Možda tražite i:
Nepozvani gosti na fb

MyCity » Ambulanta -> Arhiva Ambulante » Nepozvan

Nepozvan

Napisano na dan: 17.6.2012

Strana:
1
2

Nepozvan

Sledeća strana

Pagination

Odgovori

Strana:
1
2

kengurko Poslao: 17 Jun 2012 21:28 Idi na vrh
offline kengurko Novi MyCity građanin Pridružio: 20 Maj 2009 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Imam problema sa internetom tacnije sa Facebookom. A odnedavno je racunar poceo da mi zakucava, uglavnom u onom trenutku kada dodje do prrekida konekcije i sumnjam da neko upada na moj racunar ili naloge. Skenirao sam racunar sa avastom i spybootom, mislim da mi je ugrozena privatnost jer u inboxima imam poruke koje su procitane a ja ih nisam otvarao. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_32 Run by EC at 18:55:17 on 2012-06-17 . ============== Running Processes =============== . . ============== Pseudo HJT Report =============== . mSearchAssistant = about:blank uURLSearchHooks: H - No File BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - No File BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File uRun: [Gadwin PrintScreen] c:\program files\gadwin systems\printscreen\PrintScreen.exe /nosplash uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe" /MINIMIZED uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun mRun: [RTHDCPL] RTHDCPL.EXE mRun: [SkyTel] SkyTel.EXE mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [SMSERIAL] sm56hlpr.exe mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033 mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe" mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10c.exe IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204 IE: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx IE: Crawler Search - tbr:iemenu IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{ED84FF70-41F1-45E5-A6FB-4ED1A4A6D575} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\ec\application data\mozilla\firefox\profiles\r68pz6te.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p= FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\program files\nos\bin\np_gp.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - plugin: c:\windows\system32\npwmsdrm.dll . ============= SERVICES / DRIVERS =============== . R? ASPI;Advanced SCSI Programming Interface Driver R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? cpuz132;cpuz132 R? gupdate;Google Update Service (gupdate) R? gupdatem;Google Update Service (gupdatem) R? McComponentHostService;McAfee Security Scan Component Host Service R? MozillaMaintenance;Mozilla Maintenance Service R? nmwcdnsu;Nokia USB Flashing Phone Parent R? nmwcdnsuc;Nokia USB Flashing Generic R? SkypeUpdate;Skype Updater R? VMUVC;Vimicro Camera Service VMUVC R? vvftUVC;Vimicro Camera Filter Service VMUVC R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0 S? aswFsBlk;aswFsBlk S? aswSnx;aswSnx S? aswSP;aswSP S? atidgllk;atidgllk S? avast! Antivirus;avast! Antivirus S? CLEDX;Team H2O CLEDX service S? NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool S? nlsX86cc;NLS Service S? Tetris;Tetris driver . =============== File Associations =============== . .scr=AutoCADScriptFile . =============== Created Last 30 ================ . 2012-06-08 22:07:08 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll 2012-06-08 22:07:08 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll . ==================== Find3M ==================== . 2012-06-06 21:20:40 196608 ----a-w- c:\windows\system32\drivers\aAsmedia.bin 2012-05-30 15:13:12 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys 2012-05-13 20:47:45 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-05-13 20:47:45 476960 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-05-13 20:47:44 472864 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-22 22:42:50 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ============= FINISH: 18:58:29,70 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

ivance95 Poslao: 18 Jun 2012 06:27 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Pozdrav, kengurko. Preuzmite program OTL sa donjeg linka na Desktop: OTL download Kliknite dati link - u prozoru koji se otvori, kliknite Save; kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save. Dvoklikom pokrenite OTL; kliknite Run Scan; po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u. Priložite izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl. Ivance95 (AMF Tim)

