MyCity » Ambulanta -> Arhiva Ambulante » Browseri ne rade

Browseri ne rade

Napisano na dan: 8.7.2012

Strana:
1
2

Browseri ne rade

Pagination

Prethodna strana

Odgovori

Strana:
1
2

pr0ba Poslao: 09 Jul 2012 20:48 Idi na vrh
offline pr0ba Građanin Pridružio: 29 Sep 2008 Poruke: 39 Gde živiš: Sta te briga ?	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: OTL logfile created on: 9.7.2012 20:39:15 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = D:\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000081A \| Country: Serbia and Montenegro \| Language: SRL \| Date Format: d.M.yyyy 2,00 Gb Total Physical Memory \| 1,31 Gb Available Physical Memory \| 65,59% Memory free 3,85 Gb Paging File \| 2,98 Gb Available in Paging File \| 77,47% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 20,33 Gb Total Space \| 0,69 Gb Free Space \| 3,41% Space Free \| Partition Type: NTFS Drive D: \| 54,20 Gb Total Space \| 23,99 Gb Free Space \| 44,27% Space Free \| Partition Type: NTFS Drive E: \| 37,25 Gb Total Space \| 37,23 Gb Free Space \| 99,94% Space Free \| Partition Type: FAT32 Drive I: \| 260,83 Gb Total Space \| 260,76 Gb Free Space \| 99,97% Space Free \| Partition Type: NTFS Computer Name: HOME-BA6B42AE7A \| User Name: Isidora \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.09 20:37:52 \| 000,595,968 \| ---- \| M] (OldTimer Tools) -- D:\Desktop\OTL.com PRC - [2012.07.08 15:18:58 \| 000,339,968 \| RHS- \| M] (YHo4zX RyTOJi DHh5ffh) -- C:\Documents and Settings\Isidora\Application Data\R-344233-5553-2-32\update32.exe PRC - [2012.04.04 15:56:40 \| 000,654,408 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.04.03 04:04:36 \| 003,045,688 \| ---- \| M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2012.02.23 12:40:42 \| 002,394,496 \| ---- \| M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe PRC - [2012.02.23 12:40:41 \| 002,886,528 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.02.23 12:40:40 \| 007,983,488 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe PRC - [2012.02.23 12:24:59 \| 000,116,608 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe PRC - [2012.01.10 19:36:34 \| 001,083,264 \| ---- \| M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe PRC - [2012.01.04 14:32:36 \| 000,718,888 \| ---- \| M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2012.01.04 14:32:18 \| 000,173,096 \| ---- \| M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2012.01.04 14:32:02 \| 000,142,376 \| ---- \| M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe PRC - [2011.08.12 01:38:07 \| 000,116,608 \| ---- \| M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011.07.12 08:47:29 \| 000,025,472 \| ---- \| M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe PRC - [2009.04.02 18:05:22 \| 000,102,400 \| ---- \| M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2009.03.31 09:39:36 \| 000,233,472 \| ---- \| M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2007.06.13 12:23:07 \| 001,033,216 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.05.28 18:57:54 \| 000,275,968 \| ---- \| M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe PRC - [2005.07.19 17:32:18 \| 000,221,184 \| ---- \| M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE PRC - [2005.06.08 16:14:44 \| 000,217,088 \| ---- \| M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe PRC - [2005.06.08 15:44:56 \| 000,192,512 \| ---- \| M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe PRC - [2004.02.17 09:00:40 \| 000,028,672 \| ---- \| M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\SafeSignCertReg.exe PRC - [2001.04.12 17:00:00 \| 000,114,176 \| ---- \| M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE PRC - [2001.04.12 17:00:00 \| 000,028,160 \| ---- \| M] (CANON INC.) -- C:\WINDOWS\system32\CAPRPCSK.EXE ========== Modules (No Company Name) ========== MOD - [2012.02.06 21:51:26 \| 000,815,104 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1644bc637b6dc142aa51c9de42373a15\System.Runtime.Remoting.ni.dll MOD - [2012.01.10 19:38:40 \| 000,423,808 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll MOD - [2012.01.10 19:38:38 \| 000,058,240 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll MOD - [2012.01.10 19:38:34 \| 000,095,104 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll MOD - [2012.01.10 19:38:32 \| 000,272,768 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll MOD - [2012.01.10 19:38:00 \| 000,384,896 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QxtCore.dll MOD - [2012.01.10 19:38:00 \| 000,165,248 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll MOD - [2012.01.10 19:37:58 \| 002,557,312 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll MOD - [2012.01.10 19:37:56 \| 000,346,496 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll MOD - [2012.01.10 19:37:54 \| 010,843,520 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll MOD - [2012.01.10 19:37:48 \| 000,196,480 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll MOD - [2012.01.10 19:37:46 \| 001,294,208 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll MOD - [2012.01.10 19:37:44 \| 000,682,880 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll MOD - [2012.01.10 19:37:42 \| 000,919,936 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll MOD - [2012.01.10 19:37:40 \| 000,517,504 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll MOD - [2012.01.10 19:37:38 \| 008,172,928 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll MOD - [2012.01.10 19:37:36 \| 002,252,672 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll MOD - [2012.01.10 19:37:34 \| 002,288,512 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll MOD - [2012.01.10 19:37:32 \| 000,422,272 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll MOD - [2012.01.10 19:37:22 \| 000,202,624 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll MOD - [2012.01.10 19:37:20 \| 000,034,688 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll MOD - [2012.01.10 19:37:18 \| 000,032,640 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll MOD - [2012.01.10 19:36:38 \| 000,388,480 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll MOD - [2012.01.10 19:36:24 \| 000,437,632 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll MOD - [2012.01.10 19:36:02 \| 001,037,696 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll MOD - [2012.01.10 19:35:06 \| 000,758,656 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll MOD - [2012.01.05 17:00:24 \| 000,112,640 \| ---- \| M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll MOD - [2010.04.26 13:29:17 \| 000,011,776 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3512.36907__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2010.04.26 13:29:17 \| 000,008,704 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3512.36906__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2010.04.26 13:29:17 \| 000,007,680 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3512.36910__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll MOD - [2010.04.26 13:29:16 \| 000,364,544 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3512.36804__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010.04.26 13:29:16 \| 000,204,800 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3512.36823__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010.04.26 13:29:16 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3512.36818__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010.04.26 13:29:16 \| 000,007,680 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3512.36906__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2010.04.26 13:29:15 \| 001,736,704 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3512.36822__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2010.04.26 13:29:15 \| 000,077,824 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3512.36875__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2010.04.26 13:29:15 \| 000,036,864 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3512.36847__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2010.04.26 13:29:15 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3512.36812__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2010.04.26 13:29:14 \| 000,491,520 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3512.36894__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010.04.26 13:29:14 \| 000,073,728 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3512.36812__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:14 \| 000,065,536 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3512.36856__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2010.04.26 13:29:13 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3512.36823__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:13 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3512.36895__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:13 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3512.36822__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll MOD - [2010.04.26 13:29:12 \| 000,331,776 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3512.36861__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:12 \| 000,094,208 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3512.36862__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010.04.26 