: C:\Users\dragana\AppData\Roaming\Bloson\bloson_fx_1.0b1.xpi [2012.08.07 14:03:32 | 000,078,760 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.21 07:35:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.21 07:35:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{7df87622-0565-4b6d-b160-75a339bc64cb}: C:\Users\dragana\AppData\Roaming\Bloson\bloson_fx_1.0b1.xpi [2012.08.07 14:03:32 | 000,078,760 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.21 07:35:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.21 07:35:32 | 000,000,000 | ---D | M]

[2011.10.28 13:50:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dragana\AppData\Roaming\Mozilla\Extensions
[2011.02.03 22:32:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dragana\AppData\Roaming\Mozilla\Extensions\{SbX-136198-9783706830751-stu10}
[2012.11.17 13:12:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions
[2012.11.17 13:12:45 | 000,000,000 | ---D | M] (www.Freeware-download.com Community Toolbar) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions\{26647ca4-a2a7-4eac-8a72-761aa9141de7}
[2012.10.15 12:53:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.09.24 20:55:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions\engine@conduit.com
[2012.05.26 11:48:27 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\extensions\ffxtlbr@funmoods.com
[2010.10.24 20:56:34 | 000,000,953 | ---- | M] () -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\searchplugins\conduit.xml
[2012.05.26 11:48:26 | 000,001,798 | ---- | M] () -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\searchplugins\funmoods.xml
[2011.10.28 14:54:36 | 000,002,501 | ---- | M] () -- C:\Users\dragana\AppData\Roaming\Mozilla\Firefox\Profiles\bbb66dxe.default\searchplugins\SearchResults.xml
[2013.01.21 07:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.01.21 07:35:34 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.24 08:42:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.12 09:39:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.24 08:42:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.24 08:42:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.28 14:54:36 | 000,002,501 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2012.06.24 08:42:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.24 08:42:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (no name) - {58307a99-7813-45f1-ac6c-06ff1617a20d} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [CisPostUninstall] "C:\Users\dragana\AppData\Local\Temp\cis5CD0.exe" --PostUninstall File not found
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [ShwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [BlosonAddonUpdater] C:\Users\dragana\AppData\Roaming\Bloson\BlosonAddonUpdater.exe (VSH Solutions)
O4 - HKCU..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S116F.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\dragana\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Users\dragana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31EC44A4-6EBA-4B46-BAD2-DA865AD19ACA}: NameServer = 194.24.128.100 81.3.216.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{589A08A9-74F4-4F46-BD6D-FC5F643462A4}: NameServer = 91.206.8.74 194.11.27.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93C96FE5-0937-4050-902B-11536F72D2B8}: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93C96FE5-0937-4050-902B-11536F72D2B8}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8A27CD0-BF31-4883-B977-14F69BD5F255}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B50416DB-FA6C-4E43-8E5A-E21278E80077}: NameServer = 194.24.128.100 81.3.216.100
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.18 06:37:37 | 000,142,336 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.12.22 07:44:40 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{162fa58d-6b81-11e1-bbbf-001e101f2c0e}\Shell - "" = AutoRun
O33 - MountPoints2\{162fa58d-6b81-11e1-bbbf-001e101f2c0e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{5aa83b8b-168d-11e1-8471-5cac4c27d523}\Shell - "" = AutoRun
O33 - MountPoints2\{5aa83b8b-168d-11e1-8471-5cac4c27d523}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{6da632ee-1795-11e1-a997-5cac4c27d523}\Shell - "" = AutoRun
O33 - MountPoints2\{6da632ee-1795-11e1-a997-5cac4c27d523}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{7dd4214f-50e2-11e0-a1a2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7dd4214f-50e2-11e0-a1a2-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{a55f7d07-4db6-11e0-86ff-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{a55f7d07-4db6-11e0-86ff-00a0c6000000}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d25a6277-4dab-11e0-8ce3-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{d25a6277-4dab-11e0-8ce3-001e101f8924}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{d25a62a0-4dab-11e0-8ce3-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{d25a62a0-4dab-11e0-8ce3-001e101f8924}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d25a62ab-4dab-11e0-8ce3-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{d25a62ab-4dab-11e0-8ce3-001e101f8924}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e31ee032-167d-11e1-a80b-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{e31ee032-167d-11e1-a80b-00a0c6000000}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{fa1af997-2ed8-11e0-be3d-5cac4c27d523}\Shell - "" = AutoRun
O33 - MountPoints2\{fa1af997-2ed8-11e0-be3d-5cac4c27d523}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{fa1af9ab-2ed8-11e0-be3d-5cac4c27d523}\Shell - "" = AutoRun
O33 - MountPoints2\{fa1af9ab-2ed8-11e0-be3d-5cac4c27d523}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010.11.18 06:37:37 | 000,142,336 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.01.22 13:24:43 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{F99C3AF3-5404-4B06-BF40-6FE024D95C5F}
[2013.01.21 19:51:55 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\Programs
[2013.01.21 17:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.01.21 12:19:52 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{F11944C2-3F46-4074-8AED-08A6BCEF59AF}
[2013.01.21 07:35:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.20 14:06:16 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{C43E62B0-306F-4247-B156-B60987243888}
