MyCity » Ambulanta -> Arhiva Ambulante » Pretrazivaci se rushe komp usporen

Pretrazivaci se rushe komp usporen

Napisano na dan: 3.7.2012
1

Pretrazivaci se rushe komp usporen
Sledeća strana Pagination

Idi na vrh

Poslao: 03 Jul 2012 02:03
Idi na vrh
offline
  • Pridružio: 03 Jul 2012
  • Poruke: 6

Pozdrav, citav komp je usporen jako cesto sve zakuje i moram ga restartovati. Trenutko koristim mozilu ali i onda cesto kuje i rusi se isto je stanje i sa ostalim pretrazivacima. Gmer nisam uspela da izbacim jer mi u sred skeniranja zakuje i moram da restart komp. RootRepeal nece ni da se pokrene izbacuje neki error.


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by Laura at 1:17:02 on 2012-07-03
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1919.1187 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Telenor Internet\UIExec.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Laura\AppData\Roaming\DRPSu\DrvUpdater.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Telenor Internet\AssistantServices.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
c:\program files\teamviewer\version6\TeamViewer_Desktop.exe
C:\Program Files\TeamViewer\Version6\tv_w32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253
mStart Page = hxxp://home.allgameshome.com
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Browser Companion Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - c:\program files\browsercompanion\jsloader.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Browser Companion Helper Verifier: {963b125b-8b21-49a2-a3a8-e37092276531} - c:\program files\browsercompanion\updatebhoWin32.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB: {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - No File
uRun: [DrvUpdater] c:\users\laura\appdata\roaming\drpsu\DrvUpdater.exe
uRun: [Media Finder] "c:\program files\media finder\MF.exe" /opentotray
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
uRun: [ManyCam] "c:\program files\manycam\bin\ManyCam.exe" /silent
mRun: [UIExec] "c:\program files\telenor internet\UIExec.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\laura\appdata\roaming\micros~1\windows\startm~1\programs\startup\wirele~1.lnk - d:\sve\wireless wizard\AzulstarLinkTest.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with &Media Finder - c:\program files\media finder\hook.html
IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{738D5843-C794-4A0F-A3D1-15E9C67FE665} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{738D5843-C794-4A0F-A3D1-15E9C67FE665}\77830323D2B62737475727 : DhcpNameServer = 93.186.64.12 93.186.74.12
TCP: Interfaces\{738D5843-C794-4A0F-A3D1-15E9C67FE665}\847453230396 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{738D5843-C794-4A0F-A3D1-15E9C67FE665}\D416C61602F416A716 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9F853CD9-EF29-45B4-B616-83CA2DB0DA49} : DhcpNameServer = 77.105.0.19 89.216.1.1
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\browsercompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\browsercompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\browsercompanion\tdataprotocol.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\laura\appdata\roaming\mozilla\firefox\profiles\vo18ywdb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - uTorrentControl2 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13
FF - component: c:\program files\searchcore for browsers\searchcore for browsers\firefoxextension\components\DataMngrHlpFF3.dll
FF - plugin: c:\program files\funwebproducts\installr\1.bin\NPFUNWEB.DLL
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.id - 0aed70ac00000000000000ff8e42a5a5
FF - user.js: extensions.BabylonToolbar_i.hardId - 0aed70ac00000000000000ff8e42a5a5
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15435
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:02:39
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111015
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-4-12 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-4-12 337880]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-4-12 20696]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-4-12 57688]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-4-12 44768]
R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2012-6-12 412304]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-12 654408]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-6-19 3048136]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-7-25 2337144]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-3-19 2666880]
R2 UI Assistant Service;UI Assistant Service;c:\program files\telenor internet\AssistantServices.exe [2012-3-12 270672]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [2012-1-11 32000]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-12 22344]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2012-2-22 22400]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2011-7-25 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-12-9 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-4-5 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-25 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-9-13 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-12-9 136176]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-3-12 9216]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-9 113120]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-14 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-4-12 52224]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S3 wxpSvc;webcamXP Service;c:\program files\webcamxp 5\wService.exe [2012-3-26 5404472]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-06-29 12:09:23 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8c70fcdb-e21f-46ec-ba51-c6e39ad1b2f8}\mpengine.dll
2012-06-25 17:02:07 -------- d-----w- c:\users\laura\appdata\local\Macromedia
2012-06-25 17:00:54 -------- d-----w- c:\programdata\McAfee Security Scan
2012-06-25 17:00:46 -------- d-----w- c:\program files\McAfee Security Scan
2012-06-25 17:00:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-25 17:00:41 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-24 22:55:12 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-06-24 22:55:11 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-06-19 15:35:14 4967624 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2012-06-19 11:03:10 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 11:02:50 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 11:02:35 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 11:02:35 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-18 01:32:03 -------- d-----w- c:\users\laura\appdata\local\CRE
2012-06-13 08:54:02 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-06-13 08:54:01 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 08:53:57 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 08:53:52 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 08:53:50 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 08:53:50 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 08:53:49 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 08:53:47 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 08:53:33 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 08:53:32 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 08:53:32 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-10 17:30:32 -------- d-----w- c:\users\laura\appdata\local\Comodo
2012-06-10 17:30:07 -------- d-----w- c:\program files\Comodo
2012-06-10 17:29:48 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-06-10 17:29:48 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-06-10 17:29:48 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-06-09 14:09:47 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-06-09 14:09:31 624608 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
2012-06-09 14:09:30 43488 ----a-w- c:\program files\mozilla firefox\mozglue.dll
2012-06-09 14:09:30 157608 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-06-09 14:09:30 113120 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-06-03 23:30:46 -------- d-----w- c:\program files\Oracle
2012-06-03 23:30:04 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
.
==================== Find3M ====================
.
2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-04-12 04:13:32 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-04-04 16:47:02 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 13:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 1:18:34,86 ===============

mycity.rs/must-login.png

Poslao: 03 Jul 2012 19:32
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Pozdrav,LaUrA93


Preuzmi Rootkit Unhooker na Desktop.

Dvoklikom pokreni program;

odaberi Report karticu;

klikni Scan i u prozoru koji se otvori štrikliraj stavke:

SSDT
Shadow SSDT
Processes
Drivers
Stealth Code
Files
Code Hooks
klikni OK i sačekaj završetak skeniranja.

Kada skeniranje bude završeno, klikni File > Save Report i sačuvaj izveštaj.

Izveštaj programa Rootkit Unhooker priloži uz poruku korišćenjem opcije Prikači fajl.

