MyCity » Ambulanta -> Arhiva Ambulante » Trojanac preko USB-a

Trojanac preko USB-a

Napisano na dan: 17.5.2012

Trojanac preko USB-a

Sledeća strana

Pagination

Odgovori

vucko90 Poslao: 17 Maj 2012 19:33 Idi na vrh
offline vucko90 Novi MyCity građanin Pridružio: 17 Maj 2012 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pokupio sam ovog trojanaca (Win32/Spy.KeyLogger.NHI trojan) i stalno mi se pojavljuje na ovoj lokaciji C:\OptionalComponents\lsass.exe, tako mi prijavljuje NOD32. Imam 64-bitni Windows7. Cimer ima isti problem i jednom je greskom preneo meni virus preko usb-a, tako da je zarazio i moj laptop. Svaki put kada upalim laptop, radi par minuta i posle toga prijavljuje ovaj virus i ja ga obrisem, posle toga trazi restart, ali ja ne restartujem, jer se isto desava svaki put. Ne smeta pri normalnom radu, ali svaki put kada ubacim usb on pravi od foldera exe fajlove. Kada otvorim taj fajl on bude kao normalan folder, al postoji sansa da kad neko drugi ubaci taj usb predje virus na taj drugi komp. Instalirao sam OTL i evo sta mi je izbacio: OTL logfile created on: 17-May-12 7:16:31 PM - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Nikola\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: dd-MMM-yy 4.00 Gb Total Physical Memory \| 2.22 Gb Available Physical Memory \| 55.62% Memory free 7.99 Gb Paging File \| 5.95 Gb Available in Paging File \| 74.43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 149.04 Gb Total Space \| 8.29 Gb Free Space \| 5.56% Space Free \| Partition Type: NTFS Drive E: \| 146.48 Gb Total Space \| 6.63 Gb Free Space \| 4.53% Space Free \| Partition Type: NTFS Computer Name: NIKOLA-PC \| User Name: Nikola \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-05-17 19:16:03 \| 000,595,456 \| ---- \| M] (OldTimer Tools) -- C:\Users\Nikola\Desktop\OTL.exe PRC - [2012-04-28 04:07:02 \| 001,224,176 \| ---- \| M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-01-03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-10-05 15:57:50 \| 000,646,232 \| ---- \| M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe PRC - [2011-08-09 21:39:22 \| 000,974,944 \| ---- \| M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2010-11-03 12:16:10 \| 000,338,803 \| ---- \| M] () -- C:\OptionalComponents\lsass.exe PRC - [2010-01-08 15:15:24 \| 001,118,208 \| ---- \| M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtWLan.exe PRC - [2009-12-07 14:49:24 \| 000,040,960 \| ---- \| M] (Realtek) -- C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe PRC - [2009-07-31 17:54:56 \| 001,194,504 \| ---- \| M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009-06-04 20:03:32 \| 000,186,904 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009-06-04 20:03:06 \| 000,354,840 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008-07-29 20:29:26 \| 000,200,704 \| ---- \| M] () -- C:\Windows\PLFSetI.exe ========== Modules (No Company Name) ========== MOD - [2012-04-28 04:07:01 \| 000,444,400 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll MOD - [2012-04-28 04:06:59 \| 003,915,248 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll MOD - [2012-04-28 04:05:34 \| 000,122,880 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\avutil-51.dll MOD - [2012-04-28 04:05:33 \| 000,220,672 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\avformat-53.dll MOD - [2012-04-28 04:05:32 \| 001,747,456 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll MOD - [2012-04-28 03:09:18 \| 008,743,584 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll MOD - [2011-10-05 15:57:50 \| 000,646,232 \| ---- \| M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe MOD - [2010-11-03 12:16:10 \| 000,338,803 \| ---- \| M] () -- C:\OptionalComponents\lsass.exe MOD - [2008-07-29 20:29:26 \| 000,200,704 \| ---- \| M] () -- C:\Windows\PLFSetI.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011-08-09 21:39:22 \| 000,974,944 \| ---- \| M] (ESET) [Auto \| Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2010-10-26 23:42:16 \| 005,790,064 \| ---- \| M] (Wacom Technology, Corp.) [Auto \| Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:64bit: - [2010-10-26 23:42:16 \| 000,487,280 \| ---- \| M] (Wacom Technology, Corp.) [Auto \| Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:64bit: - [2009-07-17 18:20:34 \| 000,864,032 \| ---- \| M] (Broadcom Corporation.) [Auto \| Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2009-07-14 03:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009-07-14 03:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009-06-07 00:30:18 \| 000,203,264 \| ---- \| M] (AMD) [Auto \| Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009-03-27 19:10:16 \| 000,016,896 \| ---- \| M] (LSI Corporation) [Auto \| Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV - [2012-05-08 11:19:12 \| 000,257,696 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-08 11:14:53 \| 000,129,976 \| ---- \| M] (Mozilla Foundation) [On_Demand \| Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-01-03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-03-18 13:16:28 \| 000,130,384 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-07 14:49:24 \| 000,040,960 \| ---- \| M] (Realtek) [Auto \| Running] -- C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe -- (Realtek87B) SRV - [2009-10-29 21:26:39 \| 000,654,848 \| ---- \| M] (Macrovision Europe Ltd.) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-09-23 17:37:30 \| 000,051,168 \| ---- \| M] (NOS Microsystems Ltd.) [On_Demand \| Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) @C:\Program Files (x86) SRV - [2009-06-10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-04 20:03:06 \| 000,354,840 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012-03-08 18:40:52 \| 000,048,488 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012-03-01 08:46:16 \| 000,023,408 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011-11-01 14:04:16 \| 000,834,544 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2011-08-09 13:57:12 \| 000,202,576 \| ---- \| M] (ESET) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2011-08-04 09:20:38 \| 000,146,432 \| ---- \| M] (ESET) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2011-08-04 09:20:38 \| 000,137,144 \| ---- \| M] (ESET) [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:64bit: - [2011-03-11 08:41:12 \| 000,107,904 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 08:41:12 \| 000,027,008 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010-11-20 15:33:35 \| 000,078,720 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-11-20 13:07:05 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010-10-11 21:19:36 \| 000,018,288 \| ---- \| M] (Wacom Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2010-10-11 21:19:28 \| 000,012,848 \| ---- \| M] (Wacom Technology) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:64bit: - [2010-10-11 21:19:26 \| 000,016,168 \| ---- \| M] (Wacom Technology) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2010-02-12 21:30:26 \| 000,145,360 \| ---- \| M] (Sun Microsystems, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010-02-05 19:55:37 \| 000,314,016 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2010-02-05 19:55:37 \| 000,043,680 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010-01-22 12:00:00 \| 000,448,512 \| R--- \| M] (Realtek Semiconductor Corporation ) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\rtl8187.sys -- (RTL8187) DRV:64bit: - [2009-10-05 17:34:00 \| 001,542,656 \| ---- \| M] (Atheros Communications, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009-07-27 04:54:30 \| 000,090,544 \| ---- \| M] (PowerISO Computing, Inc.