Profil

kengurko Poslao: 18 Jun 2012 23:02 Idi na vrh
offline kengurko Novi MyCity građanin Pridružio: 20 Maj 2009 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png OTL logfile created on: 18/06/12 20:43:28 - Run 1 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Documents and Settings\EC\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: dd/MM/yy 1023,17 Mb Total Physical Memory \| 492,95 Mb Available Physical Memory \| 48,18% Memory free 2,40 Gb Paging File \| 2,02 Gb Available in Paging File \| 84,06% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 51,37 Gb Total Space \| 1,84 Gb Free Space \| 3,58% Space Free \| Partition Type: NTFS Drive D: \| 97,68 Gb Total Space \| 6,16 Gb Free Space \| 6,31% Space Free \| Partition Type: NTFS Drive E: \| 5,49 Gb Total Space \| 0,00 Gb Free Space \| 0,00% Space Free \| Partition Type: UDF Computer Name: EC-A6A2D858F8E7 \| User Name: EC \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/18 18:18:38 \| 000,595,968 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\EC\Desktop\OTL.exe PRC - [2012/05/19 16:56:37 \| 006,379,888 \| ---- \| M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe PRC - [2012/03/12 22:25:06 \| 000,583,680 \| ---- \| M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe PRC - [2011/11/28 20:01:24 \| 003,744,552 \| ---- \| M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/11/28 20:01:23 \| 000,044,768 \| ---- \| M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/10/01 02:52:50 \| 000,067,904 \| ---- \| M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE PRC - [2010/06/24 12:08:58 \| 000,196,928 \| ---- \| M] (Nitro PDF Software) -- D:\Install\NitroPDFDriverService.exe PRC - [2010/03/04 23:38:00 \| 000,071,096 \| ---- \| M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2010/01/15 14:49:20 \| 000,255,536 \| ---- \| M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2008/12/09 13:08:38 \| 000,495,616 \| ---- \| M] (Gadwin Systems, Inc) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe PRC - [2008/04/14 05:42:20 \| 001,033,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/12/20 14:36:50 \| 000,135,168 \| ---- \| M] (Vimicro Corporation) -- C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe PRC - [2007/12/11 04:59:40 \| 000,307,200 \| ---- \| M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe PRC - [2007/06/26 12:22:42 \| 000,081,997 \| ---- \| M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe PRC - [2006/11/12 12:48:46 \| 000,157,592 \| ---- \| M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe PRC - [2006/11/02 21:40:12 \| 000,174,656 \| ---- \| M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe PRC - [2006/09/29 10:01:06 \| 000,258,560 \| ---- \| M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2000/11/22 08:40:56 \| 000,462,848 \| ---- \| M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe ========== Modules (No Company Name) ========== MOD - [2012/06/18 11:09:11 \| 001,769,984 \| ---- \| M] () -- C:\Program Files\Alwil Software\Avast5\defs\12061801\algo.dll MOD - [2010/03/04 23:38:00 \| 000,071,096 \| ---- \| M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe MOD - [2008/04/14 05:42:00 \| 000,014,336 \| ---- \| M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/14 05:41:52 \| 000,059,904 \| ---- \| M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2007/06/26 12:22:42 \| 000,081,997 \| ---- \| M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe MOD - [2006/11/02 21:40:12 \| 000,174,656 \| ---- \| M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe MOD - [2006/07/14 07:34:00 \| 000,007,680 \| ---- \| M] () -- C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll MOD - [2006/07/04 14:38:06 \| 000,639,046 \| ---- \| M] () -- C:\WINDOWS\aticlocklib.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto \| Stopped] -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS) SRV - File not found [On_Demand \| Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem) Google Update Service (gupdatem) SRV - File not found [Auto \| Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) Google Update Service (gupdate) SRV - [2012/06/09 00:07:07 \| 000,113,120 \| ---- \| M] (Mozilla Foundation) [On_Demand \| Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/04/05 11:37:38 \| 000,158,856 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/11/28 20:01:23 \| 000,044,768 \| ---- \| M] (AVAST Software) [Auto \| Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/10/01 02:52:50 \| 000,067,904 \| ---- \| M] (Nalpeiron Ltd.) [Auto \| Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc) SRV - [2010/06/24 12:08:58 \| 000,196,928 \| ---- \| M] (Nitro PDF Software) [Auto \| Running] -- D:\Install\NitroPDFDriverService.exe -- (NitroDriverReadSpool) SRV - [2010/06/14 15:07:14 \| 000,615,936 \| ---- \| M] (Nokia) [On_Demand \| Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/03/04 23:38:00 \| 000,071,096 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010/01/15 14:49:20 \| 000,227,232 \| ---- \| M] (McAfee, Inc.) [On_Demand \| Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009/04/06 18:53:01 \| 000,074,360 \| ---- \| M] (Autodesk, Inc.) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2008/01/19 19:49:18 \| 000,078,536 \| ---- \| M] (Macrovision ) [On_Demand \| Stopped] -- C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe -- (InstallShield Licensing Service) SRV - [2006/11/02 21:40:12 \| 000,174,656 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing) SRV - [2006/09/29 10:01:06 \| 000,258,560 \| ---- \| M] (ASUSTeK COMPUTER INC.) [Auto \| Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (WDICA) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Program Files\Softwin\BitDefender10\trufos.sys -- (Trufos) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Program Files\Softwin\BitDefender10\profos.sys -- (Profos) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRELI) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDCOMP) DRV - File not found [Kernel \| System \| Stopped] -- -- (PCIDump) DRV - File not found [Kernel \| System \| Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel \| System \| Stopped] -- -- (i2omgmt) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\DOCUME~1\Davorin\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132) DRV - File not found [Kernel \| System \| Stopped] -- -- (Changer) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\DOCUME~1\EC\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys -- (bdrsdrv) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys -- (bdfsdrv) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Program Files\Softwin\BitDefender10\bdfdll.sys -- (bdfdll) DRV - File not found [Kernel \| On_Demand \| Unknown] -- -- (aquispe6) DRV - File not found [Kernel \| On_Demand \| Unknown] -- -- (aciiae7u) DRV - [2011/11/28 19:53:53 \| 000,435,032 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/11/28 19:53:35 \| 000,314,456 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/11/28 19:52:19 \| 000,034,392 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/11/28 19:52:16 \| 000,052,952 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/11/28 19:52:02 \| 000,111,320 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/11/28 19:51:50 \| 000,020,568 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/11/28 19:48:49 \| 000,030,808 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010/09/16 00:05:03 \| 000,639,224 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010/02/26 14:32:58 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010/02/26 14:32:46 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010/02/26 14:32:44 \| 