Problem sa Windows Security Center na Win 7

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdrav svima

Imam problem sa malware-om
Imam Eset Smart Security i danas sam instalirao Malwarebytes' Anti-Malware da skeniram komp...
On je nasao 12 virusa i otklonio ih je(valjda), i sad u sustin sve radi OK jedino u Action Center-u skoji obavestenje Turn on Windows Security Center service(Important).Kada kliknem na to iskoci poruka The Windows Security Center service can't be started.
Verovatnotu ima jos malware-a...
Evo log-a..


mycity.rs/must-login.png


OTL logfile created on: 5/19/2010 10:03:04 AM - Run 2
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Administrator\Documents\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 69.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 3454 3454 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 62.10 Gb Total Space | 3.52 Gb Free Space | 5.67% Space Free | Partition Type: NTFS
Drive D: | 120.57 Gb Total Space | 1.26 Gb Free Space | 1.04% Space Free | Partition Type: NTFS
Drive E: | 2.54 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 50.21 Gb Total Space | 1.68 Gb Free Space | 3.34% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DJOLESOFT
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/18 22:28:21 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\My Documents\Downloads\OTL (1).exe
PRC - [2010/05/11 00:47:01 | 000,923,136 | ---- | M] (PGWARE LLC) -- C:\Program Files (x86)\PGWARE\PCBoost\PCBoostTray.exe
PRC - [2010/04/03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/29 14:54:52 | 002,343,120 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/03/24 20:31:50 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010/03/23 10:17:44 | 000,055,568 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\PowerSuite\powersuite.exe
PRC - [2010/03/13 09:38:12 | 000,059,160 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
PRC - [2010/03/13 09:36:22 | 000,069,408 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
PRC - [2010/01/22 21:13:24 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2010/01/22 21:13:02 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2009/07/14 03:14:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/06/05 12:12:44 | 000,315,392 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009/04/02 21:27:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2008/12/15 16:33:24 | 005,090,816 | ---- | M] (Memory Improve Master Studio) -- C:\Program Files (x86)\Memory Improve Master\MemoryImproveMaster.exe
PRC - [2008/01/22 19:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/09/02 23:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (SafeList) ==========

