Problem sa Start Incredibar u Google chrome

1

Problem sa Start Incredibar u Google chrome

offline
  • Pridružio: 11 Avg 2012
  • Poruke: 37

OTL logfile created on: 8/13/2012 1:46:54 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\lidija\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.84 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 51.52% Memory free
7.68 Gb Paging File | 5.37 Gb Available in Paging File | 69.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.34 Gb Total Space | 32.07 Gb Free Space | 21.47% Space Free | Partition Type: NTFS
Drive D: | 148.65 Gb Total Space | 60.76 Gb Free Space | 40.87% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: LIDIJA-PC | User Name: lidija | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/13 13:46:12 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\lidija\Downloads\OTL.exe
PRC - [2012/08/13 08:33:22 | 001,697,312 | ---- | M] () -- C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012/07/20 21:51:41 | 000,245,168 | ---- | M] (http://yourfiledownloader.com) -- C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
PRC - [2012/07/10 00:07:18 | 000,935,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/07/10 00:07:16 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/28 17:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012/06/22 21:09:56 | 000,603,648 | ---- | M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe
PRC - [2012/05/31 22:19:18 | 000,200,784 | ---- | M] (Somoto) -- C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe
PRC - [2012/05/11 22:14:39 | 006,380,400 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
PRC - [2012/04/10 16:15:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 13:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/19 13:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/09/17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
PRC - [2010/09/17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
PRC - [2007/05/10 22:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/07 08:43:40 | 000,442,392 | ---- | M] () -- C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll
MOD - [2012/08/07 08:43:39 | 012,235,800 | ---- | M] () -- C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
MOD - [2012/08/07 08:43:37 | 003,997,720 | ---- | M] () -- C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll
MOD - [2012/08/07 08:42:21 | 000,526,872 | ---- | M] () -- C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\libglesv2.dll
MOD - [2012/08/07 08:42:20 | 000,104,984 | ---- | M] () -- C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\libegl.dll
MOD - [2012/08/07 08:42:09 | 000,144,424 | ---- | M] () -- C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\avutil-51.dll
MOD - [2012/08/07 08:42:08 | 000,266,792 | ---- | M] () -- C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\avformat-54.dll
MOD - [2012/08/07 08:42:07 | 002,480,680 | ---- | M] () -- C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll
MOD - [2012/07/10 00:07:19 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/10 00:07:16 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WinDefend)
SRV - [2012/08/13 08:33:22 | 001,697,312 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012/07/10 00:07:18 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/10 16:15:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/03/19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2010/09/17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/12/15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010/11/21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:35:46 | 000,416,768 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.funmoods.com/?f=1&a=nv1&chnl=.....=161590627
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.fr
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4458CC74-55A0-3D96-286E-234D65F2C157}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703&SSPV=IENOSGBR
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = search.gboxapp.com/?q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = google.fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = google.fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B9 F3 89 3A 6B 17 CD 01 [binary data]
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = search.babylon.com/?q={searchTerms}&affID=112060&tt=120812_bandext_3312_7&babsrc=SP_ss&mntrId=b49c5907000000000000701a04068102
IE - HKCU\..\SearchScopes\{4458CC74-55A0-3D96-286E-234D65F2C157}: "URL" = isearch.avg.com/search?cid={870360A8-A33B-4193-9182-FA7FC3753F19}&mid=d3f3658e947b47d09e8bd16f64d38fe8-c8c83f4675e1289763aa81abee326abddaec24a1&lang=sr&ds=AVG&pr=fr&d=2012-05-20 12:43:19&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = google.hr/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GZEU_hrHR496
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyCzztCtDtByDzytDyBtN0D0Tzu0CtBtCyEtN1L2XzutBtFtCtFtDtFtAtDtC&cr=161590627
IE - HKCU\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = search.gboxapp.com/?q={searchTerms}
IE - HKCU\..\SearchScopes\{AE64DB55-87A5-4CE5-9123-DCDC4FC9E233}: "URL" = websearch.ask.com/redirect?client=ie&tb.....crm&q={searchTerms}&locale=&apn_ptnrs=RX&apn_dtid=YYYYYYYYHR&apn_uid=268e08f7-41d4-40dc-86ea-536ba17f3420&apn_sauid=B9250472-436C-4F2A-AEF8-1A92697B47C9
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\lidija\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\lidija\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\lidija\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/07/17 08:24:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 08:28:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/07/10 00:07:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/11 20:24:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/08/13 08:33:23 | 000,000,000 | ---D | M]

