Provera HiJack This loga

Provera HiJack This loga

offline
  • Pridružio: 11 Jun 2008
  • Poruke: 58

Hteo bih da napravim image sistema, pa bih Vas zamolio za proveru HiJack This loga, kako bih bio siguran da je sve u redu.

Hvala Vam unapred,



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:24, on 15.2.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\TrustPort\Antivirus\bin\avcom.exe
C:\Program Files (x86)\TrustPort\DiskProtection\bin\tdwatch.exe
C:\Program Files (x86)\Common Files\TrustPort\bin\tptray.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Users\Zoran\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Zoran\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Zoran\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Zoran\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = start.facemoods.com/?a=ddr&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AntivirusCommunicatorAgent] "C:\Program Files (x86)\TrustPort\Antivirus\bin\avcom.exe"
O4 - HKLM\..\Run: [TrustPortDiskProtectionWatchDog] "C:\Program Files (x86)\TrustPort\DiskProtection\bin\TDWatch.exe"
O4 - HKLM\..\Run: [TrustPortTray] "C:\Program Files (x86)\Common Files\TrustPort\Bin\tptray.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: TrustPort Antivirus On-Access Scanner Agent (avas_service) - TrustPort, a.s. - C:\Program Files (x86)\TrustPort\Antivirus\bin\avas.exe
O23 - Service: TrustPort Antivirus Service Scanner Provider (avss_service) - TrustPort, a.s. - C:\Program Files (x86)\TrustPort\Antivirus\bin\avss.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrustPort Personal GTW (gozer) - TrustPort, a.s. - C:\Program Files (x86)\TrustPort\Antivirus\bin\gozer.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TrustPort Core Service (tpmgma_service) - TrustPort, a.s. - C:\Program Files (x86)\Common Files\TrustPort\bin\tpmgma.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: TrustPort DataShredder Wipe Service (wipesrv) - TrustPort, a.s. - C:\Program Files (x86)\TrustPort\DataShredder\bin\wipesrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9171 bytes

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Pozdrav L4k1!







Arrow


Potrebno je da detaljno ispratis Uputstvo za otvaranje teme sa ovog linka: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html



Ukoliko nesto nije najjasnije, slobodno pogledaj kako su ostali clanovi otvarali teme u Ambulanti.















goran9888 (AMF Tim)

offline
  • Pridružio: 11 Jun 2008
  • Poruke: 58

Napisano: 17 Feb 2011 12:09

Izvinjavam se najpre sto nisam mogao ranije da se javim.

Ne primecujem neke probleme u radu kompjutera.
Razlog zbog cega zelim proveru je sto zelim da napavim image sistema
(ako je to dovoljan razlog), voleo bih da budem siguran da je sve u redu.

Koristim ADSL vezu, a brzina je 1536/256 Kb/s

Prilazem OTL file:

Dopuna: 17 Feb 2011 12:10

OTL logfile created on: 17.2.2011 11:54:57 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Zoran\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 0000241a | Country: Srbija | Language: SRM | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 45,13 Gb Total Space | 27,43 Gb Free Space | 60,78% Space Free | Partition Type: NTFS
Drive D: | 12,70 Gb Total Space | 3,18 Gb Free Space | 25,04% Space Free | Partition Type: NTFS
Drive F: | 4,21 Gb Total Space | 0,87 Gb Free Space | 20,72% Space Free | Partition Type: NTFS