13:29:12 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3512.36861__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2010.04.26 13:29:10 \| 000,643,072 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3512.36905__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:10 \| 000,077,824 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3512.36905__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll MOD - [2010.04.26 13:29:09 \| 000,798,720 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3512.36849__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:09 \| 000,409,600 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3512.36869__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2010.04.26 13:29:09 \| 000,090,112 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3512.36848__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2010.04.26 13:29:08 \| 000,196,608 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3512.36824__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:08 \| 000,094,208 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3512.36854__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:08 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3512.36854__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2010.04.26 13:29:07 \| 000,573,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3512.36824__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:07 \| 000,409,600 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3512.36813__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:07 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3512.36828__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2010.04.26 13:29:06 \| 000,393,216 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3512.36848__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:06 \| 000,360,448 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3512.36843__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:06 \| 000,270,336 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2010.04.26 13:29:06 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3512.36847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2010.04.26 13:29:06 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3512.36848__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2010.04.26 13:29:06 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3512.36855__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2010.04.26 13:29:05 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3498.37534__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010.04.26 13:29:05 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3498.37533__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010.04.26 13:29:05 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3498.37558__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2010.04.26 13:29:05 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3498.37615__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2010.04.26 13:29:05 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3498.37612__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010.04.26 13:29:05 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3498.37554__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010.04.26 13:29:05 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3498.37610__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010.04.26 13:29:05 \| 000,007,168 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010.04.26 13:29:03 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010.04.26 13:29:03 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3498.37515__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010.04.26 13:29:03 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3498.37517__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010.04.26 13:29:03 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll MOD - [2010.04.26 13:29:03 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3498.37551__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010.04.26 13:29:03 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2010.04.26 13:29:03 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3498.37571__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010.04.26 13:29:02 \| 000,135,168 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3498.37541__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,094,208 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3498.37518__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010.04.26 13:29:02 \| 000,053,248 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3498.37603__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3498.37674__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010.04.26 13:29:02 \| 000,024,576 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3498.37536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3498.37540__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3498.37526__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3498.37575__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010.04.26 13:29:02 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3498.37544__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3498.37574__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010.04.26 13:29:02 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3498.37547__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010.04.26 13:29:01 \| 000,065,536 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3498.37583__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2010.04.26 13:29:01 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3498.37614__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll MOD - [2010.04.26 13:29:01 \| 000,057,344 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3498.37579__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2010.04.26 13:29:01 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3498.37575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2010.04.26 13:29:01 \| 000,024,576 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3498.37580__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2010.04.26 13:29:01 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3498.37555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2010.04.26 13:29:00 \| 000,651,264 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3512.36919__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2010.04.26 13:29:00 \| 000,053,248 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3498.37578__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2010.04.26 13:29:00 \| 000,049,152 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3498.37577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2010.04.26 13:29:00 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3512.36900__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010.04.26 13:29:00 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2010.04.26 13:29:00 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3498.37557__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2010.04.26 13:29:00 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3498.37572__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2010.04.26 13:29:00 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3498.37552__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2010.04.26 13:29:00 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3498.37553__90ba9c70f846762e\APM.Foundation.dll MOD - [2010.04.26 13:29:00 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3498.37535__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010.04.26 13:28:59 \| 000,106,496 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3512.36889__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010.04.26 13:28:59 \| 000,036,864 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3498.37528__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010.04.26 13:28:59 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3498.37531__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2010.04.26 13:28:59 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3498.37547__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010.04.26 13:28:59 \| 000,014,848 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2010.04.26 13:28:59 \| 000,013,312 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2010.04.26 13:28:59 \| 000,007,168 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3512.36801__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010.04.26 13:28:58 \| 000,552,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3512.36883__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2010.04.26 13:28:58 \| 000,405,504 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3512.36817__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010.04.26 13:28:58 \| 000,065,536 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3512.36887__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010.04.26 13:28:58 \| 000,057,344 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3512.36803__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2010.04.26 13:28:58 \| 000,057,344 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3512.36801__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010.04.26 13:28:58 