MyCity » Ambulanta -> Arhiva Ambulante » Koci mi kompjuter

Koci mi kompjuter

Napisano na dan: 20.8.2012

Koci mi kompjuter

Sledeća strana

Pagination

Odgovori

dejanod Poslao: 20 Avg 2012 13:44 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Od skoro mi kompjuter koci, imam adsl 6mb-s ide preko wirelesa. Sporo mi otvara stranice, windows explorer, i miš koci kada skrolujem. Lap top je , Aspire 5734z, procesor(intel T4400, ddr 3 - 3gb, 320 gb hdd) OTL logfile created on: 20-Aug-12 13:00:15 - Run 1 OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\nikola\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: dd-MMM-yy 2.93 Gb Total Physical Memory \| 1.29 Gb Available Physical Memory \| 44.04% Memory free 5.86 Gb Paging File \| 4.06 Gb Available in Paging File \| 69.29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 44.09 Gb Total Space \| 5.98 Gb Free Space \| 13.56% Space Free \| Partition Type: NTFS Drive D: \| 253.90 Gb Total Space \| 202.73 Gb Free Space \| 79.85% Space Free \| Partition Type: NTFS Computer Name: NIKOLA-PC \| User Name: nikola \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-08-20 12:58:37 \| 000,596,480 \| ---- \| M] (OldTimer Tools) -- C:\Users\nikola\Desktop\OTL.exe PRC - [2012-08-15 15:34:05 \| 001,536,712 \| ---- \| M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe PRC - [2012-07-26 10:29:46 \| 000,244,656 \| ---- \| M] (Facebook) -- C:\Users\nikola\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe PRC - [2012-07-24 00:12:21 \| 000,140,080 \| ---- \| M] (Boxore OU.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe PRC - [2012-07-10 09:46:36 \| 000,935,008 \| ---- \| M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe PRC - [2012-07-10 09:46:34 \| 001,107,552 \| ---- \| M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012-07-03 18:21:30 \| 004,273,976 \| ---- \| M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-07-03 18:21:29 \| 000,044,808 \| ---- \| M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-07-03 13:46:44 \| 000,655,944 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-07-03 13:46:44 \| 000,462,920 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-04-13 23:21:08 \| 000,924,600 \| ---- \| M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-03-19 13:38:46 \| 007,357,824 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012-03-19 13:38:46 \| 002,666,880 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-03-19 13:29:38 \| 000,106,368 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012-02-14 04:53:38 \| 000,193,288 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2012-01-03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-11-09 12:42:38 \| 001,694,608 \| ---- \| M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe ========== Modules (No Company Name) ========== MOD - [2012-08-15 15:34:05 \| 009,465,032 \| ---- \| M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll MOD - [2012-07-26 10:30:04 \| 021,014,960 \| ---- \| M] () -- C:\Users\nikola\AppData\Local\Facebook\Messenger\2.1.4590.0\libcef.dll MOD - [2012-07-26 10:29:40 \| 000,283,568 \| ---- \| M] () -- C:\Users\nikola\AppData\Local\Facebook\Messenger\2.1.4590.0\CefSharp.WinForms.dll MOD - [2012-07-26 10:29:36 \| 000,455,600 \| ---- \| M] () -- C:\Users\nikola\AppData\Local\Facebook\Messenger\2.1.4590.0\CefSharp.dll MOD - [2012-07-10 09:46:37 \| 000,132,704 \| ---- \| M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll MOD - [2012-07-10 09:46:34 \| 001,107,552 \| ---- \| M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012-06-13 13:40:16 \| 011,824,128 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll MOD - [2012-06-13 13:35:24 \| 012,433,920 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll MOD - [2012-06-13 13:35:15 \| 001,591,808 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll MOD - [2012-05-09 15:05:44 \| 006,618,624 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\294d439cfe959b5528ca81d37d3d502f\System.Data.ni.dll MOD - [2012-05-09 15:04:30 \| 005,453,312 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll MOD - [2012-05-09 15:04:26 \| 000,971,264 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll MOD - [2012-05-09 15:04:24 \| 007,952,384 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll MOD - [2012-05-09 15:04:12 \| 011,490,816 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll MOD - [2012-04-13 23:21:08 \| 001,969,080 \| ---- \| M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2009-06-10 23:23:17 \| 002,933,248 \| ---- \| M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012-07-03 18:21:29 \| 000,044,808 \| ---- \| M] (AVAST Software) [Auto \| Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2009-07-14 03:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009-07-14 03:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-08-15 15:34:06 \| 000,250,056 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-24 00:12:21 \| 000,140,080 \| ---- \| M] (Boxore OU.) [Auto \| Stopped] -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe -- (supdate) SRV - [2012-07-10 09:46:36 \| 000,935,008 \| ---- \| M] () [Auto \| Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0) SRV - [2012-07-03 13:52:02 \| 000,160,944 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-07-03 13:46:44 \| 000,655,944 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-19 13:38:46 \| 002,666,880 \| ---- \| M] (TeamViewer GmbH) [Auto \| Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-02-14 04:53:38 \| 000,193,288 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [Auto \| Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2012-01-03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2009-06-10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012-07-03 18:21:52 \| 000,958,400 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012-07-03 18:21:52 \| 000,355,856 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012-07-03 18:21:52 \| 000,071,064 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012-07-03 18:21:52 \| 000,059,728 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012-07-03 18:21:52 \| 000,054,072 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012-07-03 18:21:51 \| 000,025,232 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012-07-03 13:46:44 \| 000,024,904 \| ---- \| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012-03-01 08:54:38 \| 000,022,896 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012-02-22 05:25:32 \| 000,289,872 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012-01-15 18:38:26 \| 000,279,616 \| ---- \| M] (DT Soft Ltd) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011-12-23 13:32:14 \| 000,047,696 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [File_System \| System \| Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011-12-15 01:30:50 \| 000,056,408 \| ---- \| M] (NCH Software) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\stdriver64.sys -- (stdriver) DRV:64bit: - [2011-11-11 22:44:57 \| 003,058,168 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2011-02-12 05:16:38 \| 010,628,640 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010-03-02 14:59:32 \| 000,121,344 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:64bit: - [2010-03-02 14:59:32 \| 000,121,344 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:64bit: - [2010-03-02 14:59:32 \| 000,121,344 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:64bit: - [2010-02-22 10:09:10 \| 000,011,776 \| ---- \| M] (MBB Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:64bit: - [2009-07-14 03:52:21 \| 000,106,576 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009-07-14 03:52:21 \| 000,028,752 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009-07-14 03:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 03:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 03:47:48 \| 000,077,888 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009-07-14 03:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-14 02:09:15 \| 000,145,920 \| ---- \| M] (Microsoft Corporation) [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) DRV:64bit: - [2009-06-10 22:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 22:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 22:34:18 \| 000,057,344 \| ---- \| M] (Atheros Communications, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009-06-10 22:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]{9BB3C239-51DA-43B8-A9AA-5BDBE07CE57B} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - No CLSID value found IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&ctid=CT1060933 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7F CD 98 60 AE A0 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [Link mogu videti samo ulogovani korisnici] IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found IE - HKCU\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - No CLSID value found IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\CheatEngine DB Toolbar Toolbar\tbhelper.dll () IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&f=4 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&AF=109129&babsrc=SP_ss&mntrId=c6bf6b4a00000000000078e40041d077 IE - HKCU\..