NIx Car (AMF Tim)

Poslao: 05 Jul 2012 14:51
Idi na vrh
offline
  • Pridružio: 03 Jul 2012
  • Poruke: 6

mycity.rs/must-login.png

Sve je trajalo vise od 1h kada je doslo na karticu Files i pocelo da skenira Local Disk C doslo do pola i tu tako stajalo 20minuta Neutral prekinula sam nastavilo je dalje i to je log...

Poslao: 05 Jul 2012 17:28
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobijes sledecu poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes

Pod AV Scan: sa QuickScan prebaci na (none) bas kao na slici.


Klikni na Scan.

Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.

NIx Car(AMF Tim)

Poslao: 06 Jul 2012 18:44
Idi na vrh
offline
  • 100%Milanista
  • Information Technology
  • Pridružio: 23 Avg 2008
  • Poruke: 2634
  • Gde živiš: Milan, Italy

Napisano: 06 Jul 2012 17:07

Posto Laura ne moze sa svog racunara da pristupi forumu (a razlog mi nije poznat, ja sam pokusao sa 3razlicita pretrazivaca i brisao cashe i kolacice ali ne moze. Dok je pingovanje odradjeno bez gubitka...) ja cu kopirati log koji je potreban i nastaviti dalje sve dok ona ne bude mogla da pristupi sa svog racunara...

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-06 16:45:00
-----------------------------
16:45:00.864 OS Version: Windows 6.1.7601 Service Pack 1
16:45:00.865 Number of processors: 1 586 0x1601
16:45:00.876 ComputerName: LAURA-PC UserName: Laura
16:45:15.402 Initialize success
16:45:16.164 AVAST engine defs: 12070201
16:46:13.878 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
16:46:13.894 Disk 0 Vendor: ST9250315AS 0002SDM1 Size: 238475MB BusType: 3
16:46:13.920 Disk 0 MBR read successfully
16:46:13.930 Disk 0 MBR scan
16:46:13.954 Disk 0 Windows 7 default MBR code
16:46:13.968 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102398 MB offset 63
16:46:13.990 Disk 0 Partition - 00 0F Extended LBA 136066 MB offset 209712510
16:46:14.051 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 136066 MB offset 209712573
16:46:14.072 Disk 0 scanning sectors +488376000
16:46:14.166 Disk 0 scanning C:\Windows\system32\drivers
16:46:32.137 Service scanning
16:47:06.155 Modules scanning
16:47:32.913 Disk 0 trace - called modules:
16:47:32.986 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys ndis.sys athr.sys intelppm.sys afd.sys
16:47:33.008 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8555c410]
16:47:33.034 3 CLASSPNP.SYS[88a6b59e] -> nt!IofCallDriver -> [0x84751918]
16:47:33.056 5 ACPI.sys[882483d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x85499030]
16:47:33.086 Scan finished successfully
16:47:44.689 Disk 0 MBR has been saved successfully to "C:\Users\Laura\Desktop\MBR.dat"
16:47:44.711 The log file has been saved successfully to "C:\Users\Laura\Desktop\aswMBR.txt"

Dopuna: 06 Jul 2012 17:13

Zaboravio sam napomenuti da joj je juce avast prijavio nekakve rootkitove i da je kao nesto cistio i cuda radio. Ali nijesam uspjeo naci nikakve logove a i avast je nesto prsko ne radi kako treba...

Dopuna: 06 Jul 2012 18:44

https://www.mycity.rs/must-login.png


Evo uploadujem sve sto sam nasao u folderu: C:\ProgramData\AVAST Software\Avast\report

Poslao: 06 Jul 2012 20:48
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Arrow Korak 1

Idi u Start -> Control Panel -> Programs And Features i deinstaliraj sledeće programe:
DriverPack Solution Updater
BrowserCompanion
Java(TM) 6 Update 29
Windows iLivid Toolbar



Arrow Korak 2
Arrow Preuzmi program OTL sa donjeg linka na Desktop:

OTL download
Klikni na dati link i u prozoru koji se otvori, klikni na dugme Save;
kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati datoteku, odaberi Desktop i klikni na dugme Save.
Dvoklikom pokreni OTL;

klikni na dugme Run Scan;

po završetku skeniranja, izveštaj će se otvoriti u programu Notepad (napomena: izveštaj će automatski biti sačuvan na Desktopu kao OTL.Txt) .

Priloži izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.

Poslao: 07 Jul 2012 02:23
Idi na vrh
offline
  • Pridružio: 03 Jul 2012
  • Poruke: 6

Korak 1:

zavrseno...

Korak 2:



OTL logfile created on: 7.7.2012 2:01:11 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Laura\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000281A | Country: Serbia | Language: SRO | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 67,19% Memory free
3,75 Gb Paging File | 3,01 Gb Available in Paging File | 80,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 48,90 Gb Free Space | 48,90% Space Free | Partition Type: NTFS
Drive D: | 132,88 Gb Total Space | 98,52 Gb Free Space | 74,14% Space Free | Partition Type: NTFS