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3498.37546__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010.04.26 13:28:58 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3498.37522__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010.04.26 13:28:58 \| 000,024,576 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3498.37548__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010.04.26 13:28:57 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3498.37549__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010.04.26 13:28:56 \| 001,212,416 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3512.36808__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010.04.26 13:28:56 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3512.36800__90ba9c70f846762e\APM.Server.dll MOD - [2010.04.26 13:28:56 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3512.36801__90ba9c70f846762e\AEM.Server.dll MOD - [2010.04.26 13:28:56 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3498.37538__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010.04.26 13:28:56 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010.04.26 13:28:56 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3498.37585__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2010.04.26 13:28:56 \| 000,019,456 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3512.36889__90ba9c70f846762e\CCC.Implementation.dll MOD - [2009.08.28 16:08:26 \| 000,016,384 \| R--- \| M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2009.06.09 09:58:41 \| 011,808,768 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d15a9491354d864aa1d47b026e18c2ea\System.Web.ni.dll MOD - [2009.06.09 09:57:50 \| 000,962,560 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\7614d21ac2033141bf25ad9ead4e34af\System.Configuration.ni.dll MOD - [2009.06.09 09:57:23 \| 000,026,624 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\04f5dcf31676f24da6c71bbccc2152d1\Accessibility.ni.dll MOD - [2009.06.08 23:09:58 \| 005,640,192 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\e1d94c475a97ed438124b02e047292e9\System.Xml.ni.dll MOD - [2009.06.08 23:09:36 \| 013,107,200 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\edfd4a917200e749ae7ea1bb857890fc\System.Windows.Forms.ni.dll MOD - [2009.06.08 23:08:54 \| 001,626,112 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0246e3a08e129b4d91b602dbfffc4e7b\System.Drawing.ni.dll MOD - [2009.06.08 23:08:43 \| 008,093,696 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\921785ca3960a944971bee74669e0b0d\System.ni.dll MOD - [2009.06.08 23:08:01 \| 011,411,456 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\fcb9f1839938cb40b4564b795974422f\mscorlib.ni.dll MOD - [2008.12.21 00:43:25 \| 001,287,680 \| ---- \| M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2007.10.04 17:14:00 \| 000,466,944 \| ---- \| M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2004.08.04 14:00:00 \| 000,059,904 \| ---- \| M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2004.08.04 14:00:00 \| 000,014,336 \| ---- \| M] () -- C:\WINDOWS\system32\msdmo.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto \| Stopped] -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) SRV - File not found [Disabled \| Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [Disabled \| Stopped] -- C:\PROGRA~1\Bandoo\Bandoo.exe -- (Bandoo Coordinator) SRV - File not found [On_Demand \| Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012.07.08 19:26:52 \| 000,044,544 \| ---- \| M] () [Auto \| Stopped] -- C:\WINDOWS\system32\mnixl.exe -- (mnixl) SRV - [2012.07.03 13:19:28 \| 000,160,944 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.06.27 05:02:57 \| 000,044,544 \| ---- \| M] () [Auto \| Stopped] -- C:\WINDOWS\system32\gteryg.exe -- (gteryg) SRV - [2012.06.23 11:55:42 \| 000,250,056 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.06.17 18:29:00 \| 000,113,120 \| ---- \| M] (Mozilla Foundation) [On_Demand \| Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.04.04 15:56:40 \| 000,654,408 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.04.03 04:04:36 \| 003,045,688 \| ---- \| M] (Emsi Software GmbH) [Auto \| Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2012.02.23 12:40:41 \| 002,886,528 \| ---- \| M] (TeamViewer GmbH) [Auto \| Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.01.04 14:32:36 \| 000,718,888 \| ---- \| M] (Nokia) [On_Demand \| Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011.08.12 01:38:07 \| 000,116,608 \| ---- \| M] (SUPERAntiSpyware.com) [Auto \| Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2009.03.31 09:39:36 \| 000,233,472 \| ---- \| M] (Teruten) [Auto \| Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2007.05.28 18:57:54 \| 000,275,968 \| ---- \| M] (Rocket Division Software) [Auto \| Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2004.05.27 01:14:58 \| 000,053,337 \| ---- \| M] (Sony Corporation) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2004.05.27 01:13:00 \| 000,069,718 \| ---- \| M] (Sony Corporation) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (WDICA) DRV - File not found [Kernel \| On_Demand \| Stopped] -- system32\DRIVERS\w810obex.sys -- (w810obex) DRV - File not found [Kernel \| On_Demand \| Stopped] -- system32\DRIVERS\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) DRV - File not found [Kernel \| On_Demand \| Stopped] -- system32\DRIVERS\w810mdm.sys -- (w810mdm) DRV - File not found [Kernel \| On_Demand \| Stopped] -- system32\DRIVERS\w810mdfl.sys -- (w810mdfl) DRV - File not found [Kernel \| On_Demand \| Stopped] -- system32\DRIVERS\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRELI) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDCOMP) DRV - File not found [Kernel \| System \| Stopped] -- -- (PCIDump) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\DOCUME~1\Isidora\LOCALS~1\Temp\MSJDrvr.sys -- (MSJDrvr) DRV - File not found [Kernel \| System \| Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel \| System \| Stopped] -- -- (i2omgmt) DRV - File not found [Kernel \| On_Demand \| Stopped] -- system32\DRIVERS\ezusb.sys -- (EZUSB) DRV - File not found [Kernel \| System \| Stopped] -- -- (Changer) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\DOCUME~1\Isidora\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel \| On_Demand \| Unknown] -- -- (aw7912h0) DRV - File not found [Kernel \| On_Demand \| Unknown] -- -- (afpag5an) DRV - [2012.04.04 15:56:40 \| 000,022,344 \| ---- \| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.04.03 04:04:41 \| 000,051,632 \| ---- \| M] (Emsi Software GmbH) [File_System \| On_Demand \| Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2012.04.03 04:04:40 \| 000,034,768 \| ---- \| M] (Emsi Software GmbH) [File_System \| System \| Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver) DRV - [2011.11.01 11:07:26 \| 000,018,176 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2011.11.01 11:07:26 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011.11.01 11:07:26 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011.11.01 11:07:24 \| 000,137,600 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2011.11.01 11:07:24 \| 000,023,168 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011.11.01 11:07:24 \| 000,008,576 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2011.07.22 18:27:02 \| 000,012,880 \| ---- \| M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel \| System \| Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 \| 000,067,664 \| ---- \| M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel \| System \| Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010.05.05 08:40:32 \| 000,011,776 \| ---- \| M] (Emsi Software GmbH) [Kernel \| System \| Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util) DRV - [2010.04.28 08:44:02 \| 000,054,760 \| ---- \| M] (Microsoft Corporation) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2010.01.25 14:56:26 \| 000,115,712 \| ---- \| M] (HID Global Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\cxbu0wdm.sys -- (cxbu0wdm) DRV - [2009.09.22 01:00:45 \| 000,721,904 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009.08.14 06:27:00 \| 004,485,632 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009.06.05 09:16:32 \| 000,142,336 \| R--- \| M] (Realtek Semiconductor Corporation ) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2009.06.02 15:26:28 \| 000,099,856 \| ---- \| M] (ATI Research Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009.06.02 10:52:36 \| 001,374,464 \| R--- \| M] (VIA Technologies, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009.03.31 09:39:36 \| 000,036,608 \| ---- \| M] () [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009.03.20 10:01:26 \| 000,121,856 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009.03.20 10:01:26 \| 000,090,112 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2009.03.20 10:01:26 \| 000,014,976 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2008.08.26 10:26:12 \| 000,018,816 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.02.14 08:12:00 \| 001,389,056 \| R--- \| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt) DRV - [2007.11.29 01:50:35 \| 000,097,056 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\W700mdm.sys -- (W700mdm) DRV - [2007.11.29 01:50:35 \| 000,088,560 