\SearchScopes\{3633D104-77CA-4169-8F24-E8E567673D1A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz= IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [Link mogu videti samo ulogovani korisnici]{sear IE - HKCU\..\SearchScopes\{8545172F-E45B-46E4-B394-26AAE4157B48}: "URL" = [Link mogu videti samo ulogovani korisnici]{AB428051-A2C4-479C-A97A-ED05315BF2B5}&mid=bd65fde093f047d0a3f3d14946e47bf3-aa8955c04df7e9122b7aa4a223d5fff85d0a34bb&lang=sr&ds=AVG&pr=pr&d=2012-05-14 20:55:04&v=11.0.0.9&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [Link mogu videti samo ulogovani korisnici]{E1AB18D5-7A5E-409A-BB41-0B5957D74638}&mid=bd65fde093f047d0a3f3d14946e47bf3-aa8955c04df7e9122b7aa4a223d5fff85d0a34bb&lang=sr&ds=AVG&pr=fr&d=2012-06-14 13:34:10&v=11.1.0.7&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = [Link mogu videti samo ulogovani korisnici]{9BB3C239-51DA-43B8-A9AA-5BDBE07CE57B}?q={searchTerms} IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKCU\..\SearchScopes\{AD15D461-C58C-4ECF-BFBC-47623C2AD507}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&locale=en_EU&apn_ptnrs=S3&apn_dtid=YYYYYYYYRS&apn_uid=bb27ba3d-d9da-48b0-9c23-701586159cbe&apn_sauid=1D64ADF8-4883-4902-8B67-BBD226EBB5B6& IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaultthis.engineName: "NCH EN Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.com" FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=113&systemid=406&sr=0&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files (x86)\Software\Update\1.2.199.0\npSoftwareOneClick8.dll (Boxore OU.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\nikola\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\nikola\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\nikola\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\nikola\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\nikola\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\nikola\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012-06-14 13:30:29 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012-06-14 13:30:30 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012-07-10 09:46:46 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-03 23:43:06 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-13 23:21:09 \| 000,000,000 \| ---D \| M] [2011-11-18 12:57:16 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\nikola\AppData\Roaming\Mozilla\Extensions [2012-08-20 12:55:47 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions [2012-07-24 00:06:47 \| 000,000,000 \| ---D \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} [2012-08-20 12:55:47 \| 000,000,000 \| ---D \| M] (NCH EN Community Toolbar) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} [2012-06-26 11:13:56 \| 000,000,000 \| ---D \| M] (uTorrentControl2 Community Toolbar) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} [2012-07-23 22:35:17 \| 000,000,000 \| ---D \| M] (CheatEngine DB Toolbar Toolbar) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} [2011-11-18 15:43:48 \| 000,000,000 \| ---D \| M] (Searchqu Toolbar) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2011-11-25 14:28:22 \| 000,000,000 \| ---D \| M] (SweetIM Toolbar for Firefox) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2011-12-03 16:58:46 \| 000,000,000 \| ---D \| M] ("DAEMON Tools Toolbar") -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\DTToolbar@toolbarnet.com [2012-07-24 00:07:45 \| 000,000,000 \| ---D \| M] (Babylon) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\ffxtlbr@babylon.com [2012-08-20 12:55:47 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions\staged [2012-05-14 20:24:08 \| 000,003,851 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\avg-secure-search.xml [2011-11-23 10:43:44 \| 000,000,915 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\conduit.xml [2012-01-15 18:41:48 \| 000,002,055 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\daemon-search.xml [2012-04-27 15:29:41 \| 000,002,384 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\search.xml [2011-11-18 12:57:09 \| 000,002,519 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\Search_Results.xml [2011-11-25 14:28:18 \| 000,003,915 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\sweetim.xml [2012-07-31 18:43:25 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-05-06 17:07:54 \| 000,000,000 \| ---D \| M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [2012-06-18 19:10:01 \| 000,000,000 \| ---D \| M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-14 13:30:29 \| 000,000,000 \| ---D \| M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK [2012-06-14 13:30:30 \| 000,000,000 \| ---D \| M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4 [2012-07-03 23:43:06 \| 000,000,000 \| ---D \| M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012-04-13 23:21:09 \| 000,097,208 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-07-10 09:46:33 \| 000,003,767 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012-07-24 00:07:02 \| 000,002,310 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012-03-05 17:40:21 \| 000,002,252 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011-11-12 23:02:19 \| 000,002,048 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2011-11-18 12:57:09 \| 000,002,519 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2012-03-05 17:40:21 \| 000,002,040 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2009-06-10 23:00:26 \| 000,000,824 \| ---- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - No CLSID value found. O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O2 - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - No CLSID value found. O2 - BHO: (no name) - {EEE6C35C-6118-11DC-9C72-001320C79847} - No CLSID value found. O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\CheatEngine DB Toolbar Toolbar\tbcore3.dll () O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (CheatEngine DB Toolbar Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\CheatEngine DB Toolbar Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No CLSID value found. O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\nikola\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - [Link mogu videti samo ulogovani korisnici]\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_33) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{619705A2-67E4-4A82-996D-C664DAD858A6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E39E77CC-86B9-497B-B878-DF5C1BA95FF7}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll () O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{19513d7f-3f94-11e1-934c-000000009200}\Shell - "" = AutoRun O33 - MountPoints2\{19513d7f-3f94-11e1-934c-000000009200}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{7002311d-11eb-11e1-8aca-705ab6ed112b}\Shell - "" = AutoRun O33 - MountPoints2\{7002311d-11eb-11e1-8aca-705ab6ed112b}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\{8e473804-1da9-11e1-bb37-705ab6ed112b}\Shell - "" = AutoRun O33 - MountPoints2\{8e473804-1da9-11e1-bb37-705ab6ed112b}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" % O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012-08-20 12:58:34 \| 000,596,480 \| ---- \| C] (OldTimer Tools) -- C:\Users\nikola\Desktop\OTL.exe [2012-08-20 12:52:01 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\AppData\Local\Macromedia [2012-08-20 12:45:08 \| 000,000,000 \| ---D \| C] -- C:\Windows\pss [2012-08-15 21:36:23 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler [2012-08-15 21:36:20 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Defraggler [2012-08-15 21:12:38 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\AppData\Roaming\Malwarebytes [2012-08-15 21:12:22 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-08-15 21:12:20 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2012-08-15 21:12:19 \| 000,024,904 \| ---- \| C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-08-15 21:12:18 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-08-15 09:09:48 \| 000,096,768 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-08-15 09:09:48 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-08-15 09:09:47 \| 000,237,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-08-15 09:09:47 \| 000,231,936 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-08-15 09:09:45 \| 000,248,320 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-08-15 09:09:45 \| 000,176,640 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-08-15 09:09:45 \| 000,173,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-08-15 09:09:44 \| 001,427,968 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-08-15 09:09:44 \| 000,142,848 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-08-15 09:09:43 \| 002,312,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-08-15 09:09:43 \| 001,494,528 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-08-15 09:09:40 \| 000,816,640 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-08-15 09:09:40 \| 000,717,824 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-08-15 07:12:35 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012-08-15 07:12:35 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012-08-15 07:12:35 \| 000,041,472 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012-08-15 07:12:29 \| 000,956,416 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012-07-27 20:37:29 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-07-24 00:07:24 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Boxore [2012-07-24 00:06:54 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\AppData\Local\Software [2012-07-24 00:06:54 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Software [2012-07-24 00:06:46 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facemoi [2012-07-24 00:06:46 \| 000,000,000 \| ---D \| C] -- C:\Facemoi [2012-07-23 22:35:16 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\CheatEngine DB Toolbar Toolbar [2012-07-23 22:34:53 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\Documents\My Cheat Tables [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-08-20 13:17:08 \| 000,000,954 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000UA.job [2012-08-20 13:17:08 \| 000,000,918 \| ---- \| M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job [2012-08-20 13:17:08 \| 000,000,898 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-08-20 13:17:08 \| 000,000,894 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-08-20 12:58:37 \| 000,596,480 \| ---- \| M] (OldTimer Tools) -- C:\Users\nikola\Desktop\OTL.exe [2012-08-20 12:46:15 \| 000,014,192 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-20 12:46:15 \| 000,014,192 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-20 12:39:05 \| 000,000,914 \| ---- \| M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job [2012-08-20 12:39:03 \| 000,065,536 \| ---- \| M] () -- C:\Windows\SysNative\Ikeext.etl [2012-08-20 12:38:52 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012-08-20 12:38:47 \| 2360,844,288 \| -HS- \| M] () -- C:\hiberfil.sys [2012-08-19 21:33:00 \| 000,000,830 \| ---- \| M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-19 20:36:01 \| 000,000,932 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000UA.job [2012-08-17 23:36:00 \| 000,000,910 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000Core.job [2012-08-15 21:36:23 \| 000,001,724 \| ---- \| M] () -- C:\Users\Public\Desktop\Defraggler.lnk [2012-08-15 21:12:22 \| 000,001,109 \| ---- \| M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-08-15 15:34:05 \| 000,426,184 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-08-15 15:34:05 \| 000,070,344 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-08-15 13:19:52 \| 000,274,320 \| ---- \| M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-08-14 23:44:01 \| 000,000,000 \| ---- \| M] () -- C:\Windows\SysWow64\config.nt [2012-08-12 02:15:00 \| 000,000,902 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000Core.job [2012-07-24 00:07:17 \| 000,000,237 \| ---- \| M] () -- C:\user.js [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] ========== Files Created - No Company Name ========== [2012-08-15 21:36:23 \| 000,001,724 \| ---- \| C] () -- C:\Users\Public\Desktop\Defraggler.lnk [2012-08-15 21:12:22 \| 000,001,109 \| ---- \| C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-08-08 02:10:51 \| 000,000,954 \| ---- \| C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000UA.job [2012-08-08 02:10:50 \| 000,000,902 \| ---- \| C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000Core.job [2012-07-24 00:07:17 \| 000,000,237 \| ---- \| C] () -- C:\user.js [2012-07-24 00:07:06 \| 000,000,918 \| ---- \| C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job [2012-07-24 00:07:05 \| 000,000,914 \| ---- \| C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job [2012-06-27 22:04:06 \| 000,003,584 \| ---- \| C] () -- C:\Users\nikola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-05-08 15:04:40 \| 000,733,844 \| ---- \| C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-05-08 15:04:39 \| 000,019,628 \| ---- \| C] () -- C:\Windows\prodsett_copy.ini [2012-04-27 15:36:39 \| 000,000,595 \| ---- \| C] () -- C:\Users\nikola\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml [2012-04-27 15:31:07 \| 000,000,000 \| ---- \| C] () -- C:\Users\nikola\AppData\Roaming\ringtone.flv [2012-03-21 19:35:52 \| 000,033,134 \| ---- \| C] () -- C:\Users\nikola\AppData\Roaming\UserTile.png [2012-02-08 16:59:18 \| 000,000,185 \| ---- \| C] () -- C:\Windows\SysWow64\msblcd32.dll [2011-12-15 18:56:48 \| 000,000,058 \| ---- \| C] () -- C:\Windows\nfsc_patch.ini [2011-11-14 19:19:19 \| 000,000,000 \| ---- \| C] () -- C:\Windows\nsreg.dat [2011-11-12 22:26:51 \| 000,175,616 \| ---- \| C] () -- C:\Windows\SysWow64\unrar.dll [2011-11-12 22:26:50 \| 000,000,038 \| ---- \| C] () -- C:\Windows\avisplitter.ini [2011-11-12 22:26:48 \| 000,631,808 \| ---- \| C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-11-12 22:26:48 \| 000,243,200 \| ---- \| C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-11-12 22:26:48 \| 000,080,896 \| ---- \| C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-02-12 05:15:08 \| 000,982,240 \| ---- \| C] () -- C:\Windows\SysWow64\igkrng500.bin [2011-02-12 05:15:08 \| 000,439,308 \| ---- \| C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2011-02-12 05:15:08 \| 000,092,356 \| ---- \| C] () -- C:\Windows\SysWow64\igfcg500m.bin ========== Alternate Data Streams ========== @Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:FF717A18 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:DBC416F8 @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:C72A744C @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:398EFF0F @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8E3E8227 < End of report > [Link mogu videti samo ulogovani korisnici]