[2013.01.17 10:38:45 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{91ECDBE3-A27A-4ECE-B860-EB18DD0C6BFD}
[2013.01.16 12:56:34 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{F3E29BA0-2119-4560-8F82-E732774C5A3E}
[2013.01.15 11:46:28 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{F179C103-2EE7-4453-866F-04E3B552BAD3}
[2013.01.14 07:19:05 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{2A394329-B341-46F5-B369-FBAABA84AD12}
[2013.01.10 15:07:20 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{E7D5FF25-18F0-43A1-A5BB-6472C6A59E99}
[2013.01.09 19:30:56 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 19:30:56 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 19:30:44 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 19:30:43 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 19:30:38 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 19:30:38 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 19:30:38 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 19:30:38 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 19:30:38 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 19:30:38 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 19:30:38 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 19:30:38 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 19:30:38 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 19:30:38 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 19:30:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 19:30:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 19:30:38 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 19:30:38 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 19:30:38 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 19:30:38 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 19:30:38 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 19:30:38 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 19:30:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 19:30:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 19:30:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 19:30:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 19:30:38 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 19:30:38 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 19:30:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 19:30:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 19:30:37 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 19:30:37 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 19:30:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 19:30:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 19:30:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 19:30:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 19:30:21 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 19:30:21 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 19:30:20 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 19:30:20 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 19:30:20 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 19:30:20 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 19:30:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 19:30:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 19:30:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 19:30:20 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 19:30:20 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 19:30:20 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 19:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 19:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 19:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 19:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 19:30:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 19:30:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 19:30:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 19:30:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 19:30:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 19:30:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 19:30:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 19:30:12 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.01.09 17:35:22 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{A99FA8D5-2901-4199-BD39-7E10C8B67342}
[2013.01.08 17:52:31 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{652B30D1-BE2D-455B-BA10-6E740E8328B6}
[2013.01.07 09:30:12 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{99EC53DB-0EB7-4863-9F91-AB44CF2914CC}
[2013.01.07 07:39:43 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{EE4A2B9F-284D-40DE-B2F0-0A0D72B3D47B}
[2013.01.05 19:58:47 | 000,000,000 | ---D | C] -- C:\Users\dragana\Documents\ClubCooee
[2013.01.05 15:42:11 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{0B69AC30-6973-4DD8-9F8B-AC390F8D5427}
[2013.01.04 15:43:36 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{9784FE02-4D2B-438E-8AD3-74A84C699877}
[2013.01.02 06:49:23 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{AF132EC7-525D-4A7F-8861-C52F5A7D0F87}
[2012.12.30 22:53:36 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Roaming\ClubCooee
[2012.12.30 22:53:32 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Club Cooee
[2012.12.30 22:53:29 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\ClubCooee
[2012.12.30 20:49:38 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{1FD7DDE4-8C87-4A04-ADC7-FBCF96C32648}
[2012.12.30 15:29:06 | 000,000,000 | ---D | C] -- C:\Users\dragana\Desktop\lancici
[2012.12.30 15:15:40 | 000,000,000 | ---D | C] -- C:\Users\dragana\.thumbnails
[2012.12.30 15:14:19 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\fontconfig
[2012.12.30 15:14:18 | 000,000,000 | ---D | C] -- C:\Users\dragana\.gimp-2.8
[2012.12.30 15:14:17 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\gegl-0.2
[2012.12.30 15:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.12.30 10:22:33 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{4C7412B6-F605-4EC0-907E-C3A50BEDD1CE}
[2012.12.29 08:50:21 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{6D39B3FD-E921-45A9-9863-F026FB58EC47}
[2012.12.24 13:25:10 | 000,000,000 | ---D | C] -- C:\Users\dragana\AppData\Local\{0F55D554-5F55-426A-A0F5-EE1DE5788E17}