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\W700mgmt.sys -- (W700mgmt) Sony Ericsson W700 USB WMC Device Management Drivers (WDM) DRV - [2007.11.29 01:50:35 \| 000,086,368 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\W700obex.sys -- (W700obex) DRV - [2007.11.29 01:50:35 \| 000,061,536 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\W700bus.sys -- (W700bus) Sony Ericsson W700 Driver driver (WDM) DRV - [2007.11.29 01:50:35 \| 000,009,264 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\W700mdfl.sys -- (W700mdfl) DRV - [2007.10.25 17:26:10 \| 000,005,632 \| ---- \| M] () [File_System \| System \| Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006.06.26 10:24:34 \| 000,017,152 \| ---- \| M] (Todos Data System AB) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\AgmIIusb.sys -- (TodosAgmII) DRV - [2005.05.27 09:32:52 \| 001,317,152 \| ---- \| M] () [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced) DRV - [2005.05.27 09:31:28 \| 000,022,016 \| ---- \| M] (Logitech Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2004.08.13 04:56:20 \| 000,005,810 \| R--- \| M] () [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004.08.04 01:08:22 \| 000,010,624 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004.05.02 10:47:08 \| 000,023,040 \| R--- \| M] () [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv) DRV - [2003.12.03 17:44:58 \| 000,013,566 \| ---- \| M] (B.H.A Corporation) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd) DRV - [2003.10.29 09:02:28 \| 000,108,675 \| R--- \| M] (Conexant Systems Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\CnxTgN.sys -- (CnxTgN) DRV - [2003.09.12 04:26:36 \| 000,646,784 \| R--- \| M] (Conexant) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\CnxEtU.sys -- (CnxEtU) DRV - [2003.09.12 04:26:26 \| 000,060,288 \| R--- \| M] (Conexant) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\CnxEtP.sys -- (CnxEtP) DRV - [2003.05.22 17:44:44 \| 000,670,203 \| R--- \| M] (Intel Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51) Intel(R) DRV - [2002.11.27 13:52:00 \| 000,080,896 \| R--- \| M] (NVIDIA Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET) DRV - [2002.11.13 09:10:00 \| 000,020,224 \| R--- \| M] (NVIDIA Corporation) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm) DRV - [2002.09.06 05:24:00 \| 000,013,568 \| R--- \| M] (NVIDIA Corporation) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp) DRV - [2001.08.17 16:00:04 \| 000,002,944 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001.04.12 17:00:00 \| 000,022,912 \| ---- \| M] (CANON INC.) [Kernel \| Auto \| Stopped] -- C:\WINDOWS\system32\drivers\CAPLPTN.SYS -- (RapidPort) DRV - [1998.04.17 13:59:34 \| 000,022,528 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\MA1908.SYS -- (MustekMA1908Driver) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{03284e28-044a-44ce-b10a-144b07803d55}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&crm=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{03284e28-044a-44ce-b10a-144b07803d55}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&ei=UTF-8 IE - HKCU\..\SearchScopes\{538F409F-4D4E-4CAC-9699-9D3F9B2E87BD}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&meta= IE - HKCU\..\SearchScopes\{91689B06-8150-449B-A181-73A80C46E2B5}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT3065462 IE - HKCU\..\SearchScopes\{B4D1E127-FE08-43F0-A8D2-7323A321C978}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&crm=1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = .local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Isidora\Application Data\Facebook\npfbplugin_1_0_3.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.02.10 05:53:56 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A6629839-6636-4998-95D6-2B0F52141861}: C:\Program Files\Expresso\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.17 18:29:03 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.02.10 05:54:01 \| 000,000,000 \| ---D \| M] [2012.05.08 18:47:28 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\Isidora\Application Data\Mozilla\Extensions [2012.05.09 20:50:20 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\Isidora\Application Data\Mozilla\Firefox\Profiles\zsm9qdts.default\extensions [2012.07.07 22:28:40 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012.06.17 18:29:01 \| 000,085,472 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.04.21 03:18:25 \| 000,002,252 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.04.21 03:18:25 \| 000,002,040 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: Angry Birds = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Offline Google Mail = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.18_0\ CHR - Extension: Facebook Disconnect = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec\1.3.0_1\ CHR - Extension: The Weather Channel for Chrome = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop\1.0.0.4_0\ CHR - Extension: Cath Kidston = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndlpkmaeinmnbiadacenijnhlolneopm\3_0\ CHR - Extension: Gmail = C:\Documents and Settings\Isidora\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2010.12.03 13:33:19 \| 000,425,881 \| R--- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14693 more lines... O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (ScenicReflections Toolbar) - {3a47260c-5db6-4371-91ce-f3c30748704f} - C:\Program Files\scenicreflectionstb\scenicreflectionsDx.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Updater For ScenicReflections Toolbar) - {cd9094dd-9c64-45c6-8cab-7c3b96825be3} - C:\Program Files\scenicreflectionstb\auxi\scenicreflectionsAu.dll (Visicom Media) O3 - HKLM\..\Toolbar: (no name) - !{21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{3a47260c-5db6-4371-91ce-f3c30748704f} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found. O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O4 - HKLM..\Run: [CertificateRegistration] C:\WINDOWS\System32\SafeSignCertReg.exe (A.E.T. Europe B.V.) O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.) O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited) O4 - HKCU..\Run: [Windows Primary Login] C:\Documents and Settings\Isidora\Application Data\R-344233-5553-2-32\update32.exe (YHo4zX RyTOJi DHh5ffh) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Îêíî ñîñòîÿíèÿ Canon LBP-810.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE (CANON INC.) O4 - Startup: C:\Documents and Settings\Isidora\Start Menu\Programs\Startup\AccessRunner DSL (2).lnk = File not found O4 - Startup: C:\Documents and Settings\Isidora\Start Menu\Programs\Startup\AccessRunner DSL.lnk = File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 23116 = C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\msamlvb.scr O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {1434F838-9D13-11D5-8492-00A0D21032F8} [Link mogu videti samo ulogovani korisnici]* (SiVBS.File) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_31) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [Link mogu videti samo ulogovani korisnici] (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DB990A7-A634-418D-81BD-F5AAD67111FD}: DhcpNameServer = 82.117.194.2 82.117.194.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DCDFED0-D5A7-471B-B643-4A4D5CDDF43A}: NameServer = 194.106.162.10 194.106.162.3 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Isidora\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Isidora\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.10.22 04:31:45 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005.05.30 10:12:46 \| 000,000,580 \| ---- \| M] () - E:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk ) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.07.09 20:37:51 \| 000,595,968 \| ---- \| C] (OldTimer Tools) -- D:\Desktop\OTL.com [2012.07.09 19:38:57 \| 000,518,144 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012.07.09 19:38:57 \| 000,406,528 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012.07.09 19:38:57 \| 000,212,480 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012.07.09 19:38:41 \| 000,000,000 \| --SD \| C] -- C:\ComboFix [2012.07.09 19:38:27 \| 000,000,000 \| ---D \| C] -- C:\Qoobox [2012.07.09 18:18:11 \| 004,574,937 \| R--- \| C] (Swearware) -- D:\Desktop\ComboFix.exe [2012.07.08 21:49:02 \| 000,000,000 \| ---D \| C] -- D:\Desktop\Slike [2012.07.08 21:37:13 \| 000,000,000 \| ---D \| C] -- D:\Desktop\Programi [2012.07.08 21:36:07 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Isidora\Recent [2012.07.08 19:40:33 \| 000,000,000 \| RHSD \| C] -- C:\cmdcons [2012.07.08 19:34:57 \| 000,060,416 \| ---- \| C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012.07.08 19:18:39 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\erdnt [2012.07.08 17:47:17 \| 000,000,000 \| ---D \| C] -- D:\Desktop\RootRepeal [2012.07.08 17:20:23 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Documents\My Videos [2012.07.08 17:20:23 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Isidora\Start Menu\Programs\Administrative Tools [2012.07.08 17:17:20 \| 000,607,260 \| R--- \| C] (Swearware) -- D:\Desktop\dds.scr [2012.07.08 02:30:57 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy [2012.07.08 02:16:49 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Isidora\Start Menu\Programs\Google