Profil

ivance95 Poslao: 20 Avg 2012 14:08 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Dejane. Preuzmi AVG Remover sa sledećeg linka: [Link mogu videti samo ulogovani korisnici] Klikni na Yes, i sačekaj da se proces deinstalacije završi. Nakon toga restartuj kompjuter. Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop Dvoklikom pokreni program i klikni na dugme [Search] . Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad. Klikni na dugme [Delete] i pricekaj da program zavrsi. Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt Dvoklikom pokreni OTL. Štikliraj opciju Scan All Users. U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeći tekst: `netsvcs drives %SYSTEMDRIVE%\.exe /md5start explorer.exe winlogon.exe Userinit.exe svchost.exe services. /md5stop CREATERESTOREPOINT` Klikni RunScan i pričekaj da se skeniranje završi. Iskopiraj sadržaj OTL.txt izveštaja u temu na forumu. Ivance95 (AMF Tim)

Profil

dejanod Poslao: 22 Avg 2012 20:11 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: OTL logfile created on: 22-Aug-12 19:55:33 - Run 2 OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\nikola\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: dd-MMM-yy 2.93 Gb Total Physical Memory \| 1.94 Gb Available Physical Memory \| 66.29% Memory free 5.86 Gb Paging File \| 4.81 Gb Available in Paging File \| 82.04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 44.09 Gb Total Space \| 7.29 Gb Free Space \| 16.54% Space Free \| Partition Type: NTFS Drive D: \| 253.90 Gb Total Space \| 202.65 Gb Free Space \| 79.81% Space Free \| Partition Type: NTFS Computer Name: NIKOLA-PC \| User Name: nikola \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: All users \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-08-22 19:42:35 \| 001,807,560 \| ---- \| M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe PRC - [2012-08-20 12:58:37 \| 000,596,480 \| ---- \| M] (OldTimer Tools) -- C:\Users\nikola\Desktop\OTL.exe PRC - [2012-07-03 18:21:30 \| 004,273,976 \| ---- \| M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-07-03 18:21:29 \| 000,044,808 \| ---- \| M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-07-03 13:46:44 \| 000,655,944 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-13 23:21:08 \| 000,924,600 \| ---- \| M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-03-19 13:38:46 \| 007,357,824 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012-03-19 13:38:46 \| 002,666,880 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-03-19 13:29:38 \| 000,106,368 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012-01-03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ========== Modules (No Company Name) ========== MOD - [2012-08-22 19:42:35 \| 009,813,704 \| ---- \| M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll MOD - [2012-04-13 23:21:08 \| 001,969,080 \| ---- \| M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012-07-03 18:21:29 \| 000,044,808 \| ---- \| M] (AVAST Software) [Auto \| Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2009-07-14 03:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009-07-14 03:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-08-22 19:42:35 \| 000,250,568 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-03 13:52:02 \| 000,160,944 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-07-03 13:46:44 \| 000,655,944 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-19 13:38:46 \| 002,666,880 \| ---- \| M] (TeamViewer GmbH) [Auto \| Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2009-06-10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012-07-03 18:21:52 \| 000,958,400 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012-07-03 18:21:52 \| 000,355,856 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012-07-03 18:21:52 \| 000,071,064 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012-07-03 18:21:52 \| 000,059,728 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012-07-03 18:21:52 \| 000,054,072 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012-07-03 18:21:51 \| 000,025,232 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012-07-03 13:46:44 \| 000,024,904 \| ---- \| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012-03-01 08:54:38 \| 000,022,896 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012-01-15 18:38:26 \| 000,279,616 \| ---- \| M] (DT Soft Ltd) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011-12-15 01:30:50 \| 000,056,408 \| ---- \| M] (NCH Software) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\stdriver64.sys -- (stdriver) DRV:64bit: - [2011-11-11 22:44:57 \| 003,058,168 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2011-03-11 08:22:41 \| 000,107,904 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 08:22:40 \| 000,027,008 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011-02-12 05:16:38 \| 010,628,640 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010-03-02 14:59:32 \| 000,121,344 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:64bit: - [2010-03-02 14:59:32 \| 000,121,344 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:64bit: - [2010-03-02 14:59:32 \| 000,121,344 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:64bit: - [2010-02-22 10:09:10 \| 000,011,776 \| ---- \| M] (MBB Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:64bit: - [2009-07-14 03:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 03:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 03:47:48 \| 000,077,888 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009-07-14 03:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-14 02:09:15 \| 000,145,920 \| ---- \| M] (Microsoft Corporation) [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) DRV:64bit: - [2009-06-10 22:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 22:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 22:34:18 \| 000,057,344 \| ---- \| M] (Atheros Communications, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009-06-10 22:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7F CD 98 60 AE A0 CC 01 [binary data] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [Link mogu videti samo ulogovani korisnici] IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\SearchScopes\{3633D104-77CA-4169-8F24-E8E567673D1A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz= IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [Link