MOD - [2010/05/18 22:28:21 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\My Documents\Downloads\OTL (1).exe
MOD - [2010/01/25 02:12:29 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
MOD - [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2007/09/02 23:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/03/24 20:39:50 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010/03/24 20:31:50 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/02/25 11:56:10 | 000,036,168 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010/01/25 03:43:13 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2010/01/25 02:37:11 | 000,013,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV:64bit: - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV:64bit: - [2009/10/05 22:41:06 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/24 02:25:28 | 000,626,208 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2009/07/24 02:25:28 | 000,206,880 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2009/07/14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV - [2010/04/19 22:04:59 | 000,607,048 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/04/03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/02/25 12:02:00 | 001,398,088 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/02/25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/22 21:13:24 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2010/01/22 21:13:02 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010/01/22 21:12:46 | 000,113,200 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2010/01/22 20:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2009/10/12 13:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2009/07/14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/06/05 12:12:44 | 000,315,392 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009/04/02 21:27:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2008/01/22 19:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/03/30 23:35:04 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133)
DRV:64bit: - [2010/03/25 19:52:36 | 000,145,936 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2010/03/24 20:34:18 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010/03/24 20:34:14 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010/03/24 20:34:14 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010/03/24 20:31:12 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/03/24 20:24:00 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/01/28 16:25:02 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/01/25 03:50:26 | 000,359,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/01/25 03:37:46 | 000,228,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2010/01/25 03:12:51 | 000,153,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2010/01/25 02:55:47 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2010/01/25 02:52:01 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2010/01/25 02:18:27 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/01/25 02:18:27 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/01/25 02:18:26 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/01/22 21:14:36 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2010/01/22 21:14:30 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2010/01/22 21:14:30 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2010/01/22 21:14:14 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2010/01/22 20:00:44 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2010/01/22 16:13:00 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2010/01/22 16:12:58 | 000,045,104 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2010/01/22 16:12:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009/12/30 12:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/14 02:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2009/07/14 02:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2009/07/14 02:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2009/07/14 02:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2009/07/14 02:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2009/07/14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/14 02:06:32 | 000,109,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2009/07/14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/01 21:20:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 10:55:20 | 001,207,808 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/05/14 18:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/03/27 01:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV:64bit: - [2006/11/08 09:59:36 | 000,602,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2010/04/19 05:06:57 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC)
DRV - [2010/03/31 00:00:00 | 000,026,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 -- (EverestDriver)
DRV - [2009/10/14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/10/12 13:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb)
DRV - [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2009/04/06 15:24:30 | 000,013,368 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\AsIO.sys -- (AsIO)
DRV - [2007/11/07 11:42:28 | 000,104,912 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2007/02/07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2006/11/08 10:00:06 | 000,530,560 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\PA707UCM.sys -- (PAC7311)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {2be15141-5d7c-44e4-a3bf-3196d5c46d60} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 38 38 C5 21 F7 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Firefox Extreme Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2436433&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2436433&SearchSource=13"
FF - prefs.js..extensions.enabledItems: bettergmail2@ginatrapani.org:0.9.8.1
FF - prefs.js..extensions.enabledItems: bughunter2@hostnameintitlebar:1.0.6
FF - prefs.js..extensions.enabledItems: coralietab@mozdev.org:1.69.20091202
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: faviconizetab@espion.just-size.jp:1.0.1
FF - prefs.js..extensions.enabledItems: pronounce@netgents.com:1.4
FF - prefs.js..extensions.enabledItems: rsDownloadHelper@yevgenyandrov.net:1.0
FF - prefs.js..extensions.enabledItems: tabprogressbar@studio17.wordpress.com:0.6
FF - prefs.js..extensions.enabledItems: translator@zoli.bod:1.0.4
FF - prefs.js..extensions.enabledItems: ubiquity@labs.mozilla.com:0.5.5pre7
FF - prefs.js..extensions.enabledItems: {03651b2d-eb7d-4be7-af1b-dc0cd162dd54}:0.8.1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.3
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.17
FF - prefs.js..extensions.enabledItems: {2be15141-5d7c-44e4-a3bf-3196d5c46d60}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}:0.8.19
FF - prefs.js..extensions.enabledItems: {45d8ff86-d909-11db-9705-005056c00008}:0.98.0
FF - prefs.js..extensions.enabledItems: {7f57cf46-4467-4c2d-adfa-0cba7c507e54}:0.18.3.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.47
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.2
FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100314
FF - prefs.js..extensions.enabledItems: Strata40@SpewBoy.au:0.6.1
FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.2
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.90
FF - prefs.js..extensions.enabledItems: {239c61a8-e55f-11db-8314-0800200c9a66}:2.1.4
FF - prefs.js..extensions.enabledItems: {81514210-E22A-4e69-93D5-E1EFD45B4620}:0.3.10.01.23
FF - prefs.js..extensions.enabledItems: {989e9382-d540-4189-88d1-fc54a949a387}:0.8.7
FF - prefs.js..extensions.enabledItems: {e213bb8f-8ebd-11db-96b7-005056c00008}:3.0.0.90


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla\Firefox\components [2010/04/22 10:40:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla\Firefox\plugins [2010/04/22 10:40:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/05/18 23:34:23 | 000,000,000 | ---D | M]