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2009-07-14 03:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 03:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 03:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-02 04:46:52 \| 000,098,344 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009-07-02 04:46:48 \| 000,132,648 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009-07-02 04:46:40 \| 000,021,160 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009-06-29 17:38:56 \| 000,272,432 \| ---- \| M] (Synaptics Incorporated) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009-06-20 05:35:00 \| 000,317,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009-06-10 22:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 22:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 22:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009-06-07 01:09:14 \| 006,030,848 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009-06-04 19:54:36 \| 000,408,600 \| ---- \| M] (Intel Corporation) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009-06-04 17:46:50 \| 000,216,064 \| ---- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009-04-08 07:33:08 \| 000,035,104 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009-04-06 18:31:08 \| 001,208,320 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009-02-22 19:12:28 \| 000,228,400 \| ---- \| M] (Alps Electric Co., Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2009-07-14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{DB663C59-0F1A-4B93-B5E2-FA8130DA7F16}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 83 7B B6 02 43 CC 01 [binary data] IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\InprocServer32 File not found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = startsear.ch/?aff=1&src=sp&cf=52226.....d9d&q={searchTerms} IE - HKCU\..\SearchScopes\{DB663C59-0F1A-4B93-B5E2-FA8130DA7F16}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{E271A525-B51A-4DF8-9A12-C42F064E9483}: "URL" = search.yahoo.com/search?fr=chr-greentree_ie.....316&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = .local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.uns.ac.rs:8080 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1&cf=52226365-f9bd-11e0-8580-001f16c91d9d" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {40a1f5d7-afc2-498f-b264-02668d616ff6}:1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=52226365-f9bd-11e0-8580-001f16c91d9d&q=" FF - prefs.js..network.proxy.backup.ftp: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-05-08 11:14:53 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-15 15:51:43 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-08-17 16:59:42 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-16 17:09:00 \| 000,000,000 \| ---D \| M] [2009-10-26 18:45:07 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Nikola\AppData\Roaming\Mozilla\Extensions [2012-05-04 09:56:25 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\extensions [2010-12-13 15:09:32 \| 000,000,000 \| ---D \| M] (Mega Manager Integration) -- C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} [2009-11-07 14:39:28 \| 000,000,000 \| ---D \| M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2012-01-19 21:18:34 \| 000,000,792 \| ---- \| M] () -- C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\searchplugins\startsear.xml [2011-11-24 18:13:44 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-05-08 11:14:52 \| 000,097,208 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-05-04 04:52:23 \| 000,476,904 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03 11:14:54 \| 000,083,456 \| ---- \| M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2012-02-27 14:08:47 \| 000,002,252 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-02-27 14:08:47 \| 000,002,040 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\nprpjplug.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Angry Birds = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\ CHR - Extension: Silver Bird = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic\1.9.8.8_0\ CHR - Extension: Mail Checker Plus for Google Mail\u2122 = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe\1.2.3.7_0\ CHR - Extension: Isoball 3 = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.2.1_0\ CHR - Extension: Hattrick.org = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohmmkkmbfkfmohdekjhbdoldjhdlhbj\1.6_0\ CHR - Extension: vshare plugin = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: G+me for Google Plus\u2122 = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacdcllhgpddmlnhajiacfakhlilbicp\6.0.3_0\ O1 HOSTS File: ([2009-06-10 23:00:26 \| 000,000,824 \| ---- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found O4 - Startup: C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk = C:\configuration\configuration.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66CCA8A7-EB53-4A84-BC0E-B28C99DA2CD5}: DhcpNameServer = 172.16.219.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A72BB92-C03A-45A0-ABDB-A861CB52EDC8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C40C1B1D-6415-4551-941C-EE008AF458E5}: DhcpNameServer = 217.65.192.101 217.65.192.102 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (C:\Windows\SYSTEM32\RtlGina\RtlGina.DLL) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012-05-17 19:15:40 \| 000,595,456 \| ---- \| C] (OldTimer Tools) -- C:\Users\Nikola\Desktop\OTL.exe [2012-05-16 18:31:09 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Roaming\Malwarebytes [2012-05-16 18:30:59 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2012-05-16 10:41:32 \| 000,000,000 \| RHSD \| C] -- C:\configuration [2012-05-16 10:41:28 \| 000,000,000 \| RHSD \| C] -- C:\OptionalComponents [2012-05-14 19:39:28 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012-05-14 19:38:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Silverlight [2012-05-14 19:38:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Microsoft Silverlight [2012-05-10 17:02:28 \| 000,000,000 \| ---D \| C] -- C:\New folder [2012-05-10 13:28:16 \| 001,544,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012-05-10 13:27:09 \| 005,559,664 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-05-10 13:27:03 \| 003,968,368 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-05-10 13:27:02 \| 003,913,072 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-05-08 11:19:03 \| 008,744,608 \| ---- \| C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-05-08 11:14:55 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Mozilla [2012-05-08 11:14:54 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-04-26 10:49:50 \| 000,419,488 \| ---- \| C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-04-22 10:49:23 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{A4C11BE3-DDA7-49A3-B8F4-D9D971B71EA2} [2012-04-22 10:49:00 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{BCC32C97-8102-4D49-85D5-4BB72A50D610} [2012-04-21 16:03:48 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{F776B659-AAB5-4087-BAA3-10CCFD06F2F7} [2012-04-21 16:03:33 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{E34325D6-B9B4-46AC-A23B-AADB75EA7A60} [2012-04-21 15:50:17 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{FF08AE03-5173-4F37-8971-9FD747AEE30E} [2012-04-21 12:24:15 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{5B7A59BB-C587-4CB7-8A52-02FFDF57D0EF} [2012-04-21 12:09:29 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{912E23BD-32DE-4AA9-A7CA-906367F86035} [2012-04-20 22:42:33 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{006742FB-73BA-41CE-BF68-F9349DB8BA4A} [2012-04-20 22:41:13 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{11E9964F-1DD8-47D7-9D30-C150E1A7F89E} [2012-04-20 20:01:40 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{B0FDF2E9-2431-43DB-8E05-5D6D06E3255D} [2012-04-20 03:51:29 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{C823DC19-3336-44DC-BF15-C8D09A3B2661} [2012-04-19 15:50:33 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{57E51271-21DA-4ED7-AA33-F654AF3F0E95} [2012-04-19 15:50:03 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{0410BFBE-404F-4788-AC3E-6E038E37D1CD} [2012-04-19 