mogu videti samo ulogovani korisnici]{searc} IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\SearchScopes\{8545172F-E45B-46E4-B394-26AAE4157B48}: "URL" = [Link mogu videti samo ulogovani korisnici]{AB428051-A2C4-479C-A97A-ED05315BF2B5}&mid=bd65fde093f047d0a3f3d14946e47bf3-aa8955c04df7e9122b7aa4a223d5fff85d0a34bb&lang=sr&ds=AVG&pr=pr&d=2012-05-14 20:55:04&v=11.0.0.9&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\SearchScopes\{AD15D461-C58C-4ECF-BFBC-47623C2AD507}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&locale=en_EU&apn_ptnrs=S3&apn_dtid=YYYYYYYYRS&apn_uid=bb27ba3d-d9da-48b0-9c23-701586159cbe&apn_sauid=1D64ADF8-4883-4902-8B67-BBD226EBB5B6& IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.com" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\nikola\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\nikola\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\nikola\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\nikola\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\nikola\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\nikola\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012-06-14 13:30:29 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-03 23:43:06 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-13 23:21:09 \| 000,000,000 \| ---D \| M] [2011-11-18 12:57:16 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\nikola\AppData\Roaming\Mozilla\Extensions [2012-08-22 19:51:14 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions [2012-05-14 20:24:08 \| 000,003,851 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\avg-secure-search.xml [2012-04-27 15:29:41 \| 000,002,384 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\search.xml [2012-07-31 18:43:25 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-05-06 17:07:54 \| 000,000,000 \| ---D \| M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [2012-06-18 19:10:01 \| 000,000,000 \| ---D \| M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-14 13:30:29 \| 000,000,000 \| ---D \| M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK [2012-07-03 23:43:06 \| 000,000,000 \| ---D \| M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012-04-13 23:21:09 \| 000,097,208 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-03-05 17:40:21 \| 000,002,252 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-03-05 17:40:21 \| 000,002,040 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2009-06-10 23:00:26 \| 000,000,824 \| ---- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found. O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-394668950-3872569258-631693822-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-394668950-3872569258-631693822-1000..\Run: [Facebook Update] C:\Users\nikola\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - [Link mogu videti samo ulogovani korisnici]\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_33) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{619705A2-67E4-4A82-996D-C664DAD858A6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E39E77CC-86B9-497B-B878-DF5C1BA95FF7}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{19513d7f-3f94-11e1-934c-000000009200}\Shell - "" = AutoRun O33 - MountPoints2\{19513d7f-3f94-11e1-934c-000000009200}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{7002311d-11eb-11e1-8aca-705ab6ed112b}\Shell - "" = AutoRun O33 - MountPoints2\{7002311d-11eb-11e1-8aca-705ab6ed112b}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\{8e473804-1da9-11e1-bb37-705ab6ed112b}\Shell - "" = AutoRun O33 - MountPoints2\{8e473804-1da9-11e1-bb37-705ab6ed112b}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" % O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012-08-20 13:41:30 \| 000,000,000 \| ---D \| C] -- C:\Windows\SysNative\SPReview [2012-08-20 13:35:39 \| 000,503,808 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012-08-20 13:35:35 \| 000,751,104 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012-08-20 13:35:35 \| 000,492,032 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012-08-20 13:35:35 \| 000,067,584 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012-08-20 13:35:25 \| 003,213,824 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012-08-20 12:58:34 \| 000,596,480 \| ---- \| C] (OldTimer Tools) -- C:\Users\nikola\Desktop\OTL.exe [2012-08-20 12:52:01 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\AppData\Local\Macromedia [2012-08-20 12:45:08 \| 000,000,000 \| ---D \| C] -- C:\Windows\pss [2012-08-15 21:36:23 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler [2012-08-15 21:36:20 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Defraggler [2012-08-15 21:12:38 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\AppData\Roaming\Malwarebytes [2012-08-15 21:12:22 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-08-15 21:12:20 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2012-08-15 21:12:19 \| 000,024,904 \| ---- \| C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-08-15 21:12:18 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-08-15 09:09:48 \| 000,096,768 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-08-15 09:09:48 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-08-15 09:09:47 \| 000,237,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-08-15 09:09:47 \| 000,231,936 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-08-15 09:09:45 \| 000,248,320 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-08-15 09:09:45 \| 000,176,640 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-08-15 09:09:45 \| 000,173,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-08-15 09:09:44 \| 001,427,968 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-08-15 09:09:44 \| 000,142,848 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-08-15 09:09:43 \| 002,312,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-08-15 09:09:43 \| 001,494,528 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-08-15 09:09:40 \| 000,816,640 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-08-15 09:09:40 \| 000,717,824 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-08-15 07:12:35 