ne otvara dalje od 'welcome'

1

ne otvara dalje od 'welcome'

offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1434
  • Gde živiš: ni na nebu ni na zemlji

molim gde i kako da pocnem traziti razlog zasto mi ne otvara laptop dalje od 'welcome' nakon sto sam ukucala lozinku.
to je od juce kad sam morala iskljuciti avast real shield i firewall, da bi koristila Samsung Kies, program za bckup Galaxy Note mobilnog.
i jos sam konvertirala jedan film sa ArchSoft MediaConverterom 3, za projektor PK301.
nakon toga nemogu otvoriti laptop dalje od 'welcome'

da jos sam imala poziv (nasli moj broj telefona) od 'Microsofta' koji se 'brine za moj kompjuter', jer kao ne radi dobro, Cool
rekla sam im da ne gube vreme i spustila slusalicu, jer to je organizirana klika hakera..
....................
ovo pisem iz drugog starog kompjutera i ne mogu otvoriti temu kako je uputa za otvaranje teme ovde..
molim recite mi kako i gde da pocnem
putujem za 2 dana u Indiju i kompjuter mi treba sa svim programima koji su instalirani..a nisam napravila backup.imam samo neke restore points..
hvala
radi se o laptopu, Compaq -615
OS W-7 ultimate
p.s otvorila sam u 'Safe Modu' i odinstalirala ArchSoft MediaConverter
ocistila registre ali kod ciscenja u drugom prolazu ugasio se komp.
ponovo sam startala normalno ali ista stvar..nece dalje od 'welcome'... a ja u panici Razz

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pokreni sistem u Safe Mode-u, isprati uputstvo i postavi tražene izvještaje.

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1434
  • Gde živiš: ni na nebu ni na zemlji

Napisano: 24 Jul 2012 10:37

morala sam otvoriti u safe modu s network..da bi skinula programe..i dok sam ja trazila gde su ..nakon nekog vremena ugasio se laptop..gde da vidim i podesim iz safe moda koliko dugo ce biti otvoren..
sada prenosim te programe dds i gmer sa drugog racunara , da ih razvijem na 'bolesnom' laptopu...uhh

Dopuna: 24 Jul 2012 11:00

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by zora at 10:57:12 on 2012-07-24
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.46.1033.18.2813.2028 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\ctfmon.exe
C:\Windows\helppane.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=113480&tt=2912_4&babsrc=HP_ss&mntrId=b029692f000000000000002655b476fd
uURLSearchHooks: H - No File
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: QuickStores-Toolbar: {10edb994-47f8-43f7-ae96-f2ea63e9f90f} - mscoree.dll
BHO: Blog This in Windows Live: {2adefb8e-b923-35e6-86e2-2b7841f5d6a4} - mscoree.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - c:\program files\lastpass\LPBar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: aTube Toolbar: {bfc39e47-d643-4dc2-aa1d-61377501c844} - c:\program files\atube\atubeX.dll
BHO: KMPlayer Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: QuickStores-Toolbar: {10edb994-47f8-43f7-ae96-f2ea63e9f90f} - mscoree.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - c:\program files\lastpass\LPBar.dll
TB: KMPlayer Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: aTube Toolbar: {bfc39e47-d643-4dc2-aa1d-61377501c844} - c:\program files\atube\atubeX.dll
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [MCShield Monitor] c:\program files\mcshield\MCShieldRTM.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [SyncManPath] "c:\users\zora\appdata\roaming\yandex\yandexdisk\YandexDisk.exe" -autostart
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bankid~1.lnk - c:\program files\personal\bin\Personal.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\device~1.lnk - c:\program files\arcsoft\mediaconverter 3\Monitor.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: LastPass - file://c:\program files\lastpass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\program files\lastpass\context.html?cmd=fillforms
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - c:\program files\lastpass\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{15BE6834-F79C-49A9-A866-0A0AA2EF2641} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\zora\appdata\roaming\mozilla\firefox\profiles\amx8yc85.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=113480&tt=2912_4&babsrc=HP_ss&mntrId=b029692f000000000000002655b476fd
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=113480&tt=2912_4&babsrc=KW_ss&mntrId=b029692f000000000000002655b476fd&q=
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\personal\bin\np_prsnl.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-4-8 721000]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-4-8 353688]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-4-8 21256]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-4-8 57656]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-7-7 44808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-4-8 136176]
S2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2011-2-12 85768]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-18 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-4-8 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-28 129976]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-4-8 1343400]
.
=============== Created Last 30 ================
.
2012-07-24 08:21:13 -------- d--h--w- c:\windows\PIF
2012-07-23 16:32:34 -------- d-----w- C:\Temp
2012-07-21 21:30:54 -------- d-----w- c:\programdata\Babylon
2012-07-21 21:30:53 -------- d-----w- c:\users\zora\appdata\roaming\Babylon
2012-07-20 23:19:53 -------- d-----w- c:\users\zora\appdata\local\Macromedia
2012-07-20 08:20:12 -------- d-----w- c:\program files\atube
2012-07-20 08:20:10 -------- d-----w- c:\program files\DsNET Corp
2012-07-20 08:19:50 -------- d-----w- c:\programdata\Ask
2012-07-20 08:10:08 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{99d035b4-4c95-4c63-b62e-a96a6a18aefd}\mpengine.dll
2012-07-17 18:51:58 -------- d-----w- c:\users\zora\anand ke pal mp3
2012-07-12 15:40:36 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-10 10:58:51 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-07 19:49:11 -------- d-----w- c:\users\zora\appdata\local\Programs
2012-07-07 19:48:46 -------- d-----w- c:\users\zora\appdata\local\ArcSoft
2012-07-07 19:47:56 -------- d--h--w- c:\programdata\ArcSoft
2012-07-07 19:45:49 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2012-07-07 19:45:49 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2012-07-07 19:45:49 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2012-07-07 19:45:49 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2012-07-07 19:45:47 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2012-06-27 18:06:06 -------- d-----w- c:\users\zora\appdata\roaming\Personal
2012-06-27 18:06:04 -------- d-----w- c:\program files\Personal
2012-06-27 17:58:41 -------- d-----w- c:\windows\system32\appmgmt
2012-06-24 20:07:01 -------- d-----w- c:\program files\MyFree Codec
2012-06-24 18:03:08 -------- d-----w- c:\users\zora\appdata\local\Samsung
2012-06-24 18:03:01 -------- d-----w- c:\users\zora\appdata\roaming\Samsung
2012-06-24 17:56:37 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-06-24 17:56:18 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-06-24 17:56:18 -------- d-----w- c:\program files\MarkAny
2012-06-24 17:55:23 -------- d-----w- c:\programdata\Samsung
2012-06-24 17:55:23 -------- d-----w- c:\program files\Samsung
2012-06-24 17:48:59 -------- d-----w- c:\users\zora\appdata\local\Downloaded Installations
.
==================== Find3M ====================
.
2012-07-15 06:54:12 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-15 06:54:12 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-03 16:21:53 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21:53 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21:53 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21:32 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 11:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-02 20:18:54 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-07-02 13:36:56 99840 ----a-w- c:\program files\ffvdub.vdf
2012-07-02 13:36:52 47616 ----a-w- c:\windows\system32\ff_acm.acm
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-31 10:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-28 22:38:50 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-05-04 17:29:22 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-04 17:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-04 00:03:50 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-05-04 00:03:49 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-05-01 04:44:12 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 04:41:44 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-04-28 03:17:07 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45:55 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41:16 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

Dopuna: 24 Jul 2012 11:17

nisam stigla prikaciti fajl ugasio mi se kompjuter a neznam gde da pogledam to vreme za automatsko gasenje
nisam stigla propustiti gmer ugasio se pred kraj izvestaja .--trazim kako da ga odrzim budnog.. u medjuvremenu evo attach zipovan koji sam brzo kopirala na pendrive prije nego mi se ugasi komp.
https://www.mycity.rs/must-login.png

Dopuna: 24 Jul 2012 11:29

nasla sam da ga drzim budnog..evo upravo radim s Gmer-om a ovo pisem s drugog kompa

Dopuna: 24 Jul 2012 11:45

NE MOGU GA ODRZATI BUDNOG vise od 5 min..Molim recite kako...
ne mogu izvrsiti Gmer2 jer mi se ugasi prije kraja.
ono sto ja mogu korigirati u Power options je display.. stavila sam 45 min ali komp se gasi nakon 5 min..evo gmer1, koji sam stigla iskopirati na pen drive i saljem iz drugog kompjutera..
neznam jeli i to trebalo zipovati..izvinite u panici sam...hvala na vasoj pomoci..

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nadam se da imaš vjerovatno problem sa baterijom, te stoga uradi sljedeće:

Ugasi laptop i isključi iz naponske mreže.

Izvadi bateriju iz laptopa.

Priključi laptop ponovo u naponsku mrežu.


Nakon toga pokušaj opet pokrenuti sistem u normalnom režimu i ponovo postaviti DDS i GMER izvještaje.
Ukoliko opet ne makne od welcome screen-a, pokreni ga u Safe Mode-u i postavi GMER2 i GMER3 izvještaje.

offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1434
  • Gde živiš: ni na nebu ni na zemlji

Napisano: 24 Jul 2012 12:07

Hvala na vasem strpljenju..
na kraju sam nekako uspjela dobiti i gmer3 ..produziti budno stanje ..kompa
nadam se da je u redu sa izvestajima..
nastavicu nakon 17 h..
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 24 Jul 2012 12:08

Nije baterija uopce unutra radim samo na naponskoj mrezi kad sam kod kuce---stedim bateriju..

Dopuna: 24 Jul 2012 12:15

da dodam samo da sam u medjuvremenu razgovarajuci s vama trazeci kako da udjem u safe mode ako mi ne ponudi sam..i otvorila mi se mogucnost Repair computor pa onda sledilo Safe Mode is l.
sansala sam na Repair..start windows ali tu nije bilo greske --onda sam pritisla recovery i naisla na restore point..sto sam i pitala ranije..
i tu sam nasla nesto zanimljivo , naime restore point od juce kod odinstaliranja babilon toolbara..
tu restore point uopce nisam ja postavila..ali dobro vratila sam na stanje prije toga babilona, koji me nervirao i nije se dao lako maknuti..
ali ni to nije pomoglo..i dalje je samo 'welcome'
........nadam se da sam uradila sve izvestaje ok. hvala..

Dopuna: 24 Jul 2012 12:58

stavila sam bateriju.
ponovo startala kom..nakon nekog vremena pojavile se ikone svih programa na ekranu ali nista nisam mogla uraditi..bilo je blokirano i vrtio se onaj kruzic kao da u pozadini nesto ide..
ugasila sam pa opet upalila da aktiviram Avastov Realtime shield , misleci mozda je to uzrok pometnji..
nakon nekog vremena otkacio se ekran otvorila sam avast i kad tamo bio je aktiviram realtime shield.
ja sam pokusala aktivirati iz safe moda ali je odgovor bio da je modul nedostupan.. i sad neznam koji duhovi su aktivirali to ..molim ipak proverite ako se moze vidjeti da li se okacio netko iz ljubaznog .Microsofta' koji su me juce nazvali..
sada radim back up i videcu posle kako ide..vrlo sporo se otvaralo ..
i sta sad da mislim prije vaseg izvestaja
sta je uzrok da nisam od juce mogla uci u kompjuter dalje od vratiju s 'welcome' Surprised
1.
da li je bila baterija (kompjuter je ceznuo za njom)
2.
ili avast uredjivao svoju kontrolu..i ponovo uspostavljao realtime shield..

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U postavljenim izvještajima nema tragova aktivnog malware-a i tvoj problem nije uzrokovan istim.
Nastavićemo u ovoj temi:

http://www.mycity.rs/Windows/moze-li-se-iz-Safe-Mo.....point.html

offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1434
  • Gde živiš: ni na nebu ni na zemlji

Smile evo me gorane, sa izvestajem OTL i molim da uklonite taj Babylon search toolbar (podsjeca me na babilonsku kulu)
inace kompjutor mi se zatvara jako sporo nakon svih ovih peripetija.. ai otvara ali sporije zatvara i to sad kad mi se zuri da sve sredim pred put Razz
hvala svima na pomoci Ziveli

OTL Extras logfile created on: 2012-07-25 13:39:50 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\zora\Downloads\Programs
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,75 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 55,73% Memory free
5,49 Gb Paging File | 4,21 Gb Available in Paging File | 76,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,78 Gb Total Space | 14,76 Gb Free Space | 25,11% Space Free | Partition Type: NTFS
Drive D: | 346,85 Gb Total Space | 59,25 Gb Free Space | 17,08% Space Free | Partition Type: NTFS
Drive E: | 60,03 Gb Total Space | 47,14 Gb Free Space | 78,53% Space Free | Partition Type: NTFS

Computer Name: COMPAQ_615 | User Name: zora | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{094EDCBC-838A-41A6-B951-A08ABF2120ED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{16B85AE6-7862-4430-B5A6-60B6082508E3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{205A7125-59C2-4438-8EB4-06B6E0E55958}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{243DC7DC-407D-4469-8D5B-CAE1D4DFAB5E}" = lport=445 | protocol=6 | dir=in | app=system |
"{404CDAB7-4A01-4C45-A4CB-C10660171385}" = lport=138 | protocol=17 | dir=in | app=system |
"{4658982F-0AE9-48BB-9DAB-9736CEDB5841}" = rport=138 | protocol=17 | dir=out | app=system |
"{5388129A-5558-4700-8BA1-D2379FFC0431}" = rport=139 | protocol=6 | dir=out | app=system |
"{5DD20027-70AE-49A9-843F-54D444D48BAA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{64E8AD97-6573-49E8-94EB-75BD93E39566}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{676D97F8-14E6-41C1-98E5-4444F9577389}" = lport=137 | protocol=17 | dir=in | app=system |
"{73170D1B-D3CA-4B9B-A22D-261DD5534AF5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{773C9E16-E925-4A44-97A3-BD708E9D4334}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77CF2745-35DB-47DA-982D-9DE0C67EE71E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{782A9EC0-2068-4574-B5C7-D8A3673E59E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{7DBC8A23-2768-4CF5-A4C4-B38145F2FF0D}" = rport=137 | protocol=17 | dir=out | app=system |
"{8375A1BB-81BF-4F6B-827F-F6139E68F772}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86381115-5F1A-4AA6-860F-1D40341FE36F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{95AA383A-DF25-477D-B5A8-7458E32EE513}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{A377B2A0-1D2E-41F4-93E7-2724DEF1D955}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B570D2DB-E16A-4E6D-AF30-415D69CFA6A5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C296BEB3-BC5C-401E-9625-5E6EEF654103}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3AC9EFF-21AA-4F12-B6BC-AFC13208135F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C70AA4D7-359F-4DC8-A374-E7BEFE63903C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D407F735-3B0A-4AED-96A3-3C55ECFC9475}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F1F40196-84EA-4EC3-BE81-21ED3E508245}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FD3EDA4F-502F-4047-94BE-DE6F71269202}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047F5378-9DAA-4DB5-A049-7A2A84A806C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0741759E-B95A-4225-9620-45FB56BC4CB1}" = protocol=6 | dir=out | app=system |
"{08ECADBD-1E6B-4E5C-B675-5F97296B36B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25927A62-99F5-4C34-BFE6-FE15B76DEA38}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{2CEFD550-FEBE-46E7-94AA-B674F7F2EE6A}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{31E5610F-C99B-4C3B-9274-D7C49D5AD72A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{34FEFC79-27BD-44A8-A317-B8448AE6D89D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4B4A6FFC-57E4-4C97-A923-D1B10556B54F}" = protocol=6 | dir=in | app=c:\program files\easeus\todo backup\bin\agent.exe |
"{54D146B0-98CB-4240-A923-9385055998AA}" = protocol=6 | dir=in | app=c:\program files\easeus\todo backup\bin\agent.exe |
"{582876E2-D046-459E-8AF9-E416E5ACD9CF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{65F7D5A0-9FCB-4977-9011-00E44696EBF0}" = protocol=17 | dir=in | app=c:\program files\easeus\todo backup\bin\agent.exe |
"{7260BA39-D381-4997-8A52-232C755D21FC}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{7D1DBCBC-3861-45CE-870F-2672CFAC755F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{85512064-F0F8-477F-A474-A6E4138E5238}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{86B2CB9F-92CD-493D-A6D9-D023FA714777}" = protocol=17 | dir=in | app=c:\program files\easeus\todo backup\bin\tbservice.exe |
"{8CE880E2-34D1-4BE5-8FA3-FACE285D4BA6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8D150765-E188-4199-A2CB-DC2CB3159804}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{8F508E29-01B8-4A71-BAC4-EACF6A159ADD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{916743F9-7B44-44D4-A524-3A5AF7E75072}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{91D75DF1-EB5D-4753-B92B-5B0A9BFD92F7}" = protocol=6 | dir=in | app=c:\program files\easeus\todo backup\bin\tbconsoleui.exe |
"{9207FB61-ECE1-4F69-AE5A-18C01523EE24}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{92F64D6D-16A4-4BB9-93A7-B62BB3DBDC5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{93D31846-DEEA-4A45-8831-F5A31D6ABABF}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{9805B2DF-CB9A-4911-80E7-584532AAF869}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{A5E21F9D-A572-45D3-B0B6-DCFA707D17AF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B118B7E5-B21D-4EC6-A4B1-23EC863FFC54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B4F528EF-C931-403E-9E71-A7192E774221}" = protocol=17 | dir=in | app=c:\program files\easeus\todo backup\bin\agent.exe |
"{B762A8D3-5889-4785-A44E-19CD4B113EE7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8E0B26A-01A1-4255-A9B7-53BB1F7C3639}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{C6769D4D-6CA5-45C1-837A-17E232FD1765}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C800F803-BB95-4B40-AC64-676F80A8774C}" = protocol=17 | dir=in | app=c:\program files\easeus\todo backup\bin\tbconsoleui.exe |
"{C9908C62-8361-4437-A411-7FB6328A5E5E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD2B97B9-E0D9-48A2-A0A1-7AF03CA0CF3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D34F2B52-851A-4565-9DBB-FFE4DBC2DE82}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E111368B-8E70-42EE-A90B-C51C7FB0F74B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E2C8E041-8890-4889-8B10-D0530169A66C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E2D395C6-ACC3-44BC-AE99-AAFCD36878E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E7A54122-7741-4DA2-9A64-F97B7C39AA2A}" = protocol=6 | dir=in | app=c:\program files\easeus\todo backup\bin\tbservice.exe |
"{F55BA1B2-E3C1-4549-97C6-8E688E83BC58}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{F679CB7A-0787-4629-9D4C-037837B02AD9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"TCP Query User{052DECA6-BE95-41D1-B3CC-28E4CF35ED94}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{07ED37F9-72B8-47A7-95D9-5C31F7F7F17C}C:\program files\subtitle translation wizard\bin\psubtitle.exe" = protocol=6 | dir=in | app=c:\program files\subtitle translation wizard\bin\psubtitle.exe |
"TCP Query User{2415ABA3-7807-40C2-9158-DE4F633B10E9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5DC9E15F-4AA6-4DEE-A0C5-1C3C948D06F6}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{8EC0ED8A-CC2E-46DD-99DD-CC7D171BA79B}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"TCP Query User{99B4CBB8-99C8-4211-8169-CE78218F8F7D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{251D1DAF-C94D-4B4E-8318-9FB1BC442349}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{443C4403-465A-4DAF-BDF5-9D6192D70CB9}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"UDP Query User{591A99E0-C057-4E20-86E5-9D5B5997D30E}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{6CEDD160-7F6D-430A-9A9F-16C285C8DE1A}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{EFF34B92-C7C0-40D7-9F64-20FBCF9618E6}C:\program files\subtitle translation wizard\bin\psubtitle.exe" = protocol=17 | dir=in | app=c:\program files\subtitle translation wizard\bin\psubtitle.exe |
"UDP Query User{FEA0AF92-A56D-4040-BB40-70C6DEAA06AE}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411" = CanoScan LiDE 70
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1C00C7C5-E615-4139-B817-7F4003DE68C0}" = Nero PhotoSnap Help
"{1E5F3CC6-D390-4393-A2AA-6CEC04F1705A}" = Image Resizer Powertoy Clone for Windows
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.9
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 5
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{300B9E83-E406-4DF7-8A21-E8A90E4F8B91}_is1" = Convert DVD to AVI
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
"{5FE0C13A-63F1-4394-88A8-2D8722A75FE0}_is1" = Convert VOB to AVI
"{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72a4cd35-3c06-4a8d-97a1-c72cab641b7a}" = Nero 9 Essentials
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACC9F63-CF54-46D7-9140-D40E57564EDA}_is1" = COMODO Registry Cleaner 1.0.17.23
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}" = Nero Recode Help
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}" = COMODO BackUp
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1" = ISO to USB
"{D36B4583-E804-406B-9D56-F97931286C5B}" = 32 Bit HP CIO Components Installer
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FA7F689F-88EB-4946-B105-4C434CF5B07A}" = BankID säkerhetsprogram
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any Video Converter_is1" = Any Video Converter 3.3.9
"aTube Catcher" = aTube Catcher
"AutoGK" = Auto Gordian Knot 2.55
"avast" = avast! Free Antivirus
"AVI ReComp" = AVI ReComp 1.5.5
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"Avisynth" = AviSynth 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"Boilsoft Video Splitter_is1" = Boilsoft Video Splitter 5.28
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"CCleaner" = CCleaner
"cedocida" = Cedocida DV Codec
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EaseUS Todo Backup Free 4.5_is1" = EaseUS Todo Backup Free 4.5
"ffdshow_is1" = ffdshow v1.2.4466 [2012-07-02]
"FormatFactory" = FormatFactory 2.95
"Free AVI MPEG WMV MP4 FLV Video Joiner_is1" = Free AVI MPEG WMV MP4 FLV Video Joiner 3.7.2.1
"Google Chrome" = Google Chrome
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Internet Download Manager" = Internet Download Manager
"IrfanView" = IrfanView (remove only)
"LastPass" = LastPass (uninstall only)
"LSI Soft Modem" = LSI HDA Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"MCShield" = MCShield ::Anti-Malware Tool::
"MediaInfo" = MediaInfo 0.7.47
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Oshobooks - the complete works" = Oshobooks - the complete works
"PIXresizer_is1" = PIXresizer
"PowerISO" = PowerISO
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"RealPlayer 15.0" = RealPlayer
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.94
"Speccy" = Speccy
"SubtitleCreator" = SubtitleCreator
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.02_is1" = Total Video Converter 3.02
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 beta 5 (32-bit)
"Vit Registry Fix" = Vit Registry Fix 9.5 (remove only)
"VLC media player" = VLC media player 2.0.1
"VobSub" = VobSub v2.23 (Remove Only)
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Xvid_is1" = Xvid 1.3.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"YandexDisk" = Яндекс.Диск

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2012-07-25 07:20:09 | Computer Name = Compaq_615 | Source = Windows Search Service | ID = 7040
Description =

Error - 2012-07-25 07:20:09 | Computer Name = Compaq_615 | Source = Windows Search Service | ID = 7042
Description =

Error - 2012-07-25 07:20:09 | Computer Name = Compaq_615 | Source = Windows Search Service | ID = 9002
Description =

Error - 2012-07-25 07:20:09 | Computer Name = Compaq_615 | Source = Windows Search Service | ID = 3029
Description =

Error - 2012-07-25 07:20:11 | Computer Name = Compaq_615 | Source = Windows Search Service | ID = 3029
Description =

Error - 2012-07-25 07:20:11 | Computer Name = Compaq_615 | Source = Windows Search Service | ID = 3028
Description =

Error - 2012-07-25 07:20:11 | Computer Name = Compaq_615 | Source = Windows Search Service | ID = 3058
Description =

Error - 2012-07-25 07:20:11 | Computer Name = Compaq_615 | Source = Windows Search Service | ID = 7010
Description =

Error - 2012-07-25 07:20:35 | Computer Name = Compaq_615 | Source = WinMgmt | ID = 10
Description =

Error - 2012-07-25 07:36:54 | Computer Name = Compaq_615 | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2012-07-25 07:18:51 | Computer Name = Compaq_615 | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 2012-07-25 07:20:13 | Computer Name = Compaq_615 | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473535.

Error - 2012-07-25 07:20:13 | Computer Name = Compaq_615 | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.

Error - 2012-07-25 07:35:06 | Computer Name = Compaq_615 | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 2012-07-25 07:35:06 | Computer Name = Compaq_615 | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 2012-07-25 07:36:08 | Computer Name = Compaq_615 | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = A fatal hardware error has occurred. Reported by component: Processor
Core Error Source: 3 Error Type: 256 Processor ID: 0 The details view of this entry
contains further information.

Error - 2012-07-25 07:36:08 | Computer Name = Compaq_615 | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = A fatal hardware error has occurred. Reported by component: Processor
Core Error Source: 3 Error Type: 256 Processor ID: 0 The details view of this entry
contains further information.

Error - 2012-07-25 07:36:08 | Computer Name = Compaq_615 | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = A fatal hardware error has occurred. Reported by component: Processor
Core Error Source: 3 Error Type: 256 Processor ID: 1 The details view of this entry
contains further information.

Error - 2012-07-25 07:36:08 | Computer Name = Compaq_615 | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = A fatal hardware error has occurred. Reported by component: Processor
Core Error Source: 3 Error Type: 256 Processor ID: 1 The details view of this entry
contains further information.

Error - 2012-07-25 07:36:08 | Computer Name = Compaq_615 | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = A fatal hardware error has occurred. Reported by component: Processor
Core Error Source: 3 Error Type: 256 Processor ID: 1 The details view of this entry
contains further information.


< End of report >

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Postavila si Extras.txt, ali nisi potrebniji OTL.txt.

offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1434
  • Gde živiš: ni na nebu ni na zemlji

jeli ovo ?
OTL logfile created on: 2012-07-25 13:39:50 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\zora\Downloads\Programs
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,75 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 55,73% Memory free
5,49 Gb Paging File | 4,21 Gb Available in Paging File | 76,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,78 Gb Total Space | 14,76 Gb Free Space | 25,11% Space Free | Partition Type: NTFS
Drive D: | 346,85 Gb Total Space | 59,25 Gb Free Space | 17,08% Space Free | Partition Type: NTFS
Drive E: | 60,03 Gb Total Space | 47,14 Gb Free Space | 78,53% Space Free | Partition Type: NTFS

Computer Name: COMPAQ_615 | User Name: zora | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-07-25 13:38:44 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\zora\Downloads\Programs\OTL.exe
PRC - [2012-07-21 16:32:46 | 008,920,928 | ---- | M] () -- C:\Users\zora\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe
PRC - [2012-07-16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-07-16 06:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-07-16 06:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012-07-10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-07-03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-07-03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-05-16 13:36:55 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012-05-04 02:03:51 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-05-03 17:52:18 | 000,024,712 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
PRC - [2012-05-03 17:52:10 | 000,070,280 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2012-05-03 17:52:08 | 000,750,728 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
PRC - [2012-05-03 17:52:08 | 000,071,816 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
PRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program Files\Personal\bin\Personal.exe
PRC - [2012-03-12 22:25:06 | 000,583,680 | ---- | M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2011-07-21 23:07:38 | 000,718,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2011-06-02 10:06:18 | 001,359,664 | ---- | M] () -- C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe
PRC - [2011-06-02 10:04:58 | 000,579,888 | ---- | M] () -- C:\Program Files\COMODO\COMODO BackUp\COSService.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-02-11 06:40:58 | 003,270,040 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2010-11-20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 23:29:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-10-27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010-07-04 21:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010-05-25 17:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009-12-03 20:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009-10-13 08:39:04 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-08-18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009-08-18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2007-08-07 02:05:46 | 000,200,704 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE


========== Modules (No Company Name) ==========

MOD - [2012-07-23 16:37:50 | 000,115,137 | ---- | M] () -- C:\Users\zora\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
MOD - [2012-07-21 16:32:46 | 008,920,928 | ---- | M] () -- C:\Users\zora\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe
MOD - [2012-07-16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-07-10 06:09:00 | 000,438,296 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll
MOD - [2012-07-10 06:08:59 | 003,972,120 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012-07-10 06:07:39 | 000,554,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012-07-10 06:07:37 | 000,117,784 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012-07-10 06:07:22 | 000,140,328 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012-07-10 06:07:21 | 000,262,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012-07-10 06:07:19 | 002,386,984 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012-07-10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012-06-24 21:04:08 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\367837cb7f83c9e52f09278f4e6c3ccd\System.Runtime.Remoting.ni.dll
MOD - [2012-06-24 20:02:02 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0189f9fb0ff0476b570aeadfc036ddd6\System.Management.ni.dll
MOD - [2012-06-24 20:01:11 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0e56badd6e20e2dc81c45cdff2326f6b\System.ServiceProcess.ni.dll
MOD - [2012-06-24 20:00:55 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f91c92735c4a913143a0914c8cb531f2\System.Xaml.ni.dll
MOD - [2012-06-24 19:54:15 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b54a85f8f8f5ac297357c80b95834a90\System.Xml.ni.dll
MOD - [2012-06-24 19:54:01 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\d131eefaea0ca120aaf11568d8e44cad\System.Configuration.ni.dll
MOD - [2012-06-24 19:53:58 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\063174e87d258ef1db040cbfbdd4cd31\PresentationFramework.ni.dll
MOD - [2012-06-24 19:53:28 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\500ffaf6258746eaf0bfc333ab534a51\System.Core.ni.dll
MOD - [2012-06-24 19:53:19 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\984f8802a334d2ae862b66bf71332c10\PresentationCore.ni.dll
MOD - [2012-06-24 19:53:14 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d55bed00e3d36b0db5bd3994c77fe850\System.Windows.Forms.ni.dll
MOD - [2012-06-24 19:53:03 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\697786bb51408d41d980263d90a56d03\WindowsBase.ni.dll
MOD - [2012-06-24 19:53:00 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\fd52e266873de847aea40b1d0715e0bb\PresentationFramework.Aero.ni.dll
MOD - [2012-06-24 19:52:59 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9abdaeea6a61127606bbc324d9177579\System.Drawing.ni.dll
MOD - [2012-06-24 19:52:56 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\360d70391adff56f1d029b1a538d2431\System.ni.dll
MOD - [2012-06-24 19:52:47 | 014,415,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\97d737762adec957a2d7c80fafb4703a\mscorlib.ni.dll
MOD - [2012-05-03 17:51:06 | 000,051,848 | ---- | M] () -- C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll
MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010-10-20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-07-04 23:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010-07-04 21:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2009-08-20 12:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2009-08-20 12:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2009-08-20 12:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Win32 Services (SafeList) ==========

SRV - [2012-07-15 08:54:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-07-03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-05-03 17:52:18 | 000,024,712 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2012-05-03 17:52:10 | 000,070,280 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2012-04-21 03:19:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-08 20:30:20 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-06-12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011-06-02 10:06:18 | 001,359,664 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe -- (SynchronizationService.exe)
SRV - [2011-06-02 10:04:58 | 000,579,888 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO BackUp\COSService.exe -- (COSService.exe)
SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009-12-03 20:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009-10-13 08:39:04 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-08-18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\zora\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2012-07-03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-07-03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-07-03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-07-03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012-07-03 18:21:53 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012-07-03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012-05-03 17:52:02 | 000,187,016 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV - [2012-05-03 17:52:00 | 000,042,120 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\EUBKMON.sys -- (EUBKMON)
DRV - [2012-05-03 17:51:54 | 000,017,032 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2012-05-03 17:51:52 | 000,050,312 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2011-06-02 10:07:04 | 000,075,160 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\bdisk.sys -- (bdisk)
DRV - [2011-06-02 10:06:56 | 000,125,624 | ---- | M] (COMODO Security Solutions Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\cbufs.sys -- (CBUfs)
DRV - [2011-06-02 10:06:48 | 000,430,528 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\CBVD.sys -- (cbvd)
DRV - [2011-06-02 10:06:38 | 000,570,584 | ---- | M] (COMODO Security Solutions Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vdbus.sys -- (vdbus)
DRV - [2011-06-02 10:06:30 | 000,429,480 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\cbreparse.sys -- (reparse)
DRV - [2011-01-25 12:40:06 | 000,085,768 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2010-11-20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010-11-20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-11-20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010-01-26 17:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009-08-18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2007-08-07 02:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007-03-28 20:49:42 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007-03-28 20:29:12 | 000,131,944 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\System32\drivers\symsnap.sys -- (symsnap)
DRV - [2007-03-28 20:29:10 | 000,037,864 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\v2imount.sys -- (v2imount)
DRV - [2007-03-28 20:23:50 | 000,014,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vproeventmonitor.sys -- (VProEventMonitor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=113480&tt=291.....2655b476fd
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F7 EA 1D 6F 6F 17 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113480&tt=2912_4&babsrc=SP_ss&mntrId=b029692f000000000000002655b476fd
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://eu.ask.com/web?l=dis&o=APN10147&gct.....;apn_dtid=^YYYYYY^YY^SE&apn_ptnrs=^A6E&apn_uid=9115874171024915&p2=^A6E^YYYYYY^YY^SE&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=113480&tt=2912_4&babsrc=HP_ss&mntrId=b029692f000000000000002655b476fd"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=113480&tt=2912_4&babsrc=KW_ss&mntrId=b029692f000000000000002655b476fd&q="
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\hotfix@mozilla.org: C:\Users\zora\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2012-04-17 16:38:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-04 02:04:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-07 23:19:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-28 14:38:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\zora\AppData\Roaming\IDM\idmmzcc3 [2012-04-08 23:25:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\hotfix@mozilla.org: C:\Users\zora\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2012-04-17 16:38:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\zora\AppData\Roaming\IDM\idmmzcc3 [2012-04-08 23:25:44 | 000,000,000 | ---D | M]

[2012-05-28 14:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zora\AppData\Roaming\Mozilla\Extensions
[2012-05-30 02:05:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\extensions
[2012-04-08 23:37:25 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-04-17 16:38:12 | 000,000,000 | ---D | M] (Mozilla hotfix) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\extensions\MozillaHotfix
[2012-05-30 02:05:01 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\extensions\support@lastpass.com
[2012-05-30 02:05:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012-05-30 02:05:01 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\support@lastpass.com
[2012-07-24 17:12:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\Profiles\amx8yc85.default\extensions
[2012-05-28 18:53:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\Profiles\amx8yc85.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-07-21 23:31:39 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\Profiles\amx8yc85.default\extensions\support@lastpass.com
[2012-07-21 23:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-07-21 23:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012-04-21 03:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-07-20 10:20:26 | 000,002,274 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml
[2012-07-21 23:31:12 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-04-21 03:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-04-21 03:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://search.babylon.com/?affID=113480&tt=291.....2655b476fd
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylon.com/?affID=113480&tt=291.....2655b476fd
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\zora\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Qualys BrowserCheck Plugin (Enabled) = C:\Users\zora\AppData\Local\Google\Chrome\User Data\Default\Extensions\iekpjhkjhpbabigpoojijebfpficekjp\1.3.41.1_0\npqbc.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Users\zora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\zora\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: LastPass = C:\Users\zora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.8_0\
CHR - Extension: avast! WebRep = C:\Users\zora\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zora\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\zora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EaseUs Tray] C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EaseUs Watch] C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [SyncManPath] C:\Users\zora\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15BE6834-F79C-49A9-A866-0A0AA2EF2641}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-07-25 00:44:45 | 000,187,016 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\EuFdDisk.sys
[2012-07-25 00:44:44 | 000,050,312 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\eubakup.sys
[2012-07-25 00:44:44 | 000,017,032 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\eudskacs.sys
[2012-07-25 00:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 4.5
[2012-07-25 00:43:37 | 000,020,616 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\fbnative.exe
[2012-07-25 00:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS
[2012-07-25 00:26:34 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Roaming\Comodo
[2012-07-24 23:03:49 | 000,000,000 | ---D | C] -- C:\Users\zora\Backups
[2012-07-24 20:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012-07-24 20:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012-07-24 20:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-07-24 20:09:09 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012-07-24 20:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-07-24 20:08:15 | 019,434,776 | ---- | C] (COMODO) -- C:\Users\zora\Desktop\CB_3.0.171317.130_xp_vista_server2003_server2008_win7.exe
[2012-07-24 18:52:22 | 000,109,360 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012-07-24 18:52:20 | 000,128,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys
[2012-07-24 18:52:19 | 000,014,072 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\vproeventmonitor.sys
[2012-07-24 18:52:18 | 000,037,864 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\v2imount.sys
[2012-07-24 18:52:16 | 000,131,944 | ---- | C] (StorageCraft) -- C:\Windows\System32\drivers\symsnap.sys
[2012-07-24 18:52:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-07-24 18:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012-07-24 18:51:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012-07-24 17:27:41 | 000,000,000 | ---D | C] -- C:\Users\zora\Desktop\diagnostika za ambulantu
[2012-07-24 10:21:13 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2012-07-23 18:32:34 | 000,000,000 | ---D | C] -- C:\Temp
[2012-07-21 23:31:12 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vGrabber
[2012-07-21 23:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012-07-21 23:30:53 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Roaming\Babylon
[2012-07-21 01:19:53 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Local\Macromedia
[2012-07-20 10:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
[2012-07-20 10:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\DsNET Corp
[2012-07-20 10:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012-07-17 20:51:58 | 000,000,000 | ---D | C] -- C:\Users\zora\anand ke pal mp3
[2012-07-12 17:46:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-07-12 17:46:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-07-12 17:46:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-07-12 17:46:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-07-12 17:46:12 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-07-12 17:46:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-07-12 17:46:09 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-07-12 17:40:36 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012-07-12 16:50:54 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012-07-12 16:50:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012-07-12 16:50:49 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012-07-10 12:58:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2012-07-08 05:45:47 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
[2012-07-07 21:49:11 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Local\Programs
[2012-07-07 21:48:46 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Local\ArcSoft
[2012-07-07 21:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
[2012-07-07 21:47:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\ArcSoft
[2012-07-07 21:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2012-07-07 21:45:53 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Roaming\ArcSoft
[2012-07-07 21:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-06-27 20:06:06 | 000,000,000 | ---D | C] -- C:\Users\zora\AppData\Roaming\Personal
[2012-06-27 20:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\Personal
[2012-06-27 20:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BankID säkerhetsprogram
[2012-06-27 19:58:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt

========== Files - Modified Within 30 Days ==========

[2012-07-25 13:57:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-25 13:54:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-25 13:41:57 | 000,678,862 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012-07-25 13:41:57 | 000,628,642 | ---- | M] () -- C:\Windows\System32\perfh01D.dat
[2012-07-25 13:41:57 | 000,618,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-07-25 13:41:57 | 000,133,360 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012-07-25 13:41:57 | 000,124,718 | ---- | M] () -- C:\Windows\System32\perfc01D.dat
[2012-07-25 13:41:57 | 000,107,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-07-25 13:35:52 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-25 13:35:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-25 13:35:01 | 2212,126,720 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-25 12:51:36 | 000,004,096 | -HS- | M] () -- C:\{9BE2F96D-9953-412D-8E01-64603DAEEBC7}.CBM
[2012-07-25 10:36:33 | 000,482,304 | -HS- | M] () -- C:\EUMONBMP.SYS
[2012-07-25 09:02:11 | 000,001,261 | ---- | M] () -- C:\Users\zora\Desktop\EaseUS Todo Backup Free 4.5.lnk
[2012-07-25 08:13:17 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-25 08:13:17 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-25 00:44:40 | 000,002,071 | ---- | M] () -- C:\Users\Public\Desktop\EaseUS Todo Backup Free 4.5.lnk
[2012-07-24 23:29:12 | 000,000,131 | ---- | M] () -- C:\Windows\CRC.INI
[2012-07-24 20:10:57 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\COMODO BackUp.lnk
[2012-07-24 20:10:56 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_vdbus_01009.Wdf
[2012-07-24 20:09:09 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012-07-24 20:09:01 | 019,434,776 | ---- | M] (COMODO) -- C:\Users\zora\Desktop\CB_3.0.171317.130_xp_vista_server2003_server2008_win7.exe
[2012-07-24 11:03:04 | 000,004,701 | ---- | M] () -- C:\Users\zora\Desktop\Attach.rar
[2012-07-24 10:55:41 | 000,000,589 | ---- | M] () -- C:\Users\zora\Desktop\dds - Shortcut.lnk
[2012-07-22 02:23:58 | 000,019,002 | ---- | M] () -- C:\Users\zora\Documents\child parent.rtf
[2012-07-21 23:31:19 | 000,000,247 | ---- | M] () -- C:\user.js
[2012-07-20 18:04:20 | 000,001,249 | ---- | M] () -- C:\Users\zora\Desktop\rStread-0.13 - Shortcut.lnk
[2012-07-20 10:21:22 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\Video Search.lnk
[2012-07-20 10:21:21 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2012-07-19 19:28:19 | 000,001,629 | ---- | M] () -- C:\Users\zora\Documents\religion-oshotube.rtf
[2012-07-18 09:53:34 | 000,031,693 | ---- | M] () -- C:\Users\zora\Documents\ch3.rtf
[2012-07-17 23:03:00 | 000,002,041 | ---- | M] () -- C:\Users\zora\Documents\yugoprevod.rtf
[2012-07-17 19:00:48 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-07-15 08:55:26 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-07-15 08:54:12 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-07-15 08:54:12 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-07-15 08:44:56 | 000,407,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-07-08 04:58:07 | 000,088,142 | ---- | M] () -- C:\Users\Public\Documents\white dragon.rtf
[2012-07-08 04:52:50 | 000,070,000 | ---- | M] () -- C:\Users\Public\Documents\WhiteDragon2004.srt.srt
[2012-07-08 04:52:50 | 000,070,000 | ---- | M] () -- C:\Users\Public\Documents\WhiteDragon2004 - Copy.srt
[2012-07-07 23:20:00 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012-07-07 21:47:59 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
[2012-07-03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012-07-03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012-07-03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012-07-03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012-07-03 18:21:53 | 000,044,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012-07-03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012-07-03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-07-03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012-07-03 15:48:57 | 000,000,612 | ---- | M] () -- C:\Users\zora\AppData\Roaming\AutoGK.ini
[2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-07-03 00:38:45 | 000,001,739 | ---- | M] () -- C:\Users\zora\Desktop\VirtualDubMod - Shortcut.lnk
[2012-07-02 22:18:54 | 000,112,640 | ---- | M] () -- C:\Windows\System32\ff_vfw.dll
[2012-07-02 15:36:56 | 000,099,840 | ---- | M] () -- C:\Program Files\ffvdub.vdf
[2012-07-02 15:36:52 | 000,047,616 | ---- | M] () -- C:\Windows\System32\ff_acm.acm
[2012-07-02 10:39:29 | 000,059,414 | ---- | M] () -- C:\Users\zora\Desktop\tlt-ch1-30-lower case.rtf
[2012-06-30 13:25:11 | 000,001,553 | ---- | M] () -- C:\Users\zora\Desktop\VirtualDub - Shortcut.lnk
[2012-06-30 13:11:06 | 000,008,096 | ---- | M] () -- C:\Users\zora\Documents\dark valleys-hidden slpendor 10.rtf
[2012-06-30 01:52:15 | 000,023,861 | ---- | M] () -- C:\Users\zora\Documents\being real-RE 27.rtf
[2012-06-30 01:49:34 | 000,000,293 | ---- | M] () -- C:\Users\zora\Documents\philosophy.rtf
[2012-06-28 17:41:45 | 000,012,545 | ---- | M] () -- C:\Users\zora\Documents\modern tecnology 8-1rebellious spirit.rtf
[2012-06-28 14:00:37 | 000,011,101 | ---- | M] () -- C:\Users\zora\Documents\mariage _8 Rebelius spirit.rtf
[2012-06-28 03:24:24 | 000,043,073 | ---- | M] () -- C:\Users\zora\Documents\osho -my talks are boring.rtf
[2012-06-28 02:04:50 | 000,008,090 | ---- | M] () -- C:\Users\zora\Documents\commune from ignorence to inocence 3.rtf
[2012-06-27 21:54:17 | 000,021,838 | ---- | M] () -- C:\Users\zora\Documents\womens enlightenment 16-2mira.rtf
[2012-06-27 21:31:48 | 000,013,836 | ---- | M] () -- C:\Users\zora\Documents\transforming power of love.rtf
[2012-06-27 20:06:05 | 000,001,123 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BankID säkerhetsprogram.lnk
[2012-06-27 14:39:35 | 000,036,556 | ---- | M] () -- C:\Users\zora\Documents\mind is the whole problem.rtf
[2012-06-27 01:49:49 | 000,037,644 | ---- | M] () -- C:\Users\zora\Documents\From false to the truth_13_Sympaty is a dirty word.rtf
[2012-06-27 01:44:20 | 000,016,152 | ---- | M] () -- C:\Users\zora\Documents\the path of love and meditation.rtf
[2012-06-26 18:01:07 | 000,001,887 | ---- | M] () -- C:\Users\zora\Desktop\Kies Air Discovery Service.lnk