Computer Name: LAURA-PC | User Name: Laura | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.07 00:11:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe
PRC - [2012.07.03 14:10:48 | 000,469,136 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe
PRC - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.04.05 08:14:22 | 002,105,208 | ---- | M] (ManyCam LLC) -- C:\Program Files\ManyCam\Bin\ManyCam.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.03.12 22:25:06 | 000,583,680 | ---- | M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2011.12.15 21:57:50 | 000,270,672 | ---- | M] () -- C:\Program Files\Telenor Internet\AssistantServices.exe
PRC - [2011.12.15 21:57:50 | 000,153,424 | ---- | M] () -- C:\Program Files\Telenor Internet\UIExec.exe
PRC - [2011.07.16 00:22:28 | 001,232,896 | ---- | M] (Azulstar Inc.) -- D:\Sve\Wireless Wizard\AzulstarLinkTest.exe
PRC - [2011.07.11 23:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.06.01 14:44:55 | 002,120,568 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version6\TeamViewer_Desktop.exe
PRC - [2011.06.01 14:44:54 | 008,003,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe
PRC - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.06.01 14:16:33 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\tv_w32.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2012.07.07 01:58:48 | 000,032,768 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\YTMP7MC8AA\TAABF14.tmp
MOD - [2012.07.07 01:58:40 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEMA123.tmp
MOD - [2012.07.07 01:58:40 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEMA0E3.tmp
MOD - [2012.07.07 01:58:40 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9FB8.tmp
MOD - [2012.07.07 01:58:40 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9F68.tmp
MOD - [2012.07.07 01:58:40 | 000,091,136 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEMA264.tmp
MOD - [2012.07.07 01:58:40 | 000,091,136 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEMA224.tmp
MOD - [2012.07.07 01:58:40 | 000,091,136 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEMA1B5.tmp
MOD - [2012.07.07 01:58:40 | 000,091,136 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEMA174.tmp
MOD - [2012.07.07 01:58:39 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9E5D.tmp
MOD - [2012.07.07 01:58:39 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9DA0.tmp
MOD - [2012.07.07 01:58:39 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9CE3.tmp
MOD - [2012.07.07 01:58:39 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9BB8.tmp
MOD - [2012.07.07 01:58:38 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9B0B.tmp
MOD - [2012.07.07 01:58:38 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9A7C.tmp
MOD - [2012.07.07 01:58:38 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM99EE.tmp
MOD - [2012.07.07 01:58:38 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9921.tmp
MOD - [2012.07.07 01:58:38 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9893.tmp
MOD - [2012.07.07 01:58:38 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM97B6.tmp
MOD - [2012.07.07 01:58:37 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM96F9.tmp
MOD - [2012.07.07 01:58:37 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM960D.tmp
MOD - [2012.07.07 01:58:37 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM958E.tmp
MOD - [2012.07.07 01:58:37 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM94A2.tmp
MOD - [2012.07.07 01:58:37 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM93D6.tmp
MOD - [2012.07.07 01:58:36 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM92E9.tmp
MOD - [2012.07.07 01:58:36 | 000,074,240 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM90E0.tmp
MOD - [2012.07.07 01:58:36 | 000,072,704 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM91AF.tmp
MOD - [2012.07.07 01:58:36 | 000,072,704 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM915F.tmp
MOD - [2012.07.07 01:58:36 | 000,072,704 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8FE4.tmp
MOD - [2012.07.07 01:58:36 | 000,059,904 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8FB3.tmp
MOD - [2012.07.07 01:58:36 | 000,055,808 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8F83.tmp
MOD - [2012.07.07 01:58:35 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8E83.tmp
MOD - [2012.07.07 01:58:35 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8E62.tmp
MOD - [2012.07.07 01:58:35 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8D64.tmp
MOD - [2012.07.07 01:58:35 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8D43.tmp
MOD - [2012.07.07 01:58:35 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8D22.tmp
MOD - [2012.07.07 01:58:35 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8CC0.tmp
MOD - [2012.07.07 01:58:35 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8C51.tmp
MOD - [2012.07.07 01:58:35 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8BF1.tmp
MOD - [2012.07.07 01:58:35 | 000,071,168 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8BD0.tmp
MOD - [2012.07.07 01:58:35 | 000,066,048 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8EA6.tmp
MOD - [2012.07.07 01:58:35 | 000,057,856 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8D10.tmp
MOD - [2012.07.07 01:58:35 | 000,057,344 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8D85.tmp
MOD - [2012.07.07 01:58:35 | 000,057,344 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8B61.tmp
MOD - [2012.07.07 01:58:35 | 000,055,808 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8E95.tmp
MOD - [2012.07.07 01:58:34 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8AC1.tmp
MOD - [2012.07.07 01:58:34 | 000,057,344 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8B21.tmp
MOD - [2012.04.05 08:14:26 | 000,469,880 | ---- | M] () -- C:\Program Files\ManyCam\Bin\cximagecrt.dll
MOD - [2012.04.05 08:14:24 | 000,122,232 | ---- | M] () -- C:\Program Files\ManyCam\Bin\CrashRpt.dll
MOD - [2011.12.15 21:57:50 | 000,153,424 | ---- | M] () -- C:\Program Files\Telenor Internet\UIExec.exe
MOD - [2011.09.14 13:16:54 | 000,238,592 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_video220.dll
MOD - [2011.09.14 13:15:34 | 000,326,144 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_objdetect220.dll
MOD - [2011.09.14 13:15:02 | 000,671,744 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_highgui220.dll
MOD - [2011.09.14 13:13:48 | 001,437,184 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2011.09.14 13:13:04 | 002,128,384 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_core220.dll
MOD - [2011.07.25 09:10:39 | 000,047,616 | ---- | M] () -- C:\Program Files\Winamp\zlib.dll
MOD - [2011.07.25 09:10:38 | 000,103,936 | ---- | M] () -- C:\Program Files\Winamp\System\png.w5s
MOD - [2011.07.25 09:10:38 | 000,090,112 | ---- | M] () -- C:\Program Files\Winamp\System\xml.w5s
MOD - [2011.07.25 09:10:38 | 000,084,480 | ---- | M] () -- C:\Program Files\Winamp\System\playlist.w5s
MOD - [2011.07.25 09:10:38 | 000,083,968 | ---- | M] () -- C:\Program Files\Winamp\tataki.dll
MOD - [2011.07.25 09:10:38 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\System\timer.w5s
MOD - [2011.07.25 09:10:38 | 000,021,504 | ---- | M] () -- C:\Program Files\Winamp\System\tagz.w5s
MOD - [2011.07.25 09:10:38 | 000,013,824 | ---- | M] () -- C:\Program Files\Winamp\System\primo.w5s
MOD - [2011.07.25 09:10:37 | 000,623,616 | ---- | M] () -- C:\Program Files\Winamp\System\jnetlib.w5s
MOD - [2011.07.25 09:10:37 | 000,174,080 | ---- | M] () -- C:\Program Files\Winamp\System\auth.w5s
MOD - [2011.07.25 09:10:37 | 000,154,624 | ---- | M] () -- C:\Program Files\Winamp\System\jpeg.w5s
MOD - [2011.07.25 09:10:37 | 000,044,544 | ---- | M] () -- C:\Program Files\Winamp\System\devices.w5s
MOD - [2011.07.25 09:10:37 | 000,023,040 | ---- | M] () -- C:\Program Files\Winamp\System\albumart.w5s
MOD - [2011.07.25 09:10:37 | 000,019,456 | ---- | M] () -- C:\Program Files\Winamp\System\gif.w5s
MOD - [2011.07.25 09:10:37 | 000,019,456 | ---- | M] () -- C:\Program Files\Winamp\System\bmp.w5s
MOD - [2011.07.25 09:10:37 | 000,016,896 | ---- | M] () -- C:\Program Files\Winamp\System\dlmgr.w5s
MOD - [2011.07.25 09:10:37 | 000,016,384 | ---- | M] () -- C:\Program Files\Winamp\System\gracenote.w5s