[2012/08/03 18:59:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lidija\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/08/01 22:51:41 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\lidija\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com
[2012/08/11 20:24:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/21 09:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012/07/10 00:07:16 | 000,003,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = search.babylon.com/?q={searchTerms}&affID=112060&tt=120812_bandext_3312_7&babsrc=SP_ss&mntrId=b49c5907000000000000701a04068102
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\lidija\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Perion plugin (Enabled) = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\lidija\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - Extension: Funmoods = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\
CHR - Extension: SpeedDial = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\4.0_0\
CHR - Extension: New Tab for Chrome = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: AVG Safe Search = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\
CHR - Extension: AVG Do Not Track = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: 4shared.com = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\noebaifjopccondbkcieccphcpijhdne\2.3.4.2_0\
CHR - Extension: GoPhoto.it = C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.1_0\

O1 HOSTS File: ([2012/05/30 06:53:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\lidija\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - Startup: C:\Users\lidija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E8B9FC7-FE19-4836-A096-B64247BF580A}: NameServer = 195.29.166.116,195.29.166.117
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0FF78B0-BC34-4B14-8A2A-0A69128C1452}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22565~1.25\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/13 09:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
[2012/08/13 09:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\MCShield
[2012/08/13 09:15:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MCShield
[2012/08/13 08:33:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/08/13 08:33:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/08/13 08:33:33 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012/08/13 08:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/08/12 22:53:42 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Google
[2012/08/12 22:52:57 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/08/12 22:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/08/12 22:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/08/12 07:28:01 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Malwarebytes
[2012/08/12 07:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/11 19:06:06 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\SpeedyPC Software
[2012/08/11 19:06:06 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\DriverCure
[2012/08/11 19:05:53 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software
[2012/08/11 19:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/08/10 05:05:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/10 05:05:14 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/10 05:05:01 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/10 05:05:01 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/10 05:04:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/08/09 23:07:10 | 000,000,000 | ---D | C] -- C:\Users\lidija\Documents\Paranormal.Experience.2011.iTALiAN.MD.BDRip.XviD-TNZ-TrTd_TeaM
[2012/08/07 23:55:38 | 000,000,000 | ---D | C] -- C:\Users\lidija\Documents\Abraham.Lincoln.Vampire.Hunter.2012.TS.XviD-ADTRG
[2012/08/01 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Local\Red Sky
[2012/08/01 22:51:53 | 000,000,000 | ---D | C] -- C:\Users\lidija\Documents\Human.Trafficking.2005.STV.RERiP.DVDRip.XviD-iMMORTALs
[2012/08/01 22:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Red Sky
[2012/08/01 22:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Sky
[2012/08/01 14:41:59 | 000,000,000 | ---D | C] -- C:\Users\lidija\Documents\Simply Super Software
[2012/08/01 14:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2012/08/01 14:41:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2012/08/01 14:41:15 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Simply Super Software
[2012/08/01 14:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2012/08/01 07:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nettv Player
[2012/08/01 07:41:08 | 000,000,000 | ---D | C] -- C:\nettv
