Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Adaptor pt casti

În UE, permis digital de conducato...

Spalatorie auto profesionala in I...

Anxietate si Safety behaviors OCD.
 Conducta DN 800 pe teren construi...

placa video buna pentru redare ca...

in cat timp se activeaza un abona...

Dilema dupa facultate
 Reciclare metale - merita?

Renault Arkana sh sau Sang Yong K...

La multi ani @ceanu1980!

La multi ani @KiloW!
 ChatGPT - Certificat de rezidenta...

Page numbers in Google Docs, dar ...

Prenadez dubios

WhatsApp pe cartela din routerul ...
 

Problema cu Browse to Save

- - - - -
  • Please log in to reply
27 replies to this topic

#1
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
Am instalat ceva ce nu trebuia si m-am pomenit cu acest virus, care mi-a instalat o fereastra in partea de sus a blogului meu de pe platforma blogger. Am cautat solutii si am efectuat urmatorii pasi:
1. Am dezinstalat programul Browssetosave in Control Panel
2. Am dezinstalat add-on -ul respectiv din ambele browsere: Mozilla si IE
3. Am folosit Adwcleaner pentru curatarea registrilor
4. Am scanat cu Malwarebytes Anti-Malware si am sters toate intrarile pe care le-a gasit
5. Am scanat cu HitmanPro si am sters, de asemenea, tot ce a gasit.
Dupa toate astea, blogul meu se prezinta asa:
Attached File  Virus blog.jpg   17.43K   18 downloads
Ma poate ajuta cineva?
Multumesc

#2
Farrell

Farrell

    Active Member

  • Grup: Members
  • Posts: 1,848
  • Înscris: 09.01.2007
Instructiuni pentru dezinstalare : http://malwaretips.c...se-to-save-ads/

Edited by Farrell, 21 April 2013 - 11:41.


#3
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
Exact aceste instructiuni le-am folosit. Le-am urmat pas cu pas si rezultatul este in poza.

#4
MhG_51

MhG_51

    :)

  • Grup: Moderators
  • Posts: 3,317
  • Înscris: 04.05.2009
Farrell,
exact asta a facut.

Quote

1. Am dezinstalat programul Browssetosave in Control Panel
2. Am dezinstalat add-on -ul respectiv din ambele browsere: Mozilla si IE
3. Am folosit Adwcleaner pentru curatarea registrilor
4. Am scanat cu Malwarebytes Anti-Malware si am sters toate intrarile pe care le-a gasit
5. Am scanat cu HitmanPro si am sters, de asemenea, tot ce a gasit.

rebroff,
poti sa postezi log-ul, de la :
Malwarebytes Anti-Malware si AdwCleaner?

[ http://i51.tinypic.com/2yllhk5.jpg - Pentru incarcare in pagina (embed) Click aici ]

Logul se gaseste in C:\AdwCleaner[Sn].txt (n este un numar).

Edited by MhG_40, 21 April 2013 - 12:02.


#5
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224903
Time elapsed: 8 minute(s), 56 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 8
C:\Documents and Settings\All Users\Application Data\VauaDIx\51738cdc99d69.dll (Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Seearcuhy-NewTab\51738f8c7fbe4.dll (Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Browusse2ssave\516e80348e24f.dll (Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Raul\Local Settings\temp\{9E38FBD4-E676-4134-A3DF-AE5445DBD922}\Addons\newtab_setup.exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Raul\Local Settings\temp\{9E38FBD4-E676-4134-A3DF-AE5445DBD922}\Addons\vaudix_extension.exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Raul\Local Settings\Temporary Internet Files\Content.IE5\193DQ017\51738cdcb29b3[1].exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Raul\Local Settings\Temporary Internet Files\Content.IE5\S5NBMLQJ\51738f8c962ca[1].exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\user32.dat (Trojan.Downloader) -> Quarantined and deleted successfully.
(end)


Logul lui Adwcleaner nu stiu sa-l recuperez, conform instructiunilor l-am folosit si apoi l-am dezinstalat

#6
MhG_51

MhG_51

    :)

  • Grup: Moderators
  • Posts: 3,317
  • Înscris: 04.05.2009
Bine si asa.
Aveam nevoie de indicii, sa stiu ce sa urmaresc(in log).
Posteaza un log OTL.
Vezi aici cum:
http://forum.softped...og-otl-si-gmer/

Edited by MhG_40, 21 April 2013 - 12:45.


#7
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
OTL.Txt

OTL logfile created on: 21.04.2013 12:42:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Raul\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000418 | Country: Romania | Language: ROM | Date Format: dd.MM.yyyy

894,04 Mb Total Physical Memory | 668,64 Mb Available Physical Memory | 74,79% Memory free
2,12 Gb Paging File | 1,37 Gb Available in Paging File | 64,91% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,00 Gb Total Space | 4,28 Gb Free Space | 21,39% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 6,74 Gb Free Space | 11,23% Space Free | Partition Type: NTFS
Drive E: | 69,04 Gb Total Space | 8,73 Gb Free Space | 12,64% Space Free | Partition Type: NTFS