Computer Name: ZORAN-PC | User Name: Zoran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.02.17 11:53:05 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Zoran\Desktop\OTL.exe
PRC - [2011.02.15 11:26:48 | 000,402,288 | ---- | M] (TrustPort, a.s.) -- C:\Program Files (x86)\Common Files\TrustPort\bin\tpmgma.exe
PRC - [2011.02.15 11:23:12 | 000,264,760 | ---- | M] (TrustPort, a.s.) -- C:\Program Files (x86)\TrustPort\DataShredder\bin\wipesrv.exe
PRC - [2011.02.15 11:23:08 | 000,719,416 | ---- | M] () -- C:\Program Files (x86)\Common Files\TrustPort\bin\tptray.exe
PRC - [2011.02.15 11:23:02 | 000,215,608 | ---- | M] () -- C:\Program Files (x86)\TrustPort\DiskProtection\bin\tdwatch.exe
PRC - [2011.02.15 11:22:54 | 000,485,944 | ---- | M] (TrustPort, a.s.) -- C:\Program Files (x86)\TrustPort\Antivirus\bin\gozer.exe
PRC - [2011.02.15 11:22:44 | 000,289,336 | ---- | M] (TrustPort, a.s.) -- C:\Program Files (x86)\TrustPort\Antivirus\bin\avss.exe
PRC - [2011.02.15 11:22:40 | 000,772,664 | ---- | M] (TrustPort, a.s.) -- C:\Program Files (x86)\TrustPort\Antivirus\bin\avcom.exe
PRC - [2011.02.15 11:22:38 | 000,494,136 | ---- | M] (TrustPort, a.s.) -- C:\Program Files (x86)\TrustPort\Antivirus\bin\avas.exe
PRC - [2011.02.08 12:09:59 | 001,004,088 | ---- | M] (Google Inc.) -- C:\Users\Zoran\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010.11.20 04:17:56 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2008.03.19 01:31:20 | 004,742,184 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (SafeList) ==========

MOD - [2011.02.17 11:53:05 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Zoran\Desktop\OTL.exe
MOD - [2010.11.20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.12.06 08:31:52 | 002,610,952 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:64bit: - [2010.12.06 08:31:42 | 002,266,376 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV:64bit: - [2010.05.06 10:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.02.15 11:26:48 | 000,402,288 | ---- | M] (TrustPort, a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\TrustPort\bin\tpmgma.exe -- (tpmgma_service)
SRV - [2011.02.15 11:23:12 | 000,264,760 | ---- | M] (TrustPort, a.s.) [Auto | Running] -- C:\Program Files (x86)\TrustPort\DataShredder\bin\wipesrv.exe -- (wipesrv)
SRV - [2011.02.15 11:22:54 | 000,485,944 | ---- | M] (TrustPort, a.s.) [On_Demand | Running] -- C:\Program Files (x86)\TrustPort\Antivirus\bin\gozer.exe -- (gozer)
SRV - [2011.02.15 11:22:44 | 000,289,336 | ---- | M] (TrustPort, a.s.) [On_Demand | Running] -- C:\Program Files (x86)\TrustPort\Antivirus\bin\avss.exe -- (avss_service)
SRV - [2011.02.15 11:22:38 | 000,494,136 | ---- | M] (TrustPort, a.s.) [On_Demand | Running] -- C:\Program Files (x86)\TrustPort\Antivirus\bin\avas.exe -- (avas_service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.02.15 11:32:04 | 000,039,336 | ---- | M] (TrustPort, a.s.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tpsec.sys -- (tpsec)
DRV:64bit: - [2011.02.15 11:26:18 | 000,049,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tdifw.sys -- (tdifw)
DRV:64bit: - [2011.02.15 11:26:16 | 000,048,184 | ---- | M] (TrustPort, a.s.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avasdmft.sys -- (avasdmft) TrustPort Antivirus On-Access Scanner (W2K/XP)
DRV:64bit: - [2010.11.20 05:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 05:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 05:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 05:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 03:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 03:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.03.18 10:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.03.18 10:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.01 22:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2007.04.09 09:09:46 | 000,012,288 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2011.02.15 11:26:22 | 000,031,800 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TrustPort\PersonalFirewall\bin\tppfhook.sys -- (TPPFHOOK)
DRV - [2011.02.15 11:26:20 | 000,019,000 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\TrustPort\PersonalFirewall\bin\tdimapper.sys -- (tdimapper)
DRV - [2011.02.15 11:26:18 | 000,059,448 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files (x86)\TrustPort\DiskProtection\bin\encdsk.sys -- (EncDisk)
DRV - [2010.10.04 07:42:34 | 000,018,488 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\TrustPort\DataShredder\bin\dsio.sys -- (dsio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = start.facemoods.com/?a=ddr&s={searchTerms}&f=4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 F3 42 26 DB 4B CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2475029&SearchSource=13"
FF - prefs.js..keyword.URL: "http://start.facemoods.com/results.php?f=5&a=ddr&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 4.0b11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 9\components [2011.02.10 20:53:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b11\extensions\\Plugins: C:\Program Files (x86)\Minilyrics\Plugins [2011.01.04 19:45:58 | 000,000,000 | ---D | M]