MOD - [2011.07.25 09:10:37 | 000,014,336 | ---- | M] () -- C:\Program Files\Winamp\System\filereader.w5s
MOD - [2011.07.25 09:10:36 | 000,293,376 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_local.dll
MOD - [2011.07.25 09:10:36 | 000,240,640 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_pmp.dll
MOD - [2011.07.25 09:10:36 | 000,170,496 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_ipod.dll
MOD - [2011.07.25 09:10:36 | 000,124,928 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_online.dll
MOD - [2011.07.25 09:10:36 | 000,118,272 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_p4s.dll
MOD - [2011.07.25 09:10:36 | 000,113,152 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_wifi.dll
MOD - [2011.07.25 09:10:36 | 000,083,456 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_plg.dll
MOD - [2011.07.25 09:10:36 | 000,082,944 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_playlists.dll
MOD - [2011.07.25 09:10:36 | 000,060,928 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_android.dll
MOD - [2011.07.25 09:10:36 | 000,053,760 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_usb.dll
MOD - [2011.07.25 09:10:36 | 000,052,224 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_ds.dll
MOD - [2011.07.25 09:10:36 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_rg.dll
MOD - [2011.07.25 09:10:36 | 000,031,744 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_transcode.dll
MOD - [2011.07.25 09:10:36 | 000,022,528 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_disk.dll
MOD - [2011.07.25 09:10:36 | 000,020,480 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_njb.dll
MOD - [2011.07.25 09:10:36 | 000,018,432 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_wave.dll
MOD - [2011.07.25 09:10:35 | 000,313,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_wm.dll
MOD - [2011.07.25 09:10:35 | 000,252,416 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_vorbis.dll
MOD - [2011.07.25 09:10:35 | 000,249,856 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_devices.dll
MOD - [2011.07.25 09:10:35 | 000,200,192 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_disc.dll
MOD - [2011.07.25 09:10:35 | 000,057,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_impex.dll
MOD - [2011.07.25 09:10:35 | 000,052,224 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_history.dll
MOD - [2011.07.25 09:10:35 | 000,028,672 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_autotag.dll
MOD - [2011.07.25 09:10:35 | 000,027,648 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_bookmarks.dll
MOD - [2011.07.25 09:10:35 | 000,016,896 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_wave.dll
MOD - [2011.07.25 09:10:34 | 000,285,696 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mp3.dll
MOD - [2011.07.25 09:10:34 | 000,165,376 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mod.dll
MOD - [2011.07.25 09:10:34 | 000,109,568 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_midi.dll
MOD - [2011.07.25 09:10:34 | 000,074,752 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_nsv.dll
MOD - [2011.07.25 09:10:34 | 000,050,688 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mp4.dll
MOD - [2011.07.25 09:10:34 | 000,049,152 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mkv.dll
MOD - [2011.07.25 09:10:34 | 000,023,552 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_swf.dll
MOD - [2011.07.25 09:10:33 | 000,102,400 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_cdda.dll
MOD - [2011.07.25 09:10:33 | 000,072,192 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_dshow.dll
MOD - [2011.07.25 09:10:33 | 000,068,608 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_avi.dll
MOD - [2011.07.25 09:10:33 | 000,060,928 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_flac.dll
MOD - [2011.07.25 09:10:33 | 000,057,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_orgler.dll
MOD - [2011.07.25 09:10:33 | 000,043,008 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_flv.dll
MOD - [2011.07.25 09:10:33 | 000,025,600 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_tray.dll
MOD - [2011.07.25 09:10:33 | 000,007,168 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_linein.dll
MOD - [2011.07.25 09:10:32 | 001,737,728 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_ff.dll
MOD - [2011.07.25 09:10:32 | 000,410,624 | ---- | M] () -- C:\Program Files\Winamp\nsutil.dll
MOD - [2011.07.25 09:10:32 | 000,340,992 | ---- | M] () -- C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
MOD - [2011.07.25 09:10:32 | 000,312,832 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_ml.dll
MOD - [2011.07.25 09:10:32 | 000,183,808 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.07.25 09:10:32 | 000,078,848 | ---- | M] () -- C:\Program Files\Winamp\nde.dll
MOD - [2011.07.25 09:10:32 | 000,027,648 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011.07.25 09:10:31 | 000,253,440 | ---- | M] () -- C:\Program Files\Winamp\libsndfile.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Windows\system32\EA818329.exe -- (EA818329)
SRV - File not found [Disabled | Stopped] -- C:\Windows\system32\57545186.exe -- (57545186)
SRV - [2012.07.03 14:10:48 | 000,469,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012.06.25 19:00:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.25 00:55:13 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.26 15:28:58 | 005,404,472 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files\webcamXP 5\wService.exe -- (wxpSvc)
SRV - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.12.15 21:57:50 | 000,270,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Telenor Internet\AssistantServices.exe -- (UI Assistant Service)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\rootrepeal.sys -- (rootrepeal)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.02.22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012.01.11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2011.11.16 11:05:30 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011.11.16 11:05:30 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011.11.16 11:05:30 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2011.11.16 11:05:30 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2011.03.30 13:05:55 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.02.05 16:15:24 | 001,599,136 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athw.sys -- (AR5416)
DRV - [2009.12.23 17:33:26 | 000,088,024 | ---- | M] (FarStone Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fvxscsi.sys -- (FVXSCSI)
DRV - [2009.10.05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2008.12.24 19:39:44 | 000,014,392 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008.10.29 08:46:46 | 000,018,448 | ---- | M] (FarStone Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fcdabus.sys -- (fcdabus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = home.allgameshome.com
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = searchqu.com/web?src=ieb&appid=113&.....r=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = search.sweetim.com/search.asp?src=6&st=1&q={searchTerms}&barid={40DB8AE3-5425-49FA-8364-B1F744C05691}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = search.conduit.com?SearchSource=10&ctid=CT3072253
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=111015&mntrId=0aed70ac00000000000000ff8e42a5a5
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = websearch.ask.com/redirect?client=ie&tb.....crm&q={searchTerms}&locale=en_US&apn_ptnrs=QO&apn_dtid=YYYYYYYYRS&apn_uid=E79366EE-2EA0-4ADA-9A54-C6B62DFFC842&apn_sauid=158E3399-6B3E-46F7-A866-65BD04D84135
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = searchqu.com/web?src=ieb&appid=113&.....r=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = eu.ask.com/web?l=dis&o=APN10089&gct.....;apn_dtid=^YYYYYY^YY^RS&apn_ptnrs=^A5F&apn_uid=6491222516204555&p2=^A5F^YYYYYY^YY^RS&q={searchTerms}
IE - HKCU\..\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060}: "URL" = go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = search.sweetim.com/search.asp?src=6&st=1&q={searchTerms}&barid={40DB8AE3-5425-49FA-8364-B1F744C05691}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (en)"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: bbrs_002@blabbers.com:1.0.5