[2012/07/30 00:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minibar
[2012/07/30 00:12:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloadfreefullmovie Widget
[2012/07/30 00:12:31 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[2012/07/30 00:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FilesFrog Update Checker
[2012/07/27 22:21:58 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Local\Facebook
[2012/07/26 22:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
[2012/07/23 19:47:03 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\djsoft.net
[2012/07/23 19:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2012/07/23 18:12:36 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RadioBOSS
[2012/07/21 19:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic FLAC to MP3 Converter
[2012/07/21 19:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLAC to MP3 Converter
[2012/07/21 19:25:31 | 000,000,000 | ---D | C] -- C:\Users\lidija\Documents\Youtube FLV to MP3 Converter Output
[2012/07/21 19:24:34 | 002,084,864 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioDesign2.dll
[2012/07/21 19:24:34 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioDisplay2.dll
[2012/07/21 19:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Audio Studio
[2012/07/21 19:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube flv to mp3 Converter
[2012/07/21 19:22:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Youtube flv to mp3 Converter
[2012/07/21 16:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/21 16:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/21 14:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012/07/21 14:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2012/07/21 13:32:27 | 000,000,000 | ---D | C] -- C:\spl
[2012/07/21 10:55:42 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/07/21 00:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012/07/21 00:53:27 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\Winamp
[2012/07/20 22:00:54 | 000,000,000 | ---D | C] -- C:\Users\lidija\Desktop\Etta James - 2010 - The Essential (Legacy 2CD) FLAC
[2012/07/17 15:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012/07/17 15:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012/07/17 15:51:59 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\DVDVideoSoft
[2012/07/17 15:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/07/17 15:29:17 | 000,000,000 | ---D | C] -- C:\Users\lidija\Documents\Any DVD Cloner Platinum
[2012/07/17 15:27:02 | 000,000,000 | ---D | C] -- C:\Users\lidija\Documents\Any Video Converter
[2012/07/17 15:26:30 | 000,000,000 | ---D | C] -- C:\Users\lidija\AppData\Roaming\AnvSoft
[2012/07/17 14:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cool Free Audio to MP3 Converter
[2012/07/17 14:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012/07/17 14:41:38 | 000,860,160 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\SysWow64\lameACM.acm
[2012/07/17 14:41:37 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012/07/17 14:41:37 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2012/07/17 14:41:27 | 000,683,520 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx.dll
[2012/07/17 14:41:27 | 000,081,920 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2012/07/17 14:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012/07/17 08:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/13 13:34:57 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2049537975-149931253-3969098748-1000UA.job
[2012/08/13 13:34:57 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/13 13:34:51 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2049537975-149931253-3969098748-1000UA.job
[2012/08/13 13:34:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/13 09:17:01 | 000,023,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/13 09:17:01 | 000,023,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/13 09:15:29 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
[2012/08/13 09:14:07 | 000,723,198 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/13 09:14:07 | 000,622,330 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/13 09:14:07 | 000,105,536 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/13 09:09:49 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/13 09:08:57 | 3092,938,752 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/13 09:02:15 | 103,666,240 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/08/13 08:34:55 | 000,002,033 | ---- | M] () -- C:\Users\lidija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
[2012/08/13 08:33:22 | 000,001,403 | ---- | M] () -- C:\user.js
[2012/08/13 08:29:02 | 000,567,176 | ---- | M] () -- C:\Users\lidija\Desktop\installer_adwcleaner.exe