Chrome [2012.07.08 02:14:02 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Skype [2012.07.08 02:14:02 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype [2012.07.04 22:30:16 \| 000,000,000 \| RHSD \| C] -- C:\Documents and Settings\Isidora\Application Data\R-344233-5553-2-32 [2012.06.27 05:24:38 \| 000,068,096 \| ---- \| C] (Open Source Software community LGPL) -- C:\Documents and Settings\Isidora\Application Data\pthreadGC2.dll [2012.06.27 05:24:38 \| 000,017,920 \| ---- \| C] (Khronos Group) -- C:\Documents and Settings\Isidora\Application Data\OpenCL.dll [2012.06.27 05:01:53 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Local Settings [2012.06.26 23:19:19 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Isidora\P-7-78-8964-9648-3874 [3 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] [1 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [1 C:\Documents and Settings\Isidora\.tmp files -> C:\Documents and Settings\Isidora\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.09 20:37:52 \| 000,595,968 \| ---- \| M] (OldTimer Tools) -- D:\Desktop\OTL.com [2012.07.09 20:20:00 \| 000,000,986 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-179605362-839522115-1004UA.job [2012.07.09 19:55:15 \| 000,000,830 \| ---- \| M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.07.09 19:51:00 \| 000,001,006 \| ---- \| M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-842925246-179605362-839522115-1004UA.job [2012.07.09 19:51:00 \| 000,000,984 \| ---- \| M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-842925246-179605362-839522115-1004Core.job [2012.07.09 19:50:40 \| 000,000,442 \| ---- \| M] () -- C:\WINDOWS\tasks\RegCure Program Check.job [2012.07.09 19:50:40 \| 000,000,268 \| ---- \| M] () -- C:\WINDOWS\tasks\RegistryBooster.job [2012.07.09 19:50:23 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2012.07.09 19:50:16 \| 2146,619,392 \| -HS- \| M] () -- C:\hiberfil.sys [2012.07.09 18:38:17 \| 000,000,692 \| ---- \| M] () -- C:\Documents and Settings\Isidora\Start Menu\Programs\Startup\AccessRunner DSL (2).lnk [2012.07.09 18:18:46 \| 004,574,937 \| R--- \| M] (Swearware) -- D:\Desktop\ComboFix.exe [2012.07.09 18:01:01 \| 000,000,446 \| ---- \| M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job [2012.07.09 17:57:05 \| 000,000,104 \| ---- \| M] () -- D:\Desktop\Google Chrome.lnk [2012.07.08 22:13:47 \| 000,000,614 \| ---- \| M] () -- C:\Documents and Settings\Isidora\Start Menu\Programs\Startup\AccessRunner DSL.lnk [2012.07.08 19:40:42 \| 000,000,327 \| RHS- \| M] () -- C:\boot.ini [2012.07.08 19:26:52 \| 000,044,544 \| ---- \| M] () -- C:\WINDOWS\System32\mnixl.exe [2012.07.08 17:17:21 \| 000,607,260 \| R--- \| M] (Swearware) -- D:\Desktop\dds.scr [2012.07.08 04:47:00 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\RegCure.job [2012.07.08 02:59:59 \| 000,008,444 \| ---- \| M] () -- C:\WINDOWS\wininit.ini [2012.07.08 02:20:00 \| 000,000,934 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-179605362-839522115-1004Core.job [2012.07.08 01:46:30 \| 000,037,266 \| ---- \| M] () -- C:\Documents and Settings\Isidora\My Documents\cc_20120708_014626.reg [2012.07.08 00:33:00 \| 000,000,420 \| ---- \| M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job [2012.07.07 21:24:33 \| 000,036,824 \| ---- \| M] () -- C:\Documents and Settings\Isidora\My Documents\cc_20120707_212427.reg [2012.07.05 23:14:25 \| 000,002,278 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.27 05:24:38 \| 000,394,609 \| -H-- \| M] () -- C:\Documents and Settings\Isidora\Application Data\windowsgpu.exe [2012.06.27 05:02:57 \| 000,044,544 \| ---- \| M] () -- C:\WINDOWS\System32\gteryg.exe [2012.06.23 11:55:41 \| 000,426,184 \| ---- \| M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.06.23 11:55:41 \| 000,070,344 \| ---- \| M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.06.15 17:15:00 \| 000,000,398 \| ---- \| M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job [3 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] [1 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [1 C:\Documents and Settings\Isidora\.tmp files -> C:\Documents and Settings\Isidora\.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.09 19:38:58 \| 000,208,896 \| ---- \| C] () -- C:\WINDOWS\MBR.exe [2012.07.09 19:38:57 \| 000,256,000 \| ---- \| C] () -- C:\WINDOWS\PEV.exe [2012.07.09 19:38:57 \| 000,098,816 \| ---- \| C] () -- C:\WINDOWS\sed.exe [2012.07.09 19:38:57 \| 000,080,412 \| ---- \| C] () -- C:\WINDOWS\grep.exe [2012.07.09 19:38:57 \| 000,068,096 \| ---- \| C] () -- C:\WINDOWS\zip.exe [2012.07.09 19:25:15 \| 2146,619,392 \| -HS- \| C] () -- C:\hiberfil.sys [2012.07.09 18:38:17 \| 000,000,692 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Start Menu\Programs\Startup\AccessRunner DSL (2).lnk [2012.07.09 17:57:05 \| 000,000,104 \| ---- \| C] () -- D:\Desktop\Google Chrome.lnk [2012.07.08 22:13:47 \| 000,000,614 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Start Menu\Programs\Startup\AccessRunner DSL.lnk [2012.07.08 19:40:41 \| 000,000,211 \| ---- \| C] () -- C:\Boot.bak [2012.07.08 19:40:37 \| 000,260,272 \| RHS- \| C] () -- C:\cmldr [2012.07.08 19:26:52 \| 000,044,544 \| ---- \| C] () -- C:\WINDOWS\System32\mnixl.exe [2012.07.08 02:15:23 \| 000,000,986 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-179605362-839522115-1004UA.job [2012.07.08 02:15:23 \| 000,000,934 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-179605362-839522115-1004Core.job [2012.07.08 01:46:28 \| 000,037,266 \| ---- \| C] () -- C:\Documents and Settings\Isidora\My Documents\cc_20120708_014626.reg [2012.07.07 21:24:30 \| 000,036,824 \| ---- \| C] () -- C:\Documents and Settings\Isidora\My Documents\cc_20120707_212427.reg [2012.06.27 05:24:38 \| 000,262,144 \| -H-- \| C] () -- C:\Documents and Settings\Isidora\Application Data\wingpu64.exe [2012.06.27 05:24:38 \| 000,249,344 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Application Data\libcurl-4.dll [2012.06.27 05:24:38 \| 000,087,054 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Application Data\libpdcurses.dll [2012.06.27 05:24:35 \| 000,394,609 \| -H-- \| C] () -- C:\Documents and Settings\Isidora\Application Data\windowsgpu.exe [2012.06.27 05:02:57 \| 000,044,544 \| ---- \| C] () -- C:\WINDOWS\System32\gteryg.exe [2012.04.25 17:10:58 \| 000,075,107 \| ---- \| C] () -- C:\WINDOWS\System32\cfe44d6c.exe [2012.04.25 17:10:36 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\474e50b3a79e0d4c29cface790851a38_c [2012.04.07 05:16:07 \| 000,007,680 \| ---- \| C] () -- C:\WINDOWS\351909703.exe [2012.04.07 05:16:07 \| 000,000,004 \| ---- \| C] () -- C:\WINDOWS\351909703.dat [2012.04.03 04:09:20 \| 000,000,004 \| ---- \| C] () -- C:\WINDOWS\2300000.dat [2012.04.03 04:09:20 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\2300000.exe [2012.04.03 03:30:44 \| 000,000,004 \| ---- \| C] () -- C:\WINDOWS\1311859.dat [2012.04.03 03:29:47 \| 000,008,444 \| ---- \| C] () -- C:\WINDOWS\wininit.ini [2012.03.08 19:14:19 \| 000,000,754 \| ---- \| C] () -- C:\WINDOWS\WORDPAD.INI [2011.07.18 20:21:29 \| 000,000,012 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\ReminderNextRun [2010.12.25 22:20:43 \| 000,000,056 \| -H-- \| C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010.12.02 18:34:31 \| 000,000,552 \| ---- \| C] () -- C:\WINDOWS\System32\d3d8caps.dat [2009.10.20 11:24:54 \| 000,002,528 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Application Data\$_hpcst$.hpc [2008.12.21 23:16:04 \| 000,000,600 \| ---- \| C] () -- C:\Documents and Settings\Isidora\PUTTY.RND [2008.10.05 09:58:25 \| 000,000,130 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Local Settings\Application Data\fusioncache.dat [2008.03.19 00:44:09 \| 000,000,032 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat [2007.10.23 22:05:30 \| 000,000,284 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Application Data\ViewerApp.dat [2007.10.22 19:54:57 \| 000,116,224 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files - Unicode (All) ========== [2012.04.07 09:40:22 \| 000,053,760 \| ---- \| M] ()(C:\Documents and Settings\Isidora\My Documents\?????? ???????.doc) -- C:\Documents and Settings\Isidora\My Documents\ЗЛАТНО ПРАВИЛО.doc [2012.04.07 03:47:42 \| 000,053,760 \| ---- \| C] ()(C:\Documents and Settings\Isidora\My Documents\?????? ???????.doc) -- C:\Documents and Settings\Isidora\My Documents\ЗЛАТНО ПРАВИЛО.doc [2011.10.27 00:39:43 \| 000,000,162 \| -H-- \| M] ()(C:\Documents and Settings\Isidora\My Documents\~$?????????????.doc) -- C:\Documents and Settings\Isidora\My Documents\~$НДАМЕНТАЛИЗАМ.doc [2011.10.27 00:39:43 \| 000,000,162 \| -H-- \| C] ()(C:\Documents and Settings\Isidora\My Documents\~$?????????????.doc) -- C:\Documents and Settings\Isidora\My Documents\~$НДАМЕНТАЛИЗАМ.doc [2010.05.14 01:14:29 \| 002,169,856 \| ---- \| M] ()(C:\Documents and Settings\Isidora\My Documents\???????????????.doc) -- C:\Documents and Settings\Isidora\My Documents\ФУНДАМЕНТАЛИЗАМ.doc [2010.05.14 01:14:28 \| 002,169,856 \| ---- \| C] ()(C:\Documents and Settings\Isidora\My Documents\???????????????.doc) -- C:\Documents and Settings\Isidora\My Documents\ФУНДАМЕНТАЛИЗАМ.doc ========== Alternate Data Streams ========== @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1940DBE8 < End of report > [Link mogu videti samo ulogovani korisnici]