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll (Fun Web Products, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.25 00:55:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.21 01:54:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.25 00:55:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.21 01:54:49 | 000,000,000 | ---D | M]

[2012.04.12 22:00:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\Mozilla\Extensions
[2012.07.03 00:04:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo18ywdb.default\extensions
[2012.06.07 21:16:04 | 000,000,935 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo18ywdb.default\searchplugins\conduit.xml
[2012.04.13 02:36:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.02 23:16:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.25 00:55:14 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.17 23:50:49 | 000,000,627 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml
[2012.04.05 23:02:37 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.06.25 00:55:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.19 00:34:51 | 000,002,520 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012.06.25 00:55:08 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3072253
CHR - default_search_provider: suggest_url = search.conduit.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodnbkkemkkaekocofmphoadofkdh\7.14.1.20074_0\background/registryAccess.dll
CHR - plugin: (Enabled) = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Fun Web Products Plugin Stub (Enabled) = C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: YouTube = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: avast! WebRep = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Skype Click to Call = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: uTorrentControl2 = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\
CHR - Extension: Gmail = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [UIExec] C:\Program Files\Telenor Internet\UIExec.exe ()
O4 - HKCU..\Run: [ManyCam] C:\Program Files\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\mcshieldrtm.exe (MyCity)
O4 - HKCU..\Run: [Media Finder] "C:\Program Files\Media Finder\MF.exe" /opentotray File not found
O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Wizard.lnk = D:\Sve\Wireless Wizard\AzulstarLinkTest.exe (Azulstar Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{738D5843-C794-4A0F-A3D1-15E9C67FE665}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F853CD9-EF29-45B4-B616-83CA2DB0DA49}: DhcpNameServer = 77.105.0.19 89.216.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a2d00c9c-6bac-11e1-9786-485b391c5219}\Shell - "" = AutoRun
O33 - MountPoints2\{a2d00c9c-6bac-11e1-9786-485b391c5219}\Shell\AutoRun\command - "" = G:\Windows\AutoRun.exe
O33 - MountPoints2\{e54e4a02-f3b8-11e0-8211-485b391c5219}\Shell - "" = AutoRun
O33 - MountPoints2\{e54e4a02-f3b8-11e0-8211-485b391c5219}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.07.07 00:10:27 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe
[2012.06.25 19:02:07 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\Macromedia
[2012.06.25 19:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012.06.25 19:00:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012.06.25 19:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2012.06.25 19:00:41 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.06.25 19:00:41 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.06.19 13:03:11 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.06.19 13:03:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.06.19 13:02:50 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.06.19 13:02:50 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.06.19 13:02:50 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.06.19 13:02:35 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.06.19 13:02:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.06.18 03:32:03 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\CRE
[2012.06.13 17:28:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.06.13 17:28:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.06.13 17:28:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.06.13 17:28:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.06.13 17:28:45 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.06.13 17:28:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.06.13 17:28:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.06.13 10:54:02 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012.06.13 10:53:52 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.06.13 10:53:50 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.06.13 10:53:50 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.06.13 10:53:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.06.10 19:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012.06.10 19:30:32 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\Comodo
[2012.06.10 19:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2012.06.10 19:29:48 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012.06.10 19:29:48 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012.06.09 16:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.09 16:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

========== Files - Modified Within 30 Days ==========

[2012.07.07 02:03:53 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.07 02:03:53 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.07 01:58:27 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.07 01:58:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.07 01:58:10 | 1509,425,152 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.07 01:55:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.07 01:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.07 00:11:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe
[2012.07.04 00:14:46 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012.07.03 12:23:08 | 000,033,792 | -H-- | M] () -- C:\Users\Laura\Desktop\photothumb.db
[2012.07.03 12:21:46 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.03 12:21:46 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.25 19:00:49 | 000,002,112 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.06.25 19:00:49 | 000,002,112 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.06.25 19:00:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.06.25 19:00:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.06.24 16:35:27 | 196,145,761 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.06.19 22:56:19 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.06.18 01:13:32 | 001,378,576 | ---- | M] () -- C:\Users\Laura\Desktop\Photo0200.jpg
[2012.06.14 18:19:44 | 002,051,670 | ---- | M] () -- C:\Users\Laura\Desktop\Photo0187.jpg
[2012.06.13 19:28:00 | 000,266,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.10 19:29:49 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012.06.10 19:29:48 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012.06.09 16:09:40 | 000,001,990 | ---- | M] () -- C:\Users\Laura\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2012.07.04 00:14:46 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012.06.25 19:00:49 | 000,002,112 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.06.25 19:00:49 | 000,002,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.06.25 19:00:43 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.18 23:17:25 | 001,378,576 | ---- | C] () -- C:\Users\Laura\Desktop\Photo0200.jpg
[2012.06.18 23:17:22 | 002,051,670 | ---- | C] () -- C:\Users\Laura\Desktop\Photo0187.jpg
[2012.04.13 01:26:05 | 000,054,410 | ---- | C] () -- C:\Users\Laura\Desktopcam_1_20120413_012605_017.jpg
[2012.04.12 05:49:02 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.04.12 05:44:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.02.18 04:19:45 | 000,012,393 | ---- | C] () -- C:\Users\Laura\AppData\Local\Update.12.Bron.Tok.bin
[2012.02.18 03:12:25 | 000,012,393 | ---- | C] () -- C:\Users\Laura\AppData\Local\Bron.tok.A12.em.bin
[2011.11.10 00:59:52 | 000,000,197 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.10.11 16:41:01 | 000,014,496 | ---- | C] () -- C:\Windows\System32\VDI08X.dat
[2011.10.11 16:37:23 | 000,135,168 | ---- | C] () -- C:\Windows\System32\VDProductInfoEx.dll
[2011.10.11 16:37:22 | 000,118,784 | ---- | C] () -- C:\Windows\System32\DVC.dll
[2011.10.11 16:37:22 | 000,086,016 | ---- | C] () -- C:\Windows\System32\RDrv2KInterface.dll
[2011.10.11 16:37:22 | 000,036,864 | ---- | C] () -- C:\Windows\System32\unVHDDrvExe.exe
[2011.10.11 16:37:22 | 000,032,768 | ---- | C] () -- C:\Windows\System32\inVHDDrvExe.exe
[2011.10.11 16:37:22 | 000,028,672 | ---- | C] () -- C:\Windows\System32\RDrvInterface.dll
[2011.08.14 02:45:29 | 000,109,016 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.07.23 13:03:39 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

