- Tom-Tom
- Građanin
- Pridružio: 06 Maj 2008
- Poruke: 124
- Gde živiš: Pirot
Napisano: 20 Avg 2011 18:46
Nisam se pridrzavao upustva evo opsiran opis problema
1. Ne mogu pokrenuti nijedan Antivirusni software dobijam poruku nalik ove na slici koristim NOD32 Antivirus.
2. Do problema je doslo kada je moj prijatelj dobio link na FaceBook chat-u ka nekom klipu koji je trazio da instalira flash player (A Flash je vec bio instaliran) znaci instaliran je virus
3. Zastitni software ne mogu da pokrenem
4. Trazio sam po google-u i video da je u piranju Trojan.KillAV i za proces cicsenja treba instalirati neki spyware doctor za koji verujem da je i sam malware aplikacija.
5. Trenutno na poslu posedujem ADSL 1.5 Mbps a kod kuce SBB konekciju 6Mbps
6. Verujem da je samo reinstalacija sistema moduce resenje Spyware Doctor mi je prikazao oko 300 infekcija i trazi licencu (kreditnu karticu)....... da bi resio problem
Dopuna: 20 Avg 2011 18:47
Sto se tice OTL loga cekam vec dvadeset minuta skeniranje moj sistem je Windows 7x64
Dopuna: 20 Avg 2011 18:54
Killovao sam vec neke procese i upravo mi je pukao OTL sad cu probati da posle restarta pokrenem opet aplikaciju
Dopuna: 20 Avg 2011 19:03
Takodje sam obrisao ova dva file-a iz windows direktorijuma
takodje i registry unose za startup na sledecoj putanji
Dopuna: 20 Avg 2011 19:07
Evo otl loga
OTL logfile created on: 20-Aug-11 18:57:08 - Run 1
OTL by OldTimer - Version Folder = C:\Users\Toma\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
1.87 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 53.72% Memory free
3.74 Gb Paging File | 2.80 Gb Available in Paging File | 74.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 40.00 Gb Total Space | 3.47 Gb Free Space | 8.68% Space Free | Partition Type: NTFS
Drive D: | 71.69 Gb Total Space | 59.48 Gb Free Space | 82.97% Space Free | Partition Type: NTFS
Computer Name: TOMA | User Name: Toma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-08-20 18:36:44 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Toma\Desktop\OTL.exe
PRC - [2011-08-20 12:37:10 | 000,348,672 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-08-20 12:37:10 | 000,348,672 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-08-20 12:37:10 | 000,348,672 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-08-20 12:37:10 | 000,348,672 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-08-20 12:36:16 | 000,632,832 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-08-20 12:36:16 | 000,632,832 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-08-20 12:36:16 | 000,632,832 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-08-20 12:36:16 | 000,632,832 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-08-20 09:50:08 | 000,382,464 | ---- | M] () -- C:\Windows\update.7.1\svchostdriver.exe
PRC - [2011-08-20 09:31:43 | 001,182,208 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011-08-20 09:31:43 | 001,182,208 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2009-01-26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2004-02-17 09:00:40 | 000,028,672 | ---- | M] (A.E.T. Europe B.V.) -- C:\Windows\SysWOW64\SafeSignCertReg.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-08-20 09:50:08 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\Windows\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011-04-06 16:53:36 | 001,117,144 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2011-02-18 11:14:04 | 000,371,472 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-01-26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011-06-03 16:02:02 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011-06-03 16:01:22 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011-06-03 16:00:22 | 000,202,064 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011-05-11 09:55:10 | 000,282,440 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-03-10 09:08:22 | 000,279,344 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-08-25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010-07-16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010-06-29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010-06-23 10:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010-04-12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010-01-05 20:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2009-12-31 12:04:57 | 000,360,712 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009-09-23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009-09-23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009-09-23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009-09-21 19:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009-06-10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-08-14 11:40:44 | 000,260,144 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2008-05-06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007-11-09 06:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2007-08-17 09:15:22 | 001,061,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 18 8E 24 C4 EB 4D CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:
FF - prefs.js..extensions.enabledItems: wbepaste@starfield:1.2
FF - prefs.js..extensions.enabledItems: zoomext@starfield:1.2
FF:64bit: - HKLM\Software\MozillaPlugins\,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\ C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\ Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\ C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\ C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\ Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-08-17 16:37:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-08-08 13:47:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\ C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2011-03-17 21:55:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toma\AppData\Roaming\Mozilla\Extensions
[2011-03-17 21:55:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toma\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011-08-07 18:05:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toma\AppData\Roaming\Mozilla\Firefox\Profiles\d4qf211s.default\extensions
[2011-05-14 20:40:38 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Toma\AppData\Roaming\Mozilla\Firefox\Profiles\d4qf211s.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2011-05-21 19:11:06 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Toma\AppData\Roaming\Mozilla\Firefox\Profiles\d4qf211s.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011-06-27 05:40:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2011-08-17 16:37:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-05-02 13:14:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2007-08-07 10:25:58 | 000,001,461 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
O1 HOSTS File: ([2011-08-20 18:57:05 | 000,202,984 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: localhost
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts: 50053 more lines...