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012-08-15 07:12:35 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012-08-15 07:12:35 \| 000,041,472 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012-08-15 07:12:29 \| 000,956,416 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012-07-27 20:37:29 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-07-23 22:35:16 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\CheatEngine DB Toolbar Toolbar [2012-07-23 22:34:53 \| 000,000,000 \| ---D \| C] -- C:\Users\nikola\Documents\My Cheat Tables [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-08-22 19:59:53 \| 000,014,192 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-22 19:59:53 \| 000,014,192 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-22 19:52:31 \| 000,000,894 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-08-22 19:52:30 \| 000,065,536 \| ---- \| M] () -- C:\Windows\SysNative\Ikeext.etl [2012-08-22 19:52:18 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012-08-22 19:52:11 \| 2360,844,288 \| -HS- \| M] () -- C:\hiberfil.sys [2012-08-22 19:49:24 \| 000,618,227 \| ---- \| M] () -- C:\Users\nikola\Desktop\adwcleaner.exe [2012-08-22 19:46:01 \| 000,000,830 \| ---- \| M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-22 19:42:35 \| 000,696,520 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-08-22 19:42:35 \| 000,073,416 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-08-22 19:16:00 \| 000,000,898 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-08-22 19:15:00 \| 000,000,954 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000UA.job [2012-08-22 17:36:01 \| 000,000,932 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000UA.job [2012-08-20 23:36:01 \| 000,000,910 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000Core.job [2012-08-20 13:51:24 \| 000,274,320 \| ---- \| M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-08-20 12:58:37 \| 000,596,480 \| ---- \| M] (OldTimer Tools) -- C:\Users\nikola\Desktop\OTL.exe [2012-08-15 21:36:23 \| 000,001,724 \| ---- \| M] () -- C:\Users\Public\Desktop\Defraggler.lnk [2012-08-15 21:12:22 \| 000,001,109 \| ---- \| M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-08-14 23:44:01 \| 000,000,000 \| ---- \| M] () -- C:\Windows\SysWow64\config.nt [2012-08-12 02:15:00 \| 000,000,902 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000Core.job [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] ========== Files Created - No Company Name ========== [2012-08-22 19:49:23 \| 000,618,227 \| ---- \| C] () -- C:\Users\nikola\Desktop\adwcleaner.exe [2012-08-15 21:36:23 \| 000,001,724 \| ---- \| C] () -- C:\Users\Public\Desktop\Defraggler.lnk [2012-08-15 21:12:22 \| 000,001,109 \| ---- \| C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-08-08 02:10:51 \| 000,000,954 \| ---- \| C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000UA.job [2012-08-08 02:10:50 \| 000,000,902 \| ---- \| C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-394668950-3872569258-631693822-1000Core.job [2012-06-27 22:04:06 \| 000,003,584 \| ---- \| C] () -- C:\Users\nikola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-05-08 15:04:40 \| 000,733,844 \| ---- \| C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-05-08 15:04:39 \| 000,019,628 \| ---- \| C] () -- C:\Windows\prodsett_copy.ini [2012-04-27 15:36:39 \| 000,000,595 \| ---- \| C] () -- C:\Users\nikola\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml [2012-04-27 15:31:07 \| 000,000,000 \| ---- \| C] () -- C:\Users\nikola\AppData\Roaming\ringtone.flv [2012-03-21 19:35:52 \| 000,033,134 \| ---- \| C] () -- C:\Users\nikola\AppData\Roaming\UserTile.png [2012-02-08 16:59:18 \| 000,000,185 \| ---- \| C] () -- C:\Windows\SysWow64\msblcd32.dll [2011-12-15 18:56:48 \| 000,000,058 \| ---- \| C] () -- C:\Windows\nfsc_patch.ini [2011-11-14 19:19:19 \| 000,000,000 \| ---- \| C] () -- C:\Windows\nsreg.dat [2011-11-12 22:26:51 \| 000,175,616 \| ---- \| C] () -- C:\Windows\SysWow64\unrar.dll [2011-11-12 22:26:50 \| 000,000,038 \| ---- \| C] () -- C:\Windows\avisplitter.ini [2011-11-12 22:26:48 \| 000,631,808 \| ---- \| C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-11-12 22:26:48 \| 000,243,200 \| ---- \| C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-11-12 22:26:48 \| 000,080,896 \| ---- \| C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-02-12 05:15:08 \| 000,982,240 \| ---- \| C] () -- C:\Windows\SysWow64\igkrng500.bin [2011-02-12 05:15:08 \| 000,439,308 \| ---- \| C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2011-02-12 05:15:08 \| 000,092,356 \| ---- \| C] () -- C:\Windows\SysWow64\igfcg500m.bin ========== Custom Scans ========== ========== Drive Information ========== Physical Drives --------------- Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media Interface type: IDE Media Type: Fixed hard disk media Model: Hitachi HTS545032B9A300 ATA Device Partitions: 3 Status: OK Status Info: 0 Partitions --------------- DeviceID: Disk #0, Partition #0 PartitionType: Installable File System Bootable: True BootPartition: True PrimaryPartition: True Size: 0.00GB Starting Offset: 1048576 Hidden sectors: 0 DeviceID: Disk #0, Partition #1 PartitionType: Installable File System Bootable: False BootPartition: False PrimaryPartition: True Size: 44.00GB Starting Offset: 105906176 Hidden sectors: 0 DeviceID: Disk #0, Partition #2 PartitionType: Installable File System Bootable: False BootPartition: False PrimaryPartition: True Size: 254.00GB Starting Offset: 47442821120 Hidden sectors: 0 < %SYSTEMDRIVE%\.exe > < MD5 for: EXPLORER.EXE > [2011-02-26 08:23:14 \| 002,870,272 \| ---- \| M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe [2011-02-26 08:23:14 \| 002,870,272 \| ---- \| M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011-02-26 07:19:21 \| 002,616,320 \| ---- \| M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009-07-14 03:14:20 \| 002,613,248 \| ---- \| M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011-02-26 07:51:13 \| 002,614,784 \| ---- \| M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2010-11-11 18:48:40 \| 002,614,272 \| ---- \| M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011-02-26 07:33:07 \| 002,614,784 \| ---- \| M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe [2011-02-26 07:33:07 \| 