09:15:55 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{122D8675-B8AD-4BF0-87DB-B7E6C2C8D226} [2012-04-18 23:19:51 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{2D8EE6C0-C73A-4D92-9255-438DBEF8D3A1} [2012-04-18 13:00:38 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\Desktop\Masine [2012-04-18 10:46:53 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{6A70632C-8D45-415E-95DE-6EB36D831908} [2012-04-18 10:45:35 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{CF937A79-274E-47D6-9FAE-8715F5DDDF77} [2012-04-17 22:57:27 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{8B6C9E54-4078-40B8-9377-A5CBC913F559} [3 C:\Users\Nikola\Desktop\.tmp files -> C:\Users\Nikola\Desktop\.tmp -> ] [2 C:\Windows\SysWow64\.tmp files -> C:\Windows\SysWow64\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-05-17 19:25:00 \| 000,000,898 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-17 19:18:00 \| 000,000,830 \| ---- \| M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-05-17 19:16:03 \| 000,595,456 \| ---- \| M] (OldTimer Tools) -- C:\Users\Nikola\Desktop\OTL.exe [2012-05-17 19:09:21 \| 000,000,442 \| -H-- \| M] () -- C:\Windows\tasks\Windows Driver Foundation.job [2012-05-17 18:58:15 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012-05-17 18:16:48 \| 000,013,984 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-17 18:16:48 \| 000,013,984 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-17 18:15:25 \| 031,615,300 \| ---- \| M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-17 18:15:24 \| 011,137,874 \| ---- \| M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-17 18:15:24 \| 000,005,574 \| ---- \| M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-17 18:07:58 \| 000,000,894 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-17 18:07:38 \| 3217,231,872 \| -HS- \| M] () -- C:\hiberfil.sys [2012-05-16 12:00:01 \| 000,000,648 \| ---- \| M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012-05-16 12:00:01 \| 000,000,648 \| ---- \| M] () -- C:\Users\Nikola\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2012-05-16 10:41:32 \| 000,000,583 \| ---- \| M] () -- C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk [2012-05-15 11:25:29 \| 000,633,902 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Fotografija0193.jpg [2012-05-11 17:01:00 \| 000,209,050 \| ---- \| M] () -- C:\Users\Nikola\Desktop\auguri_Umberto.jpg [2012-05-10 19:53:22 \| 000,001,290 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Company of Heroes.lnk [2012-05-10 14:03:56 \| 002,343,688 \| ---- \| M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-10 12:05:58 \| 001,773,005 \| ---- \| M] () -- C:\Users\Nikola\Desktop\IMG_1997.JPG [2012-05-08 11:19:11 \| 000,419,488 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-05-08 11:19:11 \| 000,070,304 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-05-08 11:19:03 \| 008,744,608 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-05-07 16:02:38 \| 000,001,290 \| ---- \| M] () -- C:\Users\Nikola\Desktop\RelicCOH.lnk [2012-05-04 15:12:54 \| 012,201,781 \| ---- \| M] () -- C:\Users\Nikola\Desktop\ottoman pack -1 05.05.2012.rar [2012-05-04 10:27:28 \| 000,002,344 \| ---- \| M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-04-24 15:39:00 \| 006,531,534 \| ---- \| M] () -- C:\Users\Nikola\Desktop\masine2rokovi.rar [2012-04-24 15:38:40 \| 005,934,160 \| ---- \| M] () -- C:\Users\Nikola\Desktop\masine2rokovi1.rar [2012-04-23 17:23:07 \| 000,000,882 \| ---- \| M] () -- C:\Users\Public\Desktop\GOM Player.lnk [2012-04-23 17:23:07 \| 000,000,882 \| ---- \| M] () -- C:\Users\Nikola\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk [2012-04-23 16:38:56 \| 000,112,513 \| ---- \| M] () -- C:\Users\Nikola\Desktop\voucher_popusti_rs_2012-04-23_402990.pdf [2012-04-22 20:09:48 \| 014,078,761 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Masine.rar [2012-04-18 18:01:03 \| 016,607,431 \| ---- \| M] () -- C:\Users\Nikola\Desktop\industrijski_dizajn_-_nastava.rar [2012-04-18 17:53:27 \| 002,174,893 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Engleski.rar [3 C:\Users\Nikola\Desktop\.tmp files -> C:\Users\Nikola\Desktop\.tmp -> ] [2 C:\Windows\SysWow64\.tmp files -> C:\Windows\SysWow64\.tmp -> ] ========== Files Created - No Company Name ========== [2012-05-17 10:42:07 \| 007,630,703 \| ---- \| C] () -- C:\Users\Nikola\Desktop\EM_AM.pdf [2012-05-16 10:41:32 \| 000,000,583 \| ---- \| C] () -- C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk [2012-05-15 11:25:04 \| 000,633,902 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Fotografija0193.jpg [2012-05-11 17:00:58 \| 000,209,050 \| ---- \| C] () -- C:\Users\Nikola\Desktop\auguri_Umberto.jpg [2012-05-11 16:41:28 \| 001,773,005 \| ---- \| C] () -- C:\Users\Nikola\Desktop\IMG_1997.JPG [2012-05-10 19:53:22 \| 000,001,290 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Company of Heroes.lnk [2012-05-04 15:12:28 \| 012,201,781 \| ---- \| C] () -- C:\Users\Nikola\Desktop\ottoman pack -1 05.05.2012.rar [2012-04-26 10:49:51 \| 000,000,830 \| ---- \| C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-24 16:20:14 \| 000,900,134 \| ---- \| C] () -- C:\Users\Nikola\Desktop\DSC00395.jpg [2012-04-24 16:20:13 \| 000,832,682 \| ---- \| C] () -- C:\Users\Nikola\Desktop\DSC00394.JPG [2012-04-24 16:20:11 \| 000,712,203 \| ---- \| C] () -- C:\Users\Nikola\Desktop\DSC00393.JPG [2012-04-24 15:38:39 \| 006,531,534 \| ---- \| C] () -- C:\Users\Nikola\Desktop\masine2rokovi.rar [2012-04-24 15:38:19 \| 005,934,160 \| ---- \| C] () -- C:\Users\Nikola\Desktop\masine2rokovi1.rar [2012-04-23 17:23:07 \| 000,000,882 \| ---- \| C] () -- C:\Users\Public\Desktop\GOM Player.lnk [2012-04-23 16:38:54 \| 000,112,513 \| ---- \| C] () -- C:\Users\Nikola\Desktop\voucher_popusti_rs_2012-04-23_402990.pdf [2012-04-22 20:09:12 \| 014,078,761 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Masine.rar [2012-04-18 18:00:03 \| 016,607,431 \| ---- \| C] () -- C:\Users\Nikola\Desktop\industrijski_dizajn_-_nastava.rar [2012-04-18 17:52:54 \| 002,174,893 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Engleski.rar [2012-02-15 19:50:33 \| 000,000,025 \| ---- \| C] () -- C:\Windows\libem.INI [2012-01-21 19:02:32 \| 000,451,072 \| ---- \| C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2012-01-17 19:16:50 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{A35C7413-D39D-400F-97E0-BCE0ED279A6C} [2011-07-10 15:55:39 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{B3511516-044A-4CC1-AEC4-BA757AA7BAD2} [2011-07-05 13:09:59 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{A2BC8113-7EF5-4D20-95F4-E8760D07A947} [2011-07-03 16:06:19 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{C4522F02-779B-48B6-A331-38F17DEC42BD} [2011-06-29 21:26:38 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{0C4985EE-7BC6-4352-A8AE-B3E3F442664D} [2011-06-22 12:19:47 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{2C8E5CD8-B46F-434E-AD50-9167471A6649} [2011-06-22 12:17:49 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{F1AD94C6-4FCE-463A-A5BB-D2DFD57FC0EE} [2011-06-14 12:22:59 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{30DE00FB-1CEB-48B8-A587-743C9E3B7AED} [2011-06-09 14:05:29 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{6F85260F-7AAF-4159-A7F1-524189210E56} [2011-06-07 20:25:04 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{72B774CC-7445-4252-B3F7-C9721A1B8CC6} [2011-05-23 20:08:38 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{108DCDEC-700F-4B50-AA1C-10C33AD6D77D} [2011-04-09 18:55:28 \| 000,179,261 \| ---- \| C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010-11-28 00:52:23 \| 000,006,144 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-15 19:50:48 \| 000,034,308 \| ---- \| C] () -- C:\Windows\SysWow64\BASSMOD.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:F35A93AD < End of report > Hvala unapred mycity.rs/must-login.png