Computer Name: RAUL | User Name: Raul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.04.21 12:40:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Raul\Desktop\OTL.exe
PRC - [2013.04.05 01:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Raul\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2013.04.04 18:49:37 | 001,345,008 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
PRC - [2013.04.04 18:48:49 | 001,617,440 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
PRC - [2013.04.04 18:48:49 | 000,055,984 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.01.12 04:27:33 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.11.01 22:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012.07.11 21:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2012.04.26 20:50:31 | 000,091,736 | ---- | M] (NewSoftwares.net, Inc.) -- C:\WINDOWS\system32\WinFLService.exe
PRC - [2010.04.05 22:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.11.09 23:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.04.14 03:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013.04.04 18:51:13 | 000,099,744 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\imsecurityal.dll
MOD - [2013.04.04 18:49:59 | 000,003,072 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\ui\accessl.ui
MOD - [2013.04.04 18:49:58 | 000,005,120 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\ui\imsecurityal.ui
MOD - [2013.04.04 18:49:35 | 000,204,280 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
MOD - [2013.04.04 18:49:35 | 000,093,040 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll
MOD - [2013.03.25 15:07:11 | 002,039,216 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00013_011\ashttpph.mdl
MOD - [2013.03.25 15:07:11 | 000,546,240 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00013_011\ashttpdsp.mdl
MOD - [2013.03.25 15:07:08 | 000,996,928 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00013_011\ashttprbl.mdl
MOD - [2013.03.25 15:07:07 | 000,673,448 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00013_011\ashttpbr.mdl
MOD - [2013.03.13 23:48:52 | 024,978,944 | ---- | M] () -- C:\Documents and Settings\Raul\Application Data\Dropbox\bin\libcef.dll
MOD - [2012.12.20 17:38:36 | 000,394,408 | ---- | M] () -- \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\trufos.dll
MOD - [2012.11.14 02:32:50 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\Raul\Application Data\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012.10.15 17:16:56 | 001,401,344 | ---- | M] () -- C:\Program Files\JPEG Lossless Rotator\contmenu.dll
MOD - [2012.04.02 09:05:16 | 000,573,840 | ---- | M] () -- C:\Program Files\Hardwipe\hwshell.dll
MOD - [2011.11.14 20:17:06 | 000,132,176 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll
MOD - [2010.07.05 00:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010.04.05 22:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008.07.20 14:24:37 | 000,043,520 | ---- | M] () -- C:\WINDOWS\system32\CmdLineExt03.dll
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\uirvblu.dll -- (wbqucsmru)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\oleclj32.exe -- (sigvesif)
SRV - File not found [Auto | Stopped] -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo)
SRV - File not found [Auto | Stopped] -- C:\Program Files\The Cleaner\mhelper.exe -- (moohelp)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\uirvblu.dll -- (gfkfw)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.15 17:30:59 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.14 18:31:58 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 18:49:37 | 001,345,008 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV - [2013.04.04 18:49:33 | 000,062,688 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2013.04.04 18:48:49 | 000,055,984 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.01.12 04:27:33 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.07.13 13:28:36 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.11 21:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012.04.26 20:50:31 | 000,091,736 | ---- | M] (NewSoftwares.net, Inc.) [Auto | Running] -- C:\WINDOWS\system32\WinFLService.exe -- (FLService)
SRV - [2010.04.05 22:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.11.09 23:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006.03.25 18:17:26 | 000,278,613 | ---- | M] (Atheros) [Disabled | Stopped] -- C:\WINDOWS\system32\acs.exe -- (ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\gtuhsbus.sys -- (GTUHSBUS)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Raul\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013.04.21 12:00:07 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013.04.04 18:49:30 | 000,162,976 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\gzflt.sys -- (gzflt)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.02.06 19:05:01 | 000,066,392 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bdsandbox.sys -- (BDSandBox)
DRV - [2013.02.06 19:04:50 | 000,482,928 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2013.02.06 19:04:39 | 000,625,128 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avc3.sys -- (avc3)
DRV - [2012.12.20 17:39:00 | 000,343,456 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\trufos.sys -- (trufos)
DRV - [2012.10.02 12:31:18 | 000,134,136 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys -- (bdselfpr)
DRV - [2012.07.06 16:13:08 | 000,116,248 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\BitDefender\Bitdefender Firewall\bdfndisf.sys -- (Bdfndisf)
DRV - [2012.04.26 20:50:54 | 000,029,584 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\WinFLAdrv.sys -- (WinFLAdrv)
DRV - [2012.04.26 20:50:52 | 000,188,176 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\system32\WinVDEdrv6.sys -- (NEWDRIVER)
DRV - [2012.04.26 20:50:51 | 000,228,112 | ---- | M] (NewSoftwares.net, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\WinVDEdrv.sys -- (WinVDEDrv)
DRV - [2011.11.14 21:16:26 | 000,130,640 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2011.07.22 19:27:02 | 000,012,880 | ---- | M] (SUPER*****er.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.13 00:55:22 | 000,067,664 | ---- | M] (SUPER*****er.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.09.23 14:29:24 | 000,107,520 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtuhs51.sys -- (GTUHSNDISIPXP)
DRV - [2010.09.23 14:29:24 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtuhsser.sys -- (GTUHSSER)
DRV - [2010.07.04 22:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009.11.04 17:59:38 | 000,113,280 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.11.04 17:59:38 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.11.04 17:59:38 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008.06.13 23:33:38 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2006.12.16 22:50:30 | 001,918,464 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.11.15 14:34:40 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006.03.23 00:27:10 | 000,488,992 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004.10.08 10:51:08 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004.08.04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzu...q={searchTerms}
IE - HKLM\..\SearchScopes\{3E1F790D-4AE8-E0A8-066E-432D2E4253B1}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\..\SearchScopes,Backup.Old.DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\..\SearchScopes\{3E1F790D-4AE8-E0A8-066E-432D2E4253B1}: "URL" = https://isearch.avg....sa&d=2012-07-18 16:00:19&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1801674531-1004336348-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== Firefox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: nishan.naseer.googimagesearch%40gmail.com:0.5
FF - prefs.js..extensions.enabledAddons: %7B5384767E-00D9-40E9-B72F-9CC39D655D6F%7D:1.4.2.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.14 18:32:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.22 12:09:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2012.11.08 11:24:48 | 000,000,000 | ---D | M]

[2010.07.22 19:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Extensions
[2013.04.21 10:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions
[2012.07.09 06:17:16 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2013.04.16 16:57:59 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2013.02.23 22:01:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.17 17:46:08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2012.09.17 17:48:13 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}(2)
[2013.04.21 09:02:48 | 000,000,000 | ---D | M] (VauaDIx) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\[email protected]
[2013.04.06 16:47:25 | 000,000,000 | ---D | M] (Self-Destructing Cookies) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack
[2013.04.21 09:07:58 | 000,000,000 | ---D | M] (Seearcuhy-NewTab) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\[email protected]
[2013.04.21 09:06:54 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\[email protected]
[2013.04.17 15:23:01 | 000,262,896 | ---- | M] () (No name found) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\[email protected]
[2012.09.26 18:15:50 | 000,004,287 | ---- | M] () (No name found) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\[email protected]
[2013.04.16 14:03:22 | 000,532,430 | ---- | M] () (No name found) -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2011.08.12 15:25:07 | 000,001,945 | ---- | M] () -- C:\Documents and Settings\Raul\Application Data\Mozilla\Firefox\Profiles\0zydw0qf.default\searchplugins\bing-zugo.xml
[2013.04.20 08:31:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.04.14 18:32:01 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.03.07 20:58:58 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.06.02 14:02:51 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2013.03.07 20:58:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipediaro.xml

