MyCity » Ambulanta -> Arhiva Ambulante » problem msiihm32.dll

problem msiihm32.dll

Napisano na dan: 30.4.2012

problem msiihm32.dll
Sledeća strana Pagination

Idi na vrh

Poslao: 30 Apr 2012 11:48
Idi na vrh
offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 144
  • Gde živiš: Nis

Prijatan vam radni dan

Kada sam upalio komp izasla je ova poruka

32-bitni Windows


Poslao: 30 Apr 2012 12:00
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Pozdrav cilitis



Isprati uputstva za otvaranje teme http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html i na osnovu tog uputsva postavi odgovarajuće logove.


NIx Car (AMF Tim)

Poslao: 30 Apr 2012 13:20
Idi na vrh
offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 144
  • Gde živiš: Nis

Napisano: 30 Apr 2012 12:06
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by owner at 11:42:04 on 2012-04-30
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.64 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\wscntfy.exe
svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=109035&babsrc=HP_ss&mntrId=04341b87000000000000000ea6281f8d
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [VisualTaskTips] c:\program files\visualtasktips\VisualTaskTips.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [MSIDLL] rundll32.exe msiihm32.dll,RQyYUDer
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\owner\application data\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\documents and settings\owner\application data\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177316463750
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{15E13B7F-0590-4AEE-9375-86D10DA96DE7} : DhcpNameServer = 192.168.0.1 192.168.1.1
TCP: Interfaces\{328A07BF-0A62-4771-A364-4F693F54BF25} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\kwcbr7em.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109035&babsrc=KW_ss&mntrId=04341b87000000000000000ea6281f8d&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\kwcbr7em.default\extensions\{7d2fb79e-e58c-4db5-a36f-ac1c73967f4d}\plugins\npqbc.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: YouTube MP3 Downloadhelper: info@sharkcube.com - %profile%\extensions\info@sharkcube.com
FF - Ext: RapidShare DownloadHelper: rsDownloadHelper@yevgenyandrov.net - %profile%\extensions\rsDownloadHelper@yevgenyandrov.net
FF - Ext: 1-Click YouTube Video Downloader: YoutubeDownloader@PeterOlayev.com - %profile%\extensions\YoutubeDownloader@PeterOlayev.com
FF - Ext: Facebook Phishing Protector: {023e9ca0-63f3-47b1-bcb2-9badf9d9ef28} - %profile%\extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}
FF - Ext: Linkification: {35106bca-6c78-48c7-ac28-56df30b51d2a} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
FF - Ext: QualysBrowserCheck: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} - %profile%\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Tweak Network: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA} - %profile%\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
FF - Ext: PDFescape Extension: {2A1D5949-B519-4924-BF62-8522FE0D5274} - %profile%\extensions\{2A1D5949-B519-4924-BF62-8522FE0D5274}
FF - Ext: Open In Fireworks: {a30e76f5-21a3-4fb4-ab27-4d98af5dca59} - %profile%\extensions\{a30e76f5-21a3-4fb4-ab27-4d98af5dca59}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109035
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 04341b87000000000000000ea6281f8d
FF - user.js: extensions.BabylonToolbar_i.hardId - 04341b87000000000000000ea6281f8d
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15459
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:58:48
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-1-13 36000]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-1-13 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-1-13 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-1-13 74640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-3 654408]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-4-9 3063968]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-11-3 232512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-3 22344]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-4-5 158856]
S3 N100;Compaq Ethernet or Fast Ethernet NIC Driver;c:\windows\system32\drivers\n100325.sys [2007-4-23 128000]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-4-6 27064]
.
=============== Created Last 30 ================
.
2012-04-30 09:34:18 -------- d-----w- c:\documents and settings\all users\application data\boost_interprocess
2012-04-30 08:09:48 -------- d-----w- c:\program files\Lexmark X1100 Series
2012-04-29 13:19:33 1409 ----a-w- c:\windows\QTFont.for
2012-04-29 12:58:41 -------- d-----w- c:\documents and settings\owner\local settings\application data\Babylon
2012-04-29 12:58:40 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2012-04-29 12:58:39 -------- d-----w- c:\documents and settings\owner\application data\Babylon
2012-04-29 12:58:36 -------- d-----w- c:\documents and settings\owner\application data\SystemUpdaterApp
2012-04-29 12:03:59 -------- d-----w- c:\documents and settings\all users\application data\PC Drivers HeadQuarters Inc
2012-04-29 11:59:47 -------- d-----w- c:\documents and settings\owner\application data\GetRightToGo
2012-04-29 10:36:35 94208 ----a-w- c:\windows\system32\lxbkcur.dll
2012-04-29 10:36:35 73728 ----a-w- c:\windows\system32\lxbkcu.dll
2012-04-29 10:36:16 413696 ----a-w- c:\windows\system32\lxbkutil.dll
2012-04-18 17:40:58 -------- d-----w- C:\Lxk1100
2012-04-16 13:15:58 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-04-16 13:15:58 -------- d-----w- c:\windows\system32\wbem\Repository
2012-04-13 13:29:10 61440 ----a-w- c:\windows\system32\lxbkcnv5.dll
2012-04-13 13:29:10 114688 ----a-w- c:\windows\system32\rtscan.dll
2012-04-11 16:09:43 -------- d-----w- c:\documents and settings\owner\local settings\application data\PCHealth
2012-04-10 08:28:17 -------- d-----w- c:\program files\PROGRAM
2012-04-09 09:22:30 4916384 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2012-04-07 10:38:58 -------- d-----w- c:\program files\common files\Adobe AIR(3)
2012-04-06 10:08:48 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-04-06 09:29:21 -------- d-----w- c:\documents and settings\owner\local settings\application data\VS Revo Group
2012-04-06 09:29:01 -------- d-----w- c:\program files\VS Revo Group
2012-04-04 15:59:44 225280 ------w- c:\program files\internet explorer\plugins\NPDocBox.dll
2012-04-04 15:59:00 -------- d-----w- c:\windows\Profiles
2012-04-04 15:58:56 -------- d-----w- c:\windows\system32\Adobe
2012-04-04 15:58:39 306688 ----a-w- c:\windows\IsUn0404.exe
2012-04-04 15:56:08 307200 ----a-w- c:\windows\IsUn041a.exe
2012-04-04 05:53:56 182160 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-04-04 05:53:56 182160 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2012-04-02 14:58:12 -------- d-----w- c:\documents and settings\owner\application data\Thinstall
2012-04-02 08:03:22 -------- d-----w- c:\program files\common files\Adobe AIR(2)
2012-03-31 14:05:42 -------- d-----w- c:\documents and settings\owner\application data\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
.
==================== Find3M ====================
.
2012-04-04 13:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-21 14:12:33 0 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-03-21 14:12:32 273344 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-03-21 14:12:32 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40 385024 ----a-w- c:\windows\system32\html.iec
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 11:42:54,85 ===============

mycity.rs/must-login.png



mycity.rs/must-login.png

Dopuna: 30 Apr 2012 12:15

mycity.rs/must-login.png

Dopuna: 30 Apr 2012 12:20

mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 30 Apr 2012 15:15
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Preuzmi program CatchMe.

Dvoklikom pokreni catchme.exe i klikni na tab Script.
U (beli) prozor programa iskopiraj sledeći tekst:

files:
C:\WINDOWS\system32\msiihm32.dll


Klikni na dugme Run.

Kada se pojavi poruka sa obaveštenjem, klikni na dugme OK.

Po završetku procesa, na Desktopu će se nalaziti datoteka catchme.zip.
Tu datoteku je neophodno postaviti (uploadovati) na forum preko sledeće forme:
http://www.mycity.rs/ambulanta-upload.php



Arrow Korak 2

Preuzmi program OTL sa donjeg linka na Desktop:

download link

Dvoklikom pokreni OTL;
U bijeli okvir prozora gdje piše Custom Scans/Fixes iskopirati sljedeći tekst:

:files
C:\WINDOWS\system32\msiihm32.dll

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSIDLL"=-

:commands
[purity]
[emptytemp]
[reboot]



Klikni taster Run Fix;

Izvještaj koji dobiješ iskopiraj ovde u poruci.



Arrow Korak 3

Ponovo pokreni OTL;
klikni Run Scan;
po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u.

Priloži izvještaj OTL.txt uz poruku korišćenjem opcije Prikači fajl.

Poslao: 30 Apr 2012 15:30
Idi na vrh
offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 144
  • Gde živiš: Nis

Problem nece

Poslao: 30 Apr 2012 15:33
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nisi dobro iskopirao skriptu u koraku jedan. Izostavio si liniju:
:files

Poslao: 30 Apr 2012 15:53
Idi na vrh
offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 144
  • Gde živiš: Nis

Napisano: 30 Apr 2012 14:44

Ok moja greska

jesam uploud i

Vas fajl je uspesno uploadovan.
Molimo Vas da u temi u kojoj je od Vas zahtevano da uploadujete fajl, obavestite lice koje Vam pomaze da ste to uspesno uradili.
Hvala Vam.


mycity.rs/must-login.png


All processes killed
========== FILES ==========
File\Folder C:\WINDOWS\system32\msiihm32.dll not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSIDLL deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: owner
->Temp folder emptied: 35421358 bytes
->Temporary Internet Files folder emptied: 10891762 bytes
->Java cache emptied: 46780 bytes
->FireFox cache emptied: 95339877 bytes
->Flash cache emptied: 1486 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 73728 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 135,00 mb


OTL by OldTimer - Version 3.2.42.2 log created on 04302012_153423

Files\Folders moved on Reboot...
File move failed. C:\Documents and Settings\owner\Local Settings\Temp\server.exe scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Dopuna: 30 Apr 2012 14:53

mycity.rs/must-login.png




OTL logfile created on: 30.4.2012 15:45:13 - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = D:\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000081A | Country: Serbia and Montenegro | Language: SRL | Date Format: d.M.yyyy

511,53 Mb Total Physical Memory | 76,86 Mb Available Physical Memory | 15,03% Memory free
1,22 Gb Paging File | 0,75 Gb Available in Paging File | 61,92% Paging File free
Paging file location(s): C:\pagefile.sys 766 766 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 44,28 Gb Total Space | 30,07 Gb Free Space | 67,91% Space Free | Partition Type: NTFS
Drive D: | 104,76 Gb Total Space | 88,58 Gb Free Space | 84,55% Space Free | Partition Type: NTFS

Computer Name: HOME-E30B55376D | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.30 15:33:23 | 000,595,456 | ---- | M] (OldTimer Tools) -- D:\My Documents\Downloads\OTL.exe
PRC - [2012.04.20 12:13:30 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.03.12 22:25:06 | 000,583,680 | ---- | M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2012.03.02 15:52:34 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe
PRC - [2012.03.02 15:41:20 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011.12.15 16:00:35 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.12.15 16:00:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.15 16:00:12 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.12.15 16:00:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.31 17:53:36 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2011.08.02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2008.04.14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.03.14 20:24:32 | 000,034,816 | ---- | M] (VisualTaskTips.com) -- C:\Program Files\VisualTaskTips\VisualTaskTips.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012.04.20 12:13:29 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.12.15 16:00:24 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011.12.02 16:30:07 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2007.09.17 01:07:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2006.03.14 20:24:27 | 000,004,096 | ---- | M] () -- C:\Program Files\VisualTaskTips\VttHooks.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.15 16:00:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.15 16:00:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.15 13:53:39 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.12.15 16:00:35 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.12.15 16:00:35 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.11.03 18:24:05 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.12.30 10:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2007.04.23 10:23:51 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.08.17 12:11:38 | 000,128,000 | ---- | M] (Compaq Computer Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n100325.sys -- (N100)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = search.babylon.com/?affID=109035&babsrc.....0ea6281f8d
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = search.babylon.com/?q={searchTerms}&affID=109035&babsrc=SP_ss&mntrId=04341b87000000000000000ea6281f8d
IE - HKCU\..\SearchScopes\{82D7B80F-7BD3-4E73-B330-67BED78AE9B7}: "URL" = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}:3.0
FF - prefs.js..extensions.enabledItems: rsDownloadHelper@yevgenyandrov.net:1.0
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5
FF - prefs.js..extensions.enabledItems: greasefire@skrul.com:1.0.4
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.6
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}:1.3.41.1
FF - prefs.js..extensions.enabledItems: info@sharkcube.com:0.5
FF - prefs.js..extensions.enabledItems: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.5.4
FF - prefs.js..extensions.enabledItems: {2A1D5949-B519-4924-BF62-8522FE0D5274}:0.17
FF - prefs.js..extensions.enabledItems: {a30e76f5-21a3-4fb4-ab27-4d98af5dca59}:1.0
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=109035&babsrc=KW_ss&mntrId=04341b87000000000000000ea6281f8d&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.11.26 20:25:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.20 12:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.20 13:33:34 | 000,000,000 | ---D | M]

[2010.08.04 14:30:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\owner\Application Data\Mozilla\Extensions
[2012.04.30 10:09:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions
[2012.01.04 03:46:47 | 000,000,000 | ---D | M] (Facebook Phishing Protector) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}
[2012.04.02 20:48:27 | 000,000,000 | ---D | M] (Adblock Lite) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{1e9a63ef-84ec-49a4-8d6f-2dd9524e90d0}(2)
[2012.04.13 12:40:57 | 000,000,000 | ---D | M] (PDFescape Extension) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{2A1D5949-B519-4924-BF62-8522FE0D5274}
[2011.11.26 01:39:15 | 000,000,000 | ---D | M] (Linkification) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2012.01.07 09:18:48 | 000,000,000 | ---D | M] (Qualys BrowserCheck) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
[2012.04.13 12:40:57 | 000,000,000 | ---D | M] (Open In Fireworks) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{a30e76f5-21a3-4fb4-ab27-4d98af5dca59}
[2011.11.14 10:41:19 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.04.20 12:26:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.01.04 03:49:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2012.01.04 03:49:02 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012.04.09 13:03:42 | 000,000,000 | ---D | M] (Tweak Network) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
[2012.01.04 03:49:01 | 000,000,000 | ---D | M] (Tweak Network) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}(2)
[2012.03.22 10:52:57 | 000,000,000 | ---D | M] (Tweak Network) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}(3)
[2012.04.20 13:17:41 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.04.09 07:58:37 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}(2)
[2012.04.09 07:58:35 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}(2)
[2012.03.22 10:49:29 | 000,000,000 | ---D | M] (YouTube MP3 Downloadhelper) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\info@sharkcube.com
[2012.04.09 07:58:36 | 000,000,000 | ---D | M] (Low Quality Flash) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\low_quality_flash@pie2k(2).com
[2012.04.20 12:26:55 | 000,000,000 | ---D | M] (RapidShare_Extension) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\RapidShare_Extension_for_Firefox@mozilla.org
[2012.01.04 03:49:03 | 000,000,000 | ---D | M] (RS+MU Downloader) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\rsDownloader@163(2).com
[2011.11.04 14:04:39 | 000,000,000 | ---D | M] (RapidShare DownloadHelper) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\rsDownloadHelper@yevgenyandrov.net
[2011.11.04 14:04:39 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\YoutubeDownloader@PeterOlayev.com
[2012.04.20 12:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\RapidShare_Extension_for_Firefox@mozilla.org\chrome
[2012.04.20 12:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\kwcbr7em.default\extensions\RapidShare_Extension_for_Firefox@mozilla.org\defaults
[2012.04.30 11:34:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.04.30 11:34:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.11.27 23:18:06 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.04.20 12:13:31 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.27 23:18:05 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.04.29 14:58:42 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.04.20 12:13:23 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.20 12:13:23 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2_0\

O1 HOSTS File: ([2012.01.12 13:36:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\owner\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\owner\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} update.microsoft.com/windowsupdate/v6/V5Con.....7316463750 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15E13B7F-0590-4AEE-9375-86D10DA96DE7}: DhcpNameServer = 192.168.0.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{328A07BF-0A62-4771-A364-4F693F54BF25}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.23 10:02:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.04.30 11:41:38 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\owner\Desktop\dds.scr
[2012.04.30 11:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012.04.30 11:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.04.30 11:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012.04.30 10:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark X1100 Series
[2012.04.30 10:09:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\owner\Recent
[2012.04.29 16:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\New Folder (2)
[2012.04.29 14:58:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Local Settings\Application Data\Babylon
[2012.04.29 14:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012.04.29 14:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\Babylon
[2012.04.29 14:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\SystemUpdaterApp
[2012.04.29 14:03:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters Inc
[2012.04.29 13:59:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\GetRightToGo
[2012.04.29 12:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\slike
[2012.04.29 12:36:35 | 000,094,208 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\lxbkcur.dll
[2012.04.29 12:36:35 | 000,073,728 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\lxbkcu.dll
[2012.04.29 12:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2012.04.28 16:47:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\New Folder
[2012.04.25 09:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\Etno restoran Cardak Nis
[2012.04.18 19:40:58 | 000,000,000 | ---D | C] -- C:\Lxk1100
[2012.04.13 15:29:10 | 000,114,688 | ---- | C] (Funai) -- C:\WINDOWS\System32\rtscan.dll
[2012.04.13 13:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\Ana
[2012.04.11 18:09:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Local Settings\Application Data\PCHealth
[2012.04.10 10:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\PROGRAM
[2012.04.09 07:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2012.04.09 07:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\cile Doc
[2012.04.09 07:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012.04.07 12:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR(3)
[2012.04.06 12:08:48 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2012.04.06 11:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Local Settings\Application Data\VS Revo Group
[2012.04.06 11:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2012.04.06 11:29:01 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.04.05 12:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\keramika nis
[2012.04.04 17:59:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2012.04.04 17:58:56 | 000,000,000 | ---D | C] -- D:\My Documents\My eBooks
[2012.04.04 17:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\InterTrust
[2012.04.04 17:58:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2012.04.04 17:58:39 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn0404.exe
[2012.04.04 17:56:08 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn041a.exe
[2012.04.02 16:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\Thinstall
[2012.04.02 10:03:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR(2)
[2012.03.31 16:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1

========== Files - Modified Within 30 Days ==========

[2012.04.30 15:50:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EF5539D9-73C2-488E-899E-A6A99A167973}.job
[2012.04.30 15:41:45 | 000,000,231 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\catchme.zip
[2012.04.30 15:36:02 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-670792205-2225589205-3563514748-1003.job
[2012.04.30 15:36:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2012.04.30 15:36:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\DriverScanner.job
[2012.04.30 15:36:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\SpeedUpMyPC.job
[2012.04.30 15:35:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.04.30 15:28:51 | 000,141,767 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\Screen01 Apr. 30 15.28.jpg
[2012.04.30 15:26:22 | 000,142,336 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\catchme.exe
[2012.04.30 15:24:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.04.30 11:47:44 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\g33uw1v1.exe
[2012.04.30 11:41:29 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\owner\Desktop\dds.scr
[2012.04.30 09:37:29 | 000,138,752 | ---- | M] () -- C:\Documents and Settings\owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.30 09:37:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.04.30 09:34:31 | 000,023,340 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\Screen01 Apr. 30 09.33.jpg
[2012.04.29 15:19:33 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012.04.29 15:19:33 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012.04.29 11:22:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.04.20 13:33:35 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012.04.14 11:37:32 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012.04.13 09:59:35 | 000,001,517 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\Paint (2).lnk
[2012.04.12 11:45:44 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\Microsoft Office Word 2003.lnk
[2012.04.09 08:31:18 | 000,001,622 | ---- | M] () -- C:\Documents and Settings\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.04.09 08:31:18 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.04.09 08:06:15 | 000,435,876 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.04.09 08:06:15 | 000,068,388 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.04.06 12:08:49 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.04.03 09:46:26 | 000,367,409 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\profaktura-70249-2012.pdf

========== Files Created - No Company Name ==========

[2012.04.30 15:41:45 | 000,000,231 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\catchme.zip
[2012.04.30 15:28:51 | 000,141,767 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\Screen01 Apr. 30 15.28.jpg
[2012.04.30 15:26:41 | 000,142,336 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\catchme.exe
[2012.04.30 11:48:18 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\g33uw1v1.exe
[2012.04.30 09:34:00 | 000,023,340 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\Screen01 Apr. 30 09.33.jpg
[2012.04.29 15:19:33 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012.04.29 15:19:33 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012.04.29 12:36:16 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\lxbkutil.dll
[2012.04.20 13:33:35 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012.04.20 13:33:34 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012.04.13 15:29:10 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxbkcnv5.dll
[2012.04.13 15:29:10 | 000,039,899 | ---- | C] () -- C:\WINDOWS\System32\rtsicis.ini
[2012.04.13 09:59:35 | 000,001,517 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\Paint (2).lnk
[2012.04.06 12:08:49 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2012.04.04 17:59:05 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Reader 5.0.lnk
[2012.04.03 09:46:38 | 000,367,409 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\profaktura-70249-2012.pdf
[2012.03.31 16:13:32 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.03.21 16:12:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.03.21 16:12:32 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.03.21 16:12:32 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.03.15 16:08:44 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.15 12:35:45 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2012.01.15 12:35:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2012.01.15 12:35:21 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2011.11.14 00:47:57 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.11.06 17:55:24 | 000,000,930 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{0FAE34A6-85FB-E2DF-448C-00005040B41C}
[2011.11.05 10:06:53 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.11.04 11:48:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.04.12 09:18:22 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011.04.12 09:18:22 | 000,003,459 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.12.13 21:24:24 | 000,864,256 | ---- | C] ( ) -- C:\WINDOWS\System32\GNADDPlang.dll
[2010.12.13 21:23:38 | 000,204,800 | ---- | C] ( ) -- C:\WINDOWS\System32\GNADDPinpa.dll
[2010.12.13 21:23:26 | 000,626,688 | ---- | C] ( ) -- C:\WINDOWS\System32\GNADDPcomc.dll
[2010.08.04 14:30:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.08.04 13:11:40 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

< End of report >

Poslao: 30 Apr 2012 16:31
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U postavljenom izvještaju nema tragova aktivne infekcije i poruku iz screenshota ne bi trebalo više da dobijaš.
Potrebno je još da uradiš dole navedene korake.


Arrow

Ponovo pokreni OTL i klikni na dugme CleanUp.



Arrow

Obavezno posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Pozdrav.

Poslao: 30 Apr 2012 17:05
Idi na vrh
offline
  • Stefanovic
  • Pridružio: 02 Nov 2011
  • Poruke: 144
  • Gde živiš: Nis

Hvala puno ,nema vise obavestenja sve je ok ...
sampion si....
a i svi na my city-u ...puno pozdrava i srecan rad

MyCity » Ambulanta -> Arhiva Ambulante » problem msiihm32.dll

Ko je trenutno na forumu
 

Ukupno su 890 korisnika na forumu :: 37 registrovanih, 5 sakrivenih i 848 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 8u47, A.R.Chafee.Jr., airsuba, Aleksandar Tomić, amaterSRB, Arahne, ccoogg123, Denaya, Dorcolac, Dukelander, dule10savic, esx66, Georgius, goxin, JOntra, kjkszpj, kolle.the.kid, mikrimaus, Mixelotti, mnn2, nemkea71, NoOneEver Dreams, Parker, raptorsi, RJ, rovac, samsung, Sančo, Sumadija34, Trpe Grozni, Tvrtko I, virked, Vlada1389, VP6919, |_MeD_|, šumar bk2