Profil

Sass Drake Poslao: 18 Maj 2012 00:04 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! U toku rješavanja slučaja, zamolio bih te da se pridržavaš sledećeg: Detaljno čitati moja uputstva ( ili uputstva kolega koji će me zamjenjivati) i raditi isključivo po njima; Ne tražiti istovremeno pomoć na drugom mjestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budeš dobio uputstvo; U toku intervencije ne koristiti USB memorijske uređaje, dok to ne budem zatražio; Ukoliko ne odgovorim u roku od 48h, osvježi temu novim post-om; Ukoliko se ne javiš u roku od 5 dana, zatvorićemo slučaj. Za više informacija o pravilima Ambulante MyCity foruma: LINK Korak 1 Ponovo pokreni program OTL dvoklikom na ikonu. U bijeli okvir prozora gdje piše Custom Scans/Fixes iskopirati sljedeći tekst: :files C:\OptionalComponents C:\configuration C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk :OTL IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\InprocServer32 File not found FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1&cf=52226365-f9bd-11e0-8580-001f16c91d9d" FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=52226365-f9bd-11e0-8580-001f16c91d9d&q=" [2012-01-19 21:18:34 \| 000,000,792 \| ---- \| M] () -- C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\searchplugins\startsear.xml :commands [purity] [emptytemp] [emptyflash] [emptyjava] [reboot] Klikni taster Run Fix; Izvještaj koji dobiješ iskopiraj ovde u poruci. Korak 2 Opet pokreni program OTL dvoklikom na ikonu. klikni Run Scan; po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u. Priloži izvještaj OTL.txt uz poruku korišćenjem opcije Prikači fajl.