O4:64bit: - HKLM..\Run: [egui] File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [CertificateRegistration] C:\Windows\SysWow64\SafeSignCertReg.exe (A.E.T. Europe B.V.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Toma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Toma\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ([secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ([secure] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\ [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\ [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011-08-20 18:36:36 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Toma\Desktop\OTL.exe
[2011-08-20 17:54:09 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2011-08-20 17:54:09 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011-08-20 17:54:08 | 000,334,976 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011-08-20 17:54:08 | 000,140,800 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011-08-20 17:54:02 | 000,282,440 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2011-08-20 17:54:00 | 000,279,344 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2011-08-20 17:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011-08-20 17:53:58 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011-08-20 17:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011-08-20 17:53:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011-08-20 17:53:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011-08-20 17:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011-08-20 17:38:55 | 000,000,000 | -H-D | C] -- C:\Windows\update.3
[2011-08-20 15:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011-08-20 15:35:27 | 000,000,000 | ---D | C] -- C:\Users\Toma\AppData\Local\Microsoft Games
[2011-08-20 12:48:04 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011-08-20 12:48:04 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011-08-20 12:48:04 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011-08-20 12:37:11 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011-08-20 12:36:17 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011-08-20 09:50:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.7.1
[2011-08-20 09:48:29 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011-08-20 09:47:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011-08-20 09:46:59 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0-lnk
[2011-08-20 09:46:59 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0
[2011-08-17 16:38:22 | 003,089,056 | ---- | C] (Adobe Systems, Inc.) -- C:\Users\Toma\Desktop\install_flash_player.exe
[2011-08-10 20:01:31 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2011-08-10 13:32:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011-08-10 13:32:17 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011-08-10 13:32:17 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011-08-10 13:32:17 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011-08-10 13:32:17 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011-08-10 13:32:17 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011-08-10 13:32:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011-08-10 13:32:17 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011-08-10 13:32:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011-08-10 13:32:16 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011-08-10 13:32:00 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011-08-10 13:32:00 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011-08-10 13:32:00 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011-08-10 13:32:00 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011-08-10 13:32:00 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011-08-10 13:31:59 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011-08-10 13:31:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011-08-10 13:31:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011-08-10 13:31:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011-08-10 13:31:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011-08-10 13:31:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011-08-10 13:31:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011-08-10 13:31:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011-08-10 13:31:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011-08-10 13:31:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011-08-10 13:31:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011-08-10 13:31:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011-08-10 13:31:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011-08-10 13:31:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011-08-10 13:31:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011-08-10 13:31:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011-08-10 13:31:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011-08-10 13:31:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011-08-10 