002,614,784 \| ---- \| M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011-02-25 08:19:30 \| 002,871,808 \| ---- \| M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011-02-26 08:14:34 \| 002,871,808 \| ---- \| M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010-11-20 14:17:09 \| 002,616,320 \| ---- \| M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2010-11-11 18:45:47 \| 002,868,224 \| ---- \| M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011-02-25 07:30:54 \| 002,616,320 \| ---- \| M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010-11-11 18:48:40 \| 002,870,272 \| ---- \| M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2010-11-11 18:45:47 \| 002,613,248 \| ---- \| M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010-11-20 15:24:45 \| 002,872,320 \| ---- \| M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2010-11-11 18:48:40 \| 002,870,272 \| ---- \| M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2010-11-11 18:45:47 \| 002,613,248 \| ---- \| M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009-07-14 03:39:10 \| 002,868,224 \| ---- \| M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2010-11-11 18:48:40 \| 002,614,272 \| ---- \| M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011-02-26 08:26:45 \| 002,870,784 \| ---- \| M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2010-11-11 18:45:47 \| 002,868,224 \| ---- \| M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: SERVICES > [2009-06-10 23:00:26 \| 000,017,463 \| ---- \| M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services < MD5 for: SERVICES.CFG > [2012-04-04 07:53:54 \| 000,585,987 \| ---- \| M] () MD5=7BAB089A4F862C6BC86E0201D5BF1779 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg [2011-06-06 13:55:30 \| 000,584,045 \| R--- \| M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg < MD5 for: SERVICES.EXE > [2009-07-14 03:39:37 \| 000,328,704 \| ---- \| M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe [2009-07-14 03:39:37 \| 000,328,704 \| ---- \| M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe < MD5 for: SERVICES.EXE.MUI > [2009-07-14 04:25:40 \| 000,017,408 \| ---- \| M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui [2009-07-14 04:25:40 \| 000,017,408 \| ---- \| M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui [2009-07-13 19:53:38 \| 000,018,432 \| ---- \| M] (Microsoft Corporation) MD5=D6C519FD0BF69F3265646DAFC3547BA9 -- C:\Windows\SysNative\sr-Latn-CS\services.exe.mui [2009-07-13 19:53:38 \| 000,018,432 \| ---- \| M] (Microsoft Corporation) MD5=D6C519FD0BF69F3265646DAFC3547BA9 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sr-..-cs_4cc9f369ffb79864\services.exe.mui < MD5 for: SERVICES.LNK > [2009-07-14 06:54:05 \| 000,001,288 \| ---- \| M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk [2009-07-14 06:54:05 \| 000,001,288 \| ---- \| M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk < MD5 for: SERVICES.MOF > [2009-06-10 22:44:06 \| 000,002,866 \| ---- \| M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof [2009-06-10 22:44:06 \| 000,002,866 \| ---- \| M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof < MD5 for: SERVICES.MSC > [2009-07-14 04:23:30 \| 000,092,745 \| ---- \| M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc [2009-06-10 22:38:36 \| 000,092,745 \| ---- \| M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc [2009-07-14 04:08:50 \| 000,092,745 \| ---- \| M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc [2009-06-10 23:21:09 \| 000,092,745 \| ---- \| M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc [2009-07-14 04:23:30 \| 000,092,745 \| ---- \| M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc [2009-06-10 22:38:36 \| 000,092,745 \| ---- \| M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc [2009-07-14 04:08:50 \| 000,092,745 \| ---- \| M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc [2009-06-10 23:21:09 \| 000,092,745 \| ---- \| M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc < MD5 for: SERVICES.PTXML > [2009-07-13 22:16:17 \| 000,001,061 \| ---- \| M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml [2009-07-13 22:16:17 \| 000,001,061 \| ---- \| M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml < MD5 for: SVCHOST.EXE > [2009-07-14 03:14:41 \| 000,020,992 \| ---- \| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe [2009-07-14 03:14:41 \| 000,020,992 \| ---- \| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2012-07-03 13:46:42 \| 000,217,672 \| ---- \| M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe [2009-07-14 03:39:46 \| 000,027,136 \| ---- \| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe [2009-07-14 03:39:46 \| 000,027,136 \| ---- \| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe < MD5 for: USERINIT.EXE > [2010-11-20 14:17:48 \| 000,026,624 \| ---- \| M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009-07-14 03:14:43 \| 000,026,112 \| ---- \| M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009-07-14 03:14:43 \| 000,026,112 \| ---- \| M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009-07-14 03:39:48 \| 000,030,208 \| ---- \| M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009-07-14 03:39:48 \| 000,030,208 \| ---- \| M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010-11-20 15:25:24 \| 000,030,720 \| ---- \| M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010-11-20 15:25:30 \| 000,390,656 \| ---- \| M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 03:39:52 \| 000,389,120 \| ---- \| M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2012-07-03 13:46:42 \| 000,217,672 \| ---- \| M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010-11-11 18:48:40 \| 000,389,632 \| ---- \| M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2010-11-11 18:48:40 \| 000,389,632 \| ---- \| M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2010-11-11 18:48:40 \| 000,389,632 \| ---- \| M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:FF717A18 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:DBC416F8 @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:C72A744C @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:398EFF0F @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8E3E8227 < End of report > [Link mogu videti samo ulogovani korisnici]*