Profil

vucko90 Poslao: 18 Maj 2012 12:10 Idi na vrh
offline vucko90 Novi MyCity građanin Pridružio: 17 Maj 2012 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 18 Maj 2012 12:07 Uradio sam ta dva koraka, evo izvestaja: All processes killed ========== FILES ========== C:\OptionalComponents\4E696B6F6C61 folder moved successfully. C:\OptionalComponents folder moved successfully. C:\configuration folder moved successfully. C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk moved successfully. ========== OTL ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully. Prefs.js: "http://startsear.ch/?aff=1&cf=52226365-f9bd-11e0-8580-001f16c91d9d" removed from browser.startup.homepage Prefs.js: "http://startsear.ch/?aff=1&src=sp&cf=52226365-f9bd-11e0-8580-001f16c91d9d&q=" removed from keyword.URL C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\searchplugins\startsear.xml moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Nikola ->Temp folder emptied: 3309049567 bytes ->Temporary Internet Files folder emptied: 262115412 bytes ->Java cache emptied: 1839553 bytes ->FireFox cache emptied: 629137781 bytes ->Google Chrome cache emptied: 283294921 bytes ->Flash cache emptied: 8513739 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 1619120 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1083973931 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 5,321.00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Nikola ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYJAVA] User: All Users User: Default User: Default User User: Nikola ->Java cache emptied: 0 bytes User: Public Total Java Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.43.0 log created on 05182012_114522 Files\Folders moved on Reboot... C:\Users\Nikola\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... . OTL logfile created on: 18-May-12 11:56:14 AM - Run 2 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Nikola\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: dd-MMM-yy 4.00 Gb Total Physical Memory \| 2.52 Gb Available Physical Memory \| 62.96% Memory free 7.99 Gb Paging File \| 6.30 Gb Available in Paging File \| 78.86% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 149.04 Gb Total Space \| 13.53 Gb Free Space \| 9.08% Space Free \| Partition Type: NTFS Drive E: \| 146.48 Gb Total Space \| 6.63 Gb Free Space \| 4.53% Space Free \| Partition Type: NTFS Computer Name: NIKOLA-PC \| User Name: Nikola \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-05-17 19:16:03 \| 000,595,456 \| ---- \| M] (OldTimer Tools) -- C:\Users\Nikola\Desktop\OTL.exe PRC - [2012-05-09 05:04:54 \| 001,240,048 \| ---- \| M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-01-03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-10-05 15:57:50 \| 000,646,232 \| ---- \| M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe PRC - [2011-08-09 21:39:22 \| 000,974,944 \| ---- \| M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2010-01-08 15:15:24 \| 001,118,208 \| ---- \| M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtWLan.exe PRC - [2009-12-07 14:49:24 \| 000,040,960 \| ---- \| M] (Realtek) -- C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe PRC - [2009-07-31 17:54:56 \| 001,194,504 \| ---- \| M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009-06-04 20:03:32 \| 000,186,904 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009-06-04 20:03:06 \| 000,354,840 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008-07-29 20:29:26 \| 000,200,704 \| ---- \| M] () -- C:\Windows\PLFSetI.exe ========== Modules (No Company Name) ========== MOD - [2012-05-09 05:04:52 \| 000,441,840 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppgooglenaclpluginchrome.dll MOD - [2012-05-09 05:04:51 \| 003,921,904 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll MOD - [2012-05-09 05:03:36 \| 000,553,456 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libglesv2.dll MOD - [2012-05-09 05:03:35 \| 000,117,744 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libegl.dll MOD - [2012-05-09 05:03:25 \| 000,134,656 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avutil-51.dll MOD - [2012-05-09 05:03:24 \| 000,250,368 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avformat-54.dll MOD - [2012-05-09 05:03:23 \| 002,375,680 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll MOD - [2012-05-09 04:09:13 \| 008,743,584 \| ---- \| M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll MOD - [2011-10-05 15:57:50 \| 000,646,232 \| ---- \| M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe MOD - [2008-07-29 20:29:26 \| 000,200,704 \| ---- \| M] () -- C:\Windows\PLFSetI.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011-08-09 21:39:22 \| 000,974,944 \| ---- \| M] (ESET) [Auto \| Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2010-10-26 23:42:16 \| 005,790,064 \| ---- \| M] (Wacom Technology, Corp.) [Auto \| Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:64bit: - [2010-10-26 23:42:16 \| 000,487,280 \| ---- \| M] (Wacom Technology, Corp.) [Auto \| Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:64bit: - [2009-07-17 18:20:34 \| 000,864,032 \| ---- \| M] (Broadcom Corporation.) [Auto \| Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2009-07-14 03:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009-07-14 03:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009-06-07 00:30:18 \| 000,203,264 \| ---- \| M] (AMD) [Auto \| Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009-03-27 19:10:16 \| 000,016,896 \| ---- \| M] (LSI Corporation) [Auto \| Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV - [2012-05-08 11:19:12 \| 000,257,696 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-08 11:14:53 \| 000,129,976 \| ---- \| M] (Mozilla Foundation) [On_Demand \| Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-01-03 15:10:42 \| 000,063,928 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-03-18 13:16:28 \| 000,130,384 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-07 14:49:24 \| 000,040,960 \| ---- \| M] (Realtek) [Auto \| Running] -- C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe -- (Realtek87B) SRV - [2009-10-29 21:26:39 \| 000,654,848 \| ---- \| M] (Macrovision Europe Ltd.) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-09-23 17:37:30 \| 000,051,168 \| ---- \| M] (NOS Microsystems Ltd.) [On_Demand \| Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) @C:\Program Files (x86) SRV - [2009-06-10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-04 20:03:06 \| 000,354,840 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012-03-08 18:40:52 \| 000,048,488 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012-03-01 08:46:16 \| 000,023,408 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011-11-01 14:04:16 \| 000,834,544 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2011-08-09 13:57:12 \| 000,202,576 \| ---- \| M] (ESET) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2011-08-04 09:20:38 \| 000,146,432 \| ---- \| M] (ESET) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2011-08-04 09:20:38 \| 000,137,144 \| ---- \| M] (ESET) [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:64bit: - [2011-03-11 08:41:12 \| 000,107,904 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 08:41:12 \| 000,027,008 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010-11-20 15:33:35 \| 000,078,720 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-11-20 13:07:05 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010-10-11 21:19:36 \| 000,018,288 \| ---- \| M] (Wacom Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2010-10-11 21:19:28 \| 000,012,848 \| ---- \| M] (Wacom Technology) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:64bit: - [2010-10-11 21:19:26 \| 000,016,168 \| ---- \| M] (Wacom Technology) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2010-02-12 21:30:26 \| 000,145,360 \| ---- \| M] (Sun Microsystems, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010-02-05 19:55:37 \| 000,314,016 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2010-02-05 19:55:37 \| 000,043,680 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010-01-22 12:00:00 \| 000,448,512 \| R--- \| M] (Realtek Semiconductor Corporation ) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\rtl8187.sys -- (RTL8187) DRV:64bit: - [2009-10-05 17:34:00 \| 001,542,656 \| ---- \| M] (Atheros Communications, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009-07-27 04:54:30 \| 000,090,544 \| ---- \| M] (PowerISO Computing, Inc.) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2009-07-14 03:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 03:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 03:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-02 04:46:52 \| 000,098,344 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009-07-02 04:46:48 \| 000,132,648 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009-07-02 04:46:40 \| 000,021,160 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009-06-29 17:38:56 \| 000,272,432 \| ---- \| M] (Synaptics Incorporated) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009-06-20 05:35:00 \| 000,317,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009-06-10 22:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 22:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 22:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009-06-07 01:09:14 \| 006,030,848 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009-06-04 19:54:36 \| 000,408,600 \| ---- \| M] (Intel Corporation) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009-06-04 17:46:50 \| 000,216,064 \| ---- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009-04-08 07:33:08 \| 000,035,104 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009-04-06 18:31:08 \| 001,208,320 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009-02-22 19:12:28 \| 000,228,400 \| ---- \| M] (Alps Electric Co., Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2009-07-14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{DB663C59-0F1A-4B93-B5E2-FA8130DA7F16}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 83 7B B6 02 43 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = startsear.ch/?aff=1&src=sp&cf=52226.....d9d&q={searchTerms} IE - HKCU\..\SearchScopes\{DB663C59-0F1A-4B93-B5E2-FA8130DA7F16}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{E271A525-B51A-4DF8-9A12-C42F064E9483}: "URL" = search.yahoo.com/search?fr=chr-greentree_ie.....316&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = .local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.uns.ac.rs:8080 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {40a1f5d7-afc2-498f-b264-02668d616ff6}:1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..network.proxy.backup.ftp: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "proxy.uns.ac.rs" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-05-08 11:14:53 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-15 15:51:43 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-08-17 16:59:42 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-16 17:09:00 \| 000,000,000 \| ---D \| M] [2009-10-26 18:45:07 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Nikola\AppData\Roaming\Mozilla\Extensions [2012-05-04 09:56:25 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\extensions [2010-12-13 15:09:32 \| 000,000,000 \| ---D \| M] (Mega Manager Integration) -- C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} [2009-11-07 14:39:28 \| 000,000,000 \| ---D \| M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Nikola\AppData\Roaming\Mozilla\Firefox\Profiles\dhk2zgqg.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011-11-24 18:13:44 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-05-08 11:14:52 \| 000,097,208 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-05-04 04:52:23 \| 000,476,904 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03 11:14:54 \| 000,083,456 \| ---- \| M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2012-02-27 14:08:47 \| 000,002,252 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-02-27 14:08:47 \| 000,002,040 \| ---- \| M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\nprpjplug.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Angry Birds = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\ CHR - Extension: Silver Bird = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic\1.9.8.8_0\ CHR - Extension: Mail Checker Plus for Google Mail\u2122 = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe\1.2.3.7_0\ CHR - Extension: Isoball 3 = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.2.1_0\ CHR - Extension: Hattrick.org = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohmmkkmbfkfmohdekjhbdoldjhdlhbj\1.6_0\ CHR - Extension: vshare plugin = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: G+me for Google Plus\u2122 = C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacdcllhgpddmlnhajiacfakhlilbicp\6.0.3_0\ O1 HOSTS File: ([2009-06-10 23:00:26 \| 000,000,824 \| ---- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66CCA8A7-EB53-4A84-BC0E-B28C99DA2CD5}: DhcpNameServer = 172.16.219.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A72BB92-C03A-45A0-ABDB-A861CB52EDC8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C40C1B1D-6415-4551-941C-EE008AF458E5}: DhcpNameServer = 217.65.192.101 217.65.192.102 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (C:\Windows\SYSTEM32\RtlGina\RtlGina.DLL) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012-05-18 11:45:22 \| 000,000,000 \| ---D \| C] -- C:\_OTL [2012-05-18 09:01:59 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\Desktop\virus [2012-05-17 19:15:40 \| 000,595,456 \| ---- \| C] (OldTimer Tools) -- C:\Users\Nikola\Desktop\OTL.exe [2012-05-16 18:31:09 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Roaming\Malwarebytes [2012-05-16 18:30:59 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2012-05-14 19:39:28 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012-05-14 19:38:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Silverlight [2012-05-14 19:38:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Microsoft Silverlight [2012-05-10 17:02:28 \| 000,000,000 \| ---D \| C] -- C:\New folder [2012-05-10 13:28:16 \| 001,544,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012-05-10 13:27:09 \| 005,559,664 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-05-10 13:27:03 \| 003,968,368 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-05-10 13:27:02 \| 003,913,072 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-05-08 11:19:03 \| 008,744,608 \| ---- \| C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-05-08 11:14:55 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Mozilla [2012-05-08 11:14:54 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-04-26 10:49:50 \| 000,419,488 \| ---- \| C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-04-22 10:49:23 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{A4C11BE3-DDA7-49A3-B8F4-D9D971B71EA2} [2012-04-22 10:49:00 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{BCC32C97-8102-4D49-85D5-4BB72A50D610} [2012-04-21 16:03:48 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{F776B659-AAB5-4087-BAA3-10CCFD06F2F7} [2012-04-21 16:03:33 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{E34325D6-B9B4-46AC-A23B-AADB75EA7A60} [2012-04-21 15:50:17 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{FF08AE03-5173-4F37-8971-9FD747AEE30E} [2012-04-21 12:24:15 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{5B7A59BB-C587-4CB7-8A52-02FFDF57D0EF} [2012-04-21 12:09:29 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{912E23BD-32DE-4AA9-A7CA-906367F86035} [2012-04-20 22:42:33 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{006742FB-73BA-41CE-BF68-F9349DB8BA4A} [2012-04-20 22:41:13 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{11E9964F-1DD8-47D7-9D30-C150E1A7F89E} [2012-04-20 20:01:40 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{B0FDF2E9-2431-43DB-8E05-5D6D06E3255D} [2012-04-20 03:51:29 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{C823DC19-3336-44DC-BF15-C8D09A3B2661} [2012-04-19 15:50:33 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{57E51271-21DA-4ED7-AA33-F654AF3F0E95} [2012-04-19 