13:31:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011-08-10 13:31:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011-08-10 13:31:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011-08-10 13:31:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011-08-10 13:31:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011-08-10 13:31:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011-08-10 13:31:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011-08-10 13:31:53 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011-08-10 13:31:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011-08-10 13:31:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011-08-10 13:31:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011-08-10 13:31:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011-08-10 13:31:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011-08-10 13:31:22 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011-08-10 13:31:20 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011-08-10 13:31:19 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011-08-10 13:31:19 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011-08-10 13:31:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011-08-10 13:31:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011-08-10 13:31:18 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011-08-10 13:30:13 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011-08-10 13:30:10 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011-08-10 13:29:59 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011-08-07 18:35:16 | 000,000,000 | ---D | C] -- C:\Users\Toma\Desktop\RT_Refraction_v1.5.6
[2011-08-05 18:39:11 | 000,000,000 | ---D | C] -- C:\Users\Toma\Desktop\New folder
[2011-08-04 15:45:01 | 000,000,000 | ---D | C] -- C:\Users\Toma\Desktop\OglasiAL
[4 C:\Users\Toma\AppData\Local\*.tmp files -> C:\Users\Toma\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011-08-20 19:00:30 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-08-20 19:00:30 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-08-20 18:57:05 | 000,202,984 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011-08-20 18:57:05 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011-08-20 18:56:44 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011-08-20 18:56:43 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-20 18:56:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-08-20 18:56:17 | 1506,803,712 | -HS- | M] () -- C:\hiberfil.sys
[2011-08-20 18:46:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-20 18:38:28 | 000,059,557 | ---- | M] () -- C:\Users\Toma\Desktop\eset-nod32-antivirus-enhanced-protection-mode-virus.png
[2011-08-20 18:36:44 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Toma\Desktop\OTL.exe
[2011-08-20 17:55:04 | 001,687,268 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011-08-20 17:54:00 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011-08-20 17:44:29 | 000,512,992 | ---- | M] () -- C:\Users\Toma\Desktop\PCTools_Safe_Install.exe
[2011-08-20 17:42:37 | 000,106,496 | ---- | M] () -- C:\Users\Toma\Desktop\nuke-M.exe
[2011-08-20 17:39:55 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011-08-20 17:39:55 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011-08-20 17:39:55 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011-08-20 17:39:55 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011-08-20 17:38:55 | 000,000,200 | ---- | M] () -- C:\Windows\info1
[2011-08-20 17:37:59 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\googleupdatesetup.exe
[2011-08-20 17:11:50 | 053,089,792 | ---- | M] () -- C:\Users\Toma\Desktop\eav_nt64_enu.msi
[2011-08-20 15:47:24 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011-08-20 15:47:24 | 000,002,239 | ---- | M] () -- C:\Users\Toma\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011-08-20 12:36:57 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011-08-20 12:36:39 | 000,202,936 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110820-165314.backup
[2011-08-20 09:49:37 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011-08-20 09:31:43 | 001,182,208 | ---- | M] () -- C:\Windows\services32.exe
[2011-08-19 11:05:30 | 000,000,131 | ---- | M] () -- C:\Windows\ODBC.INI
[2011-08-18 17:39:57 | 000,051,078 | ---- | M] () -- C:\Users\Toma\AppData\Roaming\room_v3.dat
[2011-08-17 16:38:25 | 003,089,056 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Toma\Desktop\install_flash_player.exe
[2011-08-17 16:37:35 | 000,002,048 | ---- | M] () -- C:\Users\Toma\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011-08-15 18:16:35 | 000,232,591 | ---- | M] () -- C:\Users\Toma\Desktop\CCNow Dietary Supplement Best Practices.A.pdf