Profil

ivance95 Poslao: 10 Jul 2012 10:50 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Ponovo pokreni program OTL dvoklikom na ikonicu; U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst: :OTL SRV - File not found [Disabled \| Stopped] -- C:\PROGRA~1\Bandoo\Bandoo.exe -- (Bandoo Coordinator) SRV - [2012.07.08 19:26:52 \| 000,044,544 \| ---- \| M] () [Auto \| Stopped] -- C:\WINDOWS\system32\mnixl.exe -- (mnixl) SRV - [2012.06.27 05:02:57 \| 000,044,544 \| ---- \| M] () [Auto \| Stopped] -- C:\WINDOWS\system32\gteryg.exe -- (gteryg) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\DOCUME~1\Isidora\LOCALS~1\Temp\MSJDrvr.sys -- (MSJDrvr) DRV - File not found [Kernel \| On_Demand \| Unknown] -- -- (aw7912h0) DRV - File not found [Kernel \| On_Demand \| Unknown] -- -- (afpag5an) IE - HKLM\..\SearchScopes\{03284e28-044a-44ce-b10a-144b07803d55}: "URL" = http://ws.infospace.com/coolchaser_game_bwr/ws/red.....1&qkw={searchTerms} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms} IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1 IE - HKCU\..\SearchScopes\{03284e28-044a-44ce-b10a-144b07803d55}: "URL" = http://ws.infospace.com/coolchaser_game_bwr/ws/red.....1&qkw={searchTerms} IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3065462 IE - HKCU\..\SearchScopes\{B4D1E127-FE08-43F0-A8D2-7323A321C978}: "URL" = http://www.resultscan.com/?prt=RstscnAMON&keywords={searchTerms} IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1 FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll File not found O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (ScenicReflections Toolbar) - {3a47260c-5db6-4371-91ce-f3c30748704f} - C:\Program Files\scenicreflectionstb\scenicreflectionsDx.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Updater For ScenicReflections Toolbar) - {cd9094dd-9c64-45c6-8cab-7c3b96825be3} - C:\Program Files\scenicreflectionstb\auxi\scenicreflectionsAu.dll (Visicom Media) O3 - HKLM\..\Toolbar: (no name) - !{21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{3a47260c-5db6-4371-91ce-f3c30748704f} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found. O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 23116 = C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\msamlvb.scr [2012.07.08 19:18:39 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\erdnt [2012.07.04 22:30:16 \| 000,000,000 \| RHSD \| C] -- C:\Documents and Settings\Isidora\Application Data\R-344233-5553-2-32 [2012.06.26 23:19:19 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Isidora\P-7-78-8964-9648-3874 [2012.06.27 05:24:38 \| 000,394,609 \| -H-- \| M] () -- C:\Documents and Settings\Isidora\Application Data\windowsgpu.exe [2012.07.08 01:46:30 \| 000,037,266 \| ---- \| M] () -- C:\Documents and Settings\Isidora\My Documents\cc_20120708_014626.reg [2012.07.07 21:24:33 \| 000,036,824 \| ---- \| M] () -- C:\Documents and Settings\Isidora\My Documents\cc_20120707_212427.reg [2012.07.08 02:59:59 \| 000,008,444 \| ---- \| M] () -- C:\WINDOWS\wininit.ini [2012.06.27 05:24:38 \| 000,262,144 \| -H-- \| C] () -- C:\Documents and Settings\Isidora\Application Data\wingpu64.exe [2012.06.27 05:24:38 \| 000,249,344 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Application Data\libcurl-4.dll [2012.06.27 05:24:38 \| 000,087,054 \| ---- \| C] () -- C:\Documents and Settings\Isidora\Application Data\libpdcurses.dll [2012.04.25 17:10:58 \| 000,075,107 \| ---- \| C] () -- C:\WINDOWS\System32\cfe44d6c.exe [2012.04.25 17:10:36 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\474e50b3a79e0d4c29cface790851a38_c [2012.04.07 05:16:07 \| 000,007,680 \| ---- \| C] () -- C:\WINDOWS\351909703.exe [2012.04.07 05:16:07 \| 000,000,004 \| ---- \| C] () -- C:\WINDOWS\351909703.dat [2012.04.03 04:09:20 \| 000,000,004 \| ---- \| C] () -- C:\WINDOWS\2300000.dat [2012.04.03 04:09:20 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\2300000.exe [2012.04.03 03:30:44 \| 000,000,004 \| ---- \| C] () -- C:\WINDOWS\1311859.dat :files C:\Program Files\ConduitEngine\prxConduitEngine.dll C:\Program Files\scenicreflectionstb\scenicreflectionsDx.dll C:\Program Files\scenicreflectionstb\auxi\scenicreflectionsAu.dll :Commands [EMPTYTEMP] [REBOOT] Klikni taster Run Fix; Log koji dobiješ iskopiraj ovde u poruci. Obrisi ikonicu ComboFix-a sa desktopa, i isprati ponovo sledece uputstvo: Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. Ivance95 (AMF Tim)