000,022,528 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010/02/26 14:32:44 \| 000,018,176 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/02/26 14:21:22 \| 000,137,344 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010/02/26 14:21:22 \| 000,008,320 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010/02/11 14:02:15 \| 000,226,880 \| ---- \| M] (Microsoft Corporation) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2010/02/11 09:38:10 \| 003,565,056 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/01/31 19:19:48 \| 000,048,928 \| ---- \| M] () [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\Tetris.sys -- (Tetris) DRV - [2010/01/12 17:42:54 \| 000,252,928 \| ---- \| M] (Vimicro Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC) DRV - [2008/08/26 10:26:12 \| 000,018,816 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008/07/01 11:12:32 \| 000,398,720 \| ---- \| M] (Vimicro Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC) DRV - [2008/06/26 12:00:00 \| 000,072,704 \| ---- \| M] (WIBU-SYSTEMS AG) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\WibuKey.sys -- (WIBUKEY) DRV - [2008/04/02 22:35:38 \| 000,162,432 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\ithsgt.sys -- (ithsgt) DRV - [2008/04/02 22:35:37 \| 000,012,032 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\lilsgt.sys -- (lilsgt) DRV - [2007/01/30 12:57:50 \| 004,474,368 \| R--- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006/10/31 15:55:38 \| 000,011,008 \| ---- \| M] (ASUSTeK COMPUTER INC.) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2006/10/31 07:50:24 \| 000,028,416 \| R--- \| M] (Attansic Technology corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\atl02_xp.sys -- (AtcL002) DRV - [2006/10/25 09:48:00 \| 000,012,288 \| R--- \| M] (ASUSTeK Computer Inc.) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2006/09/29 10:06:26 \| 000,010,752 \| ---- \| M] (ASUSTeK COMPUTER INC.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D) DRV - [2005/11/03 12:15:36 \| 000,017,688 \| ---- \| M] (SIA Syncrosoft) [Kernel \| Auto \| Running] -- C:\WINDOWS\System32\drivers\NSynas32.sys -- (Nsynas32) DRV - [2005/10/20 10:29:02 \| 000,005,376 \| ---- \| M] (Overclocking Tool) [Kernel \| Disabled \| Running] -- C:\WINDOWS\atidgllk.sys -- (atidgllk) DRV - [2005/05/09 20:08:40 \| 000,033,792 \| ---- \| M] (Team H2O) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX) DRV - [2004/09/29 09:35:30 \| 000,219,136 \| R--- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2) DRV - [2004/09/29 09:34:24 \| 000,702,592 \| R--- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2004/09/29 09:33:50 \| 001,036,928 \| R--- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2004/08/13 04:56:20 \| 000,005,810 \| R--- \| M] () [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004/08/09 13:33:26 \| 000,114,016 \| ---- \| M] (Protection Technology) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004/08/09 13:29:28 \| 000,053,920 \| ---- \| M] (Protection Technology) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004/07/19 16:49:54 \| 000,007,040 \| ---- \| M] (Protection Technology) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1) DRV - [2003/12/01 17:20:52 \| 000,004,832 \| ---- \| M] (Protection Technology) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2002/07/17 09:05:10 \| 000,016,512 \| ---- \| M] (Adaptec) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32) DRV - [2002/07/17 09:05:10 \| 000,016,512 \| ---- \| M] (Adaptec) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI) DRV - [2000/06/19 11:56:44 \| 000,767,314 \| ---- \| M] (Motorola Inc.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = start.facemoods.com/?a=fbpage1&s={searchTerms}&f=4&hl={language}&src=chrm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = domredi.com/1/ IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {57AEE195-9D6E-4EED-9E2A-9C9AF30F96F8} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60341 IE - HKCU\..\SearchScopes\{57AEE195-9D6E-4EED-9E2A-9C9AF30F96F8}: "URL" = search.yahoo.com/search?fr=chr-greentree_ie.....749&p={searchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.order.1: "Crawler Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "www.google.com" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.0 FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.90: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/02/23 11:08:08 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/09 00:07:09 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/18 00:43:26 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins [2008/09/13 19:29:10 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\EC\Application Data\Mozilla\Extensions [2012/06/02 12:28:31 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\EC\Application Data\Mozilla\Firefox\Profiles\r68pz6te.default\extensions [2012/06/02 12:28:31 \| 000,000,000 \| ---D \| M] (Fast Dial) -- C:\Documents and Settings\EC\Application Data\Mozilla\Firefox\Profiles\r68pz6te.default\extensions\fastdial@telega.phpnet.us [2011/11/12 00:36:39 \| 000,000,000 \| ---D \| M] (Fast Dial Fx6) -- C:\Documents and Settings\EC\Application Data\Mozilla\Firefox\Profiles\r68pz6te.default\extensions\fastdialfx6@rouing3.addons.mozilla.org [2012/06/09 00:07:15 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/04/23 21:53:36 \| 000,000,000 \| ---D \| M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011/12/21 12:59:46 \| 000,275,540 \| ---- \| M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\EC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\R68PZ6TE.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI [2012/02/23 11:08:08 \| 000,000,000 \| ---D \| M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2012/06/09 00:07:08 \| 000,085,472 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/12/09 19:23:32 \| 000,012,800 \| ---- \| M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012/03/15 03:14:28 \| 000,002,252 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/03/15 03:14:28 \| 000,002,040 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t CHR - default_search_provider: suggest_url = suggestqueries.google.com/complete/search?q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\Application\13.0.782.107\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\Application\13.0.782.107\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\Application\13.0.782.107\pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_1\npSkypeChromePlugin.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: InoViewer Plugin (Enabled) = C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll CHR - plugin: getPlusPlus for Adobe 16290 (Enabled) = C:\Program Files\NOS\bin\np_gp.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Speed Dial = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.1_0\ CHR - Extension: Facemoods = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\ CHR - Extension: Click to call with Skype = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\ O1 HOSTS File: ([2010/12/15 23:18:11 \| 000,000,027 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O3 - HKLM\..\Toolbar: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe () O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.) O4 - HKLM..\Run: [H2O] C:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation) O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc) O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 File not found O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 File not found O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 File not found O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED84FF70-41F1-45E5-A6FB-4ED1A4A6D575}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\linkscanner - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\EC\Local Settings\Application Data\Microsoft\Wallpaper4.