========== Chrome  ==========

CHR - homepage: http://search.babylon.com/?affID=110823&tt=120912_cpc_3912_3&babsrc=HP_ss&mntrId=8893463d000000000000001b24fd641e
CHR - Extension: No name found = C:\Documents and Settings\Raul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aealagiepjfgkkeddhfdmdddbjapjnek\1\
CHR - Extension: No name found = C:\Documents and Settings\Raul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\
CHR - Extension: No name found = C:\Documents and Settings\Raul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fgmgnnmjgkibpmempgnjaihcfjbmkpic\1\
CHR - Extension: No name found = C:\Documents and Settings\Raul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihiddkmjconiadfmkjccmgijlmbacjjj\1\

O1 HOSTS File: ([2006.02.28 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    localhost
O2 - BHO: (Speed Analysis 2) - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files\Speed Analysis 2\ScriptHost.dll (SpeedAnalysis.com)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKU\S-1-5-21-1801674531-1004336348-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1801674531-1004336348-725345543-1004..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-1801674531-1004336348-725345543-500..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe File not found
O4 - Startup: C:\Documents and Settings\Raul\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Raul\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1801674531-1004336348-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF3F2BA7-982E-4A78-9F52-626AA90F562E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (Super*****er.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.06.09 23:07:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.10.05 21:51:00 | 000,000,000 | ---- | M] () - E:\AUTORUN.FCB -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.04.21 12:40:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Raul\Desktop\OTL.exe
[2013.04.21 11:59:54 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.04.21 10:55:21 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2013.04.21 10:47:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2013.04.21 10:47:28 | 009,097,384 | ---- | C] (SurfRight B.V.) -- C:\Documents and Settings\Raul\Desktop\HitmanPro.exe
[2013.04.21 10:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.21 10:25:05 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.04.21 10:25:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.04.21 10:23:01 | 010,285,040 | ---- | C] (Malwarebytes Corporation     ) -- C:\Documents and Settings\Raul\Desktop\mbam-setup-1.75.0.1300.exe
[2013.04.21 09:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2013.04.21 09:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Application Data\SpeedAnalysis2
[2013.04.21 09:06:35 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2013.04.21 09:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Speed Analysis 2
[2013.04.21 09:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seearcuhy-NewTab
[2013.04.21 08:53:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VauaDIx
[2013.04.21 08:21:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Desktop\Huck Finn
[2013.04.21 07:44:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Raul\Recent
[2013.04.20 09:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Desktop\Miro
[2013.04.20 08:33:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\My Documents\Kvisoft
[2013.04.19 13:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\PDFBinder
[2013.04.19 13:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PDFBinder
[2013.04.19 11:56:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Application Data\PrimoPDF
[2013.04.19 11:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF
[2013.04.19 11:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Application Data\Softland
[2013.04.19 11:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2013.04.19 09:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2013.04.19 09:32:46 | 000,956,344 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Raul\Desktop\SaveAsPDFandXPS.exe
[2013.04.18 11:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Jpg2Pdf
[2013.04.18 11:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Jpg2Pdf
[2013.04.18 11:17:44 | 003,961,442 | ---- | C] (Office Necessities inc. ) -- C:\Documents and Settings\Raul\Desktop\jpg2pdf_setup.exe
[2013.04.18 11:12:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Application Data\DSite
[2013.04.18 10:32:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Desktop\Framing Studio 3.71 Port by speedzodiac
[2013.04.17 12:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\Smart File Advisor
[2013.04.17 12:20:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Browusse2ssave
[2013.04.06 16:43:50 | 000,897,448 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\Raul\Desktop\jre-7u17-windows-i586-iftw.exe
[2013.04.06 07:50:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013.04.05 07:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Desktop\Lucruri faine
[2013.03.27 16:54:23 | 000,289,944 | ---- | C] (SoftSafe) -- C:\Documents and Settings\Raul\Desktop\VaudiX.exe
[2013.03.26 22:10:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Raul\My Documents\Dropbox
[2013.03.26 22:03:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Start Menu\Programs\Dropbox
[2013.03.26 22:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Application Data\Dropbox
[2013.03.26 21:53:31 | 030,780,592 | ---- | C] (Dropbox, Inc.) -- C:\Documents and Settings\Raul\Desktop\Dropbox 2.0.0.exe
[2013.03.24 17:02:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Smart PC Solutions
[2013.03.24 17:02:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Application Data\Smart PC Solutions
[2013.03.24 17:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\Smart PC Solutions
[2013.03.23 11:19:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\My Documents\Descărcări
[2013.03.23 09:47:29 | 020,914,064 | ---- | C] (Mozilla) -- C:\Documents and Settings\Raul\Desktop\Firefox Setup 19.0.2.exe
[2013.03.23 09:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Application Data\thecleaner
[2013.03.23 09:08:13 | 000,000,000 | ---D | C] -- C:\Program Files\The Cleaner
[2013.03.23 09:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\jsplus
[2013.03.14 13:49:16 | 000,503,400 | ---- | C] (SoftStud) -- C:\Documents and Settings\Raul\Application Data\22find_uninstaller.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Raul\Desktop\*.tmp files -> C:\Documents and Settings\Raul\Desktop\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.04.21 12:42:03 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.04.21 12:40:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Raul\Desktop\OTL.exe