[2011.01.17 22:20:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zoran\AppData\Roaming\Mozilla\Extensions
[2011.02.07 14:08:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zoran\AppData\Roaming\Mozilla\Firefox\Profiles\535dbh5a.default\extensions
File not found (No name found) --
[2011.01.26 16:07:15 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 9\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\ZORAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\535DBH5A.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}.XPI
() (No name found) -- C:\USERS\ZORAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\535DBH5A.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ZORAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\535DBH5A.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2010.12.13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchddr.xml

O1 HOSTS File: ([2011.01.27 21:09:58 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [AntivirusCommunicatorAgent] C:\Program Files (x86)\TrustPort\Antivirus\bin\avcom.exe (TrustPort, a.s.)
O4 - HKLM..\Run: [TrustPortDiskProtectionWatchDog] C:\Program Files (x86)\TrustPort\DiskProtection\bin\TDWatch.exe ()
O4 - HKLM..\Run: [TrustPortTray] C:\Program Files (x86)\Common Files\TrustPort\Bin\tptray.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Zoran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk = C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20:64bit: - Winlogon\Notify\WB: DllName - Reg Error: Key error. - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.13 16:31:03 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.02.17 11:53:24 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Zoran\Desktop\OTL.exe
[2011.02.17 11:48:14 | 000,048,184 | ---- | C] (TrustPort, a.s.) -- C:\Windows\SysNative\drivers\avasdmft.sys
[2011.02.17 11:48:09 | 000,039,336 | ---- | C] (TrustPort, a.s.) -- C:\Windows\SysNative\drivers\tpsec.sys
[2011.02.15 17:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Raxco
[2011.02.15 17:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Raxco
[2011.02.14 18:18:33 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\WinRAR
[2011.02.13 15:43:06 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2011.02.13 15:43:06 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\IrfanView
[2011.02.13 15:43:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2011.02.12 14:24:33 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.02.12 14:24:33 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.02.12 14:24:33 | 002,272,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.02.12 14:24:33 | 001,791,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.02.12 14:24:33 | 001,490,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.02.12 14:24:33 | 001,426,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.02.12 14:24:33 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.12 14:24:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.12 14:24:33 | 000,696,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.12 14:24:33 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.12 14:24:33 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.12 14:24:33 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.02.12 14:24:33 | 000,453,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.02.12 14:24:33 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.12 14:24:33 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.02.12 14:24:33 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.12 14:24:33 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.02.12 14:24:33 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.02.12 14:24:33 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.02.12 14:24:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.02.12 14:24:33 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.02.12 14:24:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.02.12 14:24:33 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.02.12 14:24:33 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.02.12 14:24:33 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.02.12 14:24:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.02.12 14:24:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.02.12 14:24:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.02.12 14:24:33 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.02.12 14:24:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.02.12 14:24:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.02.12 14:24:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.02.12 14:24:33 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.02.12 14:24:33 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.02.12 14:24:33 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.02.12 14:24:33 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.02.12 14:24:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.02.12 14:24:33 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.02.12 14:24:33 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.12 14:24:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.02.12 14:24:33 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.02.12 14:24:33 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.02.12 14:24:33 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.02.12 14:24:33 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.12 14:24:33 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.02.12 14:24:33 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.02.12 14:24:33 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.02.12 14:24:33 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.02.12 14:24:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.02.12 14:24:33 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.12 14:24:33 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.02.12 14:24:33 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.02.12 14:24:33 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.02.12 14:24:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.02.12 14:24:33 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.02.12 14:24:33 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.02.12 14:24:33 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.02.12 14:24:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.02.12 14:24:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.02.12 14:24:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.02.12 14:24:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.02.12 14:24:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.02.12 14:24:33 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.12 14:24:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.02.12 14:24:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.02.12 14:24:33 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.02.12 14:24:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.02.12 14:24:33 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.02.12 14:24:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.02.12 14:24:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.02.12 14:24:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.02.12 14:24:33 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.02.12 14:24:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.02.12 14:24:33 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.12 14:24:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.12 14:24:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.02.12 14:24:33 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.12 14:24:33 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.12 14:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feedback Tool
[2011.02.11 15:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrustPort Total Protection
[2011.02.11 15:37:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrustPort
[2011.02.11 15:37:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TrustPort
[2011.02.10 16:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2011.02.10 16:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock
[2011.02.10 16:28:39 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2011.02.10 16:28:39 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011.02.10 12:48:53 | 000,000,000 | ---D | C] -- C:\Users\Zoran\Documents\My Widgets
[2011.02.10 12:48:45 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Local\Yahoo
[2011.02.10 12:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Widgets
[2011.02.10 12:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2011.02.09 22:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\RFA_Backups
[2011.02.09 22:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 8
[2011.02.09 22:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\RFA 8
[2011.02.09 22:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry First Aid
[2011.02.09 22:22:52 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\Thinstall
[2011.02.09 22:22:52 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Local\Thinstall
[2011.02.09 18:50:17 | 000,573,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp50.dll
[2011.02.09 15:52:39 | 000,366,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.09 15:52:39 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.09 15:52:39 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011.02.09 15:52:39 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011.02.09 15:52:39 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.09 15:52:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.02.07 20:19:39 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.02.06 20:31:46 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Local\PackageAware
[2011.02.05 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\uTorrent
[2011.02.05 20:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011.02.05 20:24:04 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Local\uTorrent
[2011.02.05 18:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Scanner
[2011.02.01 16:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader
[2011.02.01 16:17:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.02.01 16:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011.01.30 17:18:10 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\vlc
[2011.01.30 17:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Readon
[2011.01.30 16:44:59 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Local\Readon_Technology
[2011.01.30 16:44:59 | 000,000,000 | ---D | C] -- C:\Users\Zoran\Documents\Readon Player
[2011.01.30 16:44:44 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Readon TV Movie Radio Player
[2011.01.30 16:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Readon Technology
[2011.01.30 13:28:36 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.01.27 21:10:55 | 000,000,000 | ---D | C] -- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
[2011.01.27 20:21:42 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\Malwarebytes
[2011.01.27 20:21:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.01.27 20:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.01.27 20:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.01.27 20:21:32 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.01.27 20:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.01.26 18:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011.01.26 18:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.01.26 18:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011.01.26 18:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.01.26 18:01:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2011.01.26 18:01:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011.01.26 17:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.01.26 17:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.01.26 17:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.01.26 17:50:37 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Local\Microsoft Help
[2011.01.26 17:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011.01.26 17:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.01.26 16:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.01.26 16:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.01.26 16:07:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.01.26 16:07:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.01.26 16:07:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.01.26 16:06:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.01.25 15:47:06 | 000,042,672 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\SysWow64\wbsys.dll
[2011.01.24 18:33:05 | 000,000,000 | ---D | C] -- C:\Lyrics
[2011.01.24 18:31:58 | 000,000,000 | ---D | C] -- C:\Users\Zoran\AppData\Roaming\MiniLyrics
[2011.01.24 16:42:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.02.17 11:57:22 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.17 11:57:22 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.17 11:53:05 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Zoran\Desktop\OTL.exe
[2011.02.17 11:50:21 | 000,000,328 | -H-- | M] () -- C:\Windows\tasks\TrustPort Updater.job
[2011.02.17 11:50:16 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.02.17 11:50:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.15 22:37:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.15 22:09:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3796424560-1199480741-1395035024-1001UA.job
[2011.02.15 21:09:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3796424560-1199480741-1395035024-1001Core.job
[2011.02.15 11:32:04 | 000,039,336 | ---- | M] (TrustPort, a.s.) -- C:\Windows\SysNative\drivers\tpsec.sys
[2011.02.15 11:26:18 | 000,049,208 | ---- | M] () -- C:\Windows\SysNative\drivers\tdifw.sys
[2011.02.15 11:26:16 | 000,048,184 | ---- | M] (TrustPort, a.s.) -- C:\Windows\SysNative\drivers\avasdmft.sys
[2011.02.15 11:14:20 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2011.02.14 19:31:42 | 000,003,584 | ---- | M] () -- C:\Users\Zoran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.13 20:40:10 | 000,000,834 | ---- | M] () -- C:\Users\Zoran\Documents\b92.jpg
[2011.02.13 20:38:36 | 000,000,928 | ---- | M] () -- C:\Users\Zoran\Documents\s18832.jpg
[2011.02.12 14:28:08 | 000,001,450 | ---- | M] () -- C:\Users\Zoran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.02.12 14:24:33 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.02.12 14:24:33 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.02.12 14:24:33 | 002,272,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.02.12 14:24:33 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.02.12 14:24:33 | 001,490,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.02.12 14:24:33 | 001,426,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.02.12 14:24:33 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.12 14:24:33 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.12 14:24:33 | 000,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.12 14:24:33 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.12 14:24:33 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.12 14:24:33 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.02.12 14:24:33 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.02.12 14:24:33 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.12 14:24:33 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.02.12 14:24:33 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.12 14:24:33 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.02.12 14:24:33 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.02.12 14:24:33 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.02.12 14:24:33 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.02.12 14:24:33 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.02.12 14:24:33 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.02.12 14:24:33 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.02.12 14:24:33 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.02.12 14:24:33 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.02.12 14:24:33 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.02.12 14:24:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.02.12 14:24:33 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.02.12 14:24:33 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.02.12 14:24:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.02.12 14:24:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.02.12 14:24:33 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.02.12 14:24:33 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.02.12 14:24:33 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.02.12 14:24:33 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.02.12 14:24:33 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.02.12 14:24:33 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.02.12 14:24:33 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.02.12 14:24:33 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.12 14:24:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.02.12 14:24:33 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.02.12 14:24:33 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.02.12 14:24:33 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.02.12 14:24:33 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.12 14:24:33 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.02.12 14:24:33 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.02.12 14:24:33 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.02.12 14:24:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.02.12 14:24:33 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.02.12 14:24:33 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.12 14:24:33 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.02.12 14:24:33 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.02.12 14:24:33 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.02.12 14:24:33 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.02.12 14:24:33 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.02.12 14:24:33 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.02.12 14:24:33 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.02.12 14:24:33 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.02.12 14:24:33 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.02.12 14:24:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.02.12 14:24:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.02.12 14:24:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.02.12 14:24:33 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.02.12 14:24:33 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.02.12 14:24:33 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.12 14:24:33 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.02.12 14:24:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.02.12 14:24:33 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.02.12 14:24:33 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.02.12 14:24:33 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.02.12 14:24:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.02.12 14:24:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.02.12 14:24:33 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.02.12 14:24:33 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.02.12 14:24:33 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.02.12 14:24:33 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.12 14:24:33 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.12 14:24:33 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.02.12 14:24:33 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.12 14:24:33 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.11 14:24:57 | 000,618,964 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.11 14:24:57 | 000,107,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.11 14:08:57 | 000,000,646 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2011.02.10 12:48:56 | 000,001,106 | ---- | M] () -- C:\Users\Zoran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
[2011.02.09 18:58:51 | 000,042,664 | ---- | M] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.02.09 18:50:19 | 000,748,568 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.09 18:50:18 | 000,022,631 | ---- | M] () -- C:\Windows\prodsett_copy.ini
[2011.02.09 18:40:36 | 000,434,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.05 21:25:40 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011.02.05 20:55:04 | 000,000,540 | ---- | M] () -- C:\Windows\win.old
[2011.02.05 20:24:26 | 000,000,980 | ---- | M] () -- C:\Users\Zoran\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011.02.05 18:13:35 | 000,000,000 | ---- | M] () -- C:\Windows\pestpatrol5.INI
[2011.01.31 07:07:30 | 000,573,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp50.dll
[2011.01.30 12:03:09 | 000,000,036 | ---- | M] () -- C:\Users\Zoran\AppData\Local\housecall.guid.cache
[2011.01.26 16:06:14 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.01.26 16:06:14 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.01.26 16:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.01.26 16:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.01.20 16:50:37 | 002,851,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.02.17 11:48:14 | 000,049,208 | ---- | C] () -- C:\Windows\SysNative\drivers\tdifw.sys
[2011.02.15 17:23:24 | 000,002,779 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectDisk 11.lnk
[2011.02.14 19:31:41 | 000,003,584 | ---- | C] () -- C:\Users\Zoran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.13 20:28:44 | 000,000,928 | ---- | C] () -- C:\Users\Zoran\Documents\s18832.jpg
[2011.02.13 20:25:20 | 000,000,834 | ---- | C] () -- C:\Users\Zoran\Documents\b92.jpg
[2011.02.12 14:24:33 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.02.12 14:24:33 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.02.11 15:39:15 | 000,000,328 | -H-- | C] () -- C:\Windows\tasks\TrustPort Updater.job
[2011.02.10 12:48:56 | 000,001,106 | ---- | C] () -- C:\Users\Zoran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
[2011.02.09 19:36:59 | 000,000,646 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2011.02.09 18:50:30 | 000,042,664 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.02.09 18:50:18 | 000,022,631 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2011.02.05 20:24:26 | 000,000,980 | ---- | C] () -- C:\Users\Zoran\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011.02.05 18:13:35 | 000,000,000 | ---- | C] () -- C:\Windows\pestpatrol5.INI
[2011.02.03 20:29:35 | 000,002,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 4.0 Beta 10.lnk
[2011.01.30 12:03:09 | 000,000,036 | ---- | C] () -- C:\Users\Zoran\AppData\Local\housecall.guid.cache
[2011.01.25 19:54:15 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.01.25 15:47:08 | 000,053,904 | ---- | C] () -- C:\Windows\SysNative\wbload.dll
[2011.01.04 21:41:26 | 000,748,568 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

< End of report >



mycity.rs/must-login.png

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Sve je u radu. Tvoj racunar je cist sto se malware-a tice.










-------------------------------------------------

- Preporucujem ti da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/

Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html





offline
  • Pridružio: 11 Jun 2008
  • Poruke: 58

Gorane, hvala ti.
Da li treba eventualno nesto da obrisem?

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Sve sto imas na racunaru, tj. sto ja vidim u log-u je legitimno. E sada, da li to sve tebi treba ili ne, ja ne znam. Deinstaliraj (obrisi) sve sto mislis da ti ne treba.











Pozdrav,
goran9888 (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 1099 korisnika na forumu :: 30 registrovanih, 7 sakrivenih i 1062 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., bladesu, BORUTUS, Bubimir, bufanje, draganl, Duh sa sekirom, FOX, goxin, GveX, havoc995, Istman, kinez88, kybonacci, Lucije Kvint, menges, naki011, pedja.st, pera bager, sevenino, Sir Budimir, Sirius, Stanlio, styg, uruk, virked, VP6919, |_MeD_|, 223223