========== Files - Modified Within 30 Days ==========

[2013.01.22 15:31:00 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4266239424-3780804206-1686896964-1000UA.job
[2013.01.22 13:55:03 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.22 13:55:03 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.22 13:45:47 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.01.22 13:45:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.22 13:45:36 | 3218,042,880 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.22 13:26:00 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4266239424-3780804206-1686896964-1001UA.job
[2013.01.22 01:26:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4266239424-3780804206-1686896964-1001Core.job
[2013.01.21 19:57:43 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.21 18:31:06 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4266239424-3780804206-1686896964-1000Core.job
[2013.01.21 17:34:46 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.01.21 17:34:46 | 000,002,008 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.01.15 21:27:07 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.01.09 22:26:41 | 000,300,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.09 22:07:11 | 001,521,350 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.09 22:07:11 | 000,654,602 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.09 22:07:11 | 000,616,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.09 22:07:11 | 000,130,216 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.09 22:07:11 | 000,106,606 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.07 15:13:12 | 426,733,187 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.12.30 22:53:32 | 000,002,040 | ---- | M] () -- C:\Users\dragana\Desktop\Club Cooee.lnk
[2012.12.30 15:51:30 | 000,009,301 | ---- | M] () -- C:\Users\dragana\AppData\Local\recently-used.xbel
[2012.12.30 15:14:16 | 000,000,894 | ---- | M] () -- C:\Users\dragana\Desktop\GIMP 2.lnk
[2012.12.29 09:39:47 | 002,113,522 | ---- | M] () -- C:\Users\dragana\Documents\torta-grcki-sladoled.pdf

========== Files Created - No Company Name ==========

[2013.01.15 21:27:07 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.01.15 21:27:07 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.12.30 22:53:32 | 000,002,040 | ---- | C] () -- C:\Users\dragana\Desktop\Club Cooee.lnk
[2012.12.30 15:51:30 | 000,009,301 | ---- | C] () -- C:\Users\dragana\AppData\Local\recently-used.xbel
[2012.12.30 15:14:16 | 000,000,894 | ---- | C] () -- C:\Users\dragana\Desktop\GIMP 2.lnk
[2012.12.30 15:13:07 | 000,000,894 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.12.29 09:39:47 | 002,113,522 | ---- | C] () -- C:\Users\dragana\Documents\torta-grcki-sladoled.pdf
[2012.06.29 15:18:00 | 000,000,304 | ---- | C] () -- C:\Windows\km32hlpr.dll
[2012.06.29 15:18:00 | 000,000,000 | ---- | C] () -- C:\Windows\wnsperf32.dll
[2012.06.29 15:18:00 | 000,000,000 | ---- | C] () -- C:\Windows\stdensrv.dll
[2012.06.29 15:18:00 | 000,000,000 | ---- | C] () -- C:\Windows\javexisb.dll
[2012.06.29 15:18:00 | 000,000,000 | ---- | C] () -- C:\Windows\javexisa.dll
[2012.06.29 15:18:00 | 000,000,000 | ---- | C] () -- C:\Windows\cr2gui32.dll
[2012.06.29 15:17:59 | 000,003,532 | ---- | C] () -- C:\Windows\memgprep.dll
[2012.05.26 11:50:13 | 004,444,160 | ---- | C] () -- C:\Users\dragana\AppData\Local\BlosonSetup.msi
[2011.04.23 21:18:10 | 000,100,208 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2011.04.23 21:17:32 | 000,062,136 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2011.04.23 21:16:44 | 000,250,552 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2011.04.02 11:34:19 | 000,009,855 | ---- | C] () -- C:\Windows\SysWow64\mswgnno-e.dll
[2011.02.08 13:37:32 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011.02.08 13:37:32 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011.02.08 13:37:32 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011.02.08 13:37:32 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011.02.08 13:37:32 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011.02.08 13:37:32 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011.02.08 13:37:32 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011.02.08 13:37:32 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011.02.08 13:37:32 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011.02.08 13:37:32 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011.02.08 13:37:32 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011.02.08 13:37:32 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011.02.08 13:37:32 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011.02.08 13:37:32 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011.02.08 13:37:32 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011.02.08 13:37:32 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011.02.08 13:37:32 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011.02.08 13:37:32 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011.02.08 13:37:32 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011.02.05 02:17:13 | 001,526,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.05 00:16:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]




i fajl:





[Link mogu videti samo ulogovani korisnici]


nadam se da sam dobro sve uradila i da mi mozete pomoci

hvala unapred



Poslao: 22 Jan 2013 16:47
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Pozdrav,

Potrebno je da dostavis i Extras.txt...



