Program deinstaliran,a postoji u Registry

Program deinstaliran,a postoji u Registry

offline
  • Pridružio: 02 Maj 2012
  • Poruke: 368

Interesuje me, kako da obrisem fajlove iz registry-ja koji su ostali od nekih programa koji sam deinstalirao?



PS. Nisam bio siguran dal je ova tema prikladna za Ambulantu,nisam znao gdje da je postavim - ako nije, javno se izvinjavam.





OTL logfile created on: 07/05/2012 23:52:15 - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = D:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy

3.68 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 65.41% Memory free
7.36 Gb Paging File | 5.81 Gb Available in Paging File | 78.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 65.56 Gb Free Space | 67.14% Space Free | Partition Type: NTFS
Drive D: | 174.80 Gb Total Space | 165.13 Gb Free Space | 94.46% Space Free | Partition Type: NTFS
Drive E: | 175.20 Gb Total Space | 163.90 Gb Free Space | 93.55% Space Free | Partition Type: NTFS
Drive F: | 17.35 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ORGANIZATION | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/07 23:37:20 | 000,595,456 | ---- | M] (OldTimer Tools) -- D:\Users\User\Desktop\OTL.exe
PRC - [2012/03/12 22:25:06 | 000,583,680 | ---- | M] (MyCity) -- D:\Install\MCShield\MCShieldRTM.exe
PRC - [2012/01/31 08:57:06 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/01/31 08:56:50 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/01/31 08:56:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/01/04 14:26:46 | 001,606,488 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/07/01 04:51:14 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/07/01 04:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011/07/01 04:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011/07/01 04:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/04/24 03:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/12/22 11:41:18 | 009,543,680 | ---- | M] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- D:\Install\Vip Komandni Centar\VipKomandniCentar.exe
PRC - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/28 04:07:01 | 000,444,400 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll
MOD - [2012/04/28 04:06:59 | 003,915,248 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
MOD - [2012/04/28 04:05:45 | 000,544,240 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\libglesv2.dll
MOD - [2012/04/28 04:05:44 | 000,117,744 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\libegl.dll
MOD - [2012/04/28 04:05:34 | 000,122,880 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\avutil-51.dll
MOD - [2012/04/28 04:05:33 | 000,220,672 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\avformat-53.dll
MOD - [2012/04/28 04:05:32 | 001,747,456 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll
MOD - [2012/04/28 03:09:18 | 008,743,584 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
MOD - [2011/08/19 16:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2011/04/24 03:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2010/10/29 13:39:53 | 001,421,824 | ---- | M] () -- D:\Install\Vip Komandni Centar\Skins\Vipmobile\VipMobile.dbskin
MOD - [2010/08/19 19:32:30 | 000,086,016 | ---- | M] () -- D:\Install\Vip Komandni Centar\resetregistry.dll
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/10 23:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WinDefend)
SRV - [2012/03/17 19:20:14 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2012/03/17 09:29:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/01/31 08:57:06 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/01/31 08:56:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/09/23 19:37:42 | 000,641,832 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011/07/01 04:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/06/02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/17 17:25:25 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 08:57:31 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/01/31 08:57:30 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/09/16 16:09:16 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/06/08 18:36:14 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/06/02 05:37:32 | 002,750,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/04/05 13:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/03/10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011/01/18 00:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/09/22 03:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/07/20 02:10:40 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/02 14:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/03/02 14:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/03/02 14:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2010/02/27 01:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/22 10:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009/09/17 07:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9SE_ENUS/110
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\URLSearchHook: {e9df9360-97f8-4690-afe6-996c80790da4} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{3336ABA7-77B8-4729-9FAF-6FF47C70EE23}: "URL" = http://www.bing.com/search?q={searchTerms}&form=BIE9SE&pc=BIE9&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&rlz=1V4IPYX&q={searchTerms}
IE - HKCU\..\SearchScopes\{BAFAA648-30ED-4714-8F63-F3FA6E21A814}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie.....666&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google \u043F\u0440\u0435\u0442\u0440\u0430\u0433\u0430 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Ghostery = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\3.0.0_0\
CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/03/17 19:32:16 | 000,001,901 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.nero.com
O1 - Hosts: 127.0.0.1 www.nero.com/plk/index.html
O1 - Hosts: 127.0.0.1 www.nero.com/plk/support.html
O1 - Hosts: 127.0.0.1 www.nero.com/plk/support-customer-service-product-registration.html
O1 - Hosts: 127.0.0.1 www.nero.com/plk/store-upgrade-center.html
O1 - Hosts: 127.0.0.1 www.nero.com/plk/store-volume-licensing.html
O1 - Hosts: 127.0.0.1 www.nero.com/eng/support.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
O1 - Hosts: 127.0.0.1 www.nero.com/eng/store-upgrade-center.html?NeroSID.....25e97a3b80
O1 - Hosts: 127.0.0.1 www.nero.com/eng/support-customer-service-product-.....25e97a3b80
O1 - Hosts: 127.0.0.1 www.nero.com/eng/index.html
O1 - Hosts: 127.0.0.1 www.nero.com/eng/store-upgrade-center.html&sa=.....NNBYCFbXkg