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\EC\Local Settings\Application Data\Microsoft\Wallpaper4.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/08/25 12:15:22 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/03/06 20:17:22 \| 000,000,000 \| R--D \| M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009/03/06 20:17:22 \| 000,000,000 \| R--D \| M] - D:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk ) O34 - HKLM BootExecute: (PGUNNT C:\SMCLpav\SMCLpav.exe) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/06/18 18:18:30 \| 000,595,968 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\EC\Desktop\OTL.exe [2012/06/17 18:31:41 \| 000,607,260 \| R--- \| C] (Swearware) -- C:\Documents and Settings\EC\Desktop\dds.com [2012/06/14 18:32:15 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy [2012/05/24 19:46:59 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\EC\Recent [6 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] [6 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/06/18 20:40:57 \| 000,000,874 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/06/18 20:40:57 \| 000,000,290 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-484763869-725345543-1007.job [2012/06/18 20:40:57 \| 000,000,282 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-484763869-725345543-1006.job [2012/06/18 20:40:57 \| 000,000,280 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job [2012/06/18 20:40:57 \| 000,000,272 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-484763869-725345543-1003.job [2012/06/18 20:40:37 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2012/06/18 19:55:00 \| 000,000,878 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/06/18 19:53:00 \| 000,000,986 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-484763869-725345543-1006UA.job [2012/06/18 19:53:00 \| 000,000,934 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-484763869-725345543-1006Core.job [2012/06/18 18:18:38 \| 000,595,968 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\EC\Desktop\OTL.exe [2012/06/18 15:56:01 \| 000,000,464 \| ---- \| M] () -- C:\WINDOWS\tasks\At3.job [2012/06/18 15:19:00 \| 000,000,298 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-484763869-725345543-1007.job [2012/06/17 22:31:36 \| 000,196,608 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\aAsmedia.bin [2012/06/17 20:40:11 \| 000,000,464 \| ---- \| M] () -- C:\WINDOWS\tasks\At2.job [2012/06/17 19:02:57 \| 000,302,592 \| ---- \| M] () -- C:\Documents and Settings\EC\Desktop\l3pxv641.exe [2012/06/17 18:31:43 \| 000,607,260 \| R--- \| M] (Swearware) -- C:\Documents and Settings\EC\Desktop\dds.com [2012/06/17 14:00:00 \| 000,000,464 \| ---- \| M] () -- C:\WINDOWS\tasks\At4.job [2012/06/17 10:10:02 \| 000,000,464 \| ---- \| M] () -- C:\WINDOWS\tasks\At1.job [2012/06/06 22:18:36 \| 001,611,552 \| ---- \| M] () -- C:\Documents and Settings\EC\Desktop\bllasko.pln [2012/06/05 19:34:00 \| 000,000,290 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-484763869-725345543-1006.job [2012/06/05 18:21:42 \| 001,605,968 \| ---- \| M] () -- C:\Documents and Settings\EC\Desktop\bllasko.bpn [2012/06/05 17:46:00 \| 000,000,288 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job [2012/05/30 17:13:12 \| 000,002,516 \| -HS- \| M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012/05/29 23:49:00 \| 000,000,280 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-484763869-725345543-1003.job [2012/05/19 21:40:11 \| 000,001,324 \| ---- \| M] () -- C:\WINDOWS\System32\d3d9caps.dat [6 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] [6 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] ========== Files Created - No Company Name ========== [2012/06/17 19:02:57 \| 000,302,592 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\l3pxv641.exe [2012/06/06 22:36:19 \| 000,204,344 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\DSCN1836.JPG [2012/06/06 22:32:59 \| 004,092,652 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\Panorama 1.JPG [2012/06/04 21:47:54 \| 001,611,552 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\bllasko.pln [2012/06/04 21:47:54 \| 001,605,968 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\bllasko.bpn [2012/03/03 22:10:45 \| 000,000,272 \| ---- \| C] () -- C:\Documents and Settings\EC\Application Data\.backup.dm [2011/08/01 15:12:42 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\Application Support [2011/08/01 15:11:29 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\Applause and Laugher [2011/07/13 11:58:20 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ativpsrm.bin [2011/07/13 11:56:03 \| 000,593,920 \| ---- \| C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011/03/15 23:05:53 \| 000,057,552 \| ---- \| C] () -- C:\WINDOWS\System32\WkDos.exe [2010/12/11 14:44:37 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ViewNX.INI [2010/12/11 13:56:36 \| 000,000,000 \| -H-- \| C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT [2010/12/11 13:56:36 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\EC\Application Data\Applications [2010/12/11 13:53:40 \| 000,000,000 \| -H-- \| C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT [2010/12/11 13:53:40 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\EC\Application Data\Application [2010/11/15 23:07:24 \| 001,267,750 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-299502267-484763869-725345543-1003-0.dat [2010/11/10 01:28:23 \| 000,343,422 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2010/09/19 15:24:44 \| 000,639,046 \| ---- \| C] () -- C:\WINDOWS\aticlocklib.dll [2010/09/19 15:24:44 \| 000,110,592 \| ---- \| C] () -- C:\WINDOWS\R5ClkLib.dll [2010/09/19 15:24:44 \| 000,020,480 \| ---- \| C] () -- C:\WINDOWS\HyperDrive.exe [2010/09/19 15:24:43 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\nVivid.bin [2010/09/19 15:24:43 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\nStandard.bin [2010/09/19 15:24:43 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\nAsmedia.bin [2010/09/19 15:24:43 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\nAdvanced.bin [2010/09/19 15:24:42 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\aVivid.bin [2010/09/19 15:24:42 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\aStandard.bin [2010/09/19 15:24:42 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\aAsmedia.bin [2010/09/19 15:24:42 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\aAdvanced.bin [2010/09/19 15:24:42 \| 000,046,080 \| ---- \| C] () -- C:\WINDOWS\System32\aseng.dll [2010/09/19 15:24:42 \| 000,011,136 \| ---- \| C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL [2010/09/19 15:24:42 \| 000,000,018 \| ---- \| C] () -- C:\WINDOWS\System32\atkid.ini [2010/09/19 15:16:16 \| 003,107,788 \| R--- \| C] () -- C:\WINDOWS\System32\ativvaxx.dat [2010/09/19 15:16:16 \| 000,189,051 \| ---- \| C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010/09/17 12:03:21 \| 000,000,010 \| ---- \| C] () -- C:\WINDOWS\WININIT.INI [2010/09/17 11:31:19 \| 000,004,990 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\mtbjfghn.xbe [2010/08/11 20:32:56 \| 000,000,056 \| -H-- \| C] () -- C:\WINDOWS\System32\ezsidmv.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85B0A5A3 @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DB23B8E @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD0213A0 @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1063995 < End of report >