Profil

pr0ba Poslao: 10 Jul 2012 18:20 Idi na vrh
offline pr0ba Građanin Pridružio: 29 Sep 2008 Poruke: 39 Gde živiš: Sta te briga ?	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! All processes killed ========== OTL ========== Service Bandoo Coordinator stopped successfully! Service Bandoo Coordinator deleted successfully! File C:\PROGRA~1\Bandoo\Bandoo.exe not found. Service mnixl stopped successfully! Service mnixl deleted successfully! C:\WINDOWS\system32\mnixl.exe moved successfully. Service gteryg stopped successfully! Service gteryg deleted successfully! C:\WINDOWS\system32\gteryg.exe moved successfully. Service MSJDrvr stopped successfully! Service MSJDrvr deleted successfully! File C:\DOCUME~1\Isidora\LOCALS~1\Temp\MSJDrvr.sys not found. Error: No service named aw7912h0 was found to stop! Service\Driver key aw7912h0 not found. Error: No service named afpag5an was found to stop! Service\Driver key afpag5an not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03284e28-044a-44ce-b10a-144b07803d55}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03284e28-044a-44ce-b10a-144b07803d55}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03284e28-044a-44ce-b10a-144b07803d55}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03284e28-044a-44ce-b10a-144b07803d55}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B4D1E127-FE08-43F0-A8D2-7323A321C978}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4D1E127-FE08-43F0-A8D2-7323A321C978}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@funwebproducts.com/Plugin\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3a47260c-5db6-4371-91ce-f3c30748704f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a47260c-5db6-4371-91ce-f3c30748704f}\ deleted successfully. C:\Program Files\scenicreflectionstb\scenicreflectionsDx.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cd9094dd-9c64-45c6-8cab-7c3b96825be3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd9094dd-9c64-45c6-8cab-7c3b96825be3}\ deleted successfully. C:\Program Files\scenicreflectionstb\auxi\scenicreflectionsAu.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{3a47260c-5db6-4371-91ce-f3c30748704f} deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\23116 deleted successfully. C:\WINDOWS\erdnt\Hiv-backup\Users\00000006 folder moved successfully. C:\WINDOWS\erdnt\Hiv-backup\Users\00000005 folder moved successfully. C:\WINDOWS\erdnt\Hiv-backup\Users\00000004 folder moved successfully. C:\WINDOWS\erdnt\Hiv-backup\Users\00000003 folder moved successfully. C:\WINDOWS\erdnt\Hiv-backup\Users\00000002 folder moved successfully. C:\WINDOWS\erdnt\Hiv-backup\Users\00000001 folder moved successfully. C:\WINDOWS\erdnt\Hiv-backup\Users folder moved successfully. C:\WINDOWS\erdnt\Hiv-backup folder moved successfully. C:\WINDOWS\erdnt folder moved successfully. C:\Documents and Settings\Isidora\Application Data\R-344233-5553-2-32 folder moved successfully. C:\Documents and Settings\Isidora\P-7-78-8964-9648-3874 folder moved successfully. C:\Documents and Settings\Isidora\Application Data\windowsgpu.exe moved successfully. C:\Documents and Settings\Isidora\My Documents\cc_20120708_014626.reg moved successfully. C:\Documents and Settings\Isidora\My Documents\cc_20120707_212427.reg moved successfully. C:\WINDOWS\wininit.ini moved successfully. C:\Documents and Settings\Isidora\Application Data\wingpu64.exe moved successfully. C:\Documents and Settings\Isidora\Application Data\libcurl-4.dll moved successfully. C:\Documents and Settings\Isidora\Application Data\libpdcurses.dll moved successfully. C:\WINDOWS\system32\cfe44d6c.exe moved successfully. C:\Documents and Settings\All Users\Application Data\474e50b3a79e0d4c29cface790851a38_c moved successfully. C:\WINDOWS\351909703.exe moved successfully. C:\WINDOWS\351909703.dat moved successfully. C:\WINDOWS\2300000.dat moved successfully. C:\WINDOWS\2300000.exe moved successfully. C:\WINDOWS\1311859.dat moved successfully. ========== FILES ========== File\Folder C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. File\Folder C:\Program Files\scenicreflectionstb\scenicreflectionsDx.dll not found. File\Folder C:\Program Files\scenicreflectionstb\auxi\scenicreflectionsAu.dll not found. ========== COMMANDS ========== Error: Unable to interpret <[RESETHOST]> in the current context! [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 134 bytes User: Administrator.HOME-BA6B42AE7A ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 134 bytes User: Administrator.HOME-BA6B42AE7A.001 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 134 bytes User: All Users ->Temp folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 134 bytes User: Isidora ->Temp folder emptied: 394645 bytes ->Temporary Internet Files folder emptied: 9830534 bytes ->Java cache emptied: 5012039446 bytes ->FireFox cache emptied: 59440161 bytes ->Google Chrome cache emptied: 220503301 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 3804372 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33203 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 2008719 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 51380 bytes %systemroot%\System32 .tmp files removed: 285201 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 32768 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 236101 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 5.063,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07102012_162044 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot... Evo ovaj log od prvog programa, a ovaj drugi ComboFix, opet nista nece da uradi. Nema logova nigde. Posle restarta kad se sistem digne, pise "this system has recoveted from a serious error" i to je to, vise se nista ne desava. I da, inace, komp radi posle silnih brisanja trojana i ostalog odlicno, brzo, cak je i net brzi, ali browseri i dalje padaju. Ne znam vise da li imas jos neku ideju, ovo vise nije humano. Hvala jos jednom.

Profil

ivance95 Poslao: 10 Jul 2012 19:56 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Isprati uputstvoi koje se nalazi na sledećem linku, i izaberi opciju Safe Mode with Networking: [Link mogu videti samo ulogovani korisnici] Obriši ComboFix sa Desktop-a, preuzmi svežu kopiju i izvrši skeniranje po uputstvu iz predhodne poruke. Ivance95 (AMF Tim)