[2013.04.21 12:08:01 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.21 12:00:07 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.04.21 11:32:31 | 000,017,846 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Virus blog.jpg
[2013.04.21 11:12:24 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013.04.21 10:55:22 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2013.04.21 10:55:21 | 000,000,394 | ---- | M] () -- C:\WINDOWS\System32\bootdelete.lst
[2013.04.21 10:47:43 | 009,097,384 | ---- | M] (SurfRight B.V.) -- C:\Documents and Settings\Raul\Desktop\HitmanPro.exe
[2013.04.21 10:40:34 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.21 10:40:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.21 10:25:14 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.21 10:23:13 | 010,285,040 | ---- | M] (Malwarebytes Corporation     ) -- C:\Documents and Settings\Raul\Desktop\mbam-setup-1.75.0.1300.exe
[2013.04.21 10:12:16 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Raul\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013.04.21 10:12:16 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\Raul\Application Data\Microsoft\Internet Explorer\Quick Launch\22find.lnk
[2013.04.21 09:47:24 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\EPUpdater.job
[2013.04.21 09:06:09 | 000,001,130 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\SpeedAnalysis.lnk
[2013.04.21 09:04:26 | 000,569,120 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\BestCodecsPackSetup.exe
[2013.04.21 08:50:41 | 000,289,944 | ---- | M] (SoftSafe) -- C:\Documents and Settings\Raul\Desktop\VaudiX.exe
[2013.04.20 22:36:26 | 000,048,697 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\DOCS-Mythology.eBooks.Collection.PDF-OMNiSCiENT.torrent
[2013.04.20 21:34:21 | 000,391,054 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Adio, Dinu Patriciu.bmp
[2013.04.20 21:23:19 | 000,295,254 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Un om sfarsit.bmp
[2013.04.20 20:57:31 | 000,130,558 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Pirul.jpg
[2013.04.20 17:02:15 | 000,524,130 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Somnul7.bmp
[2013.04.20 12:51:15 | 002,592,183 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Hamma, vulpea desertului.pdf
[2013.04.20 12:48:01 | 000,166,053 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Pag1.pdf
[2013.04.20 12:37:42 | 000,061,315 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Pag21.pdf
[2013.04.20 11:17:24 | 000,080,781 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Hamma cu titlu si autor.jpg
[2013.04.20 10:56:05 | 000,182,441 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Hamma1.jpg
[2013.04.20 09:03:48 | 000,431,418 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Lebedele.bmp
[2013.04.20 08:12:38 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.04.19 21:22:30 | 003,499,424 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\New Doc 3.pdf
[2013.04.19 20:23:36 | 000,329,090 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Pag22222222222222222.pdf
[2013.04.19 19:55:09 | 000,258,794 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Lucru.pdf
[2013.04.19 19:27:09 | 007,299,811 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Erasmus din Rotterdam.rar
[2013.04.19 19:17:07 | 000,047,488 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Pag5.pdf
[2013.04.19 18:57:33 | 000,019,994 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Hamma last picture.JPG
[2013.04.19 16:42:50 | 000,024,328 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Hamma poza2.JPG
[2013.04.19 14:31:30 | 000,188,102 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Pag22.pdf
[2013.04.19 13:16:44 | 001,763,328 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\PDFBinder-v1.2.msi
[2013.04.19 09:32:47 | 000,956,344 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Raul\Desktop\SaveAsPDFandXPS.exe
[2013.04.19 07:02:59 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ABBYY FineReader 11.lnk
[2013.04.18 17:30:09 | 000,365,263 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\HCharriere-Banco.rar
[2013.04.18 17:28:30 | 008,881,720 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Papillon - Henri Charriere v 2.2.rar
[2013.04.18 11:18:09 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\JPEG to PDF converter.lnk
[2013.04.18 11:17:46 | 003,961,442 | ---- | M] (Office Necessities inc. ) -- C:\Documents and Settings\Raul\Desktop\jpg2pdf_setup.exe
[2013.04.17 13:09:51 | 001,352,435 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\setup_magicdisc.exe
[2013.04.17 12:54:11 | 000,338,055 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\nrgtoiso.zip
[2013.04.15 17:30:59 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.04.15 17:30:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.04.10 13:18:57 | 000,210,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.04.06 16:43:54 | 000,897,448 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Raul\Desktop\jre-7u17-windows-i586-iftw.exe
[2013.04.06 13:02:43 | 000,004,393 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2013.04.06 07:53:11 | 000,001,021 | ---- | M] () -- C:\Documents and Settings\Raul\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.06 07:49:46 | 000,001,003 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\Dropbox.lnk
[2013.04.04 18:49:30 | 000,162,976 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\System32\drivers\gzflt.sys
[2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.03.31 03:28:43 | 000,434,248 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.03.31 03:28:43 | 000,068,680 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.03.26 21:55:07 | 030,780,592 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Raul\Desktop\Dropbox 2.0.0.exe
[2013.03.23 09:48:34 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Raul\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013.03.23 09:48:34 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013.03.23 09:47:56 | 020,914,064 | ---- | M] (Mozilla) -- C:\Documents and Settings\Raul\Desktop\Firefox Setup 19.0.2.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Raul\Desktop\*.tmp files -> C:\Documents and Settings\Raul\Desktop\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.04.21 11:32:31 | 000,017,846 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Virus blog.jpg
[2013.04.21 10:55:21 | 000,000,394 | ---- | C] () -- C:\WINDOWS\System32\bootdelete.lst
[2013.04.21 10:25:14 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.21 09:47:25 | 000,114,176 | ---- | C] () -- C:\Documents and Settings\Raul\Application Data\BabMaint.exe
[2013.04.21 09:07:33 | 000,000,262 | ---- | C] () -- C:\WINDOWS\tasks\EPUpdater.job
[2013.04.21 09:06:09 | 000,001,130 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\SpeedAnalysis.lnk
[2013.04.21 09:04:25 | 000,569,120 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\BestCodecsPackSetup.exe