Profil

ivance95 Poslao: 19 Jun 2012 13:10 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	2Ovo se svidja korisnicima: nikola9896, TwinHeadedEagle Registruj se da bi pohvalio/la poruku! Preuzmi BitDefender Uninstaler sa ovog linka. Pokreni ga dvoklikom, i klikni na Uninstall. Kada se proces završi restartuj računar. Preuzmi AVG Remover sa ovog linka. Na pitanje koje dobiješ odgovori sa Yes, i sačekaj da se proces deinstalacije završi, nakon toga će ti se restartovati računar. Ponovo pokreni program OTL dvoklikom na ikonicu; U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst: `:OTL IE - HKLM\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=fbpage1&s={searchTerms}&f=4&hl={language}&src=chrm CHR - Extension: Facemoods = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\` Klikni taster Run Fix; Log koji dobiješ iskopiraj ovde u poruci. Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje. Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu. Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu. Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). Postavi mi novi OTL log. Ivance95 (AMF Tim)

Profil

kengurko Poslao: 20 Jun 2012 20:34 Idi na vrh
offline kengurko Novi MyCity građanin Pridružio: 20 Maj 2009 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poslije pokretanja AVG removera nije se pokrenuo restart pa sam ja to uradio. ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found. C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\style folder moved successfully. C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\js folder moved successfully. C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img folder moved successfully. C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0 folder moved successfully. OTL by OldTimer - Version 3.2.49.0 log created on 06192012_213823 Malwarebytes Anti-Malware 1.61.0.1400 malwarebytes.org Verzija baze: v2012.06.19.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.11 EC :: EC-A6A2D858F8E7 [administrator] 19/06/12 21:57:51 mbam-log-2012-06-19 (21-57-51).txt Način skeniranja: Brzo skeniranje Omogućene opcije skeniranja: Memorija \| Automatsko pokretanje \| Registar \| Datotečni sistem \| Heuristika/Dodatno \| Heuristika/Shuriken \| PUP \| PUM Onemogućene opcije skeniranja: P2P Skeniranih objekata 282047 Proteklo vreme 39 minuta(e), 3 sekundi Detektovani procesi u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani moduli u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani ključevi u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane vrednosti u registru: 0 (Maliciozne stavke nisu pronađene) Detektovani podaci u registru: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\|Start Page (Hijack.StartPage) -> Loše: (http://domredi.com/1/) Dobro: (http://www.google.com) -> Stavljeno u karantin i uspešno popravljeno Detektovane fascikle: 0 (Maliciozne stavke nisu pronađene) Detektovane datoteke: 0 (Maliciozne stavke nisu pronađene) (kraj) Sa OTL-om imam problema, probacu u drugom postu.

Profil

ivance95 Poslao: 20 Jun 2012 21:08 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Citat: Sa OTL-om imam problema, probacu u drugom postu. Kakav konkretno problem imaš sa OTL-om?

Profil

kengurko Poslao: 20 Jun 2012 23:13 Idi na vrh
offline kengurko Novi MyCity građanin Pridružio: 20 Maj 2009 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo pokusavam čitavo vrijeme, ali ne ide. Na statusnoj liniji mi pise da je skeniranje gotovo, ali ne izbacuje izvjestaj, zatim kad pokusam da pokrenem nesto ili njega da ugasim racunar zablokira i pocinje da gubi graficku podrsku cini mi se, jer stizu obavjstenja tipa bad image i slično, a ikonice - nekih ima nekih nema, pokusam da otvorim sajt - slika ima i nema isto tako i sa tekstom.

Profil

ivance95 Poslao: 21 Jun 2012 13:40 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Morao bi biti malo precizniji u opisu problema, pošto te baš i ne razumem. Napravi screenshot-ove problema koje imaš po ovom uputstvu: http://www.mycity.rs/Pitanja-i-predlozi/Pravljenje-screenshota.html I prikači slike u poruku opcijom prikači sliku(slike). Proveri da li ti je uključena real-time zaštita u MBAM-u. http://www.mycity.rs/slika.php?slika=109451_47867178_2012-06-21_130711.jpg Ukoliko jeste, isključi je, restartuj računar, i javi da li se stanje popravilo. Ivance95 (AMF Tim)