[2011-08-11 20:34:22 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011-08-10 20:04:08 | 000,742,588 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-08-10 20:04:08 | 000,625,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-08-10 20:04:08 | 000,107,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-08-04 23:49:01 | 004,907,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-08-04 20:05:10 | 000,000,132 | ---- | M] () -- C:\Users\Toma\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011-08-04 16:00:10 | 026,078,117 | ---- | M] () -- C:\Users\Toma\Desktop\
[2011-07-29 11:23:36 | 000,900,915 | R--- | M] () -- C:\Users\Toma\Desktop\SpiderFX_Results_Jul 28, 2011 2_23_05 PM.pdf
[2011-07-28 18:15:37 | 000,024,589 | ---- | M] () -- C:\Users\Toma\Desktop\Altsberglotion.png
[2011-07-28 18:15:37 | 000,001,456 | ---- | M] () -- C:\Users\Toma\AppData\Local\Adobe Save for Web 12.0 Prefs
[4 C:\Users\Toma\AppData\Local\*.tmp files -> C:\Users\Toma\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011-08-20 18:38:26 | 000,059,557 | ---- | C] () -- C:\Users\Toma\Desktop\eset-nod32-antivirus-enhanced-protection-mode-virus.png
[2011-08-20 17:54:11 | 001,687,268 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011-08-20 17:54:00 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011-08-20 17:44:09 | 000,512,992 | ---- | C] () -- C:\Users\Toma\Desktop\PCTools_Safe_Install.exe
[2011-08-20 17:42:23 | 000,106,496 | ---- | C] () -- C:\Users\Toma\Desktop\nuke-M.exe
[2011-08-20 17:39:55 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011-08-20 17:26:14 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\googleupdatesetup.exe
[2011-08-20 17:05:52 | 053,089,792 | ---- | C] () -- C:\Users\Toma\Desktop\eav_nt64_enu.msi
[2011-08-20 15:44:43 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011-08-20 15:44:43 | 000,002,239 | ---- | C] () -- C:\Users\Toma\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011-08-20 12:48:03 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011-08-20 12:48:03 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011-08-20 12:36:58 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011-08-20 12:36:57 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011-08-20 12:36:57 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011-08-20 09:50:10 | 000,000,200 | ---- | C] () -- C:\Windows\info1
[2011-08-20 09:49:31 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011-08-20 09:35:26 | 001,182,208 | ---- | C] () -- C:\Windows\services32.exe
[2011-08-15 18:16:25 | 000,232,591 | ---- | C] () -- C:\Users\Toma\Desktop\CCNow Dietary Supplement Best Practices.A.pdf
[2011-08-04 19:04:11 | 000,000,132 | ---- | C] () -- C:\Users\Toma\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011-08-04 15:55:21 | 026,078,117 | ---- | C] () -- C:\Users\Toma\Desktop\
[2011-07-29 11:23:37 | 000,900,915 | R--- | C] () -- C:\Users\Toma\Desktop\SpiderFX_Results_Jul 28, 2011 2_23_05 PM.pdf
[2011-07-28 18:15:37 | 000,024,589 | ---- | C] () -- C:\Users\Toma\Desktop\Altsberglotion.png
[2011-07-13 22:22:37 | 000,000,000 | ---- | C] () -- C:\Users\Toma\AppData\Local\{6E8B5A38-7453-4228-BAF7-1E0DBD9FC615}
[2011-07-02 10:59:10 | 000,000,000 | ---- | C] () -- C:\Users\Toma\AppData\Local\{9977C3F6-A044-4A53-95CE-AB33BCE679F4}
[2011-07-02 10:57:15 | 000,000,000 | ---- | C] () -- C:\Users\Toma\AppData\Local\{2C3F392F-8DEC-4513-9C63-9E5E59F10954}
[2011-07-01 20:29:19 | 000,051,078 | ---- | C] () -- C:\Users\Toma\AppData\Roaming\room_v3.dat
[2011-06-06 16:36:13 | 000,000,000 | ---- | C] () -- C:\Users\Toma\AppData\Local\{88AC5CE5-C80D-4F8C-806A-0D96174543E7}
[2011-05-20 19:16:42 | 000,046,742 | ---- | C] () -- C:\Users\Toma\AppData\Roaming\room.dat
[2011-05-08 19:55:12 | 000,001,456 | ---- | C] () -- C:\Users\Toma\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011-04-26 21:04:30 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011-04-26 21:03:04 | 000,007,680 | ---- | C] () -- C:\Users\Toma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-04-09 19:13:07 | 000,000,024 | ---- | C] () -- C:\Users\Toma\AppData\Roaming\IBConnections.ini
[2011-03-18 21:54:42 | 000,134,122 | ---- | C] () -- C:\Windows\ColorPic Uninstaller.exe
[2011-03-17 21:45:21 | 000,000,131 | ---- | C] () -- C:\Windows\ODBC.INI
[2011-03-17 17:26:20 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011-03-17 16:54:51 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-03-17 16:47:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011-01-04 17:52:46 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\epdf0407.dll
[2011-01-04 17:41:52 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\epdf0406.dll
[2010-09-27 22:10:26 | 000,300,032 | R--- | C] () -- C:\Windows\SysWow64\multpkcs11.dll
[2010-08-25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010-08-25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010-08-25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010-08-25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010-08-25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== Alternate Data Streams ==========
@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Dopuna: 20 Avg 2011 19:30
Da dodam da je ne moguce pokrenuti racunar u safe mode. Prilikom pokretanja u safe mode-u automatski se restarturje.