[2010/04/18 21:44:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2010/05/15 09:25:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions
[2010/04/18 21:44:35 | 000,000,000 | ---D | M] (MacOSX Theme) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
[2010/04/18 21:44:35 | 000,000,000 | ---D | M] (ErrorZilla Plus) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{03651b2d-eb7d-4be7-af1b-dc0cd162dd54}
[2010/04/18 21:44:37 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010/04/18 21:44:37 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/04/18 21:44:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010/04/18 21:44:38 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/04/18 21:44:38 | 000,000,000 | ---D | M] (BlackX) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{239c61a8-e55f-11db-8314-0800200c9a66}
[2010/04/18 21:44:38 | 000,000,000 | ---D | M] (Firefox Extreme Toolbar) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{2be15141-5d7c-44e4-a3bf-3196d5c46d60}
[2010/04/18 21:44:38 | 000,000,000 | ---D | M] (ShowIP) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}
[2010/04/18 21:44:38 | 000,000,000 | ---D | M] (Cookie Monster) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}
[2010/04/18 21:44:39 | 000,000,000 | ---D | M] (Mozilla Archive Format) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}
[2010/04/18 21:44:39 | 000,000,000 | ---D | M] (Past Modern) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{81514210-E22A-4e69-93D5-E1EFD45B4620}
[2010/04/18 21:44:39 | 000,000,000 | ---D | M] (Default) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/04/18 21:44:39 | 000,000,000 | ---D | M] (FennecFox) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{989e9382-d540-4189-88d1-fc54a949a387}
[2010/04/18 21:44:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/04/18 21:44:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/18 21:44:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/04/18 21:44:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/04/18 21:44:42 | 000,000,000 | ---D | M] (myFireFox) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}
[2010/04/18 21:44:42 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010/04/18 21:44:43 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/04/18 21:44:43 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2010/04/18 21:44:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\bettergmail2@ginatrapani.org
[2010/04/18 21:44:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\bughunter2@hostnameintitlebar
[2010/04/18 21:44:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\chromifox@altmusictv.com
[2010/04/18 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\coralietab@mozdev.org
[2010/04/18 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010/04/18 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\faviconizetab@espion.just-size.jp
[2010/04/18 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\nasanightlaunch@example.com
[2010/04/18 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\pronounce@netgents.com
[2010/04/18 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\rsDownloadHelper@yevgenyandrov.net
[2010/04/18 21:44:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\Strata40@SpewBoy.au
[2010/04/18 21:44:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\tabprogressbar@studio17.wordpress.com
[2010/04/18 21:44:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\translator@zoli.bod
[2010/04/18 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\ubiquity@labs.mozilla.com
[2010/04/18 21:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2010/04/18 21:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\extensions
[2010/04/18 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\joq85fbn.default\extensions\Strata40@SpewBoy.au\chrome\mozapps\extensions