Profil

kengurko Poslao: 22 Jun 2012 23:16 Idi na vrh
offline kengurko Novi MyCity građanin Pridružio: 20 Maj 2009 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Tu je bio problem, sa malwarebytes-om. evo OTL fajl OTL logfile created on: 22/06/12 23:04:47 - Run 2 OTL by OldTimer - Version 3.2.50.0 Folder = C:\Documents and Settings\EC\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: dd/MM/yy 1023,17 Mb Total Physical Memory \| 497,44 Mb Available Physical Memory \| 48,62% Memory free 2,40 Gb Paging File \| 2,02 Gb Available in Paging File \| 84,30% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 51,37 Gb Total Space \| 0,85 Gb Free Space \| 1,66% Space Free \| Partition Type: NTFS Drive D: \| 97,68 Gb Total Space \| 6,10 Gb Free Space \| 6,24% Space Free \| Partition Type: NTFS Drive E: \| 5,49 Gb Total Space \| 0,00 Gb Free Space \| 0,00% Space Free \| Partition Type: UDF Computer Name: EC-A6A2D858F8E7 \| User Name: EC \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/20 20:36:02 \| 000,596,992 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\EC\Desktop\OTL.exe PRC - [2012/05/19 16:56:37 \| 006,379,888 \| ---- \| M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe PRC - [2012/04/04 15:56:40 \| 000,654,408 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/03/12 22:25:06 \| 000,583,680 \| ---- \| M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe PRC - [2011/11/28 20:01:24 \| 003,744,552 \| ---- \| M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/11/28 20:01:23 \| 000,044,768 \| ---- \| M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/10/01 02:52:50 \| 000,067,904 \| ---- \| M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE PRC - [2010/06/24 12:08:58 \| 000,196,928 \| ---- \| M] (Nitro PDF Software) -- D:\Install\NitroPDFDriverService.exe PRC - [2010/03/04 23:38:00 \| 000,071,096 \| ---- \| M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2010/01/15 14:49:20 \| 000,255,536 \| ---- \| M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2008/12/09 13:08:38 \| 000,495,616 \| ---- \| M] (Gadwin Systems, Inc) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe PRC - [2008/04/14 05:42:20 \| 001,033,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/12/20 14:36:50 \| 000,135,168 \| ---- \| M] (Vimicro Corporation) -- C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe PRC - [2007/12/11 04:59:40 \| 000,307,200 \| ---- \| M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe PRC - [2007/06/26 12:22:42 \| 000,081,997 \| ---- \| M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe PRC - [2006/11/12 12:48:46 \| 000,157,592 \| ---- \| M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe PRC - [2006/11/02 21:40:12 \| 000,174,656 \| ---- \| M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe PRC - [2006/09/29 10:01:06 \| 000,258,560 \| ---- \| M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2000/11/22 08:40:56 \| 000,462,848 \| ---- \| M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe ========== Modules (No Company Name) ========== MOD - [2012/06/22 21:27:33 \| 001,776,128 \| ---- \| M] () -- C:\Program Files\Alwil Software\Avast5\defs\12062201\algo.dll MOD - [2010/03/04 23:38:00 \| 000,071,096 \| ---- \| M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe MOD - [2008/04/14 05:42:00 \| 000,014,336 \| ---- \| M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/14 05:41:52 \| 000,059,904 \| ---- \| M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2007/06/26 12:22:42 \| 000,081,997 \| ---- \| M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe MOD - [2006/11/02 21:40:12 \| 000,174,656 \| ---- \| M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe MOD - [2006/07/14 07:34:00 \| 000,007,680 \| ---- \| M] () -- C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll MOD - [2006/07/04 14:38:06 \| 000,639,046 \| ---- \| M] () -- C:\WINDOWS\aticlocklib.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto \| Stopped] -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS) SRV - File not found [On_Demand \| Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem) Google Update Service (gupdatem) SRV - File not found [Auto \| Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) Google Update Service (gupdate) SRV - [2012/06/20 09:22:13 \| 000,113,120 \| ---- \| M] (Mozilla Foundation) [On_Demand \| Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/04/05 11:37:38 \| 000,158,856 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/04/04 15:56:40 \| 000,654,408 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/11/28 20:01:23 \| 000,044,768 \| ---- \| M] (AVAST Software) [Auto \| Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/10/01 02:52:50 \| 000,067,904 \| ---- \| M] (Nalpeiron Ltd.) [Auto \| Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc) SRV - [2010/06/24 12:08:58 \| 000,196,928 \| ---- \| M] (Nitro PDF Software) [Auto \| Running] -- D:\Install\NitroPDFDriverService.exe -- (NitroDriverReadSpool) SRV - [2010/06/14 15:07:14 \| 000,615,936 \| ---- \| M] (Nokia) [On_Demand \| Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/03/04 23:38:00 \| 000,071,096 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010/01/15 14:49:20 \| 000,227,232 \| ---- \| M] (McAfee, Inc.) [On_Demand \| Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009/04/06 18:53:01 \| 000,074,360 \| ---- \| M] (Autodesk, Inc.) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2008/01/19 19:49:18 \| 000,078,536 \| ---- \| M] (Macrovision ) [On_Demand \| Stopped] -- C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe -- (InstallShield Licensing Service) SRV - [2006/11/02 21:40:12 \| 000,174,656 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing) SRV - [2006/09/29 10:01:06 \| 000,258,560 \| ---- \| M] (ASUSTeK COMPUTER INC.) [Auto \| Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (WDICA) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRELI) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDCOMP) DRV - File not found [Kernel \| System \| Stopped] -- -- (PCIDump) DRV - File not found [Kernel \| System \| Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel \| System \| Stopped] -- -- (i2omgmt) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\DOCUME~1\Davorin\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132) DRV - File not found [Kernel \| System \| Stopped] -- -- (Changer) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\DOCUME~1\EC\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel \| On_Demand \| Unknown] -- -- (anajay2y) DRV - File not found [Kernel \| On_Demand \| Unknown] -- -- (ahzcbazv) DRV - [2012/04/04 15:56:40 \| 000,022,344 \| ---- \| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/11/28 19:53:53 \| 000,435,032 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/11/28 19:53:35 \| 000,314,456 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/11/28 19:52:19 \| 000,034,392 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/11/28 19:52:16 \| 000,052,952 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/11/28 19:52:02 \| 000,111,320 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/11/28 19:51:50 \| 000,020,568 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/11/28 19:48:49 \| 000,030,808 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010/09/16 00:05:03 \| 000,639,224 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010/02/26 14:32:58 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010/02/26 14:32:46 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010/02/26 14:32:44 \| 000,022,528 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010/02/26 14:32:44 \| 000,018,176 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/02/26 14:21:22 \| 000,137,344 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010/02/26 14:21:22 \| 000,008,320 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010/02/11 14:02:15 \| 000,226,880 \| ---- \| M] (Microsoft Corporation) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2010/02/11 09:38:10 \| 003,565,056 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/01/31 19:19:48 \| 000,048,928 \| ---- \| M] () [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\Tetris.sys -- (Tetris) DRV - [2010/01/12 17:42:54 \| 000,252,928 \| ---- \| M] (Vimicro Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC) DRV - [2008/08/26 10:26:12 \| 000,018,816 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008/07/01 11:12:32 \| 000,398,720 \| ---- \| M] (Vimicro Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC) DRV - [2008/06/26 12:00:00 \| 000,072,704 \| ---- \| M] (WIBU-SYSTEMS AG) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\WibuKey.sys -- (WIBUKEY) DRV - [2008/04/02 22:35:38 \| 000,162,432 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\ithsgt.sys -- (ithsgt) DRV - [2008/04/02 22:35:37 \| 000,012,032 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\lilsgt.sys -- (lilsgt) DRV - [2007/01/30 12:57:50 \| 004,474,368 \| R--- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006/10/31 15:55:38 \| 000,011,008 \| ---- \| M] (ASUSTeK COMPUTER INC.) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2006/10/31 07:50:24 \| 000,028,416 \| R--- \| M] (Attansic Technology corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\atl02_xp.sys -- (AtcL002) DRV - [2006/10/25 09:48:00 \| 000,012,288 \| R--- \| M] (ASUSTeK Computer Inc.) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2006/09/29 10:06:26 \| 000,010,752 \| ---- \| M] (ASUSTeK COMPUTER INC.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D) DRV - [2005/11/03 12:15:36 \| 000,017,688 \| ---- \| M] (SIA Syncrosoft) [Kernel \| Auto \| Running] -- C:\WINDOWS\System32\drivers\NSynas32.sys -- (Nsynas32) DRV - [2005/10/20 10:29:02 \| 000,005,376 \| ---- \| M] (Overclocking Tool) [Kernel \| Disabled \| Running] -- C:\WINDOWS\atidgllk.sys -- (atidgllk) DRV - [2005/05/09 20:08:40 \| 000,033,792 \| ---- \| M] (Team H2O) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX) DRV - [2004/09/29 09:35:30 \| 000,219,136 \| R--- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2) DRV - [2004/09/29 09:34:24 \| 000,702,592 \| R--- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2004/09/29 09:33:50 \| 001,036,928 \| R--- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2004/08/13 04:56:20 \| 000,005,810 \| R--- \| M] () [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004/08/09 13:33:26 \| 000,114,016 \| ---- \| M] (Protection Technology) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004/08/09 13:29:28 \| 000,053,920 \| ---- \| M] (Protection Technology) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004/07/19 16:49:54 \| 000,007,040 \| ---- \| M] (Protection Technology) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1) DRV - [2003/12/01 17:20:52 \| 000,004,832 \| ---- \| M] (Protection Technology) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2002/07/17 09:05:10 \| 000,016,512 \| ---- \| M] (Adaptec) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32) DRV - [2002/07/17 09:05:10 \| 000,016,512 \| ---- \| M] (Adaptec) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI) DRV - [2000/06/19 11:56:44 \| 000,767,314 \| ---- \| M] (Motorola Inc.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = start.facemoods.com/?a=fbpage1&s={searchTerms}&f=4&hl={language}&src=chrm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {57AEE195-9D6E-4EED-9E2A-9C9AF30F96F8} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60341 IE - HKCU\..\SearchScopes\{57AEE195-9D6E-4EED-9E2A-9C9AF30F96F8}: "URL" = search.yahoo.com/search?fr=chr-greentree_ie.....749&p={searchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz= IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.order.1: "Crawler Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "www.google.com" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.0 FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.90: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/02/23 11:08:08 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/20 09:22:15 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/18 00:43:26 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins [2008/09/13 19:29:10 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\EC\Application Data\Mozilla\Extensions [2012/06/02 12:28:31 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\EC\Application Data\Mozilla\Firefox\Profiles\r68pz6te.default\extensions [2012/06/02 12:28:31 \| 000,000,000 \| ---D \| M] (Fast Dial) -- C:\Documents and Settings\EC\Application Data\Mozilla\Firefox\Profiles\r68pz6te.default\extensions\fastdial@telega.phpnet.us [2011/11/12 00:36:39 \| 000,000,000 \| ---D \| M] (Fast Dial Fx6) -- C:\Documents and Settings\EC\Application Data\Mozilla\Firefox\Profiles\r68pz6te.default\extensions\fastdialfx6@rouing3.addons.mozilla.org [2012/06/09 00:07:15 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/04/23 21:53:36 \| 000,000,000 \| ---D \| M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011/12/21 12:59:46 \| 000,275,540 \| ---- \| M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\EC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\R68PZ6TE.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI [2012/02/23 11:08:08 \| 000,000,000 \| ---D \| M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2012/06/20 09:22:14 \| 000,085,472 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/12/09 19:23:32 \| 000,012,800 \| ---- \| M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012/03/15 03:14:28 \| 000,002,252 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/03/15 03:14:28 \| 000,002,040 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t CHR - default_search_provider: suggest_url = suggestqueries.google.com/complete/search?q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\Application\13.0.782.107\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\Application\13.0.782.107\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\Application\13.0.782.107\pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_1\npSkypeChromePlugin.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: InoViewer Plugin (Enabled) = C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll CHR - plugin: getPlusPlus for Adobe 16290 (Enabled) = C:\Program Files\NOS\bin\np_gp.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Speed Dial = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.1_0\ CHR - Extension: Facemoods = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\ CHR - Extension: Click to call with Skype = C:\Documents and Settings\EC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\ O1 HOSTS File: ([2010/12/15 23:18:11 \| 000,000,027 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O3 - HKLM\..\Toolbar: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe () O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.) O4 - HKLM..\Run: [H2O] C:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation) O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc) O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 File not found O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 File not found O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 File not found O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED84FF70-41F1-45E5-A6FB-4ED1A4A6D575}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\EC\Local Settings\Application Data\Microsoft\Wallpaper4.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\EC\Local Settings\Application Data\Microsoft\Wallpaper4.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/08/25 12:15:22 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/03/06 20:17:22 \| 000,000,000 \| R--D \| M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009/03/06 20:17:22 \| 000,000,000 \| R--D \| M] - D:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk ) O34 - HKLM BootExecute: (PGUNNT C:\SMCLpav\SMCLpav.exe) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/06/19 21:56:04 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/06/19 21:56:02 \| 000,022,344 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/06/19 21:40:11 \| 000,449,024 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\EC\Desktop\TFC.exe [2012/06/18 18:18:30 \| 000,596,992 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\EC\Desktop\OTL.exe [2012/06/17 18:31:41 \| 000,607,260 \| R--- \| C] (Swearware) -- C:\Documents and Settings\EC\Desktop\dds.com [2012/06/14 18:32:15 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy [2012/05/24 19:46:59 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\EC\Recent [6 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] [6 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/06/22 23:01:03 \| 000,000,874 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/06/22 23:01:03 \| 000,000,290 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-484763869-725345543-1007.job [2012/06/22 23:01:03 \| 000,000,282 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-484763869-725345543-1006.job [2012/06/22 23:01:03 \| 000,000,280 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job [2012/06/22 23:01:03 \| 000,000,272 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-484763869-725345543-1003.job [2012/06/22 22:59:03 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2012/06/22 22:55:00 \| 000,000,878 