< End of report >




mycity.rs/must-login.png

Poslao: 07 Jul 2012 20:35
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Arrow Korak 1


Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.allgameshome.com
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=113&.....r=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&st=1&q={searchTerms}&barid={40DB8AE3-5425-49FA-8364-B1F744C05691}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3072253
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=111015&mntrId=0aed70ac00000000000000ff8e42a5a5
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb.....crm&q={searchTerms}&locale=en_US&apn_ptnrs=QO&apn_dtid=YYYYYYYYRS&apn_uid=E79366EE-2EA0-4ADA-9A54-C6B62DFFC842&apn_sauid=158E3399-6B3E-46F7-A866-65BD04D84135
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=113&.....r=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://eu.ask.com/web?l=dis&o=APN10089&gct.....;apn_dtid=^YYYYYY^YY^RS&apn_ptnrs=^A5F&apn_uid=6491222516204555&p2=^A5F^YYYYYY^YY^RS&q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&st=1&q={searchTerms}&barid={40DB8AE3-5425-49FA-8364-B1F744C05691}
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
[2012.06.07 21:16:04 | 000,000,935 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo18ywdb.default\searchplugins\conduit.xml
[2012.04.17 23:50:49 | 000,000,627 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml
[2012.04.05 23:02:37 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3072253
CHR - default_search_provider: suggest_url = http://search.conduit.com/
CHR - Extension: uTorrentControl2 = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.

:commands
[emptytemp]



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.







Arrow Korak 2
Ponovo porkeni OTL, klikni na Run Scan i postavi mi svež OTL log.

Kakvo je sada stanje računara?

Poslao: 08 Jul 2012 19:22
Idi na vrh
offline
  • Pridružio: 03 Jul 2012
  • Poruke: 6

Arrow Korak 1

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "uTorrentControl2 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo18ywdb.default\searchplugins\conduit.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\ask.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Options folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\rssItem folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\popup folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\icons\useful_components folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\icons\urlGadget folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\icons folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\base64\searchBox folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\base64\rssItem folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\base64\ifarme folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\base64\icons folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\base64\dyamincMenu folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media\base64 folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Media folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\services\translation folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\services\alerts folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\services folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\popup\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\popup folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\model folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\lib folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\xmlMenu\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\xmlMenu folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\urlGadget\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\urlGadget folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\multiRssItem\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\multiRssItem folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\menuPanel\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\menuPanel folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\dynamicMenu\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\dynamicMenu folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\contextMenu\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\contextMenu folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\container folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\components\view\InjectScript folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\components\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\components folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items\about folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\items folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\css folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\controller folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\compatibility folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\API\component\view folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\API\component folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js\API folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\js folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\Css folder moved successfully.
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0 folder moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Laura
->Temp folder emptied: 9669606 bytes
->Temporary Internet Files folder emptied: 1224283 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 324199149 bytes
->Google Chrome cache emptied: 6143958 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 939 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3955112 bytes
RecycleBin emptied: 1192698 bytes

Total Files Cleaned = 330,00 mb


OTL by OldTimer - Version 3.2.53.1 log created on 07072012_211339

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Arrow Korak 2

OTL logfile created on: 8.7.2012 19:06:59 - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Laura\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000281A | Country: Serbia | Language: SRO | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 69,43% Memory free
3,75 Gb Paging File | 2,95 Gb Available in Paging File | 78,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 50,36 Gb Free Space | 50,36% Space Free | Partition Type: NTFS
Drive D: | 132,88 Gb Total Space | 98,52 Gb Free Space | 74,14% Space Free | Partition Type: NTFS