[2013.04.20 22:36:16 | 000,048,697 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\DOCS-Mythology.eBooks.Collection.PDF-OMNiSCiENT.torrent
[2013.04.20 21:34:21 | 000,391,054 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Adio, Dinu Patriciu.bmp
[2013.04.20 21:23:19 | 000,295,254 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Un om sfarsit.bmp
[2013.04.20 20:57:21 | 000,130,558 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Pirul.jpg
[2013.04.20 17:02:15 | 000,524,130 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Somnul7.bmp
[2013.04.20 12:51:13 | 002,592,183 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Hamma, vulpea desertului.pdf
[2013.04.20 12:48:00 | 000,166,053 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Pag1.pdf
[2013.04.20 12:37:40 | 000,061,315 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Pag21.pdf
[2013.04.20 11:08:20 | 000,080,781 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Hamma cu titlu si autor.jpg
[2013.04.20 10:56:05 | 000,182,441 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Hamma1.jpg
[2013.04.20 10:54:56 | 000,951,030 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Hamma1.bmp
[2013.04.20 08:59:35 | 000,431,418 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Lebedele.bmp
[2013.04.19 21:22:25 | 003,499,424 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\New Doc 3.pdf
[2013.04.19 20:23:35 | 000,329,090 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Pag22222222222222222.pdf
[2013.04.19 19:26:58 | 007,299,811 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Erasmus din Rotterdam.rar
[2013.04.19 19:17:06 | 000,047,488 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Pag5.pdf
[2013.04.19 19:09:48 | 000,258,794 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Lucru.pdf
[2013.04.19 18:57:33 | 000,019,994 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Hamma last picture.JPG
[2013.04.19 16:42:49 | 000,024,328 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Hamma poza2.JPG
[2013.04.19 14:31:27 | 000,188,102 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Pag22.pdf
[2013.04.19 13:16:37 | 001,763,328 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\PDFBinder-v1.2.msi
[2013.04.19 11:55:24 | 000,180,624 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2013.04.19 11:33:37 | 000,007,549 | ---- | C] () -- C:\WINDOWS\System32\dopdf7.ctm
[2013.04.18 17:30:09 | 000,365,263 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\HCharriere-Banco.rar
[2013.04.18 17:27:22 | 008,881,720 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Papillon - Henri Charriere v 2.2.rar
[2013.04.18 11:18:09 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\JPEG to PDF converter.lnk
[2013.04.18 11:12:53 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2013.04.17 13:09:51 | 001,352,435 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\setup_magicdisc.exe
[2013.04.17 12:55:22 | 000,724,992 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\nrgtoiso.exe
[2013.04.17 12:54:09 | 000,338,055 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\nrgtoiso.zip
[2013.04.06 07:53:09 | 000,001,021 | ---- | C] () -- C:\Documents and Settings\Raul\Start Menu\Programs\Startup\Dropbox.lnk
[2013.03.26 22:10:08 | 000,001,003 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\Dropbox.lnk
[2013.01.30 11:49:36 | 000,002,772 | -HS- | C] () -- C:\WINDOWS\System32\win_fldb_sys.dat
[2012.12.29 21:10:49 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
[2012.12.05 11:46:26 | 000,002,048 | -H-- | C] () -- C:\Documents and Settings\Raul\Application Data\~S7FB45B79-C86E-49ff-ACC4-849340906621W
[2012.11.20 12:04:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.11.20 12:04:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.11.20 12:04:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.11.20 12:04:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.11.16 08:04:32 | 000,000,385 | ---- | C] () -- C:\Documents and Settings\Raul\Application Datauser_gensett.xml
[2012.10.25 16:05:40 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\Days5.ini
[2012.08.06 14:45:03 | 000,210,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.18 15:58:21 | 000,723,294 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2012.07.18 15:58:20 | 000,103,876 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2012.06.26 08:28:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.06.08 11:20:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT
[2012.05.14 00:27:00 | 000,000,061 | ---- | C] () -- C:\Documents and Settings\Raul\Local Settings\Application Data\HackLogs.dat
[2012.04.26 20:55:10 | 000,000,620 | -HS- | C] () -- C:\Documents and Settings\Raul\Local Settings\Application Data\settingsFL.$dk
[2012.04.26 20:53:25 | 000,003,292 | -HS- | C] () -- C:\Documents and Settings\Raul\Local Settings\Application Data\win_fldb_sys.dat
[2012.04.26 20:51:24 | 000,003,465 | -HS- | C] () -- C:\WINDOWS\System32\win_stlthdb_sys.dat
[2012.04.26 20:51:22 | 000,002,568 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\win_mpwd_sys.dat
[2012.04.26 20:51:18 | 000,003,465 | RHS- | C] () -- C:\Documents and Settings\Raul\Local Settings\Application Data\win_stlthdb_sys.dat
[2012.04.26 20:51:18 | 000,000,700 | RHS- | C] () -- C:\Documents and Settings\Raul\Local Settings\Application Data\systemFL7.$dk
[2012.04.26 20:50:54 | 000,029,584 | ---- | C] () -- C:\WINDOWS\System32\WinFLAdrv.sys
[2012.04.26 20:50:52 | 000,188,176 | ---- | C] () -- C:\WINDOWS\System32\WinVDEdrv6.sys
[2012.04.26 20:50:30 | 000,014,936 | ---- | C] () -- C:\WINDOWS\System32\WinFLMsgService.exe
[2012.04.26 20:50:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nwsftUninstall.exe
[2012.03.14 00:18:29 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2012.03.14 00:18:29 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2012.03.07 19:21:26 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2011.11.03 14:47:07 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\Raul\Application Dataprivacy.xml
[2011.10.08 17:43:35 | 000,332,296 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011.10.02 12:25:28 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2011.08.12 15:25:02 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.07.22 19:31:37 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Raul\startup.reg
[2010.07.08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2008.07.07 16:20:04 | 000,071,168 | ---- | C] () -- C:\Documents and Settings\Raul\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2008.06.10 00:12:10 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.04.20 22:29:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 15:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 03:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 502593 bytes -> C:\WINDOWS\temp:temp
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:58D8F144
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
< End of report >