Profil

ivance95 Poslao: 22 Avg 2012 21:41 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni program OTL dvoklikom na ikonicu; U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst: :OTL IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://all4search.net IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\SearchScopes\{8545172F-E45B-46E4-B394-26AAE4157B48}: "URL" = http://isearch.avg.com/search?cid={AB428051-A2C4-479C-A97A-ED05315BF2B5}&mid=bd65fde093f047d0a3f3d14946e47bf3-aa8955c04df7e9122b7aa4a223d5fff85d0a34bb&lang=sr&ds=AVG&pr=pr&d=2012-05-14 20:55:04&v=11.0.0.9&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-394668950-3872569258-631693822-1000\..\SearchScopes\{AD15D461-C58C-4ECF-BFBC-47623C2AD507}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=BLPV5&o=13157&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=S3&apn_dtid=YYYYYYYYRS&apn_uid=bb27ba3d-d9da-48b0-9c23-701586159cbe&apn_sauid=1D64ADF8-4883-4902-8B67-BBD226EBB5B6& FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012-06-14 13:30:29 \| 000,000,000 \| ---D \| M] [2012-08-22 19:51:14 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\extensions [2012-05-14 20:24:08 \| 000,003,851 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\avg-secure-search.xml [2012-04-27 15:29:41 \| 000,002,384 \| ---- \| M] () -- C:\Users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\i33lnxme.default\searchplugins\search.xml [2012-06-14 13:30:29 \| 000,000,000 \| ---D \| M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK O33 - MountPoints2\{19513d7f-3f94-11e1-934c-000000009200}\Shell - "" = AutoRun O33 - MountPoints2\{19513d7f-3f94-11e1-934c-000000009200}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{7002311d-11eb-11e1-8aca-705ab6ed112b}\Shell - "" = AutoRun O33 - MountPoints2\{7002311d-11eb-11e1-8aca-705ab6ed112b}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\{8e473804-1da9-11e1-bb37-705ab6ed112b}\Shell - "" = AutoRun O33 - MountPoints2\{8e473804-1da9-11e1-bb37-705ab6ed112b}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe @Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:FF717A18 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:DBC416F8 @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:C72A744C @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:398EFF0F @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8E3E8227 :commands [EMPTYTEMP] [EMPTYJAVA] Klikni taster Run Fix; Log koji dobiješ iskopiraj ovde u poruci. Da li je problem rešen? Ivance95 (AMF Tim)

Profil

dejanod Poslao: 22 Avg 2012 22:38 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 22 Avg 2012 22:35 Nemam nikakav log. Kada sam iskopirao scriptu, računar se restartovao. I ne vidim nigde log. Dopuna: 22 Avg 2012 22:38 Izvinjavam se, kada sam ponovo pokrenuo OTL, izašao je log. Evo ga. [Link mogu videti samo ulogovani korisnici]

Profil

ivance95 Poslao: 23 Avg 2012 08:38 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi mi rekao kakvo je sada sanje? Mi smo ovde završili, kompjuter je čist što se malware-a tiče, ukoliko još uvek imaš problema otvori temu u Windows potforumu. Ponovo pokreni OTL, i klikni na CleanUp. Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan. Home Page MCShield-a ::Anti-Malware Tool:: v2: [Link mogu videti samo ulogovani korisnici] Vise o MCShield-u mozes saznati u ovim temama: v1: [Link mogu videti samo ulogovani korisnici] v2: [Link mogu videti samo ulogovani korisnici] Ivance95 (AMF Tim)

Profil

dejanod Poslao: 23 Avg 2012 12:29 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada je ok sve.Hvala Ivanče.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Koci mi kompjuter

Ko je trenutno na forumu

Ukupno su 1271 korisnika na forumu :: 71 registrovanih, 8 sakrivenih i 1192 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., ALEKSICMILE, amadeus, Bbbggg1979, bigfoot, bigvlada, bokisha253, Boris90, branko87, cenejac111, Cirkon, CraniumWhite, crazydkure, darkdruid72, Darko Jovanovic, deimos25, dekan.m, Dimitrije Paunovic, Dimitrise93, DonRumataEstorski, Draganeli, Dukelander, Ercomero, Feller, Fliper, franina, Frunze, g_g, gasha, ILGromovnik, Jaxupa, Jezekijel, jodzula, Koser, Kubovac, Kudun, Lep1na, Ljusa, Malahit, mercedesamg, MGBRBG, mir juzni, MrNo, Narwall Htar1, nebidrag, nekdo, Nemanja Opalić, novator, Pantaaa, pein, PlayerOne, raf87, raso76, ruma, sasakrajina, Singidunumac, Sioux7674, Sirius, Srki98, sspp, stegonosa, t84dar, taomaster, Uros Cuore Sportivo, vathra, vazduh, vidra1, voja64, Vrač, Zrcalo, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by