Computer Name: LAURA-PC | User Name: Laura | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.07 02:32:23 | 000,115,204 | R-S- | M] () -- C:\Users\Laura\AppData\Local\tdxyos.exe
PRC - [2012.07.07 00:11:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe
PRC - [2012.07.03 14:10:48 | 000,469,136 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe
PRC - [2012.06.22 21:09:56 | 000,603,648 | ---- | M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.04.05 08:14:22 | 002,105,208 | ---- | M] (ManyCam LLC) -- C:\Program Files\ManyCam\Bin\ManyCam.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011.12.15 21:57:50 | 000,270,672 | ---- | M] () -- C:\Program Files\Telenor Internet\AssistantServices.exe
PRC - [2011.12.15 21:57:50 | 000,153,424 | ---- | M] () -- C:\Program Files\Telenor Internet\UIExec.exe
PRC - [2011.07.16 00:22:28 | 001,232,896 | ---- | M] (Azulstar Inc.) -- D:\Sve\Wireless Wizard\AzulstarLinkTest.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.06.01 14:44:55 | 002,120,568 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version6\TeamViewer_Desktop.exe
PRC - [2011.06.01 14:44:54 | 008,003,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe
PRC - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.06.01 14:16:33 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\tv_w32.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2012.07.08 14:01:59 | 000,032,768 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\YTMP7MC8AA\TAA5443.tmp
MOD - [2012.07.08 14:01:57 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4B0A.tmp
MOD - [2012.07.08 14:01:57 | 000,091,136 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4DC2.tmp
MOD - [2012.07.08 14:01:57 | 000,091,136 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4CB6.tmp
MOD - [2012.07.08 14:01:57 | 000,091,136 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4BBB.tmp
MOD - [2012.07.08 14:01:57 | 000,091,136 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4B5B.tmp
MOD - [2012.07.08 14:01:56 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4953.tmp
MOD - [2012.07.08 14:01:56 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4867.tmp
MOD - [2012.07.08 14:01:56 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM47BA.tmp
MOD - [2012.07.08 14:01:55 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4670.tmp
MOD - [2012.07.08 14:01:55 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM4555.tmp
MOD - [2012.07.08 14:01:55 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM44D7.tmp
MOD - [2012.07.08 14:01:44 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1B45.tmp
MOD - [2012.07.08 14:01:44 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1A0B.tmp
MOD - [2012.07.08 14:01:44 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM198D.tmp
MOD - [2012.07.08 14:01:44 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM194C.tmp
MOD - [2012.07.08 14:01:44 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM190C.tmp
MOD - [2012.07.08 14:01:44 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM18BC.tmp
MOD - [2012.07.08 14:01:44 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM181E.tmp
MOD - [2012.07.08 14:01:43 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM17AF.tmp
MOD - [2012.07.08 14:01:43 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM175F.tmp
MOD - [2012.07.08 14:01:43 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM16C1.tmp
MOD - [2012.07.08 14:01:43 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1671.tmp
MOD - [2012.07.08 14:01:43 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1611.tmp
MOD - [2012.07.08 14:01:43 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM15B1.tmp
MOD - [2012.07.08 14:01:42 | 000,125,952 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM13BB.tmp
MOD - [2012.07.08 14:01:42 | 000,074,240 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1193.tmp
MOD - [2012.07.08 14:01:42 | 000,072,704 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM12C0.tmp
MOD - [2012.07.08 14:01:42 | 000,072,704 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1241.tmp
MOD - [2012.07.08 14:01:42 | 000,072,704 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1143.tmp
MOD - [2012.07.08 14:01:42 | 000,059,904 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM10A5.tmp
MOD - [2012.07.08 14:01:42 | 000,055,808 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1084.tmp
MOD - [2012.07.08 14:01:41 | 000,066,048 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM1005.tmp
MOD - [2012.07.08 14:01:40 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM97C.tmp
MOD - [2012.07.08 14:01:40 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8FD.tmp
MOD - [2012.07.08 14:01:40 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM85D.tmp
MOD - [2012.07.08 14:01:40 | 000,057,344 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM8AD.tmp
MOD - [2012.07.08 14:01:40 | 000,055,808 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM9FB.tmp
MOD - [2012.07.08 14:01:39 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM7EE.tmp
MOD - [2012.07.08 14:01:39 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM78E.tmp
MOD - [2012.07.08 14:01:39 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM691.tmp
MOD - [2012.07.08 14:01:39 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM5E3.tmp
MOD - [2012.07.08 14:01:39 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM5D2.tmp
MOD - [2012.07.08 14:01:39 | 000,071,168 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM524.tmp
MOD - [2012.07.08 14:01:39 | 000,057,856 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM74E.tmp
MOD - [2012.07.08 14:01:38 | 000,077,824 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM3E6.tmp
MOD - [2012.07.08 14:01:38 | 000,057,344 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM457.tmp
MOD - [2012.07.08 14:01:38 | 000,057,344 | ---- | M] () -- C:\Users\Laura\AppData\Local\Temp\XTMP1MC3VE\DEM417.tmp
MOD - [2012.07.07 02:32:23 | 000,115,204 | R-S- | M] () -- C:\Users\Laura\AppData\Local\tdxyos.exe
MOD - [2012.04.05 08:14:26 | 000,469,880 | ---- | M] () -- C:\Program Files\ManyCam\Bin\cximagecrt.dll
MOD - [2012.04.05 08:14:24 | 000,122,232 | ---- | M] () -- C:\Program Files\ManyCam\Bin\CrashRpt.dll
MOD - [2011.12.15 21:57:50 | 000,153,424 | ---- | M] () -- C:\Program Files\Telenor Internet\UIExec.exe
MOD - [2011.09.14 13:16:54 | 000,238,592 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_video220.dll
MOD - [2011.09.14 13:15:34 | 000,326,144 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_objdetect220.dll
MOD - [2011.09.14 13:15:02 | 000,671,744 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_highgui220.dll
MOD - [2011.09.14 13:13:48 | 001,437,184 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2011.09.14 13:13:04 | 002,128,384 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_core220.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Windows\system32\EA818329.exe -- (EA818329)
SRV - File not found [Disabled | Stopped] -- C:\Windows\system32\57545186.exe -- (57545186)
SRV - [2012.07.03 14:10:48 | 000,469,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012.06.25 19:00:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.25 00:55:13 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.26 15:28:58 | 005,404,472 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files\webcamXP 5\wService.exe -- (wxpSvc)
SRV - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.12.15 21:57:50 | 000,270,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Telenor Internet\AssistantServices.exe -- (UI Assistant Service)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\rootrepeal.sys -- (rootrepeal)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.02.22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012.01.11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2011.11.16 11:05:30 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011.11.16 11:05:30 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011.11.16 11:05:30 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2011.11.16 11:05:30 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2011.03.30 13:05:55 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.02.05 16:15:24 | 001,599,136 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athw.sys -- (AR5416)
DRV - [2009.12.23 17:33:26 | 000,088,024 | ---- | M] (FarStone Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fvxscsi.sys -- (FVXSCSI)
DRV - [2009.10.05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2008.12.24 19:39:44 | 000,014,392 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008.10.29 08:46:46 | 000,018,448 | ---- | M] (FarStone Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fcdabus.sys -- (fcdabus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060}: "URL" = go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (en)"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: bbrs_002@blabbers.com:1.0.5


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll (Fun Web Products, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.25 00:55:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.21 01:54:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.25 00:55:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.21 01:54:49 | 000,000,000 | ---D | M]

[2012.04.12 22:00:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\Mozilla\Extensions
[2012.07.03 00:04:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo18ywdb.default\extensions
[2012.04.13 02:36:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.02 23:16:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.25 00:55:14 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.25 00:55:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.19 00:34:51 | 000,002,520 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012.06.25 00:55:08 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3072253
CHR - default_search_provider: suggest_url = search.conduit.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodnbkkemkkaekocofmphoadofkdh\7.14.1.20074_0\background/registryAccess.dll
CHR - plugin: (Enabled) = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Fun Web Products Plugin Stub (Enabled) = C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: YouTube = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: avast! WebRep = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Skype Click to Call = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Gmail = C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [UIExec] C:\Program Files\Telenor Internet\UIExec.exe ()
O4 - HKCU..\Run: [ManyCam] C:\Program Files\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [Media Finder] "C:\Program Files\Media Finder\MF.exe" /opentotray File not found
O4 - HKCU..\Run: [uomhgjw] C:\Users\Laura\AppData\Local\tdxyos.exe ()
O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rqoqc.exe ()
O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Wizard.lnk = D:\Sve\Wireless Wizard\AzulstarLinkTest.exe (Azulstar Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{738D5843-C794-4A0F-A3D1-15E9C67FE665}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F853CD9-EF29-45B4-B616-83CA2DB0DA49}: DhcpNameServer = 77.105.0.19 89.216.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a2d00c9c-6bac-11e1-9786-485b391c5219}\Shell - "" = AutoRun
O33 - MountPoints2\{a2d00c9c-6bac-11e1-9786-485b391c5219}\Shell\AutoRun\command - "" = G:\Windows\AutoRun.exe
O33 - MountPoints2\{e54e4a02-f3b8-11e0-8211-485b391c5219}\Shell - "" = AutoRun
O33 - MountPoints2\{e54e4a02-f3b8-11e0-8211-485b391c5219}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.07.07 21:13:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.07.07 20:00:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012.07.07 00:10:27 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe
[2012.06.25 19:02:07 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\Macromedia
[2012.06.25 19:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012.06.25 19:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2012.06.25 19:00:41 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.06.25 19:00:41 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.06.19 13:03:11 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.06.19 13:03:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.06.19 13:02:50 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.06.19 13:02:50 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.06.19 13:02:50 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.06.19 13:02:35 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.06.19 13:02:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.06.18 03:32:03 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\CRE
[2012.06.13 17:28:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.06.13 17:28:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.06.13 17:28:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.06.13 17:28:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.06.13 17:28:45 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.06.13 17:28:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.06.13 17:28:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.06.13 10:54:02 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012.06.13 10:53:52 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.06.13 10:53:50 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.06.13 10:53:50 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.06.13 10:53:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.06.10 19:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012.06.10 19:30:32 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\Comodo
[2012.06.10 19:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2012.06.10 19:29:48 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012.06.10 19:29:48 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012.06.09 16:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.09 16:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