Extras.Txt

OTL Extras logfile created on: 21.04.2013 12:42:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Raul\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000418 | Country: Romania | Language: ROM | Date Format: dd.MM.yyyy

894,04 Mb Total Physical Memory | 668,64 Mb Available Physical Memory | 74,79% Memory free
2,12 Gb Paging File | 1,37 Gb Available in Paging File | 64,91% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,00 Gb Total Space | 4,28 Gb Free Space | 21,39% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 6,74 Gb Free Space | 11,23% Space Free | Partition Type: NTFS
Drive E: | 69,04 Gb Total Space | 8,73 Gb Free Space | 12,64% Space Free | Partition Type: NTFS

Computer Name: RAUL | User Name: Raul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1801674531-1004336348-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Documents and Settings\Raul\Application Data\File Scout\filescout.exe" /open "%1"
Directory [Dupehunter Professional] -- dupehunter.exe "%1" -autostart -explorer
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5548:TCP" = 5548:TCP:*:Enabled:sqsqev
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Kabel Deutschland\Installations-Software\KDI.exe" = C:\Program Files\Kabel Deutschland\Installations-Software\KDI.exe:*:Enabled:Kabel Deutschland Installer -- (mquadr.at software engineering & consulting GmbH)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\Raul\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Raul\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = Word2PDF Dependencies
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414" = CanoScan LiDE 110 Scanner Driver
"{1921E7AC-4616-4A98-80E5-FAC4DCB31615}" = Hardwipe 2.0.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{533D415A-4151-4AC5-858E-4068524C8051}_is1" = Jpg2Pdf version 1.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{713C4416-E277-4F10-B555-B8968909DFDC}" = Atheros Wireless LAN
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{739126B3-1C80-4F1F-8D59-312A19633E1A}_is1" = Epub reader
"{8BA03AC2-579F-41CD-A250-740137D86F7A}" = PDFBinder
"{90120000-0010-0418-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Romanian) 12
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_ENTERPRISE_{B0DB49F0-99EB-4FD7-863A-1350E5B4DAEC}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_ENTERPRISE_{B0DB49F0-99EB-4FD7-863A-1350E5B4DAEC}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_ENTERPRISE_{B0DB49F0-99EB-4FD7-863A-1350E5B4DAEC}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_ENTERPRISE_{B0DB49F0-99EB-4FD7-863A-1350E5B4DAEC}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_ENTERPRISE_{B0DB49F0-99EB-4FD7-863A-1350E5B4DAEC}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_ENTERPRISE_{B0DB49F0-99EB-4FD7-863A-1350E5B4DAEC}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_ENTERPRISE_{C7B5CA5D-ADBD-4768-964A-32E46B239DFE}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0418-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-00A1-0418-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Romanian) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0418-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Romanian) 2007
"{9064B4E5-5AF3-4989-B6EB-5A2AA0A46555}" = XP Repair Pro
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C429607F-0AB6-4C3A-9EF2-8783EA6D9ACC}_is1" = Star Watermark Ultimate version 1.0.5
"{CCAC7B28-CA5C-4520-ABBB-184524C01A51}" = Sony CD Architect 5.2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EAC2DDAB-5035-44EE-AA13-65D40CF46FF1}" = Kabel Deutschland Installations-Software
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F1100000-0009-0000-0001-074957833700}" = ABBYY FineReader 11
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Disk Catalog" = Advanced Disk Catalog
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"All ATI Software" = ATI - Software Uninstall Utility
"A-PDF Restrictions Remover_is1" = A-PDF Restrictions Remover
"ArtRage_is1" = ArtRage 2.1
"ATI Display Driver" = ATI Display Driver
"AU11_is1" = Advanced Uninstaller PRO - Version 11
"AVS Document Converter_is1" = AVS Document Converter 2.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Bitdefender" = Bitdefender Internet Security 2013
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Dupehunter Professional" = Dupehunter Professional
"East-Tec Eraser 2012_is1" = East-Tec Eraser 2012 Version 10.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FBReader for Windows" = FBReader for Windows
"Folder Lock" = Folder Lock
"foobar2000" = Foobar2000 v1.1.12a
"Foxit Reader_is1" = Foxit Reader
"Free MOV 2 AVI" = Free MOV 2 AVI
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.17.903
"GPL Ghostscript 9.06" = GPL Ghostscript
"ie8" = Windows Internet Explorer 8
"JPEG Lossless Rotator_is1" = JPEG Lossless Rotator 9.0
"Kabel Deutschland Installations-Software" = Kabel Deutschland Installations-Software
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.6.5
"kvisoft Flash Photo Gallery_is1" = kvisoft Flash Photo Gallery 1.5.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 ro)" = Mozilla Firefox 20.0.1 (x86 ro)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSNINST" = MSN
"Orion" = Orion File Recovery Software
"PDF Password Remover v3.0_is1" = PDF Password Remover v3.0
"Photo Frame Genius_is1" = Photo Frame Genius 2.3.1
"Photo Frame Studio_is1" = Photo Frame Studio
"Picture Merge Genius_is1" = Picture Merge Genius 2.8
"Retouch Pilot Free_is1" = Retouch Pilot Free 3.5.3
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"Speed Analysis 2" = Speed Analysis 2
"Totalcmd" = Total Commander (Remove or Repair)
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"WIC" = Windows Imaging Component
"WinDjView" = WinDjView 2.0.2
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"Word2PDF" = Word2PDF
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1801674531-1004336348-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"DSite" = Update for PDF Creator

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 17.04.2013 09:57:08 | Computer Name = RAUL | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 12.0.4518.1014, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 17.04.2013 09:57:09 | Computer Name = RAUL | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 12.0.4518.1014, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 17.04.2013 09:58:23 | Computer Name = RAUL | Source = Application Hang | ID = 1001
Description = Fault bucket 342245435.

Error - 17.04.2013 09:58:25 | Computer Name = RAUL | Source = Application Hang | ID = 1001
Description = Fault bucket 342245435.

Error - 18.04.2013 04:13:04 | Computer Name = RAUL | Source = Application Error | ID = 1000
Description = Faulting application uninstaller.exe, version 0.0.0.0, faulting module
uninstaller.exe, version 0.0.0.0, fault address 0x000e777a.

Error - 18.04.2013 04:13:16 | Computer Name = RAUL | Source = Application Error | ID = 1001
Description = Fault bucket -907774398.