15:50:03 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{0410BFBE-404F-4788-AC3E-6E038E37D1CD} [2012-04-19 09:15:55 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{122D8675-B8AD-4BF0-87DB-B7E6C2C8D226} [2012-04-18 23:19:51 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\AppData\Local\{2D8EE6C0-C73A-4D92-9255-438DBEF8D3A1} [2012-04-18 13:00:38 \| 000,000,000 \| ---D \| C] -- C:\Users\Nikola\Desktop\Masine [3 C:\Users\Nikola\Desktop\.tmp files -> C:\Users\Nikola\Desktop\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-05-18 12:00:50 \| 000,013,984 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-18 12:00:50 \| 000,013,984 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-18 11:59:21 \| 031,692,172 \| ---- \| M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-18 11:59:20 \| 011,165,378 \| ---- \| M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-18 11:59:20 \| 000,005,574 \| ---- \| M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-18 11:53:25 \| 000,000,894 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-18 11:53:15 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2012-05-18 11:53:08 \| 3217,231,872 \| -HS- \| M] () -- C:\hiberfil.sys [2012-05-18 09:25:21 \| 000,000,898 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-18 09:18:00 \| 000,000,830 \| ---- \| M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-05-18 09:09:07 \| 000,000,442 \| -H-- \| M] () -- C:\Windows\tasks\Windows Driver Foundation.job [2012-05-18 08:53:24 \| 000,674,445 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Sirinski modulator.pdf [2012-05-18 08:38:30 \| 000,031,470 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Capture.JPG [2012-05-18 08:38:21 \| 000,032,519 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Capture1.JPG [2012-05-17 19:28:43 \| 000,002,344 \| ---- \| M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-05-17 19:16:03 \| 000,595,456 \| ---- \| M] (OldTimer Tools) -- C:\Users\Nikola\Desktop\OTL.exe [2012-05-16 12:00:01 \| 000,000,648 \| ---- \| M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012-05-16 12:00:01 \| 000,000,648 \| ---- \| M] () -- C:\Users\Nikola\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2012-05-15 11:25:29 \| 000,633,902 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Fotografija0193.jpg [2012-05-11 17:01:00 \| 000,209,050 \| ---- \| M] () -- C:\Users\Nikola\Desktop\auguri_Umberto.jpg [2012-05-10 19:53:22 \| 000,001,290 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Company of Heroes.lnk [2012-05-10 14:03:56 \| 002,343,688 \| ---- \| M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-10 12:05:58 \| 001,773,005 \| ---- \| M] () -- C:\Users\Nikola\Desktop\IMG_1997.JPG [2012-05-08 11:19:11 \| 000,419,488 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-05-08 11:19:11 \| 000,070,304 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-05-08 11:19:03 \| 008,744,608 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-05-07 16:02:38 \| 000,001,290 \| ---- \| M] () -- C:\Users\Nikola\Desktop\RelicCOH.lnk [2012-05-04 15:12:54 \| 012,201,781 \| ---- \| M] () -- C:\Users\Nikola\Desktop\ottoman pack -1 05.05.2012.rar [2012-04-24 15:39:00 \| 006,531,534 \| ---- \| M] () -- C:\Users\Nikola\Desktop\masine2rokovi.rar [2012-04-24 15:38:40 \| 005,934,160 \| ---- \| M] () -- C:\Users\Nikola\Desktop\masine2rokovi1.rar [2012-04-23 17:23:07 \| 000,000,882 \| ---- \| M] () -- C:\Users\Public\Desktop\GOM Player.lnk [2012-04-23 17:23:07 \| 000,000,882 \| ---- \| M] () -- C:\Users\Nikola\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk [2012-04-23 16:38:56 \| 000,112,513 \| ---- \| M] () -- C:\Users\Nikola\Desktop\voucher_popusti_rs_2012-04-23_402990.pdf [2012-04-22 20:09:48 \| 014,078,761 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Masine.rar [2012-04-18 18:01:03 \| 016,607,431 \| ---- \| M] () -- C:\Users\Nikola\Desktop\industrijski_dizajn_-_nastava.rar [2012-04-18 17:53:27 \| 002,174,893 \| ---- \| M] () -- C:\Users\Nikola\Desktop\Engleski.rar [3 C:\Users\Nikola\Desktop\.tmp files -> C:\Users\Nikola\Desktop\.tmp -> ] ========== Files Created - No Company Name ========== [2012-05-18 08:53:22 \| 000,674,445 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Sirinski modulator.pdf [2012-05-18 08:38:28 \| 000,031,470 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Capture.JPG [2012-05-18 08:38:19 \| 000,032,519 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Capture1.JPG [2012-05-17 10:42:07 \| 007,630,703 \| ---- \| C] () -- C:\Users\Nikola\Desktop\EM_AM.pdf [2012-05-15 11:25:04 \| 000,633,902 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Fotografija0193.jpg [2012-05-11 17:00:58 \| 000,209,050 \| ---- \| C] () -- C:\Users\Nikola\Desktop\auguri_Umberto.jpg [2012-05-11 16:41:28 \| 001,773,005 \| ---- \| C] () -- C:\Users\Nikola\Desktop\IMG_1997.JPG [2012-05-10 19:53:22 \| 000,001,290 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Company of Heroes.lnk [2012-05-04 15:12:28 \| 012,201,781 \| ---- \| C] () -- C:\Users\Nikola\Desktop\ottoman pack -1 05.05.2012.rar [2012-04-26 10:49:51 \| 000,000,830 \| ---- \| C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-24 16:20:14 \| 000,900,134 \| ---- \| C] () -- C:\Users\Nikola\Desktop\DSC00395.jpg [2012-04-24 16:20:13 \| 000,832,682 \| ---- \| C] () -- C:\Users\Nikola\Desktop\DSC00394.JPG [2012-04-24 16:20:11 \| 000,712,203 \| ---- \| C] () -- C:\Users\Nikola\Desktop\DSC00393.JPG [2012-04-24 15:38:39 \| 006,531,534 \| ---- \| C] () -- C:\Users\Nikola\Desktop\masine2rokovi.rar [2012-04-24 15:38:19 \| 005,934,160 \| ---- \| C] () -- C:\Users\Nikola\Desktop\masine2rokovi1.rar [2012-04-23 17:23:07 \| 000,000,882 \| ---- \| C] () -- C:\Users\Public\Desktop\GOM Player.lnk [2012-04-23 16:38:54 \| 000,112,513 \| ---- \| C] () -- C:\Users\Nikola\Desktop\voucher_popusti_rs_2012-04-23_402990.pdf [2012-04-22 20:09:12 \| 014,078,761 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Masine.rar [2012-04-18 18:00:03 \| 016,607,431 \| ---- \| C] () -- C:\Users\Nikola\Desktop\industrijski_dizajn_-_nastava.rar [2012-04-18 17:52:54 \| 002,174,893 \| ---- \| C] () -- C:\Users\Nikola\Desktop\Engleski.rar [2012-02-15 19:50:33 \| 000,000,025 \| ---- \| C] () -- C:\Windows\libem.INI [2012-01-21 19:02:32 \| 000,451,072 \| ---- \| C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2012-01-17 19:16:50 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{A35C7413-D39D-400F-97E0-BCE0ED279A6C} [2011-07-10 15:55:39 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{B3511516-044A-4CC1-AEC4-BA757AA7BAD2} [2011-07-05 13:09:59 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{A2BC8113-7EF5-4D20-95F4-E8760D07A947} [2011-07-03 16:06:19 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{C4522F02-779B-48B6-A331-38F17DEC42BD} [2011-06-29 21:26:38 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{0C4985EE-7BC6-4352-A8AE-B3E3F442664D} [2011-06-22 12:19:47 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{2C8E5CD8-B46F-434E-AD50-9167471A6649} [2011-06-22 12:17:49 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{F1AD94C6-4FCE-463A-A5BB-D2DFD57FC0EE} [2011-06-14 12:22:59 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{30DE00FB-1CEB-48B8-A587-743C9E3B7AED} [2011-06-09 14:05:29 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{6F85260F-7AAF-4159-A7F1-524189210E56} [2011-06-07 20:25:04 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{72B774CC-7445-4252-B3F7-C9721A1B8CC6} [2011-05-23 20:08:38 \| 000,000,000 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\{108DCDEC-700F-4B50-AA1C-10C33AD6D77D} [2011-04-09 18:55:28 \| 000,179,261 \| ---- \| C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010-11-28 00:52:23 \| 000,006,144 \| ---- \| C] () -- C:\Users\Nikola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-15 19:50:48 \| 000,034,308 \| ---- \| C] () -- C:\Windows\SysWow64\BASSMOD.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:F35A93AD < End of report > mycity.rs/must-login.png Dopuna: 18 Maj 2012 12:10 I sad mi posle paljenja laptopa NOD32 nije prijavio da postoji trojanac.

Profil

Sass Drake Poslao: 18 Maj 2012 18:36 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi MCShield sa sljedeće adrese: http://amf.mycity.rs/mcshield/MCShield-Setup.exe Instaliraj MCShield i sačekaj da se završi uvodno skeniranje. Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani. Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd. Idi na Start -> All Programs -> MCShield -> Logs -> AllScans Otvoriće ti se izvještaj u Notepad-u čiji sadržaj treba da postaviš u poruku

Profil

vucko90 Poslao: 18 Maj 2012 23:31 Idi na vrh
offline vucko90 Novi MyCity građanin Pridružio: 17 Maj 2012 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! >>> MCShield AllScans.txt <<< >>> MCShield v 2.0.3.11 <<< 18-May-12 11:27:40 PM > Drive C: - scan started (no label ~149 GB, NTFS HDD )... => The drive is clean. 18-May-12 11:27:40 PM > Drive E: - scan started (no label ~146 GB, NTFS HDD )... => The drive is clean. >>> MCShield v 2.0.3.11 <<< 18-May-12 11:29:21 PM > Drive H: - scan started (no label ~3824 MB, FAT32 flash drive )... => The drive is clean. >>> MCShield v 2.0.3.11 <<< 18-May-12 11:29:48 PM > Drive G: - scan started (UNTITLED ~1 MB, FAT flash drive )... >>> G:\autorun.inf > Suspicious > Renamed. >>> G:\autorun.inf.vir - Malware > Deleted. (12.05.18. 23.29 autorun.inf.vir.250042; MD5: 5bfc756eac89054391ea8b8472175d45) > G:\hamman > G:\hamman\secured.exe (MD5: 6f5daa18240a81f8617db69380ef2972) >>> G:\hamman - Malware (folder) > Deleted. (12.05.18. 23.29 hamman.636024) => Malicious files : 2/2 deleted. => Malicious folders : 1/1 deleted. ____________________________________________ ::::: Scan duration: 3s :::::::::::::::::::: ____________________________________________

Profil

Sass Drake Poslao: 19 Maj 2012 00:14 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni program OTL dvoklikom na ikonu. U bijeli okvir prozora gdje piše Custom Scans/Fixes iskopirati sljedeći tekst: `:OTL O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=52226.....d9d&q={searchTerms} FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search"` Klikni taster Run Fix; Izvještaj koji dobiješ iskopiraj ovde u poruci. Koliki je stvarni kapacitet USB diska kojeg si priključio? U postavljenom izvještaju piše da ima samo 1 MiB.

Profil

vucko90 Poslao: 19 Maj 2012 00:36 Idi na vrh
offline vucko90 Novi MyCity građanin Pridružio: 17 Maj 2012 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Prefs.js: "Web Search" removed from browser.search.defaultengine Prefs.js: "Web Search" removed from browser.search.defaultenginename Prefs.js: "Web Search" removed from browser.search.order.1 OTL by OldTimer - Version 3.2.43.0 log created on 05192012_003143 Taj usb je cimerov, i bio je zarazen jer je pre toga bio u njegovom kompu. Kada se ubaci taj usb, on pravi dve particije, jednu od 1MB i drugu od 1GB (to je stvarni kapacitet usb-a)

Profil

Sass Drake Poslao: 19 Maj 2012 00:55 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to. Potrebno je još da uradiš sljedeće korake. Pokreni OTL i klikni na dugme CleanUp. MCShield zadrži na sistemu. On će ti čuvati sistem od napasti sa prenosivih diskova i neće ometati rad AV programa. Obavezno posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj. Pozdrav.

Profil

vucko90 Poslao: 19 Maj 2012 10:00 Idi na vrh
offline vucko90 Novi MyCity građanin Pridružio: 17 Maj 2012 Poruke: 5	2Ovo se svidja korisnicima: Sass Drake, ThePhilosopher Registruj se da bi pohvalio/la poruku! Vazi, hvala ti puno. Pozdrav

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Trojanac preko USB-a

Ko je trenutno na forumu

Ukupno su 926 korisnika na forumu :: 40 registrovanih, 3 sakrivenih i 883 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 9k38, A.R.Chafee.Jr., AC-DC, aramis s, babaroga, Bokiboks, Boris90, doktor123, dragoljub11987, FOX, Georgius, Goran 0000, goxin, hawkeye, Karla, kihot, kolle.the.kid, Kubovac, Marko Marković, MB120mm, mercedesamg, Mercury, milenko crazy north, milutin134, moldway, muaddib, Oscar, ozzy, Parker, Petarvu, saputnik plavetnila, sasa87, Srle993, stegonosa, Stoilkovic, suton, vathra, Vatreni Zmaj, VP6919, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by