Poslao: 22 Jan 2013 16:57
Idi na vrh
offline
  • Pridružio: 22 Jan 2013
  • Poruke: 3

evo valjda je to to

OTL Extras logfile created on: 27.10.2011 15:10:22 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\dragana\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 64,68% Memory free
7,99 Gb Paging File | 5,50 Gb Available in Paging File | 68,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,07 Gb Total Space | 391,25 Gb Free Space | 86,74% Space Free | Partition Type: NTFS
Drive E: | 29,73 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive Y: | 14,65 Gb Total Space | 6,89 Gb Free Space | 47,01% Space Free | Partition Type: NTFS

Computer Name: DRAGANA-PC | User Name: dragana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89B91433-49FF-45E6-9B89-02E761A5ACB9}" = DellOSD
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile-Gerätecenter: Treiberupdate
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C372CDEB-6FD0-4E03-A6F5-10EBB3636431}" = FastAccess
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DAAFE114-EEE7-8912-71AB-2EAA0399B7E1}" = ccc-utility64
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"DW WLAN Card Utility" = DW WLAN Card Utility
"EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C006F6-FB71-1F18-8549-C39DBF0186CD}" = CCC Help Greek
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Dell TouchCam
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0807242D-4BB5-4F6C-BEA8-EC9D75A51C51}" = Multimedia Card Reader
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F7DB8D9-5F2F-AA4B-90D4-1DF810A2CEBE}" = Catalyst Control Center InstallProxy
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{17407164-F2AD-4E04-886B-8060D503F21C}" = Dell MusicStage
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F163A79-3595-03F5-D76E-499250374C3A}" = CCC Help Russian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2208D6BB-D900-A0C9-5A66-97877A7429E8}" = Catalyst Control Center Graphics Previews Common
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2EBE79DC-61E9-431C-E985-345962DBAF42}" = CCC Help Thai
"{2FAECEAF-0EBE-48FF-B60A-B4577C0EFDAB}" = CIR Tool Kit
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339E5335-C100-B85F-160D-EB6031A18D5E}" = CCC Help Swedish
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{43D9D9F2-500E-B367-0E4E-3ED7F4B04604}" = CCC Help Polish
"{44F0E54B-D5D9-D162-79AC-22FE38B91517}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67571724-2252-05A1-8E9A-3C0D22169246}" = Catalyst Control Center Localization All
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{686EC205-8634-6A03-9BDF-F9A52795A22C}" = CCC Help Czech
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7161AD71-FA3A-1E8E-EF2B-E00781BE32F8}" = CCC Help Dutch
"{71B217F9-A89C-A38C-0E62-9286C47187FE}" = CCC Help French
"{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"{741F4292-E6AF-9C63-4A91-AB03A3814CC6}" = CCC Help Turkish
"{74253057-A6D4-4062-90F8-C75277DF7348}" = Dell PhotoStage
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B4B6BB2-1221-4554-9365-8AF113A80AB3}" = Dell Touch Software Suite Games
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{902DA45A-2512-27B3-39EA-294D2568CC24}" = CCC Help Portuguese
"{90BC4A0A-115D-7D4D-9CEF-C9785BC01C19}" = ccc-core-static
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9EF82D-18A3-F198-1296-71957C5DDB26}" = CCC Help Italian
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2C31E34-3158-2BBF-9C00-AFE7063349B9}" = CCC Help Norwegian
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A5FBEA9D-1455-C5BA-E193-12F52B9FD57C}" = Skins
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB1723E2-05BC-49C1-86AB-409764C0E608}" = Dell Stage
"{ABC0C97F-71F3-86BD-F2C9-AD8276042EFB}" = CCC Help Spanish
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ACFF9EFD-591C-C235-52BD-512242EA7860}" = Catalyst Control Center Graphics Previews Vista
"{B0243062-EDA7-F7AC-6095-EB0C422AD719}" = CCC Help Finnish
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B5F4881C-34F6-D877-9063-87C97ED7A654}" = CCC Help Hungarian
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C056407F-172A-44D0-4C08-E52BEC1F0DE8}" = CCC Help Danish
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CC041DB5-DCA4-4E66-9513-4E3FB1DFE090}" = StickyNotes
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D13C0F56-1C01-6A2A-E961-3E41110EDA5D}" = CCC Help Chinese Traditional
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF85A79C-5B01-4C56-E430-4E088F85B6FB}" = CCC Help Korean
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EAC5BF60-73FC-8D6E-CE38-318431DACBCE}" = CCC Help Chinese Standard
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED23E382-E5E3-4E21-B616-01FC59A40916}" = OpenOffice.org 3.3
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBB55C5E-2548-4511-A6F5-8CBCDE16484C}" = A1 Dashboard
"{FD86C433-7A59-9FBE-C253-B14DDFD2A7B7}" = CCC Help German
"{FECDFA4F-47FB-2CDA-2D93-FA1B43701AF4}" = CCC Help English
"{SbX-136198-9783706830751-stu10}}_is1" = SbX RW Controlling HAK I 08-09
"A1 Dashboard" = A1 Dashboard
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bandoo" = Bandoo
"conduitEngine" = Conduit Engine
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX210_SX410_TX210_TX410 Benutzerhandbuch" = Epson Stylus SX210_SX410_TX210_TX410 Handbuch
"GoToAssist" = GoToAssist 8.0.0.514
"iLivid" = iLivid
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Dell TouchCam
"InstallShield_{0807242D-4BB5-4F6C-BEA8-EC9D75A51C51}" = Multimedia Card Reader
"InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"WinLiveSuite" = Windows Live Essentials
"www.Freeware-download.com Toolbar" = [Link mogu videti samo ulogovani korisnici] Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.08.2011 14:25:59 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 16.08.2011 02:26:13 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 16.08.2011 04:59:27 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 16.08.2011 09:07:53 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 16.08.2011 14:53:32 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 17.08.2011 04:38:27 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 17.08.2011 09:12:32 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 18.08.2011 02:08:29 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 18.08.2011 06:46:22 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error - 18.08.2011 07:29:40 | Computer Name = dragana-PC | Source = Swapdrive Backup | ID = 0
Description = Swapdrive Backup: Web Service Error: System.Net.WebException: Der
Remotename konnte nicht aufgelöst werden: 'wsvcdell.backup.com' bei System.Net.HttpWebRequest.GetRequestStream(TransportContext&
context) bei System.Net.HttpWebRequest.GetRequestStream() bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters) bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest
req) bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