[2012/08/12 23:02:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2049537975-149931253-3969098748-1000Core.job
[2012/08/12 22:59:49 | 000,002,416 | ---- | M] () -- C:\Users\lidija\Desktop\Google Chrome.lnk
[2012/08/12 22:27:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2049537975-149931253-3969098748-1000Core.job
[2012/08/11 20:55:05 | 000,027,520 | ---- | M] () -- C:\Users\lidija\AppData\Local\dt.dat
[2012/08/11 19:05:53 | 000,001,195 | ---- | M] () -- C:\Users\lidija\Desktop\SpeedyPC Pro.lnk
[2012/08/10 05:04:51 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/10 05:04:51 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/09 23:07:06 | 000,002,096 | ---- | M] () -- C:\Users\lidija\Desktop\Download Paranormal_Experience_2011_iTALiAN_MD_BDRip_XviD-TNZ-TrTd_TeaM.lnk
[2012/08/09 22:39:39 | 000,009,958 | ---- | M] () -- C:\Users\lidija\Documents\cc_20120809_223920.reg
[2012/08/09 11:51:41 | 000,008,682 | ---- | M] () -- C:\Users\lidija\Desktop\vino.ods
[2012/08/07 23:55:33 | 000,002,005 | ---- | M] () -- C:\Users\lidija\Desktop\Download Abraham_Lincoln_Vampire_Hunter_2012_TS_XviD-ADTRG.lnk
[2012/08/06 21:25:41 | 000,000,985 | ---- | M] () -- C:\Users\lidija\Desktop\Continue Best Codecs Pack installation.lnk
[2012/08/06 19:39:35 | 000,290,574 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/08/03 18:55:43 | 000,002,582 | ---- | M] () -- C:\Users\lidija\Documents\cc_20120803_185534.reg
[2012/08/01 23:51:30 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/01 23:51:30 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/01 22:51:39 | 000,384,844 | ---- | M] () -- C:\Users\lidija\AppData\Local\funmoods-speeddial.crx
[2012/08/01 22:51:39 | 000,031,465 | ---- | M] () -- C:\Users\lidija\AppData\Local\funmoods.crx
[2012/08/01 22:51:27 | 000,001,963 | ---- | M] () -- C:\Users\lidija\Desktop\Download (RQ)Human.Trafficking.2005.STV.RERiP.DVDRip.lnk
[2012/08/01 14:41:50 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2012/07/30 00:12:40 | 000,001,169 | ---- | M] () -- C:\Users\lidija\Desktop\Check for Updates.lnk
[2012/07/29 13:43:31 | 000,028,570 | ---- | M] () -- C:\Users\lidija\Documents\cc_20120729_134317.reg
[2012/07/26 22:18:30 | 000,001,146 | ---- | M] () -- C:\Users\lidija\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk
[2012/07/26 22:18:30 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2012/07/26 15:37:33 | 001,133,945 | ---- | M] () -- C:\Users\lidija\Desktop\5ica.jpg
[2012/07/22 23:23:57 | 000,080,581 | ---- | M] () -- C:\Users\lidija\Desktop\Martyrs.FRENCH.DVDRip.XviD-ZANBiC.jpg
[2012/07/21 19:32:25 | 000,010,752 | ---- | M] () -- C:\Users\lidija\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/21 19:30:53 | 000,001,001 | ---- | M] () -- C:\Users\lidija\Desktop\Magic FLAC to MP3 Converter.lnk
[2012/07/21 19:24:47 | 000,001,053 | ---- | M] () -- C:\Users\lidija\Desktop\My Audio Studio.lnk
[2012/07/21 19:22:29 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Youtube flv to mp3 Converter.lnk
[2012/07/21 16:51:45 | 000,067,582 | ---- | M] () -- C:\Users\lidija\Documents\cc_20120721_165128.reg
[2012/07/21 16:46:59 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/21 13:22:49 | 000,003,664 | ---- | M] () -- C:\bootsqm.dat
[2012/07/21 11:23:24 | 000,000,969 | ---- | M] () -- C:\Users\lidija\Desktop\BitTorrent.lnk
[2012/07/21 00:53:56 | 000,001,003 | ---- | M] () -- C:\Users\lidija\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2012/07/21 00:53:56 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012/07/20 22:00:49 | 000,002,082 | ---- | M] () -- C:\Users\lidija\Desktop\Download Etta_James_-_Greatest_Hits_(Essentials)_2CD_-_Flac_[Bubanee].lnk
[2012/07/20 21:51:49 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\YourFile Downloader.lnk
[2012/07/17 14:42:27 | 000,000,034 | -H-- | M] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2012/07/17 08:24:23 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/13 09:15:29 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
[2012/08/13 08:33:45 | 000,002,033 | ---- | C] () -- C:\Users\lidija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
[2012/08/13 08:29:01 | 000,567,176 | ---- | C] () -- C:\Users\lidija\Desktop\installer_adwcleaner.exe
[2012/08/12 22:53:01 | 000,002,416 | ---- | C] () -- C:\Users\lidija\Desktop\Google Chrome.lnk
[2012/08/12 22:51:26 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2049537975-149931253-3969098748-1000UA.job
[2012/08/12 22:51:25 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2049537975-149931253-3969098748-1000Core.job
[2012/08/12 22:51:03 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/12 22:51:02 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/11 20:54:56 | 000,027,520 | ---- | C] () -- C:\Users\lidija\AppData\Local\dt.dat