O1 HOSTS File: ([2010/05/18 22:33:13 | 000,000,808 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {2be15141-5d7c-44e4-a3bf-3196d5c46d60} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2BE15141-5D7C-44E4-A3BF-3196D5C46D60} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKCU..\Run: [Memory Improve Master] C:\Program Files (x86)\Memory Improve Master\MemoryImproveMaster.exe (Memory Improve Master Studio)
O4 - HKCU..\RunOnce: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} nvidia.com/content/DriverDownload/srl/3.....ab_nvd.cab (Reg Error: Value error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18-)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18-)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18-)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 79.101.10.2 212.200.191.166
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/08/23 13:00:00 | 000,000,110 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2006/10/28 08:34:32 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{84b68d09-4b60-11df-9516-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{84b68d09-4b60-11df-9516-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2006/10/28 08:34:32 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{84b68d09-4b60-11df-9516-806e6f6e6963}\Shell\configure\command - "" = E:\setup.exe -- [2006/10/28 08:34:32 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{84b68d09-4b60-11df-9516-806e6f6e6963}\Shell\install\command - "" = E:\setup.exe -- [2006/10/28 08:34:32 | 000,463,152 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/05/19 09:25:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla
[2010/05/19 09:25:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010/05/19 08:56:31 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/05/19 08:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/05/19 08:53:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/05/19 08:53:00 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbam.sys
[2010/05/18 23:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010/05/18 23:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/05/18 23:34:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\eset (zabranjeno) all
[2010/05/18 22:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/05/18 22:49:52 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
[2010/05/18 22:49:19 | 000,483,192 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe
[2010/05/18 22:49:19 | 000,481,441 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
[2010/05/18 22:49:19 | 000,414,208 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swreg.exe
[2010/05/18 22:49:19 | 000,305,664 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe
[2010/05/18 22:49:19 | 000,288,768 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe
[2010/05/18 22:49:19 | 000,287,232 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
[2010/05/18 22:49:19 | 000,283,648 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe
[2010/05/18 22:49:19 | 000,275,968 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
[2010/05/18 22:49:19 | 000,270,848 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
[2010/05/18 22:49:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swxcacls.exe
[2010/05/18 22:49:19 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
[2010/05/18 22:47:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2010/05/18 22:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/18 22:17:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\DoctorWeb
[2010/05/18 22:16:43 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/05/18 11:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS OC Profiles
[2010/05/18 10:58:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\AiSuite_V10534
[2010/05/17 11:49:07 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2010/05/17 10:28:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\2010_05_17
[2010/05/16 09:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/05/16 09:48:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Yahoo!
[2010/05/16 09:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2010/05/16 09:48:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/05/16 09:43:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\RAD
[2010/05/16 09:43:06 | 000,000,000 | ---D | C] -- C:\Downloads
[2010/05/16 09:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vSoft
[2010/05/16 08:24:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Embedded Standard 7
[2010/05/15 22:54:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apps
[2010/05/15 13:58:28 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\UltraISO
[2010/05/15 13:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010/05/15 11:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2010/05/15 09:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yourself!Fitness
[2010/05/14 18:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PGWARE
[2010/05/14 18:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PGWARE
[2010/05/13 22:16:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\New folder
[2010/05/13 19:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2010/05/13 17:59:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Uniblue
[2010/05/13 17:59:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2010/05/12 20:59:51 | 000,000,000 | ---D | C] -- C:\ppGames
[2010/05/12 20:59:51 | 000,000,000 | ---D | C] -- C:\ppApps
[2010/05/12 19:12:46 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\K.pack_bySFUK
[2010/05/12 16:54:07 | 000,085,048 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2010/05/12 16:54:07 | 000,066,104 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2010/05/09 22:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Memory Improve Master
[2010/05/09 18:49:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Dexpot
[2010/05/09 18:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Geek Squad
[2010/05/09 15:10:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\LockHunter
[2010/05/09 14:47:51 | 000,238,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll
[2010/05/09 14:47:51 | 000,086,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2010/05/09 14:47:51 | 000,062,976 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\nvapo64v.dll
[2010/05/09 14:47:51 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2010/05/09 14:26:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Eraser 6
[2010/05/09 13:21:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\New folder (2)
[2010/05/09 13:01:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aspell
[2010/05/09 11:04:30 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomct2.ocx
[2010/05/09 11:04:30 | 000,609,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2010/05/09 11:04:30 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.ocx
[2010/05/09 11:04:30 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.ocx
[2010/05/09 10:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GiPo@Utilities
[2010/05/09 10:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Gibinsoft Shared
[2010/05/08 20:56:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\onOne Software
[2010/05/08 14:56:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Media Player Classic
[2010/05/08 14:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/05/07 09:02:53 | 000,019,432 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\cpuz132_x64.sys
[2010/05/06 22:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WorldUnlock Codes Calculator
[2010/05/05 22:12:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Games
[2010/05/05 22:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pocket Tanks Deluxe
[2010/05/04 22:36:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Virtual Machines
[2010/05/03 20:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/05/03 20:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/05/03 19:13:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\KASPERSKY NAJ (zabranjeno)!!!
[2010/05/03 10:57:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\r2 Studios
[2010/05/03 10:39:28 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/05/02 22:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers Headquarters
[2010/05/02 22:55:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\PC_Drivers_Headquarters
[2010/05/02 22:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2010/05/02 22:53:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Downloaded Installations
[2010/05/02 21:29:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\SLIKE
[2010/05/02 00:17:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\AIO
[2010/05/01 09:38:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Prototype
[2010/05/01 09:15:26 | 000,000,000 | ---D | C] -- C:\Root
[2010/05/01 09:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2010/04/28 19:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UlisesSoft
[2010/04/28 19:28:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ESET
[2010/04/28 19:28:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ESET
[2010/04/28 14:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2010/04/27 23:21:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Yahoo!
[2010/04/27 17:03:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VB Decompiler Lite
[2010/04/26 22:30:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Error Repair Professional
[2010/04/26 18:51:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\RapidShare_
[2010/04/25 17:23:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\TeraCopy
[2010/04/25 17:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\TeraCopy
[2010/04/25 16:

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav.

Okaci log koji je napravio Malwarebytes da pogledam.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 19 Maj 2010 21:25

Evo i Malwarebytes-ovog loga.

mycity.rs/must-login.png

Dopuna: 21 Maj 2010 10:27

Jesi pogledao log?

Dopuna: 21 Maj 2010 12:01

Problem resen.
Skenirao sam jos jednom ceo HDD i Malwarebytes nije nista nasao.
Security Center service sam jednostavno ukljucio u Services jer je bo na Disable.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Izvinjavam se sto kasnim sa odgovorom.


Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:


:OTL
[2010/05/19 09:58:40 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010/05/19 09:58:40 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At1.job
O32 - AutoRun File - [2001/08/23 13:00:00 | 000,000,110 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]

:commands
[purity]
[emptytemp]
[Reboot]



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.


Napomena:

Prepun ti je racunar cra*k-ova za razlicite vrste software-a s'toga i ne cudi sto si se zarazio. Obrati paznju na to, imas hrpu odlicnih besplatnih aplikacija i besplatnih antivirusnih resenja, pa prema tome nema potrebe za npr cra*k-ovanim av-om i slicno jer time ne dobijas nista, a mozes izgubiti mnogo.