[ Dell Events ]
Error - 19.10.2011 18:23:00 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 19.10.2011 18:23:16 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 19.10.2011 18:23:16 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 22.10.2011 07:02:14 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 22.10.2011 07:02:14 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 23.10.2011 12:24:09 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 23.10.2011 12:24:09 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 27.10.2011 08:29:08 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 27.10.2011 08:29:08 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

Error - 27.10.2011 08:46:50 | Computer Name = dragana-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

[ System Events ]
Error - 23.10.2011 12:24:06 | Computer Name = dragana-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 24.10.2011 14:09:16 | Computer Name = dragana-PC | Source = Virtual Disk Service | ID = 33554441
Description =

Error - 24.10.2011 14:09:16 | Computer Name = dragana-PC | Source = Virtual Disk Service | ID = 33554441
Description =

Error - 24.10.2011 14:09:17 | Computer Name = dragana-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 24.10.2011 14:09:17 | Computer Name = dragana-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 26.10.2011 04:17:31 | Computer Name = dragana-PC | Source = Virtual Disk Service | ID = 33554441
Description =

Error - 26.10.2011 04:17:31 | Computer Name = dragana-PC | Source = Virtual Disk Service | ID = 33554441
Description =

Error - 26.10.2011 04:17:32 | Computer Name = dragana-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 27.10.2011 08:46:47 | Computer Name = dragana-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 27.10.2011 08:46:47 | Computer Name = dragana-PC | Source = VDS Basic Provider | ID = 33554433
Description =


< End of report >

Poslao: 22 Jan 2013 19:36
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Arrow Pokreni Control Panel i obrisi sledece:
- Java(TM) 6 Update 20
- Java(TM) 6 Update 24
- Mesh Runtime
- iLivid
- Skype Toolbars
- Bandoo
- Conduit Engine
- [Link mogu videti samo ulogovani korisnici] Toolbar

Poseti [Link mogu videti samo ulogovani korisnici] i preuzmi najnoviju verziju...