========== Files Created - No Company Name ==========

[2012-07-25 12:51:36 | 000,004,096 | -HS- | C] () -- C:\{9BE2F96D-9953-412D-8E01-64603DAEEBC7}.CBM
[2012-07-25 09:02:11 | 000,001,261 | ---- | C] () -- C:\Users\zora\Desktop\EaseUS Todo Backup Free 4.5.lnk
[2012-07-25 01:32:10 | 000,482,304 | -HS- | C] () -- C:\EUMONBMP.SYS
[2012-07-25 00:44:42 | 000,042,120 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys
[2012-07-25 00:44:40 | 000,002,071 | ---- | C] () -- C:\Users\Public\Desktop\EaseUS Todo Backup Free 4.5.lnk
[2012-07-24 22:43:17 | 000,000,131 | ---- | C] () -- C:\Windows\CRC.INI
[2012-07-24 20:10:57 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\COMODO BackUp.lnk
[2012-07-24 20:10:56 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_vdbus_01009.Wdf
[2012-07-24 11:03:04 | 000,004,701 | ---- | C] () -- C:\Users\zora\Desktop\Attach.rar
[2012-07-24 10:55:41 | 000,000,589 | ---- | C] () -- C:\Users\zora\Desktop\dds - Shortcut.lnk
[2012-07-23 01:51:00 | 000,049,896 | ---- | C] () -- C:\Users\zora\Desktop\390Nymphaea_caerulea.jpg
[2012-07-22 01:21:59 | 000,019,002 | ---- | C] () -- C:\Users\zora\Documents\child parent.rtf
[2012-07-21 23:31:19 | 000,000,247 | ---- | C] () -- C:\user.js
[2012-07-20 18:04:20 | 000,001,249 | ---- | C] () -- C:\Users\zora\Desktop\rStread-0.13 - Shortcut.lnk
[2012-07-20 10:21:22 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\Video Search.lnk
[2012-07-20 10:21:21 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2012-07-19 19:28:19 | 000,001,629 | ---- | C] () -- C:\Users\zora\Documents\religion-oshotube.rtf
[2012-07-18 09:53:33 | 000,031,693 | ---- | C] () -- C:\Users\zora\Documents\ch3.rtf
[2012-07-17 23:03:00 | 000,002,041 | ---- | C] () -- C:\Users\zora\Documents\yugoprevod.rtf
[2012-07-17 19:00:48 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-07-08 04:58:07 | 000,088,142 | ---- | C] () -- C:\Users\Public\Documents\white dragon.rtf
[2012-07-08 04:56:37 | 000,070,000 | ---- | C] () -- C:\Users\Public\Documents\WhiteDragon2004 - Copy.srt
[2012-07-08 04:50:21 | 000,070,000 | ---- | C] () -- C:\Users\Public\Documents\WhiteDragon2004.srt.srt
[2012-07-07 21:47:59 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk
[2012-07-03 00:38:45 | 000,001,739 | ---- | C] () -- C:\Users\zora\Desktop\VirtualDubMod - Shortcut.lnk
[2012-07-02 08:41:51 | 000,059,414 | ---- | C] () -- C:\Users\zora\Desktop\tlt-ch1-30-lower case.rtf
[2012-06-30 13:25:11 | 000,001,553 | ---- | C] () -- C:\Users\zora\Desktop\VirtualDub - Shortcut.lnk
[2012-06-30 13:11:06 | 000,008,096 | ---- | C] () -- C:\Users\zora\Documents\dark valleys-hidden slpendor 10.rtf
[2012-06-30 01:52:15 | 000,023,861 | ---- | C] () -- C:\Users\zora\Documents\being real-RE 27.rtf
[2012-06-30 01:49:34 | 000,000,293 | ---- | C] () -- C:\Users\zora\Documents\philosophy.rtf
[2012-06-28 17:41:45 | 000,012,545 | ---- | C] () -- C:\Users\zora\Documents\modern tecnology 8-1rebellious spirit.rtf
[2012-06-28 14:00:37 | 000,011,101 | ---- | C] () -- C:\Users\zora\Documents\mariage _8 Rebelius spirit.rtf
[2012-06-28 02:04:50 | 000,008,090 | ---- | C] () -- C:\Users\zora\Documents\commune from ignorence to inocence 3.rtf
[2012-06-27 21:54:17 | 000,021,838 | ---- | C] () -- C:\Users\zora\Documents\womens enlightenment 16-2mira.rtf
[2012-06-27 21:31:48 | 000,013,836 | ---- | C] () -- C:\Users\zora\Documents\transforming power of love.rtf
[2012-06-27 20:06:05 | 000,001,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BankID säkerhetsprogram.lnk
[2012-06-27 14:39:35 | 000,036,556 | ---- | C] () -- C:\Users\zora\Documents\mind is the whole problem.rtf
[2012-06-27 12:36:33 | 000,043,073 | ---- | C] () -- C:\Users\zora\Documents\osho -my talks are boring.rtf
[2012-06-27 01:45:41 | 000,037,644 | ---- | C] () -- C:\Users\zora\Documents\From false to the truth_13_Sympaty is a dirty word.rtf
[2012-06-27 01:44:20 | 000,016,152 | ---- | C] () -- C:\Users\zora\Documents\the path of love and meditation.rtf
[2012-06-18 16:02:49 | 000,130,560 | ---- | C] () -- C:\Windows\System32\cedocida.dll
[2012-06-17 12:23:17 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012-06-17 12:23:17 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012-05-27 15:15:50 | 000,004,608 | ---- | C] () -- C:\Users\zora\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-27 14:45:13 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012-05-27 14:45:13 | 000,099,840 | ---- | C] () -- C:\Program Files\ffvdub.vdf
[2012-05-24 11:16:00 | 000,048,305 | ---- | C] () -- C:\Users\zora\.TransferManager.db
[2012-05-23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-05-23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012-05-23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012-05-23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012-05-23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012-05-23 14:25:52 | 000,010,593 | ---- | C] () -- C:\Windows\CSTBox.INI
[2012-04-23 13:43:11 | 000,000,612 | ---- | C] () -- C:\Users\zora\AppData\Roaming\AutoGK.ini
[2012-04-20 23:18:56 | 000,628,642 | ---- | C] () -- C:\Windows\System32\perfh01D.dat
[2012-04-20 23:18:56 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat
[2012-04-20 23:18:56 | 000,124,718 | ---- | C] () -- C:\Windows\System32\perfc01D.dat
[2012-04-20 23:18:56 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat
[2012-04-20 23:02:04 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2012-04-20 23:02:03 | 000,678,862 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2012-04-20 23:02:03 | 000,133,360 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2012-04-20 23:02:03 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2012-04-17 17:36:07 | 000,000,262 | ---- | C] () -- C:\Windows\hpbafd.ini
[2012-04-08 23:01:57 | 000,000,775 | ---- | C] () -- C:\Windows\VIP.INI
[2012-04-08 20:21:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-06-02 10:07:04 | 000,075,160 | ---- | C] () -- C:\Windows\System32\drivers\bdisk.sys
[2011-06-02 10:06:48 | 000,430,528 | ---- | C] () -- C:\Windows\System32\drivers\CBVD.sys
[2010-11-20 23:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010-11-20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== Files - Unicode (All) ==========
[2012-07-21 16:32:49 | 000,001,987 | ---- | M] ()(C:\Users\zora\Desktop\??????.????.lnk) -- C:\Users\zora\Desktop\Яндекс.Диск.lnk
[2012-07-21 16:32:48 | 000,000,000 | ---D | C](C:\Users\zora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\??????.????) -- C:\Users\zora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Диск
[2012-06-17 18:36:54 | 000,001,987 | ---- | C] ()(C:\Users\zora\Desktop\??????.????.lnk) -- C:\Users\zora\Desktop\Яндекс.Диск.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ponovo pokreni program OTL dvoklikom na ikonu.

U bijeli okvir prozora gdje piše Custom Scans/Fixes iskopirati sljedeći tekst:

:OTL
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=113480&tt=291.....2655b476fd
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113480&tt=2912_4&babsrc=SP_ss&mntrId=b029692f000000000000002655b476fd
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://eu.ask.com/web?l=dis&o=APN10147&gct.....;apn_dtid=^YYYYYY^YY^SE&apn_ptnrs=^A6E&apn_uid=9115874171024915&p2=^A6E^YYYYYY^YY^SE&q={searchTerms}
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=113480&tt=2912_4&babsrc=HP_ss&mntrId=b029692f000000000000002655b476fd"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=113480&tt=2912_4&babsrc=KW_ss&mntrId=b029692f000000000000002655b476fd&q="
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
[2012-04-08 23:37:25 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\zora\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-07-21 23:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012-07-21 23:31:12 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
CHR - homepage: http://search.babylon.com/?affID=113480&tt=291.....2655b476fd
CHR - homepage: http://search.babylon.com/?affID=113480&tt=291.....2655b476fd
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.



Klikni taster Run Fix;

Izvještaj koji dobiješ iskopiraj ovde u poruci.

Ko je trenutno na forumu
 

Ukupno su 1024 korisnika na forumu :: 28 registrovanih, 5 sakrivenih i 991 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Boris BM, BORUTUS, CikaKURE, comi_pfc, Dimitrije Paunovic, draganca, GandorCC, Georgius, helen1, Hexe, hyla, jaeger, Još malo pa deda, Kubovac, ladro, Mi lao shu, mik7, Milometer, Mixelotti, nenad81, nesa1962, raptorsi, S2M, skvara, stegonosa, suton, Vlada1389, vukovi