[2012/08/11 19:05:53 | 000,001,195 | ---- | C] () -- C:\Users\lidija\Desktop\SpeedyPC Pro.lnk
[2012/08/09 23:07:06 | 000,002,096 | ---- | C] () -- C:\Users\lidija\Desktop\Download Paranormal_Experience_2011_iTALiAN_MD_BDRip_XviD-TNZ-TrTd_TeaM.lnk
[2012/08/09 22:39:30 | 000,009,958 | ---- | C] () -- C:\Users\lidija\Documents\cc_20120809_223920.reg
[2012/08/09 11:51:31 | 000,008,682 | ---- | C] () -- C:\Users\lidija\Desktop\vino.ods
[2012/08/07 23:51:10 | 000,002,005 | ---- | C] () -- C:\Users\lidija\Desktop\Download Abraham_Lincoln_Vampire_Hunter_2012_TS_XviD-ADTRG.lnk
[2012/08/06 21:25:41 | 000,000,985 | ---- | C] () -- C:\Users\lidija\Desktop\Continue Best Codecs Pack installation.lnk
[2012/08/06 00:05:09 | 000,049,218 | ---- | C] () -- C:\Users\lidija\Desktop\Paranormal.Activity.3.2011.UNRATED.720p.x264bluray-.UNRATED.DVDRip.XviD-SPARKS.srt
[2012/08/03 18:55:41 | 000,002,582 | ---- | C] () -- C:\Users\lidija\Documents\cc_20120803_185534.reg
[2012/08/01 22:52:01 | 000,384,844 | ---- | C] () -- C:\Users\lidija\AppData\Local\funmoods-speeddial.crx
[2012/08/01 22:51:51 | 000,031,465 | ---- | C] () -- C:\Users\lidija\AppData\Local\funmoods.crx
[2012/08/01 22:51:27 | 000,001,963 | ---- | C] () -- C:\Users\lidija\Desktop\Download (RQ)Human.Trafficking.2005.STV.RERiP.DVDRip.lnk
[2012/08/01 14:41:50 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2012/08/01 14:41:26 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2012/08/01 14:41:26 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2012/07/30 21:51:29 | 000,068,355 | ---- | C] () -- C:\Users\lidija\Cleanskin.2012.720p.BluRay.DTS.x264-TRiPS.srt
[2012/07/30 14:37:19 | 000,038,769 | ---- | C] () -- C:\Users\lidija\Desktop\Humman_trafikking.CD1.jpg
[2012/07/30 00:12:40 | 000,001,169 | ---- | C] () -- C:\Users\lidija\Desktop\Check for Updates.lnk
[2012/07/29 13:43:24 | 000,028,570 | ---- | C] () -- C:\Users\lidija\Documents\cc_20120729_134317.reg
[2012/07/26 22:18:30 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2012/07/26 15:37:29 | 001,133,945 | ---- | C] () -- C:\Users\lidija\Desktop\5ica.jpg
[2012/07/22 23:23:57 | 000,080,581 | ---- | C] () -- C:\Users\lidija\Desktop\Martyrs.FRENCH.DVDRip.XviD-ZANBiC.jpg
[2012/07/21 19:31:59 | 000,010,752 | ---- | C] () -- C:\Users\lidija\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/21 19:30:53 | 000,001,001 | ---- | C] () -- C:\Users\lidija\Desktop\Magic FLAC to MP3 Converter.lnk
[2012/07/21 19:24:47 | 000,001,053 | ---- | C] () -- C:\Users\lidija\Desktop\My Audio Studio.lnk
[2012/07/21 19:24:34 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/07/21 19:22:29 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Youtube flv to mp3 Converter.lnk
[2012/07/21 16:51:39 | 000,067,582 | ---- | C] () -- C:\Users\lidija\Documents\cc_20120721_165128.reg
[2012/07/21 16:46:59 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/21 13:22:49 | 000,003,664 | ---- | C] () -- C:\bootsqm.dat
[2012/07/21 11:23:24 | 000,000,969 | ---- | C] () -- C:\Users\lidija\Desktop\BitTorrent.lnk
[2012/07/21 00:53:56 | 000,001,003 | ---- | C] () -- C:\Users\lidija\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2012/07/21 00:53:56 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012/07/20 22:00:49 | 000,002,082 | ---- | C] () -- C:\Users\lidija\Desktop\Download Etta_James_-_Greatest_Hits_(Essentials)_2CD_-_Flac_[Bubanee].lnk
[2012/07/17 14:42:27 | 000,000,034 | -H-- | C] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2012/07/17 14:41:39 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/07/17 14:41:38 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2012/07/17 14:41:28 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/07/17 14:41:28 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/07/17 14:41:27 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2012/05/30 06:03:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/30 06:03:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/30 06:03:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/30 06:03:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/30 06:03:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/29 14:27:09 | 000,772,430 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/15 17:13:52 | 000,000,041 | -H-- | C] () -- C:\Windows\SysWow64\swk.ini
[2012/04/11 21:21:43 | 000,041,346 | ---- | C] () -- C:\Users\lidija\ATT00025.jpg
[2012/04/10 16:53:07 | 000,007,605 | ---- | C] () -- C:\Users\lidija\AppData\Local\Resmon.ResmonCfg
[2012/04/10 16:27:44 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B946D9EE
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:A1063995