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/06/22 22:53:03 \| 000,000,986 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-484763869-725345543-1006UA.job [2012/06/22 15:56:04 \| 000,000,464 \| ---- \| M] () -- C:\WINDOWS\tasks\At3.job [2012/06/22 10:10:00 \| 000,000,464 \| ---- \| M] () -- C:\WINDOWS\tasks\At1.job [2012/06/22 00:05:52 \| 000,016,815 \| ---- \| M] () -- C:\Documents and Settings\EC\Desktop\371782_1849556769_1223498415_n.jpg [2012/06/21 20:40:01 \| 000,000,464 \| ---- \| M] () -- C:\WINDOWS\tasks\At2.job [2012/06/21 19:53:00 \| 000,000,934 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-484763869-725345543-1006Core.job [2012/06/21 14:00:01 \| 000,000,464 \| ---- \| M] () -- C:\WINDOWS\tasks\At4.job [2012/06/20 20:36:02 \| 000,596,992 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\EC\Desktop\OTL.exe [2012/06/19 23:31:09 \| 000,196,608 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\aAsmedia.bin [2012/06/19 21:40:14 \| 000,449,024 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\EC\Desktop\TFC.exe [2012/06/19 21:01:11 \| 000,000,736 \| ---- \| M] () -- C:\Documents and Settings\EC\Desktop\Mozilla Firefox.lnk [2012/06/19 19:34:00 \| 000,000,290 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-484763869-725345543-1006.job [2012/06/19 17:46:00 \| 000,000,288 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job [2012/06/18 15:19:00 \| 000,000,298 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-484763869-725345543-1007.job [2012/06/17 19:02:57 \| 000,302,592 \| ---- \| M] () -- C:\Documents and Settings\EC\Desktop\l3pxv641.exe [2012/06/17 18:31:43 \| 000,607,260 \| R--- \| M] (Swearware) -- C:\Documents and Settings\EC\Desktop\dds.com [2012/06/06 22:18:36 \| 001,611,552 \| ---- \| M] () -- C:\Documents and Settings\EC\Desktop\bllasko.pln [2012/06/05 18:21:42 \| 001,605,968 \| ---- \| M] () -- C:\Documents and Settings\EC\Desktop\bllasko.bpn [2012/06/02 15:19:44 \| 000,022,040 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui [2012/06/02 15:19:38 \| 000,329,240 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2012/06/02 15:19:38 \| 000,329,240 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll [2012/06/02 15:19:38 \| 000,219,160 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl [2012/06/02 15:19:38 \| 000,210,968 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll [2012/06/02 15:19:34 \| 000,097,304 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll [2012/06/02 15:19:34 \| 000,097,304 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll [2012/06/02 15:19:34 \| 000,053,784 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe [2012/06/02 15:19:34 \| 000,045,080 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2012/06/02 15:19:34 \| 000,035,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2012/06/02 15:19:34 \| 000,035,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll [2012/06/02 15:19:34 \| 000,015,384 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2012/06/02 15:19:24 \| 000,577,048 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2012/06/02 15:19:24 \| 000,577,048 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll [2012/06/02 15:19:18 \| 001,933,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll [2012/06/02 15:18:58 \| 000,275,696 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2012/06/02 15:18:58 \| 000,017,136 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2012/05/30 17:13:12 \| 000,002,516 \| -HS- \| M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012/05/29 23:49:00 \| 000,000,280 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-484763869-725345543-1003.job [6 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] [6 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] ========== Files Created - No Company Name ========== [2012/06/22 00:05:51 \| 000,016,815 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\371782_1849556769_1223498415_n.jpg [2012/06/19 21:01:11 \| 000,000,736 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\Mozilla Firefox.lnk [2012/06/17 19:02:57 \| 000,302,592 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\l3pxv641.exe [2012/06/04 21:47:54 \| 001,611,552 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\bllasko.pln [2012/06/04 21:47:54 \| 001,605,968 \| ---- \| C] () -- C:\Documents and Settings\EC\Desktop\bllasko.bpn [2012/03/03 22:10:45 \| 000,000,272 \| ---- \| C] () -- C:\Documents and Settings\EC\Application Data\.backup.dm [2011/08/01 15:12:42 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\Application Support [2011/08/01 15:11:29 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\Applause and Laugher [2011/07/13 11:58:20 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ativpsrm.bin [2011/07/13 11:56:03 \| 000,593,920 \| ---- \| C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011/03/15 23:05:53 \| 000,057,552 \| ---- \| C] () -- C:\WINDOWS\System32\WkDos.exe [2010/12/11 14:44:37 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ViewNX.INI [2010/12/11 13:56:36 \| 000,000,000 \| -H-- \| C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT [2010/12/11 13:56:36 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\EC\Application Data\Applications [2010/12/11 13:53:40 \| 000,000,000 \| -H-- \| C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT [2010/12/11 13:53:40 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\EC\Application Data\Application [2010/11/15 23:07:24 \| 001,267,750 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-299502267-484763869-725345543-1003-0.dat [2010/11/10 01:28:23 \| 000,343,422 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2010/09/19 15:24:44 \| 000,639,046 \| ---- \| C] () -- C:\WINDOWS\aticlocklib.dll [2010/09/19 15:24:44 \| 000,110,592 \| ---- \| C] () -- C:\WINDOWS\R5ClkLib.dll [2010/09/19 15:24:44 \| 000,020,480 \| ---- \| C] () -- C:\WINDOWS\HyperDrive.exe [2010/09/19 15:24:43 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\nVivid.bin [2010/09/19 15:24:43 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\nStandard.bin [2010/09/19 15:24:43 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\nAsmedia.bin [2010/09/19 15:24:43 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\nAdvanced.bin [2010/09/19 15:24:42 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\aVivid.bin [2010/09/19 15:24:42 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\aStandard.bin [2010/09/19 15:24:42 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\aAsmedia.bin [2010/09/19 15:24:42 \| 000,196,608 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\aAdvanced.bin [2010/09/19 15:24:42 \| 000,046,080 \| ---- \| C] () -- C:\WINDOWS\System32\aseng.dll [2010/09/19 15:24:42 \| 000,011,136 \| ---- \| C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL [2010/09/19 15:24:42 \| 000,000,018 \| ---- \| C] () -- C:\WINDOWS\System32\atkid.ini [2010/09/19 15:16:16 \| 003,107,788 \| R--- \| C] () -- C:\WINDOWS\System32\ativvaxx.dat [2010/09/19 15:16:16 \| 000,189,051 \| ---- \| C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010/09/17 12:03:21 \| 000,000,010 \| ---- \| C] () -- C:\WINDOWS\WININIT.INI [2010/09/17 11:31:19 \| 000,004,990 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\mtbjfghn.xbe [2010/08/11 20:32:56 \| 000,000,056 \| -H-- \| C] () -- C:\WINDOWS\System32\ezsidmv.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85B0A5A3 @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DB23B8E @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD0213A0 @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1063995 < End of report > mycity.rs/must-login.png

Profil

ivance95 Poslao: 23 Jun 2012 15:54 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Klikni na dugme Start - All Programs - Accessories Klikni desnim tasterom miša na Comand Prompt i odaberi opciju Run As, zatim unesi tvoje korisničko ime i password ukoliko postoji. U prozoru u koji se otvori unesi sledeće komande: copy C:\WINDOWS\tasks\At1.job C:\at1.job ... i pritisni taster Enter. Vidi sliku: ...i ove: copy C:\Windows\tasks\At2.job C:\at2.job copy C:\Windows\tasks\At3.job C:\at3.job copy C:\Windows\tasks\At4.job C:\at4.job Nakon toga, prikači datoteke at1.job, at2.job, at3.job i at4.job, koje se nalaze unutar C diska preko sledećeg linka: http://www.mycity.rs/ambulanta-upload.php Ivance95 (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Nepozvan

Ko je trenutno na forumu

Ukupno su 581 korisnika na forumu :: 10 registrovanih, 2 sakrivenih i 569 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bigfoot, ikan, Mixelotti, mrav pesadinac, nenad81, panzerwaffe, ruma, SR-3m, suton, yrraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by