Profil

pr0ba Poslao: 11 Jul 2012 01:24 Idi na vrh
offline pr0ba Građanin Pridružio: 29 Sep 2008 Poruke: 39 Gde živiš: Sta te briga ?	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ComboFix 12-07-10.01 - Isidora 11.07.2012 0:51.6.2 - x86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2047.1632 [GMT 2:00] Running from: d:\desktop\ComboFix.exe AV: Emsisoft Anti-Malware Disabled/Outdated {0F8591BB-342B-4493-91C3-4E948ED21255} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\100 c:\documents and settings\All Users\Application Data\ResultScan c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Isidora\Application Data\explorer.exe c:\documents and settings\Isidora\Application Data\libcurl-4.dll c:\documents and settings\Isidora\Application Data\libpdcurses.dll c:\documents and settings\Isidora\Application Data\OpenCL.dll c:\documents and settings\Isidora\Application Data\PriceGong c:\documents and settings\Isidora\Application Data\PriceGong\Data\1.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\a.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\b.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\c.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\d.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\e.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\f.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\g.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\h.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\i.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\J.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\k.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\l.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\m.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\mru.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\n.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\o.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\p.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\q.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\r.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\s.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\t.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\u.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\v.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\w.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\x.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\y.xml c:\documents and settings\Isidora\Application Data\PriceGong\Data\z.xml c:\documents and settings\Isidora\Application Data\taskhost.exe c:\documents and settings\Isidora\Application Data\wingpu64.exe c:\documents and settings\Isidora\WINDOWS c:\program files\ResultScan c:\program files\ResultScan\uninstall.exe c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\ST6UNST.000 c:\windows\system32\winlogon.bak . . ((((((((((((((((((((((((( Files Created from 2012-06-10 to 2012-07-10 ))))))))))))))))))))))))))))))) . . 2012-07-10 14:21 . 2012-07-10 14:21 44544 ----a-w- c:\windows\system32\kwinj.exe 2012-07-08 00:14 . 2012-07-08 00:14 -------- d-----w- c:\program files\Common Files\Skype 2012-06-27 03:24 . 2012-02-23 19:06 68096 ----a-w- c:\documents and settings\Isidora\Application Data\pthreadGC2.dll 2012-06-13 13:06 . 2012-06-13 13:06 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll 2012-06-13 13:06 . 2012-06-13 13:06 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-23 09:55 . 2012-05-08 16:53 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-23 09:55 . 2012-02-02 02:11 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-17 16:29 . 2012-05-08 16:46 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2007-10-22 . 6225F14B8CE08CCBA8B25AD27843C674 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-04-02 102400] "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608] "NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-01-10 1083264] "RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-07-12 67456] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088] "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-06-05 33628160] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304] "CertificateRegistration"="SafeSignCertReg.exe" [2004-02-17 28672] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] . c:\documents and settings\Isidora\Start Menu\Programs\Startup\ AccessRunner DSL (2).lnk - [N/A] AccessRunner DSL.lnk - [N/A] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Îêíî ñîñòîÿíèÿ Canon LBP-810.lnk - c:\windows\system32\spool\drivers\w32x86\3\CAPPSWK.EXE [2007-10-22 114176] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Isidora^Start Menu^Programs^Startup^fliptoast.lnk] path=c:\documents and settings\Isidora\Start Menu\Programs\Startup\fliptoast.lnk backup=c:\windows\pss\fliptoast.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater] 2009-05-27 15:43 2356088 -c--a-w- c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2009-04-24 03:05 203416 ----a-w- c:\program files\Alcohol Soft\Alcohol 52\AxCmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAPON] 2001-04-12 15:00 22528 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\CAPONN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates] 2012-03-04 12:31 260608 ----a-w- c:\documents and settings\Isidora\Application Data\SuperPump\updater.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2012-07-08 00:15 116648 ----atw- c:\documents and settings\Isidora\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrtScr by FireStarter] 2009-05-16 02:15 1700864 ----a-w- c:\program files\PrtScr\PrtScr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster] 2011-07-12 06:47 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2012-07-03 11:23 17417392 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2012-07-07 23:29 3905408 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2009-09-18 14:02 288560 ----a-w- c:\program files\uTorrent\uTorrent.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"= . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.5.2009 16:20 721904] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12.8.2011 1:38 116608] R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [28.2.2008 11:48 646784] S1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [3.4.2012 3:02 34768] S1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [3.4.2012 3:02 11776] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27 12880] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664] S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [3.4.2012 3:02 3045688] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [20.10.2009 11:25 233472] S2 kwinj;Realtek Audio Service;c:\windows\system32\kwinj.exe [10.7.2012 16:21 44544] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11.5.2009 13:32 654408] S2 MustekMA1908Driver;MustekMA1908Driver;c:\windows\system32\drivers\MA1908.SYS [22.10.2007 15:02 22528] S2 RapidPort;RapidPort;c:\windows\system32\drivers\CAPLPTN.SYS [22.10.2007 19:23 22912] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.7.2012 13:19 160944] S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [16.1.2012 2:44 2886528] S3 a2acc;a2acc;c:\program files\Emsisoft Anti-Malware\a2accx86.sys [3.4.2012 3:02 51632] S3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [28.2.2008 11:48 60288] S3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;c:\windows\system32\drivers\CnxTgN.sys [28.2.2008 11:48 108675] S3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [28.2.2007 8:38 115712] S3 EZUSB;EZUSB PC/SC Smart Card Reader;c:\windows\system32\DRIVERS\ezusb.sys --> c:\windows\system32\DRIVERS\ezusb.sys [?] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [20.10.2009 11:25 36608] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11.5.2009 13:32 22344] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [8.5.2012 18:46 113120] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [4.2.2012 18:38 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [4.2.2012 18:38 8576] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [20.10.2009 11:27 90112] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [20.10.2009 11:27 14976] S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [20.10.2009 11:27 121856] S3 TodosAgmII;Driver for Todos Argos Mini II USB;c:\windows\system32\drivers\AgmIIusb.sys [26.6.2006 10:24 17152] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [26.4.2010 13:20 1374464] . Contents of the 'Scheduled Tasks' folder . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-179605362-839522115-1004Core.job - c:\documents and settings\Isidora\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-08 00:15] . 2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-179605362-839522115-1004UA.job - c:\documents and settings\Isidora\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-08 00:15] . 2012-07-10 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-07-27 06:47] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src={referrer:source?} uInternet Settings,ProxyOverride = .local DPF: {1434F838-9D13-11D5-8492-00A0D21032F8} - [Link mogu videti samo ulogovani korisnici]* FF - ProfilePath - c:\documents and settings\Isidora\Application Data\Mozilla\Firefox\Profiles\zsm9qdts.default\ FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . HKCU-Run-Windows Primary Login - c:\documents and settings\Isidora\Application Data\R-344233-5553-2-32\update32.exe SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-Adobe Driver Update - c:\docume~1\Isidora\LOCALS~1\Temp\adbreader.exe MSConfigStartUp-Facebook Update - c:\documents and settings\Isidora\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe AddRemove-cfe44d6c - c:\windows\system32\cfe44d6c.exe AddRemove-HijackThis - g:\prijatelj\HijackThis.exe AddRemove-ResultScan - c:\program files\ResultScan\uninstall.exe . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2012-07-11 01:01 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????????? . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(224) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\Ati2evxx.dll c:\windows\system32\l3codeca.acm c:\windows\system32\sirenacm.dll . Completion time: 2012-07-11 01:05:13 ComboFix-quarantined-files.txt 2012-07-10 23:04 . Pre-Run: 8.916.955.136 bytes free Post-Run: 8.863.399.936 bytes free . - - End Of File - - 7618EE18A9E14ACFC18F6F2E1ADBC6C6 [Link mogu videti samo ulogovani korisnici]** Konacno, uspelo je iz safe mode-a. Nadam se da sam sve lepo sada uradio.

Profil

ivance95 Poslao: 11 Jul 2012 10:02 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uploaduj mi c:\windows\system32\kwinj.exe preko: [Link mogu videti samo ulogovani korisnici] Na C particiji imas folder Qoobox, koji je kreiran od strane ComboFix-a Zapakuj ga u arhivu i uploaduj na link: [Link mogu videti samo ulogovani korisnici] Ivance95 (AMF Tim)

Profil

pr0ba Poslao: 11 Jul 2012 17:04 Idi na vrh
offline pr0ba Građanin Pridružio: 29 Sep 2008 Poruke: 39 Gde živiš: Sta te briga ?	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upload-ovao sam ovaj kwinj.exe, ali sam morao da ga stavim u .rar, u suprotnom nije htelo, ne znam zasto, valjda to nije problem. Upload-ovao sam i Qoobox. ali kada sam ga zapakovao u .rar izlazilo je ovo:

Profil

ivance95 Poslao: 11 Jul 2012 20:04 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Driver:: kwinj File:: c:\windows\system32\kwinj.exe FileLook:: c:\documents and settings\isidora\application data\wingpu64.exe c:\documents and settings\isidora\application data\pthreadGC2.dll c:\documents and settings\isidora\application data\windowsgpu.exe` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Ivance95 (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Browseri ne rade

Ko je trenutno na forumu

Ukupno su 1900 korisnika na forumu :: 74 registrovanih, 3 sakrivenih i 1823 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: alex71, Alexandar-1973, amaterSRB, antonije64, Aristotle2002, Asparagus, awathorn, Badja, bobomicek, Bobrock1, bojcistv, cifra, Cirkon, coaaco, curuzan, cvrle312, dacanaldo, dankisha, dd201176, Denaya, Despot1, Dexlex, Django777, doom83, draganl, DrMrak, Dukelander, dunavzed, Electron, Fog of War, fugasa, galerija, Hans Gajger, iceburn, ikan, JOntra, Kajzer Soze, ladro, lanishtefm, Ljusa, LostInSpaceandTime, Macalone, Makarid, Mali Rambo, markusx, Mastrum Ridkali, MikeHammer, Milos ZA, Moldovan, nazgul75, nenad81, nuke92, Oscar, ping15, proka89, raptorsi, raso76, RJ, samocitam, Sinduk, Sky diver 29, ss10, starlights, stokssone, The_new_Statesman, tomo2, Username1000, Vanderx, Velizar Laro, VJ, vlad4, zajcev1, zexon, zokizemun

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by