Error - 20.04.2013 04:31:08 | Computer Name = RAUL | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 12.0.4518.1014, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 21.04.2013 02:05:04 | Computer Name = RAUL | Source = Application Hang | ID = 1002
Description = Hanging application VaudiX.exe, version 2013.4.18.1155, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 21.04.2013 02:22:47 | Computer Name = RAUL | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 backupstack.exe, P2 1.0.0.0, P3 51628e31, P4
mscorlib, P5 2.0.0.0, P6 5040540e, P7 3451, P8 21c, P9 system.io.ioexception, P10
NIL.

Error - 21.04.2013 05:05:13 | Computer Name = RAUL | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.75.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ ODiag Events ]
Error - 19.07.2012 15:40:19 | Computer Name = RAUL | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kgl. Error code: N/A

Error - 03.08.2012 08:56:09 | Computer Name = RAUL | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kgl. Error code: N/A

Error - 04.09.2012 04:03:04 | Computer Name = RAUL | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kgl. Error code: N/A

Error - 04.09.2012 04:15:37 | Computer Name = RAUL | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kgl. Error code: N/A

Error - 06.09.2012 10:44:00 | Computer Name = RAUL | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kgl. Error code: N/A

Error - 06.12.2012 17:52:05 | Computer Name = RAUL | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kgl. Error code: N/A

[ OSession Events ]
Error - 09.10.2011 10:13:09 | Computer Name = RAUL-AFFB80BB82 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5863
seconds with 2580 seconds of active time.  This session ended with a crash.

Error - 05.03.2012 16:33:01 | Computer Name = RAUL-AFFB80BB82 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1063
seconds with 480 seconds of active time.  This session ended with a crash.

Error - 19.07.2012 15:40:13 | Computer Name = RAUL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 141
seconds with 120 seconds of active time.  This session ended with a crash.

Error - 04.09.2012 04:03:01 | Computer Name = RAUL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9597
seconds with 3600 seconds of active time.  This session ended with a crash.

Error - 04.09.2012 04:15:34 | Computer Name = RAUL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 605
seconds with 540 seconds of active time.  This session ended with a crash.

Error - 26.01.2013 06:27:51 | Computer Name = RAUL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11363
seconds with 2700 seconds of active time.  This session ended with a crash.

[ System Events ]
Error - 21.04.2013 02:34:32 | Computer Name = RAUL | Source = Service Control Manager | ID = 7023
Description = The Support Config service terminated with the following error:   %%126

Error - 21.04.2013 03:15:24 | Computer Name = RAUL | Source = Service Control Manager | ID = 7023
Description = The Support Time service terminated with the following error:   %%126

Error - 21.04.2013 03:15:24 | Computer Name = RAUL | Source = Service Control Manager | ID = 7000
Description = The The Cleaner Helper Service service failed to start due to the
following error:   %%2

Error - 21.04.2013 03:15:24 | Computer Name = RAUL | Source = Service Control Manager | ID = 7000
Description = The Cyberlink RichVideo Service(CRVS) service failed to start due
to the following error:   %%3

Error - 21.04.2013 03:15:24 | Computer Name = RAUL | Source = Service Control Manager | ID = 7023
Description = The Support Config service terminated with the following error:   %%126

Error - 21.04.2013 03:40:43 | Computer Name = RAUL | Source = Service Control Manager | ID = 7023
Description = The Support Time service terminated with the following error:   %%126

Error - 21.04.2013 03:40:43 | Computer Name = RAUL | Source = Service Control Manager | ID = 7000
Description = The The Cleaner Helper Service service failed to start due to the
following error:   %%2

Error - 21.04.2013 03:40:43 | Computer Name = RAUL | Source = Service Control Manager | ID = 7000
Description = The Cyberlink RichVideo Service(CRVS) service failed to start due
to the following error:   %%3

Error - 21.04.2013 03:40:43 | Computer Name = RAUL | Source = Service Control Manager | ID = 7023
Description = The Support Config service terminated with the following error:   %%126

Error - 21.04.2013 03:40:50 | Computer Name = RAUL | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'.  It has stopped monitoring
the volume.


< End of report >

#8
MhG_51

MhG_51

    :)

  • Grup: Moderators
  • Posts: 3,317
  • Înscris: 04.05.2009
Ruleaza din nou OTL.
Copiaza ce e citat mai jos si "Paste"(Lipeste) textul in OTL.

Quote

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\gtuhsbus.sys -- (GTUHSBUS)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
IE - HKU\S-1-5-21-1801674531-1004336348-725345543-1004\..\SearchScopes,Backup.Old.DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
FF - user.js - File not found
O4 - HKU\S-1-5-21-1801674531-1004336348-725345543-500..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe File not found
[2013.04.21 09:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raul\Application Data\SpeedAnalysis2
[2013.04.17 12:20:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Browusse2ssave
[2013.04.21 10:12:16 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\Raul\Application Data\Microsoft\Internet Explorer\Quick Launch\22find.lnk
[2013.04.20 22:36:26 | 000,048,697 | ---- | M] () -- C:\Documents and Settings\Raul\Desktop\DOCS-Mythology.eBooks.Collection.PDF-OMNiSCiENT.torrent
[2013.04.20 22:36:16 | 000,048,697 | ---- | C] () -- C:\Documents and Settings\Raul\Desktop\DOCS-Mythology.eBooks.Collection.PDF-OMNiSCiENT.torrent
[2012.12.05 11:46:26 | 000,002,048 | -H-- | C] () -- C:\Documents and Settings\Raul\Application Data\~S7FB45B79-C86E-49ff-ACC4-849340906621W
@Alternate Data Stream - 502593 bytes -> C:\WINDOWS\temp:temp
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:58D8F144
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]

Vezi pe imagine cum.
Apasa Run Fix.
Posteaza logul aici.
[ http://s23.postimg.org/6ui8tyrrv/OTLsc.jpg - Pentru incarcare in pagina (embed) Click aici ]

Descarca si salveaza pe Desktop Junkware Removal Tool.
Inchide toate programele care ruleaza.
Sananeaza cu el.
Ai rabdare cu el, dureaza putin mai mult.
Posteaza logul aici.
[ http://s7.postimage.org/z2rwy800r/JRT.jpg - Pentru incarcare in pagina (embed) Click aici ]

Edited by MhG_40, 21 April 2013 - 13:24.


