Taskmgr.exe Bad image i Msconfig.exe badi image

Taskmgr.exe Bad image i Msconfig.exe badi image

offline
  • Pridružio: 01 Jun 2006
  • Poruke: 53
  • Gde živiš: Paracin

Imam problem jer ne mogu da pokrenem task manager, msconfig i npr ništa iz administrative tools, takođe uvek kada uključujem komp on mi skenira hdd... Moja pretpostavka je da je u pitanju neka zaraza koju sam pokupio i nisam ništa pokušavao da sredim jer nisam siguran u čemu je problem....

Ovo su poruke koje mi izbacuje:




Kada pokušam da skeniram programom DDS komp se zamrze i tako stoji po dva sata i jedino što ostaje da se resetuje, takođe isključivao sam i microsoft security essentials ali opet se komp samo zamrzne....


mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

RootRepeal kada pokrenem izbaci mi grešku



i .txt dokument sa ovimsadržajem

ROOTREPEAL CRASH REPORT
-------------------------
Windows Version: Windows Vista SP1
Exception Code: 0xc0000005
Exception Address: 0x00429d13
Attempt to write to address: 0x014ab000

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10457
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi program OTL sa donjeg linka na Desktop:

download link

Dvoklikom pokreni OTL;
klikni Run Scan;
po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u.


Kopiraj dobijeni izvještaj u poruku.

offline
  • Pridružio: 01 Jun 2006
  • Poruke: 53
  • Gde živiš: Paracin

Napisano: 24 Nov 2012 16:54

OTL logfile created on: 11/24/2012 4:46:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ser_Zile\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.58 Gb Available Physical Memory | 29.20% Memory free
6.00 Gb Paging File | 3.88 Gb Available in Paging File | 64.71% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4096d:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.02 Gb Total Space | 10.71 Gb Free Space | 10.71% Space Free | Partition Type: NTFS
Drive D: | 197.97 Gb Total Space | 43.94 Gb Free Space | 22.20% Space Free | Partition Type: NTFS
Drive F: | 7.92 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: KANTA | User Name: Ser_Zile | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/24 16:45:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ser_Zile\Desktop\OTL.exe
PRC - [2012/11/19 23:09:37 | 000,968,592 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/11/09 17:35:51 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/11/09 13:19:34 | 000,865,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/11/09 13:19:33 | 001,821,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/11/09 04:22:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/08/20 18:37:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/05/29 11:00:43 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012/03/19 12:38:46 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 12:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/19 12:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2012/01/18 15:02:00 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
PRC - [2012/01/18 15:01:52 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
PRC - [2012/01/18 12:27:20 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2011/08/29 21:11:00 | 000,665,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2011/06/22 10:43:01 | 000,036,864 | ---- | M] () -- C:\Windows\System32\srpskey.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/09/19 22:40:54 | 000,122,880 | ---- | M] () -- C:\Windows\System32\WinMsgBalloonServer.exe
PRC - [2009/09/19 22:40:48 | 000,139,264 | ---- | M] () -- C:\Windows\System32\WinMsgBalloonClient.exe
PRC - [2009/09/19 22:39:06 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/09/19 22:38:48 | 000,065,536 | ---- | M] () -- C:\Program Files\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2009/08/31 21:46:04 | 000,339,456 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMProcess.exe
PRC - [2009/08/31 21:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMWDSrv.exe
PRC - [2008/06/14 00:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMCONFIG.exe
PRC - [2008/05/30 00:22:36 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\StartAutorun.exe
PRC - [2007/03/16 19:45:50 | 000,518,656 | ---- | M] (Antivari Software Design, s.a.) -- C:\Program Files\Di recnik\Di.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/19 16:57:54 | 014,586,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2012/05/29 11:01:11 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012/05/29 11:01:11 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012/05/29 11:01:11 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012/05/29 11:01:11 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012/05/29 11:01:10 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012/05/29 11:01:10 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012/05/29 11:01:10 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012/05/29 11:01:10 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012/05/29 11:01:09 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012/05/29 11:01:09 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012/05/29 11:01:09 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012/05/29 11:01:09 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012/05/29 11:01:08 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2011/06/22 10:43:01 | 000,036,864 | ---- | M] () -- C:\Windows\System32\srpskey.exe
MOD - [2011/06/22 10:43:01 | 000,004,608 | ---- | M] () -- C:\Windows\System32\srpskeyh5.dll
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/07/04 22:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2009/07/14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2008/06/16 08:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Keyboard Driver\MouseHook.dll
MOD - [2007/03/29 11:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Keyboard Driver\keydll.dll
MOD - [2007/03/16 17:24:46 | 000,009,216 | ---- | M] () -- C:\Program Files\Di recnik\ALTFHOOK.DLL


========== Services (SafeList) ==========

SRV - [2012/11/19 16:57:56 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/09 17:35:51 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/11/09 04:22:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/19 12:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/01/18 15:02:00 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2012/01/18 15:01:52 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012/01/18 14:04:52 | 011,839,488 | ---- | M] () [Auto | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2012/01/18 12:27:20 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/09/02 22:18:55 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/29 21:11:00 | 000,665,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010/06/25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/09/19 22:39:06 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2009/08/31 21:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Keyboard Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Ser_Zile\AppData\Local\Temp\uxldqpow.sys -- (uxldqpow)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Windows\system32\drivers\rootrepeal.sys -- (rootrepeal)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BLKWGU.sys -- (BELKIN)
DRV - [2012/11/24 14:25:48 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{202D7FFF-DEE7-44BE-8E1E-E175A1AEDD1E}\MpKslea83fd38.sys -- (MpKslea83fd38)
DRV - [2012/11/09 17:35:51 | 009,364,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/08/30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/03 16:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012/03/24 19:39:27 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012/01/18 15:02:20 | 000,055,664 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2012/01/18 15:02:06 | 000,023,792 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmparport.sys -- (VMparport)
DRV - [2012/01/18 14:59:42 | 000,025,712 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2012/01/18 12:06:02 | 000,036,464 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2012/01/18 12:06:02 | 000,016,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2011/08/29 21:11:00 | 000,032,496 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2011/08/29 21:01:10 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV - [2011/08/17 08:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/08/08 13:58:56 | 000,098,928 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2011/07/11 15:06:10 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/07/08 14:32:56 | 000,022,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vstor2-mntapi10-shared.sys -- (vstor2-mntapi10-shared)
DRV - [2011/03/18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/07/13 19:57:16 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2010/07/04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/06/25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/05 19:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009/07/20 03:26:40 | 000,027,648 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/04/29 14:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)
DRV - [2009/04/06 04:13:30 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtTeam60.sys -- (TEAM)
DRV - [2009/04/06 04:13:30 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/12/03 03:19:42 | 000,019,968 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtVlan60.sys -- (VLAN)
DRV - [2007/12/03 03:19:42 | 000,019,968 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtVlan60.sys -- (RTVLANPT)
DRV - [2007/01/29 13:59:00 | 000,670,592 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a635ad4f000000000000001d7dd335f5&tlver=1.4.19.19&affID=19949
IE - HKCU\..\SearchScopes\{A084D1FD-A28D-4DB2-8399-828443BAA09F}: "URL" = search.yahoo.com/search?fr=chr-greentree_ie.....811&p={searchTerms}
IE - HKCU\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = search.kikin.com/search/?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ser_Zile\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\11.0.19.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/30 15:02:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/04/30 15:03:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ser_Zile\AppData\Roaming\Mozilla\Extensions
[2012/04/30 15:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/21 02:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/21 02:58:13 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/07/25 21:07:44 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/04/21 02:58:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/21 02:58:13 | 000,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/04/21 02:58:13 | 000,002,782 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pogodakyu.xml
[2012/04/21 02:58:13 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\vokabular.xml
[2012/04/21 02:58:13 | 000,001,333 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sr.xml

========== Chrome ==========

CHR - homepage: google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Ser_Zile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Ser_Zile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Ser_Zile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Ser_Zile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Search = C:\Users\Ser_Zile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Skype Click to Call = C:\Users\Ser_Zile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\Ser_Zile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Ser_Zile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Di dictionary] C:\Program Files\Di recnik\Di.exe (Antivari Software Design, s.a.)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Keyboard Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [srpskey] C:\Windows\System32\srpskey.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Ser_Zile\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Ser_Zile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ExeNet - Shortcut.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Prevedi sa Di recnikom - C:\Program Files\Di recnik\diie.htm ()
O8 - Extra context menu item: Translate with Di dictionary - File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\vsocklib.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\vsocklib.dll ()
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{343966FB-A8E8-49E1-9AA3-B83DE9BE8A2D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D04F720-27E9-4836-AB53-DD441A3A34D5}: NameServer = 92.60.224.20 92.60.224.30
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/10/20 22:05:51 | 000,304,886 | R--- | M] () - F:\Autorun.ico -- [ UDF ]
O32 - AutoRun File - [2012/10/20 22:06:28 | 000,000,060 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{b5d5b6af-a974-11e1-9eeb-001d7dd335f5}\Shell - "" = AutoRun
O33 - MountPoints2\{b5d5b6af-a974-11e1-9eeb-001d7dd335f5}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/24 16:45:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ser_Zile\Desktop\OTL.exe
[2012/11/24 15:11:08 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\Desktop\sdafsa
[2012/11/23 14:38:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2012/11/23 13:56:57 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{77EC83DD-6FE1-4C9A-A778-EDD18DE65FC1}
[2012/11/23 13:48:25 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{CBBDFA06-CC03-437A-A8A3-4FE0ACE0DA0C}
[2012/11/22 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{0DB38048-6227-4AFF-8FEF-C0D4AF78A07E}
[2012/11/22 16:22:48 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{197FB0A7-B418-4D6F-9B3D-7C7D34B5D175}
[2012/11/21 22:15:05 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{BD097DB9-CE10-45DD-ADD5-8BBDDD6F5058}
[2012/11/21 22:09:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2012/11/21 22:09:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012/11/21 22:09:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012/11/21 22:09:34 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2012/11/21 22:09:33 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012/11/21 22:09:32 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/11/21 22:09:32 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2012/11/21 22:09:32 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2012/11/21 22:09:32 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2012/11/21 22:09:32 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2012/11/21 22:09:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/11/21 22:09:32 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012/11/21 22:09:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2012/11/21 22:09:31 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012/11/21 22:09:31 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012/11/21 22:09:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/11/21 22:08:59 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/11/21 22:08:57 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/11/20 20:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\Medal of Honor Warfighter
[2012/11/20 20:04:42 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Roaming\Origin
[2012/11/20 20:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/11/20 18:51:43 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\DoctorWeb
[2012/11/20 16:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/11/20 16:54:57 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/11/20 16:54:49 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/11/20 16:21:10 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{0BED3278-26F4-4FC0-9434-886E4624A83B}
[2012/11/20 15:19:04 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{9D546AFE-582C-4C00-BD41-7D76ECF11591}
[2012/11/20 01:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012/11/20 01:34:47 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Roaming\SystemRequirementsLab
[2012/11/19 18:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/11/19 18:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA 3D Vision driver
[2012/11/19 18:06:24 | 000,062,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2012/11/19 18:06:23 | 003,984,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2012/11/19 18:06:23 | 002,869,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2012/11/19 18:06:23 | 002,557,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2012/11/19 18:06:23 | 000,108,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2012/11/19 18:05:53 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012/11/19 18:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/11/19 18:04:55 | 000,884,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll
[2012/11/19 18:04:55 | 000,149,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2012/11/19 18:04:55 | 000,028,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2012/11/19 18:04:51 | 015,117,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2012/11/19 18:04:50 | 020,335,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012/11/19 18:04:50 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012/11/19 18:04:50 | 009,364,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012/11/19 18:04:50 | 002,496,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2012/11/19 18:04:50 | 001,874,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012/11/19 18:04:50 | 000,841,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2012/11/19 18:04:49 | 012,541,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2012/11/19 18:04:49 | 007,818,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012/11/19 18:04:49 | 006,149,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2012/11/19 18:04:49 | 002,606,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012/11/19 18:04:49 | 001,011,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2012/11/19 18:04:49 | 000,889,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll
[2012/11/19 18:04:49 | 000,201,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2012/11/19 16:57:21 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{7F797062-A895-466D-900D-B99146AA1700}
[2012/11/19 16:32:56 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/11/19 16:32:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/11/19 16:32:09 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/11/19 16:32:08 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/11/19 16:32:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/11/19 16:31:05 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/11/19 16:31:04 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/11/19 16:31:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/11/19 16:31:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/11/19 16:31:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/11/19 16:31:03 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/11/19 16:31:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/11/19 16:31:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/11/19 16:02:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rndismpx.sys
[2012/11/19 16:02:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012/11/19 16:01:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/11/19 16:00:48 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012/11/19 16:00:48 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/11/19 16:00:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012/11/19 16:00:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/11/19 16:00:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012/11/19 16:00:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012/11/19 16:00:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012/11/19 16:00:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012/11/19 16:00:47 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012/11/19 16:00:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012/11/19 16:00:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012/11/19 16:00:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/11/19 16:00:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012/11/19 16:00:45 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012/11/19 16:00:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012/11/19 16:00:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012/11/19 16:00:05 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2012/11/19 15:59:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012/11/19 15:59:42 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/11/19 15:59:42 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/11/19 15:59:42 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012/11/19 15:59:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/11/19 15:59:41 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/11/19 15:59:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/11/19 15:59:22 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/11/19 15:59:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012/11/19 15:59:14 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/11/19 15:59:14 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/11/19 15:59:11 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/11/19 15:59:09 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/11/19 15:59:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/11/19 15:59:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/11/19 15:59:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/11/19 15:59:01 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/11/19 15:58:58 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2012/11/19 15:58:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/11/19 15:37:45 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/11/19 15:37:45 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/11/19 15:37:40 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/11/19 15:37:40 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/11/19 15:37:40 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/11/19 15:37:34 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/11/19 15:37:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/11/19 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{B8D9F666-5164-4138-8407-47D090B042B1}
[2012/11/17 14:08:27 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{72F7AE93-AA6F-40BF-8885-D8F1538712DE}
[2012/11/16 12:34:55 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{65FBB25D-2F7A-45A9-8850-BBA5DF02543C}
[2012/11/16 01:49:25 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{2F2CBAB8-C38D-40E0-959B-ADB8FBA62891}
[2012/11/10 18:30:03 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{CAA7E2D1-0C74-4B23-AA65-71AAA00BAF4B}
[2012/11/09 23:37:53 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{91BEC723-0377-4C09-971B-5508F2175BDF}
[2012/11/09 17:29:27 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{E2C2737D-E7F3-4BD5-8E72-690A9B6DD474}
[2012/11/09 04:22:48 | 000,438,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2012/11/08 21:59:55 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{470A2643-11B4-403A-9B1B-D85BA5053043}
[2012/11/07 07:08:25 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{F3827DDC-8214-4633-9AAD-8B4DFC6C4165}
[2012/11/06 22:31:07 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{B79AB7DD-07B3-4379-A3E2-B44C8D708001}
[2012/11/06 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{395D8A21-49CE-4858-B57A-7BD794C4D9EF}
[2012/11/06 19:09:47 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{8ADDC541-017F-4B4D-9936-D05E1A33AA8A}
[2012/11/06 19:00:10 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{3D87A26E-DE97-4DB4-BED7-68EABDD6567F}
[2012/11/06 00:31:37 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{9DA0FDC4-BA26-4CFA-BB8D-89540A2DF861}
[2012/11/03 20:57:48 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{90DAC87E-F713-4F19-8D5C-EC698B25AA81}
[2012/11/03 16:46:39 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{BB1AB478-43E2-4DFB-A07D-CB3DDDF9FF39}
[2012/11/02 23:43:03 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{7C07507E-98B0-47AE-B2DF-A63887369431}
[2012/11/01 03:02:17 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{7FCC2FAE-6B3C-4D77-892E-2B05D10B7AE7}
[2012/10/31 22:36:48 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{E0F61903-2928-4ABF-9AC2-B0087B0A8577}
[2012/10/30 02:41:10 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{34E95C4F-D4A5-421D-9A9C-D9D42DEFB41C}
[2012/10/29 22:52:32 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{BF58B6F2-1796-492C-BD01-6EE1DDDE2401}
[2012/10/28 20:04:16 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{8B8FF758-ECF1-4019-ADA5-E4CDB368555B}
[2012/10/26 21:55:20 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{DE3FBA63-A530-4034-B2E0-472B6F96627C}
[2012/10/26 04:06:39 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{7BBA7462-F699-4A0F-A1A3-C32273F9BBF4}
[2012/10/25 20:45:13 | 000,000,000 | ---D | C] -- C:\Users\Ser_Zile\AppData\Local\{1CF6D8E5-D20F-4E7B-A465-E31AD131A4A4}
[2011/09/08 14:41:23 | 000,816,648 | ---- | C] (MyWebSearch.com) -- C:\Program Files\Uninstall Fun Web Products.dll
[2005/12/11 11:28:13 | 000,587,776 | ---- | C] (Igor Pavlov) -- C:\Users\Ser_Zile\AppData\Roaming\7za.exe
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/24 16:45:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ser_Zile\Desktop\OTL.exe
[2012/11/24 16:43:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/24 16:19:02 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-576043700-3520710179-752002496-1000UA.job
[2012/11/24 16:19:01 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-576043700-3520710179-752002496-1000Core.job
[2012/11/24 16:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/24 15:43:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/24 15:25:12 | 000,020,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/24 15:25:12 | 000,020,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/24 15:19:27 | 000,023,724 | ---- | M] () -- C:\Users\Ser_Zile\Desktop\RootRepeal.jpg
[2012/11/24 12:27:21 | 012,766,208 | ---- | M] () -- C:\Users\Ser_Zile\Desktop\MSRMesh-VirtualWIFI.MSI
[2012/11/23 17:47:26 | 000,629,528 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/11/23 17:47:26 | 000,108,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/11/23 17:42:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/23 17:42:47 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/23 14:38:50 | 000,000,961 | ---- | M] () -- C:\Users\Ser_Zile\Application Data\Microsoft\Internet Explorer\Quick Launch\Mp3tag.lnk
[2012/11/22 20:49:19 | 000,033,792 | ---- | M] () -- C:\Users\Ser_Zile\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/21 23:00:00 | 000,000,720 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/11/20 20:35:05 | 000,000,496 | ---- | M] () -- C:\Users\Ser_Zile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ExeNet - Shortcut.lnk
[2012/11/20 18:13:20 | 000,026,901 | ---- | M] () -- C:\Users\Ser_Zile\Desktop\2012-05-05_034726_cr_cr.jpg
[2012/11/20 18:12:21 | 000,022,411 | ---- | M] () -- C:\Users\Ser_Zile\Desktop\2012-05-05_034726_cr.jpg
[2012/11/20 16:54:44 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/11/20 16:54:42 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/11/20 16:54:42 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/11/20 16:54:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\javaws.exe
[2012/11/20 16:54:41 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/11/20 16:54:41 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/11/19 16:57:55 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/11/19 16:57:55 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/11/19 16:54:19 | 001,753,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/11/19 16:42:17 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/11/11 01:02:30 | 000,000,924 | ---- | M] () -- C:\Windows\System32\MSSbs.sys
[2012/11/11 01:00:53 | 000,000,040 | ---- | M] () -- C:\Windows\popcinfo.dat
[2012/11/09 17:35:51 | 009,364,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012/11/09 17:35:51 | 000,011,545 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2012/11/09 17:35:00 | 020,335,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012/11/09 17:35:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012/11/09 17:35:00 | 015,117,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2012/11/09 17:35:00 | 012,541,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2012/11/09 17:35:00 | 007,818,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012/11/09 17:35:00 | 006,149,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2012/11/09 17:35:00 | 002,606,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012/11/09 17:35:00 | 002,496,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2012/11/09 17:35:00 | 001,874,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012/11/09 17:35:00 | 001,011,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2012/11/09 17:35:00 | 000,889,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll
[2012/11/09 17:35:00 | 000,841,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2012/11/09 17:35:00 | 000,201,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2012/11/09 17:35:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012/11/09 13:19:35 | 003,984,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2012/11/09 13:19:23 | 002,869,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2012/11/09 13:19:16 | 003,598,764 | ---- | M] () -- C:\Windows\System32\nvcoproc.bin
[2012/11/09 13:19:14 | 002,557,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2012/11/09 13:19:14 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2012/11/09 13:19:13 | 000,062,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2012/11/09 04:22:48 | 000,438,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/24 15:19:27 | 000,023,724 | ---- | C] () -- C:\Users\Ser_Zile\Desktop\RootRepeal.jpg
[2012/11/24 12:25:30 | 012,766,208 | ---- | C] () -- C:\Users\Ser_Zile\Desktop\MSRMesh-VirtualWIFI.MSI
[2012/11/20 20:35:05 | 000,000,496 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ExeNet - Shortcut.lnk
[2012/11/20 18:13:20 | 000,026,901 | ---- | C] () -- C:\Users\Ser_Zile\Desktop\2012-05-05_034726_cr_cr.jpg
[2012/11/20 18:12:21 | 000,022,411 | ---- | C] () -- C:\Users\Ser_Zile\Desktop\2012-05-05_034726_cr.jpg
[2012/11/20 16:54:57 | 000,000,000 | ---- | C] () -- C:\Windows\System32\javaws.exe
[2012/11/19 18:06:23 | 003,598,764 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012/11/19 18:04:49 | 000,011,545 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012/11/19 16:32:59 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/19 16:32:08 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/02/11 06:02:49 | 000,000,000 | ---- | C] () -- C:\Windows\PanelExe.INI
[2012/02/07 02:09:58 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2012/01/23 14:52:00 | 000,000,000 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\{232FDE1B-6829-4BA8-953A-6589408F7ED9}
[2012/01/22 14:52:00 | 000,000,000 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\{8AE1E7F1-0251-44DF-B725-713D1E715F0B}
[2012/01/21 15:16:55 | 000,001,001 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{3B96394A-6A40-473C-BD1B-39E66C43C85C}_wsc
[2012/01/19 14:52:00 | 000,000,000 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\{5D2469B3-B388-4F1D-B908-A86DF316F5B2}
[2012/01/18 14:52:00 | 000,000,000 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\{61A2C8E8-26AA-484A-A64C-417947F9022E}
[2012/01/18 02:26:50 | 000,022,113 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{3B96394A-6A40-473C-BD1B-39E66C43C85C}_prof
[2012/01/18 02:26:50 | 000,000,820 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{3B96394A-6A40-473C-BD1B-39E66C43C85C}_sta
[2011/12/29 14:52:03 | 000,000,000 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\{77E63632-D7B6-4E85-833B-D0369F6127FF}
[2011/12/26 03:08:15 | 000,000,001 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\llftool.4.12.agreement
[2011/12/25 22:31:27 | 000,001,001 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{6118849D-E209-4323-B1B4-913306117B76}_wsc
[2011/12/01 02:15:54 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/12/01 02:15:23 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/11/27 21:22:30 | 000,112,936 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{6118849D-E209-4323-B1B4-913306117B76}_prof
[2011/11/27 21:22:30 | 000,000,842 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{6118849D-E209-4323-B1B4-913306117B76}_sta
[2011/11/26 22:30:49 | 000,001,001 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{02B80D48-7397-439E-BB58-4F11E1F5D326}_wsc
[2011/11/22 13:58:34 | 000,000,924 | ---- | C] () -- C:\Windows\System32\MSSbs.sys
[2011/11/08 13:29:27 | 000,000,000 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\{6E3BF32E-8530-46AA-9CA8-BCF3BAE6EB82}
[2011/11/03 19:28:36 | 000,084,470 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Roaming\Antenna_temp.ini2
[2011/11/02 10:57:33 | 000,000,843 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{02B80D48-7397-439E-BB58-4F11E1F5D326}_sta
[2011/11/02 10:57:32 | 000,000,826 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{02B80D48-7397-439E-BB58-4F11E1F5D326}_prof
[2011/10/31 14:28:04 | 000,007,425 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{3734A94A-CA88-4808-A64C-0DDFE4C0B093}_prof
[2011/10/31 14:28:04 | 000,000,820 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{3734A94A-CA88-4808-A64C-0DDFE4C0B093}_sta
[2011/10/31 14:26:49 | 000,001,001 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\RT2070_{3734A94A-CA88-4808-A64C-0DDFE4C0B093}_wsc
[2011/10/24 22:00:00 | 002,580,552 | R--- | C] () -- C:\Windows\System32\pbsvc.exe
[2011/10/17 18:37:14 | 000,000,720 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/10/14 00:45:45 | 000,004,357 | ---- | C] () -- C:\Windows\TVP3XDrv.ini
[2011/10/14 00:43:00 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2011/10/14 00:17:21 | 000,319,488 | ---- | C] () -- C:\Windows\nxpunist.exe
[2011/10/14 00:17:21 | 000,003,011 | ---- | C] () -- C:\Windows\TVNXPDrv.ini
[2011/09/12 19:04:41 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/08/30 16:32:06 | 000,007,640 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\Resmon.ResmonCfg
[2011/08/14 10:40:30 | 000,022,328 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Roaming\PnkBstrK.sys
[2011/08/14 10:40:15 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/08/12 07:46:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/08/08 13:58:56 | 000,000,000 | ---- | C] () -- C:\Windows\System32\vsocklib.dll
[2011/08/06 18:18:09 | 000,254,263 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Roaming\Server.7z
[2011/07/14 16:43:14 | 000,000,040 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/07/04 20:11:35 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/07/04 20:10:16 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/06/22 16:34:16 | 000,033,792 | ---- | C] () -- C:\Users\Ser_Zile\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/22 16:31:58 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/06/22 16:31:58 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/06/22 16:31:57 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/06/22 16:31:57 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/06/22 16:31:57 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2011/06/22 16:31:57 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/06/22 10:43:01 | 000,036,864 | ---- | C] () -- C:\Windows\System32\srpskey.exe
[2011/06/22 10:43:01 | 000,004,608 | ---- | C] () -- C:\Windows\System32\srpskeyh5.dll
[2011/06/10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:8668AB36
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:B59E4689
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:ADF211B1

< End of report >

Dopuna: 24 Nov 2012 16:55

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10457
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U postavljenim izvještajima nisam našao tragove aktivne infekcije. Međutim, System Events pokazuje greške sa fajl sistemom na C: i zbog toga chkdsk skenira C: tokom svakog paljenja računara. Greške koje dobijaš na screeshotovima su vjerovatno posljedica tih problema sa fajl sistemom. Kako su problemi sa fajl sistemom uglavnom uzrokovani ili neispravnim SATA kablom ili hard diskom na izdisaju, najbolje bi bilo da otvoriš temu u Hardware forumu i tamo izneseš svoj problem. Tamo ćeš dobiti uputstvo kako da provjeriš da li ti je hard disk ispravan.

http://www.mycity.rs/Storage-hardware/


Pozdrav.

offline
  • Pridružio: 01 Jun 2006
  • Poruke: 53
  • Gde živiš: Paracin

Hvala na uloženom trudu... pozz

Ko je trenutno na forumu
 

Ukupno su 436 korisnika na forumu :: 5 registrovanih, 0 sakrivenih i 431 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 2967 - dana 31 Okt 2019 06:37

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Gabriel182, LUDI2, Mixelotti, perica5, sevenino