Arrow Start -> Run -> %AppData%\Malwarebytes\Malwarebytes' Anti-Malware\Logs -> Enter




Prikaci poslednji log...

Poslao: 22 Jan 2013 21:30
Idi na vrh
offline
  • Pridružio: 22 Jan 2013
  • Poruke: 3

Napisano: 22 Jan 2013 21:05

Mesh Runtime, Badoo i Conduit Engine nisam mogla da nadjem u programima da obrisem
iLivid sam pokusala da obrisem prosli put kad sam sklanjala keylogger i isto nisam mogla,

sta sad da radim?

Dopuna: 22 Jan 2013 21:16

i ovaj poslednji Toolbar isto nisam nasla, pa skoro nista od ove liste Sad

Dopuna: 22 Jan 2013 21:30

evo ih logovi imaju tri
1.

Malwarebytes Anti-Malware 1.60.1.1000
[Link mogu videti samo ulogovani korisnici]

Database version: v2012.02.05.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Klinceze :: DRAGANA-PC [limited]

22.10.2012 10:26:55
mbam-log-2012-10-22 (10-26-55).txt

Scan type: Custom scan
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



2.

Malwarebytes Anti-Malware 1.60.1.1000
[Link mogu videti samo ulogovani korisnici]

Database version: v2012.02.05.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Klinceze :: DRAGANA-PC [limited]

22.10.2012 10:32:27
mbam-log-2012-10-22 (10-32-27).txt

Scan type: Custom scan
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


3.

Malwarebytes Anti-Malware 1.70.0.1100
[Link mogu videti samo ulogovani korisnici]

Database version: v2013.01.21.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Klinceze :: DRAGANA-PC [limited]

22.01.2013 13:47:18
mbam-log-2013-01-22 (13-47-18).txt

Scan type: Full scan (C:\|Q:\Smajli
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 416524
Time elapsed: 1 hour(s), 48 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Poslao: 22 Jan 2013 21:38
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Nema Toolbar-ova, zato sto si mi prikacila Extras izvestaj star 4 meseca Mr. Green

Inace keylogger nije prisutan, ono sto je MalwareBytes obrisao su delovi Funmoods toolbar-a...


Arrow Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad.

Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok
Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt

MyCity » Ambulanta -> Arhiva Ambulante » Ponovo keylogger

Ko je trenutno na forumu
 

Ukupno su 1088 korisnika na forumu :: 115 registrovanih, 8 sakrivenih i 965 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 9k38, A.R.Chafee.Jr., Alexa77, alternator, amaterSRB, ArmyBoss, Azzo, babaroga, baltazar01, Betty25, black venom, blatruc82, Boban0312, Bobrock1, bojan313, bokisha253, Cicumile, Coficab, CrazyNorth, d.arsenal321, delboy, Denaya, Dimitrije Paunovic, Dimitrise93, DJ Brain(w)rack, Django777, Doc, Draganeli, dragoljub11987, drale12, Electron, ElGenius, FOX, Frunze, GAGI, galico, Goran 0000, HrcAk47, iceburn, ikan, ivran064, jerome75, jon istvan, Kotarle, Kubovac, ljuba, luka1978, luka35, Macalone, Malahit, mercedesamg, metallac777, Michellefromrezistance, MiG-29M2, miki kv, mikidragi, mile33, MiroslavD, mm1811, mnn2, Mrav Obrad, Mravojed, Natuzzi, Ne doznajem se u oružje, nebidrag, nenad81, nerislav2025, Neutral-M, Nikolajevic, novator, nsharambasa, Ognjen D., orah, Orijen, Pale2025, pein, Pekman, powSrb, procesor, Ranutovac, raso76, rebcooil, Rebel Frank, Rusmir, sasa87, sekretar, Sir Budimir, Sirius, Smajser, Srpska zauvjek, srpskasparta, sspp, stagezin, Stija zmija, stokssone, TalicniTom, Tandrkalo, The Boss, TheBeastOfMG, tihi-posmatrac, Topaz9, Trpe Grozni, Tumansky, Valter071, vensla, vladaa012, voja64, VP6919, x9, XBMC, Zec, zoran77, Zukov, Žrnov, 787