O1 - Hosts: 127.0.0.1 www.nero.com/enu/support-nero8.html
O1 - Hosts: 127.0.0.1 my.nero.com
O1 - Hosts: 127.0.0.1 secure.nero.com/us/secure.asp
O1 - Hosts: 127.0.0.1 activation@nero.com
O1 - Hosts: 127.0.0.1 registernero.com
O1 - Hosts: 127.0.0.1 www.registernero.com
O1 - Hosts: 127.0.0.1 nero.com
O1 - Hosts: 127.0.0.1 www.nero.com/eng/privacy.html.
O1 - Hosts: 127.0.0.1 legal@nero.com
O1 - Hosts: 127.0.0.1 support.nero.com
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKCU..\Run: [MCShield Monitor] D:\Install\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [VipMobileKC] D:\Install\Vip Komandni Centar\VipKomandniCentar.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012/04/11 23:19:24 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 4
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm File not found
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{064B77C2-B5E8-4CDD-81D6-646BF140CC58}: NameServer = 10.85.64.173 10.85.64.174
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/05 16:45:46 | 000,000,476 | R--- | M] () - F:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010/08/11 19:15:32 | 000,342,864 | R--- | M] () - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/05/19 14:56:57 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/07 23:36:27 | 000,595,456 | ---- | C] (OldTimer Tools) -- D:\Users\User\Desktop\OTL.exe
[2012/05/05 23:38:10 | 000,031,576 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2012/05/05 23:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2012/05/05 23:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/05/05 23:15:07 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\CCleaner portable
[2012/05/04 19:52:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Avira
[2012/05/04 19:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/05/04 19:28:38 | 000,132,320 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012/05/04 19:28:38 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012/05/04 19:28:38 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012/05/04 19:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/05/04 19:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012/05/04 18:49:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/04 18:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/04 18:48:49 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/05/04 18:32:15 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\CoreTemp64 portable
[2012/05/04 00:27:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/05/03 23:38:14 | 000,000,000 | ---D | C] -- C:\temp
[2012/05/02 22:50:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/05/02 22:50:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/05/02 22:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
[2012/05/02 22:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\MCShield
[2012/05/02 21:25:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\qualys
[2012/05/02 16:51:04 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/02 12:33:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MigWiz
[2012/05/02 11:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/05/02 10:27:02 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\Downloads
[2012/04/13 14:44:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/04/13 14:44:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/04/13 00:55:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\bdch
[2012/04/12 14:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ZeoBIT
[2012/04/11 23:37:11 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/11 23:37:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/11 23:37:09 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/11 23:37:09 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/11 23:37:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/11 23:37:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/11 23:37:08 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/11 23:37:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/11 23:37:07 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/11 23:37:07 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/11 23:37:07 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/11 23:36:46 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/11 23:36:46 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/11 23:36:45 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/11 23:34:38 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/11 23:34:37 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/11 23:34:36 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/11 23:19:24 | 000,000,000 | -H-D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
[2012/04/11 22:55:07 | 000,135,168 | ---- | C] (ZTE Corporation) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys
[2012/04/11 22:55:07 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
[2012/04/11 22:55:07 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
[2012/04/11 22:55:07 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
[2012/04/11 22:55:07 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys
[2012/04/11 22:55:05 | 000,246,224 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2012/04/11 22:55:05 | 000,117,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012/04/11 22:55:05 | 000,114,304 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys
[2012/04/11 22:55:05 | 000,029,696 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012/04/11 22:55:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2B56DE65-39C5-483B-B8BC-2CB3750BB1EF}
[2012/04/11 22:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vip Komandni Centar
[2012/04/10 21:28:20 | 000,000,000 | ---D | C] -- D:\Users\User\Documents\GomPlayer
[2012/04/10 20:03:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ElevatedDiagnostics
[2012/04/10 19:48:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TeamViewer
[2012/04/10 00:40:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2012/04/09 21:58:31 | 000,638,784 | ---- | C] (Sysinternals - www.sysinternals.com) -- D:\Users\User\Desktop\autoruns.exe
[2012/04/09 21:39:19 | 004,777,280 | ---- | C] (Sysinternals - www.sysinternals.com) -- D:\Users\User\Desktop\Procexp.exe
[2012/04/09 21:34:13 | 002,473,280 | ---- | C] (Sysinternals - www.sysinternals.com) -- D:\Users\User\Desktop\Procmon.exe
[2012/04/09 10:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/04/09 10:10:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/04/09 09:59:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

========== Files - Modified Within 30 Days ==========

[2012/05/07 23:43:06 | 000,115,683 | ---- | M] () -- D:\Users\User\Desktop\Untitled.png
[2012/05/07 23:37:20 | 000,595,456 | ---- | M] (OldTimer Tools) -- D:\Users\User\Desktop\OTL.exe
[2012/05/07 23:23:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/07 23:13:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-289923967-584522651-3181205079-1000UA.job
[2012/05/07 22:04:14 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 22:04:14 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 21:56:53 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/07 21:56:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/07 21:56:43 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/07 16:41:02 | 000,335,912 | ---- | M] () -- D:\Users\User\Desktop\perfping_201.zip
[2012/05/07 16:04:33 | 000,002,044 | ---- | M] () -- D:\Users\User\Desktop\Revo Uninstaller.lnk
[2012/05/05 23:38:09 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2012/05/05 23:37:09 | 000,001,377 | ---- | M] () -- D:\Users\User\Desktop\Google Chrome.lnk
[2012/05/05 23:22:31 | 000,000,355 | ---- | M] () -- D:\Users\User\Desktop\Computer.lnk
[2012/05/05 22:39:57 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/05 22:39:57 | 000,626,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/05 22:39:57 | 000,107,358 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/05 00:13:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-289923967-584522651-3181205079-1000Core.job
[2012/05/04 19:28:41 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/05/04 00:52:31 | 000,000,461 | ---- | M] () -- D:\Users\User\Desktop\DATa II (E).lnk
[2012/05/03 18:00:25 | 000,002,843 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 11.lnk
[2012/05/02 22:37:10 | 000,000,735 | ---- | M] () -- C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
[2012/05/02 21:53:17 | 000,000,000 | ---- | M] () -- C:\ProgramData\0x0304A000.sfl
[2012/05/02 17:43:02 | 000,000,276 | ---- | M] () -- C:\Windows\SysNative\PSUNCpl.dat
[2012/05/02 16:49:50 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/05/02 16:29:17 | 000,746,284 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/02 10:22:19 | 000,105,460 | ---- | M] () -- C:\ProgramData\1335946819.bdinstall.bin
[2012/04/25 14:03:31 | 000,005,120 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/13 00:49:40 | 000,185,442 | ---- | M] () -- C:\ProgramData\1334270820.bdinstall.bin
[2012/04/13 00:40:21 | 000,022,637 | ---- | M] () -- C:\ProgramData\1334270283.bdinstall.bin
[2012/04/13 00:36:50 | 000,108,494 | ---- | M] () -- C:\ProgramData\1334269926.bdinstall.bin
[2012/04/13 00:28:23 | 000,159,201 | ---- | M] () -- C:\ProgramData\1334269535.bdinstall.bin
[2012/04/13 00:26:13 | 000,022,472 | ---- | M] () -- C:\ProgramData\1334269570.bdinstall.bin
[2012/04/13 00:24:13 | 000,081,465 | ---- | M] () -- C:\ProgramData\1334269432.bdinstall.bin
[2012/04/12 23:46:43 | 000,352,766 | ---- | M] () -- C:\ProgramData\1334266324.bdinstall.bin
[2012/04/12 23:44:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/04/11 22:47:50 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB

========== Files Created - No Company Name ==========

[2012/05/07 17:47:16 | 000,115,683 | ---- | C] () -- D:\Users\User\Desktop\Untitled.png
[2012/05/07 16:40:51 | 000,335,912 | ---- | C] () -- D:\Users\User\Desktop\perfping_201.zip
[2012/05/05 23:38:09 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2012/05/05 23:38:09 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2012/05/05 23:22:31 | 000,000,355 | ---- | C] () -- D:\Users\User\Desktop\Computer.lnk
[2012/05/04 19:28:41 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/05/04 00:52:31 | 000,000,461 | ---- | C] () -- D:\Users\User\Desktop\DATa II (E).lnk
[2012/05/04 00:27:37 | 000,001,377 | ---- | C] () -- D:\Users\User\Desktop\Google Chrome.lnk
[2012/05/04 00:08:50 | 000,000,946 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-289923967-584522651-3181205079-1000UA.job
[2012/05/04 00:08:49 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-289923967-584522651-3181205079-1000Core.job
[2012/05/03 18:00:25 | 000,002,843 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 11.lnk
[2012/05/03 17:32:05 | 000,001,221 | ---- | C] () -- D:\Users\User\Desktop\WinX DVD Ripper Platinum.lnk
[2012/05/02 22:50:16 | 000,002,044 | ---- | C] () -- D:\Users\User\Desktop\Revo Uninstaller.lnk
[2012/05/02 22:37:10 | 000,000,735 | ---- | C] () -- C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
[2012/05/02 21:53:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
[2012/05/02 17:43:02 | 000,000,276 | ---- | C] () -- C:\Windows\SysNative\PSUNCpl.dat
[2012/05/02 11:09:03 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/02 11:09:03 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/02 10:22:19 | 000,105,460 | ---- | C] () -- C:\ProgramData\1335946819.bdinstall.bin
[2012/04/13 00:49:39 | 000,185,442 | ---- | C] () -- C:\ProgramData\1334270820.bdinstall.bin
[2012/04/13 00:40:21 | 000,022,637 | ---- | C] () -- C:\ProgramData\1334270283.bdinstall.bin
[2012/04/13 00:36:50 | 000,108,494 | ---- | C] () -- C:\ProgramData\1334269926.bdinstall.bin
[2012/04/13 00:28:23 | 000,159,201 | ---- | C] () -- C:\ProgramData\1334269535.bdinstall.bin
[2012/04/13 00:26:13 | 000,022,472 | ---- | C] () -- C:\ProgramData\1334269570.bdinstall.bin
[2012/04/13 00:24:13 | 000,081,465 | ---- | C] () -- C:\ProgramData\1334269432.bdinstall.bin
[2012/04/12 23:46:43 | 000,352,766 | ---- | C] () -- C:\ProgramData\1334266324.bdinstall.bin
[2012/04/12 23:44:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/04/11 22:47:50 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/04/07 19:28:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\03afbdc010c793681e6f2eded1ba7b3d_c
[2012/04/05 02:30:31 | 000,017,408 | ---- | C] () -- C:\Users\User\AppData\Local\WebpageIcons.db
[2012/04/05 00:05:09 | 000,502,801 | ---- | C] () -- C:\ProgramData\1333574593.bdinstall.bin
[2012/04/04 17:21:57 | 000,021,588 | ---- | C] () -- C:\ProgramData\1333552915.bdinstall.bin
[2012/04/04 17:21:47 | 000,439,222 | ---- | C] () -- C:\ProgramData\1333550404.bdinstall.bin
[2012/04/04 16:37:56 | 000,021,588 | ---- | C] () -- C:\ProgramData\1333550275.bdinstall.bin
[2012/04/04 16:37:51 | 000,021,588 | ---- | C] () -- C:\ProgramData\1333550263.bdinstall.bin
[2012/04/04 16:37:38 | 000,021,588 | ---- | C] () -- C:\ProgramData\1333550253.bdinstall.bin
[2012/04/04 16:37:23 | 000,124,467 | ---- | C] () -- C:\ProgramData\1333550194.bdinstall.bin
[2012/04/04 16:34:42 | 000,021,588 | ---- | C] () -- C:\ProgramData\1333550078.bdinstall.bin
[2012/04/04 13:40:01 | 000,173,507 | ---- | C] () -- C:\ProgramData\1333539427.bdinstall.bin
[2012/04/04 13:35:18 | 000,021,588 | ---- | C] () -- C:\ProgramData\1333539312.bdinstall.bin
[2012/04/04 13:35:04 | 000,153,795 | ---- | C] () -- C:\ProgramData\1333539027.bdinstall.bin
[2012/03/20 18:01:00 | 000,005,120 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/17 19:40:54 | 000,746,284 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/17 19:20:28 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2012/03/17 17:41:41 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/07/20 09:44:28 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/07/20 09:44:28 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/07/20 09:44:28 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/07/20 09:44:28 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/07/20 09:44:27 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/06/08 15:19:24 | 000,692,224 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2010/06/08 15:19:24 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll

< End of report >




https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U postavljenim izvještajima nema tragova aktivne infekcije, ali je još potrebno da odradiš sljedeće korake.

Arrow

Ponovo pokreni OTL i klikni na dugme CleanUp!



Exclamation

Obavezno posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Question

Otvori novu temu Windows potforumu i tamo pitaj kako da uklanjaš stavke u registru.



Pozdrav...

Ko je trenutno na forumu
 

Ukupno su 1220 korisnika na forumu :: 98 registrovanih, 10 sakrivenih i 1112 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, 357magnum, A.R.Chafee.Jr., aleksandarbl, amaterSRB, Arahne, aramis s, Arsenije, Atomski čoban, babaroga, bbogdan, Ben Roj, bojcistv, Brada i Gibanica, BraneS, brundo65, Buda Baba, burevesnik, cavatina, cemix, dankisha, Dannyboy, dejanbenkovic, Denaya, djboj, Djokislav, DonRumataEstorski, draganl, dragon986, dragonserbia, Drug pukovnik, DucicM, dule10savic, Džordžino, eulereix, famoso, Fog of War, Georgius, goran.vvv, Griffon vulture, hyla, ibssa, Insan, kalens021, kokodakalo, komkom, konstruktor, Koridor, krlebgd77, kunktator, kuntalo, Maschinekalibar, menges, mgolub, MikeHammer, misaru, mnn2, Nemanja.M, ninareflex, Nixon, operniki, opt1, pandur, Parker, raskoljnikov, raykan, rkekoke, rovac, Sale.S, savaskytec, Shinobi, simazr, slonic_tonic, Snorks, spektorsky, srbijaiznadsvega, Steeeefan, Sterilizacija, Stoilkovic, Stuka76, Tas011, taz1cl, techcode, Toni, Van, vaso1, vathra, Vatrogasaccc, VJ, Vlada1389, vladulns, vobo, Wrangler, zastavnik, zixmix, Žukov, šumar bk2, 1107