< End of report >

mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Postavi mi novi AdwCleaner search log. Evo uputstva ukoliko si zaboravila kako:


Arrow Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad (AdwCleaner[R1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[R1].txt



Arrow Nisi mi dostavila Extras.txt log. Pri skeniranju je kreiran fajl na Desktop-u, pošalji ga u sledećoj poruci koristeći opciju Prikači fajl.



Exclamation U logovima vidim da si pokretala ComboFix. Ubuduće ne pokreći nikada ComboFix na svoju ruku, to je jako opasan alat ukoliko se sa njim ne rukuje pravilno, ukoliko dođe do greške moguće je da obriše dobar deo sistema (ili ceo), zato sa njim rukuju samo profesionalni helperi!!!



Ivance95 (AMF Tim)

offline
  • Pridružio: 11 Avg 2012
  • Poruke: 37

sve mi nešto miriši na fomatiranje, a tu sam ko u lubenici - ništa ne znam :-(
mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Nema potrebe da sama sebi dajes dijagnozu, resicemo ovo bez reinstalacije sistema. Smile

Postavi mi samo AdwCleaner log, da bih ti dao dalja uputstva.



Ivance95 (AMF Tim)

offline
  • Pridružio: 11 Avg 2012
  • Poruke: 37

mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow Ponovo pokreni AdwCleaner Klikni na dugme [Delete] i pricekaj da program zavrsi. Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Arrow Ponovo pokreni program OTL, klikni na Run Scan i postavi mi svez log.




Ivance95 (AMF Tim)

offline
  • Pridružio: 11 Avg 2012
  • Poruke: 37

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Nisi ispratila drugi korak uputstva. Postavi mi novi OTL log.




Ivance95 (AMF Tim)

offline
  • Pridružio: 11 Avg 2012
  • Poruke: 37

1. uradila Delete sa adwcleaner
2. onda Search sa adwcleaner
3. OTL


mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:OTL
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}
&affID=112060&tt=120812_bandext_3312_7&babsrc=SP_ss&mntrId=b49c5907000000000000701a04068102
[2012/07/21 09:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012/08/01 22:51:41 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\lidija\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@funmoods.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=nv1&chnl=.....=161590627
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyCzztCtDtByDzytDyBtN0D0Tzu0CtBtCyEtN1L2XzutBtFtCtFtDtFtAtDtC&cr=161590627
IE - HKCU\..\SearchScopes\{AE64DB55-87A5-4CE5-9123-DCDC4FC9E233}: "URL" = http://websearch.ask.com/redirect?client=ie&tb.....crm&q={searchTerms}&locale=&apn_ptnrs=RX&apn_dtid=YYYYYYYYHR&apn_uid=268e08f7-41d4-40dc-86ea-536ba17f3420&apn_sauid=B9250472-436C-4F2A-AEF8-1A92697B47C9

:files
C:\Users\lidija\AppData\Local\Google\Chrome\User Data\Default\Preferences

:reg
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}]

:commands
[EmptyTemp]



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.





Arrow Idi na kljuc sa leve strane -> Podesavanja (Settings) -> pa podesi kao na slici




Ovde namestas koju stranicu da ti otvori Google Chrome kada ga pokrenes (postavis www.google.com ako koristis tu pretragu, ili vec kako zelis a sve ostale uklonis):





Takodje uradi i sledece:






Question Da li i dalje imaš problema?



Ivance95 (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 655 korisnika na forumu :: 10 registrovanih, 1 sakriven i 644 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: esx66, havoc995, hooraay, milenko crazy north, minmatar34957, pacika, suton, uruk, voja64, zziko