========== Files - Modified Within 30 Days ==========

[2012.07.08 19:02:46 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.08 19:02:45 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.08 19:02:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.08 14:10:38 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.08 14:10:38 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.08 14:01:03 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.08 14:00:45 | 1509,425,152 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.07 20:00:34 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.07.07 20:00:34 | 000,002,040 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.07.07 02:32:23 | 000,115,204 | R-S- | M] () -- C:\Users\Laura\AppData\Local\tdxyos.exe
[2012.07.07 02:32:23 | 000,115,204 | R-S- | M] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rqoqc.exe
[2012.07.07 02:24:39 | 002,090,059 | ---- | M] () -- C:\Users\Laura\Desktop\MCShield-Setup.exe
[2012.07.07 00:11:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe
[2012.07.04 00:14:46 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012.07.03 12:23:08 | 000,033,792 | -H-- | M] () -- C:\Users\Laura\Desktop\photothumb.db
[2012.07.03 12:21:46 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.03 12:21:46 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.25 19:00:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.06.25 19:00:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.06.24 16:35:27 | 196,145,761 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.06.19 22:56:19 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.06.18 01:13:32 | 001,378,576 | ---- | M] () -- C:\Users\Laura\Desktop\Photo0200.jpg
[2012.06.14 18:19:44 | 002,051,670 | ---- | M] () -- C:\Users\Laura\Desktop\Photo0187.jpg
[2012.06.13 19:28:00 | 000,266,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.10 19:29:49 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012.06.10 19:29:48 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012.06.09 16:09:40 | 000,001,990 | ---- | M] () -- C:\Users\Laura\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2012.07.07 02:32:23 | 000,115,204 | R-S- | C] () -- C:\Users\Laura\AppData\Local\tdxyos.exe
[2012.07.07 02:32:23 | 000,115,204 | R-S- | C] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rqoqc.exe
[2012.07.07 02:24:39 | 002,090,059 | ---- | C] () -- C:\Users\Laura\Desktop\MCShield-Setup.exe
[2012.07.04 00:14:46 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012.06.25 19:00:49 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.06.25 19:00:49 | 000,002,040 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.06.25 19:00:43 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.18 23:17:25 | 001,378,576 | ---- | C] () -- C:\Users\Laura\Desktop\Photo0200.jpg
[2012.06.18 23:17:22 | 002,051,670 | ---- | C] () -- C:\Users\Laura\Desktop\Photo0187.jpg
[2012.04.13 01:26:05 | 000,054,410 | ---- | C] () -- C:\Users\Laura\Desktopcam_1_20120413_012605_017.jpg
[2012.04.12 05:49:02 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.04.12 05:44:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.02.18 04:19:45 | 000,012,393 | ---- | C] () -- C:\Users\Laura\AppData\Local\Update.12.Bron.Tok.bin
[2012.02.18 03:12:25 | 000,012,393 | ---- | C] () -- C:\Users\Laura\AppData\Local\Bron.tok.A12.em.bin
[2011.11.10 00:59:52 | 000,000,197 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.10.11 16:41:01 | 000,014,496 | ---- | C] () -- C:\Windows\System32\VDI08X.dat
[2011.10.11 16:37:23 | 000,135,168 | ---- | C] () -- C:\Windows\System32\VDProductInfoEx.dll
[2011.10.11 16:37:22 | 000,118,784 | ---- | C] () -- C:\Windows\System32\DVC.dll
[2011.10.11 16:37:22 | 000,086,016 | ---- | C] () -- C:\Windows\System32\RDrv2KInterface.dll
[2011.10.11 16:37:22 | 000,036,864 | ---- | C] () -- C:\Windows\System32\unVHDDrvExe.exe
[2011.10.11 16:37:22 | 000,032,768 | ---- | C] () -- C:\Windows\System32\inVHDDrvExe.exe
[2011.10.11 16:37:22 | 000,028,672 | ---- | C] () -- C:\Windows\System32\RDrvInterface.dll
[2011.08.14 02:45:29 | 000,109,016 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.07.23 13:03:39 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

< End of report >

Za sada se stanje popravilo i sve je ok...

Poslao: 08 Jul 2012 23:45
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Pronadji ovaj fajl:
C:\Users\Laura\AppData\Local\tdxyos.exe

i aploaduj ga preko sledećeg linka na forum:
http://www.mycity.rs/ambulanta-upload.php

MyCity » Ambulanta -> Arhiva Ambulante » Pretrazivaci se rushe komp usporen

Ko je trenutno na forumu
 

Ukupno su 1065 korisnika na forumu :: 34 registrovanih, 7 sakrivenih i 1024 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, amaterSRB, anta, Bobrock1, Bojan85, BratSrpska, brundo65, dane007, Denaya, draganl, flash12, goxin, HrcAk47, kokodakalo, krkalon, kunktator, kybonacci, mercedesamg, Metanoja, milenko crazy north, mkukoleca, Nemanja.M, nick79, Nikolaa11, Regrut Boskica, Romibrat, Sirius, solic, srbijaiznadsvega, vathra, Vatreni Zmaj, Vlada78, wolverined4, Zoca