#9
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
0tl inca ruleaza... au trecut ore... ce sa fac...

#10
MhG_51

MhG_51

    :)

  • Grup: Moderators
  • Posts: 3,317
  • Înscris: 04.05.2009
Asteapta sa termine de curatat.

#11
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
So, dupa cum este stiut, cand e sa se strice, se strica mai multe deodata. Asa ca exact in timp ce eu scriam din camera fiica-mii ca OTL ruleaza de ore intregi, a sosit nevasta-mea si, vazand ca nu sunt la comp si el arata ecran negru, l-a oprit pur si simplu, inchipuindu-si ca m-am luat cu altele (ca de obicei) si l-am lasat sa mearga.
Asa ca acum ma gandesc sa pornesc iar OTL-ul si sa-l las peste noapte, pentru ca e limpede ca nu termina doar in 2-3 ore.
E in regula asa? Sau trebuie sa mai fac ceva?

#12
MhG_51

MhG_51

    :)

  • Grup: Moderators
  • Posts: 3,317
  • Înscris: 04.05.2009
Lasa-l in pace, pe OTL.
Ruleaza Junkware Removal Tool.


Descarca si salveaza pe Desktop, RogueKiller sau de aici.
Inchide toate programele care ruleaza.
Scoate tot din porturile USB(Memory Stick, Hard Extern).
Dublu click pe RogueKiller.exe, pentru a rula.
Pentru Windows Vista sau Windows 7,
click dreapta, selecteaza Run as administrator.

Asteapta pana Prescan-ul a terminat.
Click pe "Scan".
Asteapta pana ce in Status box apare "Scan Finished".
Click pe "Report" si copy/paste aici.

Pe imaginea de mai jos ignora pasul 3!

[ http://s9.postimage.org/q04cnvji7/image.jpg - Pentru incarcare in pagina (embed) Click aici ]

#13
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
Am asta in fata de cand mi-ai zis sa rurez JunkwareAttached File  Junkware.JPG   33.48K   6 downloads

#14
MhG_51

MhG_51

    :)

  • Grup: Moderators
  • Posts: 3,317
  • Înscris: 04.05.2009

View Postrebroff, on 21 aprilie 2013 - 18:35, said:

Am asta in fata de cand mi-ai zis sa rurez JunkwareAttachment Junkware.JPG

Tu ai ceva probleme mai mari.
Inchide Junkware si ruleaza RogueKiller.

#15
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Raul [Admin rights]
Mode : Scan -- Date : 04/21/2013 18:53:47
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 4 ¤¤¤
[TASK][SUSP PATH] EPUpdater.job : C:\DOCUME~1\Raul\APPLIC~1\BABSOL~1\Shared\BabMaint.exe  [x] -> FOUND
[TASK][SUSP PATH] At1.job : C:\Documents and Settings\Raul\Application Data\DSite\UpdateProc\UpdateTask.exe /Check [-] -> FOUND
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1    localhost

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS542516K9SA00 +++++
--- User ---
[MBR] 06a663a770892cbb1832af7a5489a235
[BSP] 24e96829b2b725215b96f17690786b67 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 20481 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 41945715 | Size: 132144 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_04212013_02d1853.txt >>
RKreport[1]_S_04212013_02d1853.txt

#16
MhG_51

MhG_51

    :)

  • Grup: Moderators
  • Posts: 3,317
  • Înscris: 04.05.2009
Ruleaza din nou RogueKiller.exe.
Asteapta pana Prescan-ul a terminat.
Click pe "Scan".
Asteapta pana ce in Status box apare "Scan Finished".
Click pe "Delete".
Cand in Status box apare "Deleting Finished".
Click pe "Report" si copy/paste aici.

[ http://s9.postimage.org/q04cnvji7/image.jpg - Pentru incarcare in pagina (embed) Click aici ]

Ruleaza din nou OTL, ca aici:
http://forum.softped.../#entry13068827

#17
rebroff

rebroff

    Member

  • Grup: Members
  • Posts: 722
  • Înscris: 21.04.2011
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Raul [Admin rights]
Mode : Remove -- Date : 04/21/2013 19:49:34
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 4 ¤¤¤
[TASK][SUSP PATH] EPUpdater.job : C:\DOCUME~1\Raul\APPLIC~1\BABSOL~1\Shared\BabMaint.exe  [x] -> DELETED
[TASK][SUSP PATH] At1.job : C:\Documents and Settings\Raul\Application Data\DSite\UpdateProc\UpdateTask.exe /Check [-] -> DELETED
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1    localhost

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS542516K9SA00 +++++
--- User ---
[MBR] 06a663a770892cbb1832af7a5489a235
[BSP] 24e96829b2b725215b96f17690786b67 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 20481 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 41945715 | Size: 132144 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[3]_D_04212013_02d1949.txt >>
RKreport[1]_S_04212013_02d1853.txt ; RKreport[2]_S_04212013_02d1949.txt ; RKreport[3]_D_04212013_02d1949.txt

#18
MhG_51

MhG_51

    :)

  • Grup: Moderators
  • Posts: 3,317
  • Înscris: 04.05.2009
Arata mai bine! [ http://images.zaazu.com/img/Peace-Smiley-Peace-smiley-smiley-emoticon-001058-medium.gif - Pentru incarcare in pagina (embed) Click aici ]
Astept sa vad ce reusesti cu OTL.

Anunturi

Chirurgia cranio-cerebrală minim invazivă Chirurgia cranio-cerebrală minim invazivă

Tehnicile minim invazive impun utilizarea unei tehnologii ultramoderne.

Endoscoapele operatorii de diverse tipuri, microscopul operator dedicat, neuronavigația, neuroelectrofiziologia, tehnicile avansate de anestezie, chirurgia cu pacientul treaz reprezintă armamentarium fără de care neurochirurgia prin "gaura cheii" nu ar fi posibilă. Folosind tehnicile de mai sus, tratăm un spectru larg de patologii cranio-cerebrale.

www.neurohope.ro

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate