Trojanac

2

Trojanac

offline
  • Pridružio: 23 Okt 2012
  • Poruke: 208
  • Gde živiš: U prestonicU, bre.. ;)

Ajoj! Pa ja bolje da sam uzela nick DeFektna!
Ali Gorane,jesam ga prikačila na prikači fajl..eno tamo gore i pitam da li se uopšte okačilo jer me buni što ga ja ne vidim. Hajde,evo opet ću..prikači fajl =>

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

DeMonna ::DeMonna ::Napisano: 30 Okt 2012 16:53


Ja se stvarno izvinjavam,ali nisam siguran koju sam datoteku sačuvala



Pacijent!!!! Ali ne za ovu ambulantu! Razz



Mr. Green


E sve si pozitivno luda. Ziveli






Nisi mi poslala ni OTL a ni izvestaj AdwCleaner-a da pogledam.



1) Sto se tice OTL-a, pogledaj sledeci snimak od 3:57 sta trebas uraditi da bi napravila izvestaj:



Kada zavrsi alat skeniranje i dobijes izvestaje na Desktop, onda klikni u ovoj temi na Odgovori i prikaci mi dobijene izvestaje uz poruku. Opcija Prikaci fajl se nalazi ovde (vidi sliku ispod):




2) Sto se tice AdwCleaner-a, isto vazi i za njega. Prilozi izvestaj u sledecoj poruci da pogledam. Izvestaj ti se nalazi na sledecoj lokaciji C:\AdwCleaner[S1].txt







goran9888 (AMF Tim)

offline
  • Pridružio: 23 Okt 2012
  • Poruke: 208
  • Gde živiš: U prestonicU, bre.. ;)

Napisano: 01 Nov 2012 13:26

Mila majko,koji sam ja retard! Sve sam ja to uradila osim onog "okači" ispod "odaberi fajl".
Hvala Goranče za to "pozitivno",ali vidiš da sam i negativno blesava!
Aj kačim..
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

OTL logfile created on: 31.10.2012 17:16:59 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maya S.J\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000081A | Country: Srbija i Crna Gora (bivša) | Language: SRL | Date Format: d.M.yyyy

3,60 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 66,11% Memory free
7,21 Gb Paging File | 5,56 Gb Available in Paging File | 77,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 271,65 Gb Total Space | 217,32 Gb Free Space | 80,00% Space Free | Partition Type: NTFS
Drive D: | 22,28 Gb Total Space | 22,19 Gb Free Space | 99,60% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 3,96 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ZMAJKO | User Name: Maya S.J | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.10.31 17:15:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maya S.J\Desktop\OTL (1).exe
PRC - [2012.09.18 07:59:19 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Users\Maya S.J\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.09.13 14:21:01 | 000,896,912 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.08.13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 14:47:28 | 000,119,808 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
PRC - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.06.05 15:39:59 | 000,037,376 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe
PRC - [2011.10.07 04:19:16 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.09.29 20:33:42 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011.09.13 01:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.08.19 22:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011.07.11 22:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011.07.11 22:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011.04.24 22:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
PRC - [2010.12.28 00:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010.04.23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe


========== Modules (No Company Name) ==========

MOD - [2012.08.12 20:02:58 | 000,877,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2012.07.28 06:43:49 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.07.28 06:43:15 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.04.24 22:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll
MOD - [2011.04.24 22:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll
MOD - [2011.04.24 22:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll
MOD - [2011.04.24 22:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll
MOD - [2011.04.24 22:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll
MOD - [2011.04.24 22:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll
MOD - [2011.04.20 18:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.06.23 13:47:50 | 001,492,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2011.07.06 08:08:26 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.07.05 20:27:04 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.02.17 06:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010.10.11 10:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.11.18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.10.09 10:24:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.25 14:47:28 | 000,119,808 | ---- | M] (Yuna Software) [Auto | Running] -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe -- (MsgPlusService)
SRV - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.05 15:39:59 | 000,037,376 | ---- | M] (Yuna Software) [Auto | Running] -- C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe -- (MsgFBSkinsPlusService)
SRV - [2011.09.13 01:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.09.10 01:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011.07.11 22:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011.04.24 22:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)
SRV - [2010.12.28 00:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.10.13 19:07:59 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.18 07:31:50 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.10.18 07:31:50 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.08.19 20:29:32 | 000,391,728 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.08.11 20:19:50 | 001,582,144 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011.07.06 08:50:28 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.06 07:32:20 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.16 11:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.04.16 11:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.03.10 17:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.05 08:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.04 12:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 12:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2011.02.15 19:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010.12.16 20:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.07.28 18:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.02.18 18:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{E8FEF37D-43E4-43AD-95E1-E6CCB0CD5A41}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF.....-keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}: "URL" = http://feed.plusnetwork.com/?publisher=MessengerPl.....ddr&q={searchTerms}&t=
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE - HKLM\..\SearchScopes\{283A7FCC-AADB-B6C1-9406-3962D692BC4A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{E8FEF37D-43E4-43AD-95E1-E6CCB0CD5A41}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF.....-keywords={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {6D024226-616F-4EE3-9BA8-77334E89C107}
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=3212_1&babsrc=SP_ss&mntrId=b86fd1e3000000000000c0188515deb2
IE - HKCU\..\SearchScopes\{283A7FCC-AADB-B6C1-9406-3962D692BC4A}: "URL" = http://search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=307
IE - HKCU\..\SearchScopes\{6D024226-616F-4EE3-9BA8-77334E89C107}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE - HKCU\..\SearchScopes\{8D08FA72-A023-4976-9CE0-280D2752B71C}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=2912_4&babsrc=SP_ss&mntrId=b86fd1e3000000000000009c028d2302
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{E8FEF37D-43E4-43AD-95E1-E6CCB0CD5A41}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF.....-keywords={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maya S.J\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maya S.J\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012.10.13 21:21:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.13 21:21:35 | 000,000,000 | ---D | M]

[2012.09.13 14:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions
[2012.09.13 14:22:15 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2011.12.25 11:47:14 | 000,000,000 | ---D | M] (Messenger Plus! Skins for Facebook) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\msgplus@msgplus.com
[2012.09.14 17:16:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions
[2012.09.14 17:16:46 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com
[2012.07.20 18:09:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.29 11:52:46 | 000,003,280 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Messenger Plus Smartbar (Enabled)
CHR - default_search_provider: search_url = http://feed.plusnetwork.com/?publisher=MessengerPl.....ddr&q={searchTerms}&t=a1031
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Angry Birds = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.6_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.6_0\.bak
CHR - Extension: Kaspersky URL \u0441\u0430\u0432\u0435\u0442\u043D\u0438\u043A = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Speed Dial = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.2_0\
CHR - Extension: B92 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchdppllamnngnbigohhfmeglnfaccm\1.3_0\
CHR - Extension: Messenger Plus! Skins for Facebook = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpelidgcodppbjdkifojjkhlapacabc\2.0.0.0_0\
CHR - Extension: Messenger Plus! Skins for Facebook = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpelidgcodppbjdkifojjkhlapacabc\2.0.0.0_0\.svn\text-base\.svn-base
CHR - Extension: Type Scout = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj\4_0\
CHR - Extension: PicMonkey = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.4_0\
CHR - Extension: Torrent Turbo Search = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\
CHR - Extension: Dolce&Gabbana = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2_0\
CHR - Extension: Streamified = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.19.75_0\crossrider
CHR - Extension: Streamified = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.19.75_0\
CHR - Extension: FabCam = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl\1.3_0\
CHR - Extension: \u0412\u0438\u0440\u0442\u0443\u0435\u043B\u043D\u0430 \u0442\u0430\u0441\u0442\u0430\u0442\u0443\u0440\u0430 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google \u043F\u0440\u0435\u0432\u043E\u0434\u0438\u043B\u0430\u0446 \u0437\u0430 Google+ = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl\1.1.7_0\
CHR - Extension: Pixect = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh\2.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Google \u043C\u0430\u043F\u0435 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Google \u043F\u0440\u043E\u0432\u0435\u0440\u0430 \u043F\u043E\u0448\u0442\u0435 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: TypingClub = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah\4.0_0\
CHR - Extension: Type Fu = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: Gmail = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
CHR - Extension: Google Translate = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Angry Birds = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.6_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.6_0\.bak
CHR - Extension: Kaspersky URL \u0441\u0430\u0432\u0435\u0442\u043D\u0438\u043A = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Speed Dial = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.2_0\
CHR - Extension: B92 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchdppllamnngnbigohhfmeglnfaccm\1.3_0\
CHR - Extension: Messenger Plus! Skins for Facebook = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpelidgcodppbjdkifojjkhlapacabc\2.0.0.0_0\
CHR - Extension: Messenger Plus! Skins for Facebook = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpelidgcodppbjdkifojjkhlapacabc\2.0.0.0_0\.svn\text-base\.svn-base
CHR - Extension: Type Scout = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj\4_0\
CHR - Extension: PicMonkey = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.4_0\
CHR - Extension: Torrent Turbo Search = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\
CHR - Extension: Dolce&Gabbana = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2_0\
CHR - Extension: Streamified = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.19.75_0\crossrider
CHR - Extension: Streamified = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.19.75_0\
CHR - Extension: FabCam = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl\1.3_0\
CHR - Extension: \u0412\u0438\u0440\u0442\u0443\u0435\u043B\u043D\u0430 \u0442\u0430\u0441\u0442\u0430\u0442\u0443\u0440\u0430 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google \u043F\u0440\u0435\u0432\u043E\u0434\u0438\u043B\u0430\u0446 \u0437\u0430 Google+ = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl\1.1.7_0\
CHR - Extension: Pixect = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh\2.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Google \u043C\u0430\u043F\u0435 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Google \u043F\u0440\u043E\u0432\u0435\u0440\u0430 \u043F\u043E\u0448\u0442\u0435 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: TypingClub = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah\4.0_0\
CHR - Extension: Type Fu = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: Gmail = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Messenger Plus! For Facebook) - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusFacebook64.dll (Yuna Software)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Messenger Plus! Skins for Facebook) - {3543619C-D563-43f7-95EA-4DA7E1CC316A} - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusFacebook.dll (Yuna Software)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{164E1355-6925-40C0-82EC-54C748441C75}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B75D899-191F-4B31-B3C7-C4EC9E00BB60}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED14777E-2AC3-4A98-AEBD-215E660754E7}: DhcpNameServer = 192.168.1.20
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{182d80fd-d2c9-11e1-b3fb-009c028d2302}\Shell - "" = AutoRun
O33 - MountPoints2\{182d80fd-d2c9-11e1-b3fb-009c028d2302}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.10.31 17:15:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maya S.J\Desktop\OTL (1).exe
[2012.10.31 10:32:51 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.10.31 10:32:25 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.10.31 10:32:24 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.10.28 23:39:48 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Local\{4E0FDE76-ACB5-429F-BABF-74E4C297107D}
[2012.10.22 16:16:46 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Local\{0EA71772-8CAE-45F7-AE6A-E858E843F830}
[2012.10.17 18:53:42 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.10.17 07:58:34 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Local\Downloaded Installations
[2012.10.17 07:56:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012.10.17 07:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.10.13 19:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2012
[2012.10.13 19:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.10.13 19:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2012.10.13 19:07:59 | 000,615,728 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.10.13 19:03:12 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.13 19:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.13 19:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012.10.13 18:34:05 | 000,000,000 | ---D | C] -- C:\A
[2012.10.10 08:10:20 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 08:10:17 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 08:10:16 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 08:09:57 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 08:09:57 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 08:09:56 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 08:09:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 08:09:53 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 08:09:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 08:09:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 08:09:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 08:09:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 08:09:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 08:09:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 08:09:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 08:09:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 08:09:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 08:09:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 08:09:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 08:09:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 08:09:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 08:09:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 08:09:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 08:09:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 08:09:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 08:09:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 08:09:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 08:09:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 08:09:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 08:09:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 08:09:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 08:09:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 08:09:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 08:09:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 08:09:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 08:09:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 08:09:28 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 08:08:32 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 08:08:30 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.08 17:35:54 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Local\{36F9854D-B8F4-47E9-99F6-47522F2B6DAB}
[3 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.10.31 17:15:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maya S.J\Desktop\OTL (1).exe
[2012.10.31 17:10:46 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.31 17:10:46 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.31 17:10:01 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.31 17:09:43 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.31 17:09:43 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.31 17:09:43 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.31 17:04:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2980005275-1500815138-3582732233-1001UA.job
[2012.10.31 17:03:21 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.31 17:03:20 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.10.31 17:03:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.31 17:03:02 | 2902,646,784 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.31 16:43:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.31 15:35:55 | 000,540,977 | ---- | M] () -- C:\Users\Maya S.J\Desktop\adwcleaner.exe
[2012.10.31 11:23:33 | 000,003,662 | ---- | M] () -- C:\Users\Maya S.J\Desktop\attach.rar
[2012.10.31 10:14:09 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2980005275-1500815138-3582732233-1001Core.job
[2012.10.28 23:10:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.10.27 18:04:00 | 000,449,043 | ---- | M] () -- C:\Users\Maya S.J\Desktop\RegSeeker.zip
[2012.10.27 16:22:52 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForZMAJKO$.job
[2012.10.26 10:41:03 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.17 17:53:35 | 000,000,017 | ---- | M] () -- C:\Users\Maya S.J\AppData\Local\resmon.resmoncfg
[2012.10.14 10:37:51 | 000,002,545 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.13 21:21:25 | 000,153,053 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2012.10.13 21:21:24 | 000,107,384 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2012.10.13 19:24:05 | 000,005,538 | ---- | M] () -- C:\Users\Maya S.J\Documents\cc_20121013_202353.reg
[2012.10.13 19:12:08 | 000,017,408 | ---- | M] () -- C:\Users\Maya S.J\AppData\Local\WebpageIcons.db
[2012.10.13 19:07:59 | 000,615,728 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.10.13 19:02:39 | 000,000,383 | ---- | M] () -- C:\Users\Maya S.J\Documents\Omiljene lokacije - prečica.lnk
[2012.10.13 18:16:03 | 000,002,786 | ---- | M] () -- C:\Users\Maya S.J\Documents\cc_20121013_191503.reg
[2012.10.11 17:47:00 | 000,002,598 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2012.10.09 10:24:15 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 10:24:15 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[3 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.10.31 15:35:38 | 000,540,977 | ---- | C] () -- C:\Users\Maya S.J\Desktop\adwcleaner.exe
[2012.10.31 11:23:33 | 000,003,662 | ---- | C] () -- C:\Users\Maya S.J\Desktop\attach.rar
[2012.10.28 23:10:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.10.27 18:03:56 | 000,449,043 | ---- | C] () -- C:\Users\Maya S.J\Desktop\RegSeeker.zip
[2012.10.17 17:53:35 | 000,000,017 | ---- | C] () -- C:\Users\Maya S.J\AppData\Local\resmon.resmoncfg
[2012.10.14 10:37:51 | 000,002,545 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.13 19:23:57 | 000,005,538 | ---- | C] () -- C:\Users\Maya S.J\Documents\cc_20121013_202353.reg
[2012.10.13 19:12:08 | 000,017,408 | ---- | C] () -- C:\Users\Maya S.J\AppData\Local\WebpageIcons.db
[2012.10.13 19:10:41 | 000,153,053 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2012.10.13 19:10:41 | 000,107,384 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2012.10.13 19:02:39 | 000,000,383 | ---- | C] () -- C:\Users\Maya S.J\Documents\Omiljene lokacije - prečica.lnk
[2012.10.13 18:15:58 | 000,002,786 | ---- | C] () -- C:\Users\Maya S.J\Documents\cc_20121013_191503.reg
[2012.07.27 19:54:42 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.03.07 00:09:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.07 00:02:07 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012.03.06 23:55:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.10.18 08:45:18 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011.09.06 21:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011.08.19 20:26:18 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.07.05 20:47:06 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.18 10:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:6CC69D3C

< End of report >


Dopuna: 01 Nov 2012 13:27

Da me vidiš kakva sam crvena k'o paprika.. Sramota!
Da mi neko rekao da sam ovoliko glupa,ja bi se svađala do prekosutra da dokažem da nisam! QQ..

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Mr. Green





Vidi, koliko ja vidim, vi na tom sistemu samo instalirate i gomilate aplikacije i to prvenstveno male igrice uz koje dolazi jos brdo drugog, nepotrebnog software-a. Nista od toga ne brisete a i instalaciju radite verovatno samo kliktajuci na Next, i prihvatajuci sve sto se od vas trazi bez obzira sta pise.

Da bi ti malo jasnije bilo o cemu govorim, detaljno procitaj sledecu temu: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html


Npr u Google Chrome-u imas samo preko 50 instaliranih ekstenzija. Dobro je da isti ikako radi.



1) Pokreni Google Chrome i ukucaj, gore gde kucas adresu nekog web sajta, sledece: chrome://extensions -> Enter

Kada se otvori prozor, ukloni (deinstaliraj) bukvalno svaku ekstenziju koju ne koristis. Ostavi samo ono sto znas cemu sluzi i sto koristis - ja npr koristim samo 5 ekstenzija. Ne verujem da koristis sve 50 i nesto ekstenzija koje imas instalirane.




2) Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:OTL
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}: "URL" = http://feed.plusnetwork.com/?publisher=MessengerPl.....ddr&q={searchTerms}&t=
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\..\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=3212_1&babsrc=SP_ss&mntrId=b86fd1e3000000000000c0188515deb2
IE - HKCU\..\SearchScopes\{283A7FCC-AADB-B6C1-9406-3962D692BC4A}: "URL" = http://search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=307
IE - HKCU\..\SearchScopes\{6D024226-616F-4EE3-9BA8-77334E89C107}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE - HKCU\..\SearchScopes\{8D08FA72-A023-4976-9CE0-280D2752B71C}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=2912_4&babsrc=SP_ss&mntrId=b86fd1e3000000000000009c028d2302
[2012.09.13 14:22:15 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2012.09.14 17:16:46 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com
CHR - default_search_provider: Messenger Plus Smartbar (Enabled)
CHR - default_search_provider: search_url = http://feed.plusnetwork.com/?publisher=MessengerPl.....ddr&q={searchTerms}&t=a1031
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},

:Commands
[EMPTYFLASH]
[EMPTYJAVA]



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.




3) Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.

Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.







goran9888 (AMF Tim)

offline
  • Pridružio: 23 Okt 2012
  • Poruke: 208
  • Gde živiš: U prestonicU, bre.. ;)

Napisano: 01 Nov 2012 17:55

OTL logfile created on: 1.11.2012 17:27:36 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maya S.J\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000081A | Country: Srbija i Crna Gora (bivša) | Language: SRL | Date Format: d.M.yyyy

3,60 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 69,58% Memory free
7,21 Gb Paging File | 5,26 Gb Available in Paging File | 72,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 271,65 Gb Total Space | 215,53 Gb Free Space | 79,34% Space Free | Partition Type: NTFS
Drive D: | 22,28 Gb Total Space | 22,19 Gb Free Space | 99,60% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 3,96 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ZMAJKO | User Name: Maya S.J | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.10.31 19:45:15 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
PRC - [2012.10.31 17:15:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maya S.J\Desktop\OTL (1).exe
PRC - [2012.09.18 07:59:19 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Users\Maya S.J\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.09.13 14:21:01 | 000,896,912 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.08.13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 14:47:28 | 000,119,808 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
PRC - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.06.05 15:39:59 | 000,037,376 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe
PRC - [2011.10.07 04:19:16 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.09.29 20:33:42 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011.09.13 01:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.08.19 22:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011.07.11 22:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011.07.11 22:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.12.28 00:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010.04.23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe


========== Modules (No Company Name) ==========

MOD - [2012.08.12 20:02:58 | 000,877,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2012.07.28 06:43:49 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.07.28 06:43:15 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.04.24 22:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll
MOD - [2011.04.24 22:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll
MOD - [2011.04.24 22:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll
MOD - [2011.04.24 22:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll
MOD - [2011.04.24 22:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll
MOD - [2011.04.24 22:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll
MOD - [2011.04.20 18:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.06.23 13:47:50 | 001,492,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2011.07.06 08:08:26 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.07.05 20:27:04 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.02.17 06:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010.10.11 10:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.11.18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.10.31 19:45:15 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)
SRV - [2012.10.09 10:24:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.25 14:47:28 | 000,119,808 | ---- | M] (Yuna Software) [Auto | Running] -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe -- (MsgPlusService)
SRV - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.05 15:39:59 | 000,037,376 | ---- | M] (Yuna Software) [Auto | Running] -- C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe -- (MsgFBSkinsPlusService)
SRV - [2011.09.13 01:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.09.10 01:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011.07.11 22:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.12.28 00:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.10.31 19:46:00 | 000,637,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.18 07:31:50 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.10.18 07:31:50 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.08.19 20:29:32 | 000,391,728 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.08.11 20:19:50 | 001,582,144 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011.07.06 08:50:28 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.06 07:32:20 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.16 11:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.04.16 11:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.03.10 17:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.05 08:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.04 12:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 12:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2011.02.15 19:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010.12.16 20:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.07.28 18:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.02.18 18:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{E8FEF37D-43E4-43AD-95E1-E6CCB0CD5A41}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF.....-keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}: "URL" = http://feed.plusnetwork.com/?publisher=MessengerPl.....sp=addr&q={searchTerms}&t=
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE - HKLM\..\SearchScopes\{283A7FCC-AADB-B6C1-9406-3962D692BC4A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{E8FEF37D-43E4-43AD-95E1-E6CCB0CD5A41}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF.....-keywords={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {6D024226-616F-4EE3-9BA8-77334E89C107}
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=3212_1&babsrc=SP_ss&mntrId=b86fd1e3000000000000c0188515deb2
IE - HKCU\..\SearchScopes\{283A7FCC-AADB-B6C1-9406-3962D692BC4A}: "URL" = http://search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=307
IE - HKCU\..\SearchScopes\{6D024226-616F-4EE3-9BA8-77334E89C107}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509
IE - HKCU\..\SearchScopes\{8D08FA72-A023-4976-9CE0-280D2752B71C}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=2912_4&babsrc=SP_ss&mntrId=b86fd1e3000000000000009c028d2302
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{E8FEF37D-43E4-43AD-95E1-E6CCB0CD5A41}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF.....-keywords={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maya S.J\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maya S.J\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012.10.31 19:46:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.31 19:46:04 | 000,000,000 | ---D | M]

[2012.09.13 14:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions
[2012.09.13 14:22:15 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2011.12.25 11:47:14 | 000,000,000 | ---D | M] (Messenger Plus! Skins for Facebook) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\msgplus@msgplus.com
[2012.09.14 17:16:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions
[2012.09.14 17:16:46 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com
[2012.07.20 18:09:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.29 11:52:46 | 000,003,280 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - homepage: http://www.google.rs/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.rs/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Angry Birds = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.6_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.6_0\.bak
CHR - Extension: Kaspersky URL \u0441\u0430\u0432\u0435\u0442\u043D\u0438\u043A = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Speed Dial = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.2_0\
CHR - Extension: B92 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchdppllamnngnbigohhfmeglnfaccm\1.3_0\
CHR - Extension: Messenger Plus! Skins for Facebook = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpelidgcodppbjdkifojjkhlapacabc\2.0.0.0_0\
CHR - Extension: Messenger Plus! Skins for Facebook = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpelidgcodppbjdkifojjkhlapacabc\2.0.0.0_0\.svn\text-base\.svn-base
CHR - Extension: Type Scout = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj\4_0\
CHR - Extension: PicMonkey = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.4_0\
CHR - Extension: Torrent Turbo Search = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\
CHR - Extension: Dolce&Gabbana = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2_0\
CHR - Extension: Streamified = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.19.75_0\crossrider
CHR - Extension: Streamified = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.19.75_0\
CHR - Extension: FabCam = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl\1.3_0\
CHR - Extension: \u0412\u0438\u0440\u0442\u0443\u0435\u043B\u043D\u0430 \u0442\u0430\u0441\u0442\u0430\u0442\u0443\u0440\u0430 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google \u043F\u0440\u0435\u0432\u043E\u0434\u0438\u043B\u0430\u0446 \u0437\u0430 Google+ = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl\1.1.7_0\
CHR - Extension: Pixect = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh\2.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Google \u043C\u0430\u043F\u0435 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Google \u043F\u0440\u043E\u0432\u0435\u0440\u0430 \u043F\u043E\u0448\u0442\u0435 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: TypingClub = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah\4.0_0\
CHR - Extension: Type Fu = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: Gmail = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
CHR - Extension: Google Translate = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Angry Birds = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.6_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.6_0\.bak
CHR - Extension: Kaspersky URL \u0441\u0430\u0432\u0435\u0442\u043D\u0438\u043A = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Speed Dial = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.2_0\
CHR - Extension: B92 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchdppllamnngnbigohhfmeglnfaccm\1.3_0\
CHR - Extension: Messenger Plus! Skins for Facebook = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpelidgcodppbjdkifojjkhlapacabc\2.0.0.0_0\
CHR - Extension: Messenger Plus! Skins for Facebook = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpelidgcodppbjdkifojjkhlapacabc\2.0.0.0_0\.svn\text-base\.svn-base
CHR - Extension: Type Scout = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj\4_0\
CHR - Extension: PicMonkey = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.4_0\
CHR - Extension: Torrent Turbo Search = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\
CHR - Extension: Dolce&Gabbana = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2_0\
CHR - Extension: Streamified = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.19.75_0\crossrider
CHR - Extension: Streamified = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgcgahdbgbdenffckohanhobdcnkoip\1.19.75_0\
CHR - Extension: FabCam = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl\1.3_0\
CHR - Extension: \u0412\u0438\u0440\u0442\u0443\u0435\u043B\u043D\u0430 \u0442\u0430\u0441\u0442\u0430\u0442\u0443\u0440\u0430 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google \u043F\u0440\u0435\u0432\u043E\u0434\u0438\u043B\u0430\u0446 \u0437\u0430 Google+ = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl\1.1.7_0\
CHR - Extension: Pixect = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh\2.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Google \u043C\u0430\u043F\u0435 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Google \u043F\u0440\u043E\u0432\u0435\u0440\u0430 \u043F\u043E\u0448\u0442\u0435 = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: TypingClub = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah\4.0_0\
CHR - Extension: Type Fu = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: Gmail = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Maya S.J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Messenger Plus! For Facebook) - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusFacebook64.dll (Yuna Software)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Messenger Plus! Skins for Facebook) - {3543619C-D563-43f7-95EA-4DA7E1CC316A} - C:\Program Files (x86)\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusFacebook.dll (Yuna Software)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{164E1355-6925-40C0-82EC-54C748441C75}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B75D899-191F-4B31-B3C7-C4EC9E00BB60}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED14777E-2AC3-4A98-AEBD-215E660754E7}: DhcpNameServer = 192.168.1.20
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{182d80fd-d2c9-11e1-b3fb-009c028d2302}\Shell - "" = AutoRun
O33 - MountPoints2\{182d80fd-d2c9-11e1-b3fb-009c028d2302}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{6c6682c9-2374-11e2-a05f-009c028d2302}\Shell - "" = AutoRun
O33 - MountPoints2\{6c6682c9-2374-11e2-a05f-009c028d2302}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.10.31 17:15:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maya S.J\Desktop\OTL (1).exe
[2012.10.31 10:32:51 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.10.31 10:32:25 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.10.31 10:32:24 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.10.28 23:39:48 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Local\{4E0FDE76-ACB5-429F-BABF-74E4C297107D}
[2012.10.22 16:16:46 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Local\{0EA71772-8CAE-45F7-AE6A-E858E843F830}
[2012.10.17 18:53:42 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.10.17 07:58:34 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Local\Downloaded Installations
[2012.10.17 07:56:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012.10.17 07:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.10.13 19:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2012
[2012.10.13 19:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.10.13 19:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2012.10.13 19:07:59 | 000,637,272 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.10.13 19:03:12 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.13 19:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.13 19:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012.10.13 18:34:05 | 000,000,000 | ---D | C] -- C:\A
[2012.10.10 08:10:20 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 08:10:17 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 08:10:16 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 08:09:57 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 08:09:57 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 08:09:56 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 08:09:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 08:09:53 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 08:09:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 08:09:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 08:09:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 08:09:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 08:09:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 08:09:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 08:09:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 08:09:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 08:09:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 08:09:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 08:09:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 08:09:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 08:09:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 08:09:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 08:09:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 08:09:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 08:09:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 08:09:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 08:09:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 08:09:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 08:09:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 08:09:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 08:09:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 08:09:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 08:09:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 08:09:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 08:09:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 08:09:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 08:09:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 08:09:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 08:09:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 08:09:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 08:09:28 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 08:08:32 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 08:08:30 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.08 17:35:54 | 000,000,000 | ---D | C] -- C:\Users\Maya S.J\AppData\Local\{36F9854D-B8F4-47E9-99F6-47522F2B6DAB}
[3 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.11.01 17:10:01 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.01 17:04:01 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2980005275-1500815138-3582732233-1001UA.job
[2012.11.01 16:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.01 15:42:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.01 15:00:36 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.01 15:00:36 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.01 15:00:36 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.01 11:00:48 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.01 11:00:48 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.01 10:20:58 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.01 10:17:15 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2980005275-1500815138-3582732233-1001Core.job
[2012.11.01 02:38:02 | 000,028,614 | ---- | M] () -- C:\Users\Maya S.J\Desktop\webcam-toy-photo1.jpg
[2012.10.31 19:46:00 | 000,637,272 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.10.31 17:15:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maya S.J\Desktop\OTL (1).exe
[2012.10.31 17:03:20 | 000,524,288 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.10.31 17:03:02 | 2902,646,784 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.31 15:35:55 | 000,540,977 | ---- | M] () -- C:\Users\Maya S.J\Desktop\adwcleaner.exe
[2012.10.31 11:23:33 | 000,003,662 | ---- | M] () -- C:\Users\Maya S.J\Desktop\attach.rar
[2012.10.28 23:10:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.10.27 18:04:00 | 000,449,043 | ---- | M] () -- C:\Users\Maya S.J\Desktop\RegSeeker.zip
[2012.10.27 16:22:52 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForZMAJKO$.job
[2012.10.26 10:41:03 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.17 17:53:35 | 000,000,017 | ---- | M] () -- C:\Users\Maya S.J\AppData\Local\resmon.resmoncfg
[2012.10.14 10:37:51 | 000,002,545 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.13 21:21:25 | 000,153,053 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2012.10.13 21:21:24 | 000,107,384 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2012.10.13 19:24:05 | 000,005,538 | ---- | M] () -- C:\Users\Maya S.J\Documents\cc_20121013_202353.reg
[2012.10.13 19:12:08 | 000,017,408 | ---- | M] () -- C:\Users\Maya S.J\AppData\Local\WebpageIcons.db
[2012.10.13 19:02:39 | 000,000,383 | ---- | M] () -- C:\Users\Maya S.J\Documents\Omiljene lokacije - prečica.lnk
[2012.10.13 18:16:03 | 000,002,786 | ---- | M] () -- C:\Users\Maya S.J\Documents\cc_20121013_191503.reg
[2012.10.11 17:47:00 | 000,002,598 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2012.10.09 10:24:15 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 10:24:15 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[3 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.11.01 02:38:12 | 000,028,614 | ---- | C] () -- C:\Users\Maya S.J\Desktop\webcam-toy-photo1.jpg
[2012.10.31 15:35:38 | 000,540,977 | ---- | C] () -- C:\Users\Maya S.J\Desktop\adwcleaner.exe
[2012.10.31 11:23:33 | 000,003,662 | ---- | C] () -- C:\Users\Maya S.J\Desktop\attach.rar
[2012.10.28 23:10:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.10.27 18:03:56 | 000,449,043 | ---- | C] () -- C:\Users\Maya S.J\Desktop\RegSeeker.zip
[2012.10.17 17:53:35 | 000,000,017 | ---- | C] () -- C:\Users\Maya S.J\AppData\Local\resmon.resmoncfg
[2012.10.14 10:37:51 | 000,002,545 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.13 19:23:57 | 000,005,538 | ---- | C] () -- C:\Users\Maya S.J\Documents\cc_20121013_202353.reg
[2012.10.13 19:12:08 | 000,017,408 | ---- | C] () -- C:\Users\Maya S.J\AppData\Local\WebpageIcons.db
[2012.10.13 19:10:41 | 000,153,053 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2012.10.13 19:10:41 | 000,107,384 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2012.10.13 19:02:39 | 000,000,383 | ---- | C] () -- C:\Users\Maya S.J\Documents\Omiljene lokacije - prečica.lnk
[2012.10.13 18:15:58 | 000,002,786 | ---- | C] () -- C:\Users\Maya S.J\Documents\cc_20121013_191503.reg
[2012.07.27 19:54:42 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.03.07 00:09:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.07 00:02:07 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012.03.06 23:55:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.10.18 08:45:18 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011.09.06 21:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011.08.19 20:26:18 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.07.05 20:47:06 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.18 10:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< :OTL >

< IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509 >

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592 >
Invalid Switch: search.certified-toolbar.com?si=41460&home=true&tid=592

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592 >
Invalid Switch: search.certified-toolbar.com?si=41460&home=true&tid=592

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=592 >
Invalid Switch: search.certified-toolbar.com?si=41460&home=true&tid=592

< IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} >

< IE - HKLM\..\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}: "URL" = http://feed.plusnetwork.com/?publisher=MessengerPl.....ddr&q={searchTerms}&t= >

< IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509 >

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592 >
Invalid Switch: search.certified-toolbar.com?si=41460&home=true&tid=592

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= >
Invalid Switch: search.certified-toolbar.com?si=41460&tid=592&bs=true&q=

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=592 >
Invalid Switch: search.certified-toolbar.com?si=41460&home=true&tid=592

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=592 >
Invalid Switch: search.certified-toolbar.com?si=41460&home=true&tid=592

< IE - HKCU\..\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=3212_1&babsrc=SP_ss&mntrId=b86fd1e3000000000000c0188515deb2 >

< IE - HKCU\..\SearchScopes\{283A7FCC-AADB-B6C1-9406-3962D692BC4A}: "URL" = http://search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=307 >

< IE - HKCU\..\SearchScopes\{6D024226-616F-4EE3-9BA8-77334E89C107}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDtCyD0D0E0BtA0DtC0EtAtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=562838509 >

< IE - HKCU\..\SearchScopes\{8D08FA72-A023-4976-9CE0-280D2752B71C}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=2912_4&babsrc=SP_ss&mntrId=b86fd1e3000000000000009c028d2302 >

< [2012.09.13 14:22:15 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} >

< [2012.09.14 17:16:46 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com >

< CHR - default_search_provider: Messenger Plus Smartbar (Enabled) >

< CHR - default_search_provider: search_url = http://feed.plusnetwork.com/?publisher=MessengerPl.....ddr&q={searchTerms}&t=a1031 >
Invalid Switch: ?publisher=MessengerPl.....ddr&q={searchTerms}&t=a1031

< CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, >

< >

< :Commands >

< [EMPTYFLASH] >

< [EMPTYJAVA] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:6CC69D3C

< End of report >

Nadam se da je ovo taj LOG.. to sam dobila kad je završio kao notepad.
Pootkačinjala sam extenzije,ali nije ih bilo preko 50 nego nekih 15tak..da se to ne nalazi negde gde ga ja ne vidim,možda?
A u vezi sa igricama.. možda su ranije klinci nešto skidali,ali sam udarila zabranu na to pa su prestali.Jedine igrice koje igramo su on-line,uglavnom one FB zezalice,tako da ja,brate dragi,pojma nemam gde su te igrice o kojima pričaš..kaži da brišem.
Odoh da obavim drugi deo domaćeg zadatka,a tebi do neba hvala što trošiš svoje vreme da mene neuku malo obučiš.

Dopuna: 01 Nov 2012 18:10

Počistila!
Sad,pošto kao zaštitu trenutno imam Kaspersky ali samo trial verziju,šta mi preporučuješ da skinem kad ovaj za 10tak dana istekne,ili odmah ako je tako bolje?

A evo vam i jedao upozorenje s moje strane.. Tek da pokažem da i ja znam nešto,a ujedno dam doprinos očuvanju sluha čovečanstva ;-)

Dopuna: 01 Nov 2012 19:06

Sad sam ponovo pretresla programe i obrisala još po neki,ali evo šta me buni.. Ovi koje ću navesti ili ne znam šta su ili čemu služe,pa te molim da mi kažeš da li i koji mogu da obrišem..
- ATI Catalyst Instal Manager
- Evernote v 4.2.3
- ffdshow v 1.2.4422
- Haali Media Splitter
- Messenger Plus!
- SweetIM for Messenger 3.7
- WinRAR 4.00 (32-bit)
Zatim,postoji neki HP Games -proizvođač Wild Tangent što isto ne znam šta je,a nikad nisam ni koristila.
Onda ovo - Windows Live Mesh ActiveX Control for Remote conection i isto to samo na srpskom
- Windows Live Mash ActiveX Kontrola za daljinske veze
Da li mogu jedan od ta dva da obrišem?

Dalje,sve sam pokušala što sam mogla u podešavanjima Chroma,ali nikako ne mogu da namestim da kad otvorim pretraživač imam ono polje za pretragu kao što je na početnoj strani Google-a,već mi stoje polja sa poslednjim stranicama na kojima sam bila..ono kao što izgleda kad podesiš na speed dial samo što nisu sajtovi koje ja podesim nego poslednji posećeni. Kad otvorim novu karticu,otvara mi speed dial,kako sam i htela. Kako to da popravim?

Hvala unapred..

Dopuna: 01 Nov 2012 20:53

Sad mi nešto pade na pamet,oko tih igrica koje pominješ. Jednom (možda i više puta) prilikom kad sam htela da neke fotke prebacim iz telefona u komp,on je pokupio sve moguće sa memorijske kartice,a u mobilnom imam neke silne igrice,večina ih se igra on-line,no jedno znam,jedu memoriju! Da se možda to ne očitava kao igrice u kompu? Ako jeste,kako to da pobrišem? I kad već pominjem to prebacivanje fotki iz fona u komp,kako se to pravilno radi,tj.,kako da prebacim određene fotke,a ne sve moguće što se nalazi na memorijskoj?

I opet.. Hvala!

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Lose si ispratila uputstvo za OTL koje sam ti dao. Pogledaj lepo moju poruku i detaljno prati uputstvo, korak po korak, recenicu po recenicu.

offline
  • Pridružio: 23 Okt 2012
  • Poruke: 208
  • Gde živiš: U prestonicU, bre.. ;)

Napisano: 02 Nov 2012 4:48

Jaooo DEBIL!!! RUN FIX ne RUN SCAN kao što sam ja uradila! Aj što ne razmišljam,al što bar ne čitam pažljivo?
Izvini molim te! Odoh da uradim ispravak domaćeg..

Dopuna: 02 Nov 2012 4:54

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Bar| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0627D973-2D0D-654C-233B-035A50816CAC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Page| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0627D973-2D0D-654C-233B-035A50816CAC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0627D973-2D0D-654C-233B-035A50816CAC}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{283A7FCC-AADB-B6C1-9406-3962D692BC4A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{283A7FCC-AADB-B6C1-9406-3962D692BC4A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6D024226-616F-4EE3-9BA8-77334E89C107}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D024226-616F-4EE3-9BA8-77334E89C107}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8D08FA72-A023-4976-9CE0-280D2752B71C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D08FA72-A023-4976-9CE0-280D2752B71C}\ not found.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\skin folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\myStuffDialogs folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com\searchplugins folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com\defaults\preferences folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com\defaults folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com\components folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com\chrome\superfish\skin folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com\chrome\superfish\content folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com\chrome\superfish folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com\chrome folder moved successfully.
C:\Users\Maya S.J\AppData\Roaming\mozilla\Firefox\Profiles\profile\extensions\specialsavings@superfish.com folder moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Maya S.J
->Flash cache emptied: 492 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Maya S.J
->Java cache emptied: 23346 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11022012_045141

Dopuna: 02 Nov 2012 4:58

Evo ga log,Bog me ubio nenormalnu!
Izvini molim te,ponovo..ja bih sebe do sada oterala znaš već gde da sam na tvom mestu!

(danas radim ceo dan,verovatno se do večeras neću pojaviti ovde..da znaš.da ne pomisliš nešto štatijaznam Very Happy )

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

- Pokreni alat OTL jos jednom i klikni na Clean Up.






DeMonna ::Sad,pošto kao zaštitu trenutno imam Kaspersky ali samo trial verziju,šta mi preporučuješ da skinem kad ovaj za 10tak dana istekne,ili odmah ako je tako bolje?


Instaliraj bilo koju zastitu.
Ako neces kupovati licencu za komercijalna resenja tipa Kaspersky, Norton, McAfee, itd, onda ti svakako preporucujem da instaliras neko od besplatnih resenja tipa Avast, Avira, AVG, Panda Cloud, MSE. Najbolji od njih ne postoji - ako je to tvoje sledece pitanje, pa bilo koji da odaberes, neces pogresiti.

U svakom slucaju, na sistemu uvek treba da imas aktivan samo jedan Anti-Virus, a kada hoces da uklonis AV sa sistema to obavezno radis uz pomoc njegovog uninstaller-a tj. iz Control Panel -> Programs and Features.



Citat:Sad sam ponovo pretresla programe i obrisala još po neki,ali evo šta me buni.. Ovi koje ću navesti ili ne znam šta su ili čemu služe,pa te molim da mi kažeš da li i koji mogu da obrišem..
- ATI Catalyst Instal Manager
- Evernote v 4.2.3
- ffdshow v 1.2.4422
- Haali Media Splitter
- Messenger Plus!
- SweetIM for Messenger 3.7
- WinRAR 4.00 (32-bit)



Messenger Plus! i SweetIM for Messenger 3.7 brisi ako ne koristis. Ja nisam hteo da ih diram jer sam mislio da ti trebaju.



Citat:Zatim,postoji neki HP Games -proizvođač Wild Tangent što isto ne znam šta je,a nikad nisam ni koristila.

Brisi.


Citat:Onda ovo - Windows Live Mesh ActiveX Control for Remote conection i isto to samo na srpskom
- Windows Live Mash ActiveX Kontrola za daljinske veze
Da li mogu jedan od ta dva da obrišem?



Brisi.

A evo i objasnjenje ako te zanima:

Citat:Live Mesh allows you to sync files across multiple devices such as a desktop computer, laptop, smartphone devices. The ActiveX control is an extension that used by Live Mesh when you are accessing your files on different devices through Internet Explorer.

According to Microsoft in case if you have two or more computers running Windows 7 or in that case Windows Vista, you can make use of Windows Live Mesh in order to sync program settings in between them. You can sync your favorites inside Internet Explorer, in addition to it if you have Microsoft Office installed, you will be able to sync your styles, templates, custom dictionary, and also in addition to it email signatures.

If you don't need this feature, you can uninstall it without it affecting your computer.








Citat:Dalje,sve sam pokušala što sam mogla u podešavanjima Chroma,ali nikako ne mogu da namestim da kad otvorim pretraživač imam ono polje za pretragu kao što je na početnoj strani Google-a,već mi stoje polja sa poslednjim stranicama na kojima sam bila..ono kao što izgleda kad podesiš na speed dial samo što nisu sajtovi koje ja podesim nego poslednji posećeni. Kad otvorim novu karticu,otvara mi speed dial,kako sam i htela. Kako to da popravim?

Ako su polja u stvari tab-ovi, tj. prilikom pokretanja ti Google Chrome prikaze sve tabove koji su bili otvoreni kada si GC zatovorila, onda uradi sledece:











Citat:Sad mi nešto pade na pamet,oko tih igrica koje pominješ. Jednom (možda i više puta) prilikom kad sam htela da neke fotke prebacim iz telefona u komp,on je pokupio sve moguće sa memorijske kartice,a u mobilnom imam neke silne igrice,večina ih se igra on-line,no jedno znam,jedu memoriju! Da se možda to ne očitava kao igrice u kompu? Ako jeste,kako to da pobrišem? I kad već pominjem to prebacivanje fotki iz fona u komp,kako se to pravilno radi,tj.,kako da prebacim određene fotke,a ne sve moguće što se nalazi na memorijskoj?


Sva pitanja koja imas, postavi u odgovarajucim forumima. Mi ovde u Ambulanti samo uklanjamo maliciozne programe, a ti iste nemas na sistemu. Tako da cemo diskusiju u ovoj temi morati da zavrsimo.


Znaci, za svaki problem koji imas izvrsi pretragu foruma, a ako to ne mozes, ne znas ili jednostavno ne mozes da pronadjes resenje - otvori novu temu i objasni problem.





Citat:
A evo vam i jedao upozorenje s moje strane.. Tek da pokažem da i ja znam nešto,a ujedno dam doprinos očuvanju sluha čovečanstva ;-)




He ... Mr. Green



Citat:I opet.. Hvala!


Nema na cemu. Ziveli






Pozdrav,
goran9888 (AMF Tim)

offline
  • Pridružio: 23 Okt 2012
  • Poruke: 208
  • Gde živiš: U prestonicU, bre.. ;)

Ok,skužila sve,ljubi me majka pametnu (hahaha)!
Hvala još zilion puta,svestan nisi šta si učinio za mene. Brljali mi po računaru kojekakvi samozvani znalci i tuke ništa nisu uradili,slali me čak da ga nosim u servis na reinstalaciju sitema..Da ne veruješ!
Veliki pozdrav i sve najbolje!!!

Ko je trenutno na forumu
 

Ukupno su 1354 korisnika na forumu :: 45 registrovanih, 4 sakrivenih i 1305 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 9k38, ajo baba, Alibaba1981, Andrija357, Areal84, bagor10, bufanje, cikadeda, darkangel, DPera, draganl, drimer, FileFinder, ikan, jackreacher011011, janbo, Karla, kikisp, Krvava Devetka, kuntalo, kybonacci, ljuba, Mcdado, mercedesamg, Milos ZA, milutin134, mocnijogurt, naki011, nemkea71, nextyamb, panzerwaffe, pein, raptorsi, Romibrat, skvara, Srle993, suton, Toper, Trpe Grozni, Vlada78, wolf431, YugoSlav, zbazin, zlaya011, Zoca