Sign In
Create Account
Back to top |
Neurochirurgie minim invazivă
"Primum non nocere" este ideea ce a deschis drumul medicinei spre minim invaziv. Avansul tehnologic extraordinar din ultimele decenii a permis dezvoltarea tuturor domeniilor medicinei. Microscopul operator, neuronavigația, tehnicile anestezice avansate permit intervenții chirurgicale tot mai precise, tot mai sigure. Neurochirurgia minim invazivă, sau prin "gaura cheii", oferă pacienților posibilitatea de a se opera cu riscuri minime, fie ele neurologice, infecțioase, medicale sau estetice. www.neurohope.ro |
svchost.exe mananca CPU 100%. virus?
Last Updated: Nov 08 2013 21:32, Started by
Talkabout
, Oct 10 2013 17:54
·
0
0
#19
Posted 19 October 2013 - 12:05
|
Stiu ce-i ala cookie, dar de ce le gaseste SUPERAntiSpyware ca adware tracking cookie? doar sunt.. cookie-uri! cam oricine cred ca are cookie-uri  Quote Adware tracking cookies are small text files that are downloaded to your computer when you visit certain websites. These files then send information about your online activities, such as the types of websites you visit, to their parent companies. Eu folosesc Click&Clean. Sau vezi aici. |
#20
Posted 03 November 2013 - 19:13
|
Revin cu un nou log:
Logfile of Trend Micro HiJackThis v2.0.4 Scan saved at 15:03:55, on 03.11.2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\imapi.exe C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe D:\oracle\app\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Documents and Settings\Sorin\Local Settings\Application Data\Yahoo\Widget Engine\Unzipped\SimpleMonitor.widget\SimpleMonitor-1.0.5.widget\Contents\resources\exe\SimpleMonitor.exe d:\oracle\app\product\11.2.0\dbhome_1\bin\ORACLE.EXE C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ro/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing) O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI69DF~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bit...m/qsax/qsax.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1340458597843 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) - http://roger:8889/fo...iator/jinit.exe O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) - http://javadl-esd.su...indows-i586.cab O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Serviciul Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviciul Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: OracleDBConsoleorcl - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\nmesrvc.exe O23 - Service: OracleJobSchedulerORCL - Unknown owner - d:\oracle\app\product\11.2.0\dbhome_1\Bin\extjob.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\omtsreco.exe O23 - Service: OracleOH1036244575c_oracle_middleware_asinst_1ConfigurationManager - Unknown owner - c:\oracle\middle~1\oracle~2\ccr\bin\nmz.exe O23 - Service: OracleOraDb11g_home1ClrAgent - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe O23 - Service: OracleOraDb11g_home1TNSListener - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe O23 - Service: Oracle Process Manager (asinst_1) (OracleProcessManager_asinst_1) - Unknown owner - C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe O23 - Service: OracleServiceORCL - Oracle Corporation - d:\oracle\app\product\11.2.0\dbhome_1\bin\ORACLE.EXE O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 8910 bytes E totul ok? Nu se vede nimic suspect? Pe la O8 / O9 sau O4 (de ce apare de mai multe ori ctfmon)? Se mai poate da fix la ceva? Mersi Edited by Talkabout, 03 November 2013 - 19:13. |
#22
Posted 04 November 2013 - 06:07
|
1. Ruleaza din nou HiJackThis.
Bifeaza si da fix la: Quote O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing) O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing) 2. Descarca AdwCleaner by Xplode pe Desktop. Dublu click pe AdwCleaner.exe pentru al rula. Pentru Windows Vista sau Windows7, click dreapta, selecteaza Run as administrator. Click pe Scan. Asteapta sa termine de cautat. Dupa click pe Clean. Un fisier log se va deschide dupa ce va termina de curatat. Posteaza continutul lui aici. Logul se gaseste in C:\AdwCleaner[Sn].txt (n este un numar). [ http://s16.postimg.org/rjimctqrp/Screenshot_08212013_08_09_26_PM.png - Pentru incarcare in pagina (embed) Click aici ] 3. Descarca si salveaza pe Desktop Junkware Removal Tool. Inchide toate programele care ruleaza. Pentru Windows Vista sau Windows7, click dreapta, selecteaza Run as administrator. Scaneaza cu el. Ai rabdare cu el, dureaza putin mai mult. Posteaza logul aici. [ http://s7.postimage.org/z2rwy800r/JRT.jpg - Pentru incarcare in pagina (embed) Click aici ] |
#23
Posted 04 November 2013 - 12:34
|
Ce problema ai acum? merge greu laptopul, aproape ca nu am nimic deschis decat mozilla si cpu e la 90-100% (+memorie aproape full) Mersi MHG, asa am sa fac |
#24
Posted 04 November 2013 - 19:17
|
1 - facut
2 - logul : # Adwcleaner v3.011 - Report created 04/11/2013 at 18:58:53 # Updated 03/11/2013 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : Sorin - ROGER # Running from : C:\Documents and Settings\Sorin\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Documents and Settings\All Users\Application Data\Premium Folder Deleted : C:\Documents and Settings\All Users\Application Data\Bcool Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\DAEMON Tools Toolbar Folder Deleted : C:\Program Files\WinToFlash Suggestor Folder Deleted : C:\Documents and Settings\Sorin\Local Settings\Application Data\Conduit Folder Deleted : C:\Documents and Settings\Sorin\Local Settings\Application Data\DownTango Folder Deleted : C:\Documents and Settings\Sorin\Application Data\goforfiles [!] Folder Deleted : C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gpnmfjaagcmjpacoedjiobfhfcbpdgdj Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BF174BA-7048-8E85-7A72-AE1E101B6A6D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9BF174BA-7048-8E85-7A72-AE1E101B6A6D} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressDL.exe] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\GoforFiles\goforfilesdl.exe] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\GoforFiles\GoforFiles.exe] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe] Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\smartbar Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\PIP ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v25.0 (ro) [ File : C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\prefs.js ] Line Deleted : user_pref("extensions.50950e3c4e0ca.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...] -\\ Google Chrome v30.0.1599.101 [ File : C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [5139 octets] - [04/11/2013 18:57:04] AdwCleaner[S0].txt - [5172 octets] - [04/11/2013 18:58:53] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5232 octets] ########## 3 - logul: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.7 (10.15.2013:3) OS: Microsoft Windows XP x86 Ran by Sorin on 04.11.2013 at 19:07:23,76 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Documents and Settings\Sorin\Application Data\mozilla\firefox\profiles\mzzqxxm0.default\minidumps [18 files] ~~~ Chrome Successfully deleted: [Folder] C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 04.11.2013 at 19:15:37,26 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Se pare ca tot a gasit ceva...
|
#25
Posted 04 November 2013 - 21:12
|
Foloseste tool-ul de aici, pentru a scoate de tot, Microsoft Security Essentials, din sistem.
Te rog sa-mi spui daca s-a schimbat ceva. |
#26
Posted 04 November 2013 - 22:50
|
Stai putin.. de ce as scoate security essentials de tot? e unul dintre cele mai bune antivirusuri
|
#27
Posted 04 November 2013 - 22:53
#28
Posted 05 November 2013 - 10:02
|
svchost inseamna multe. Da jos process explorer si vedem mai exact cine ce face. http://technet.micro...s/bb896653.aspx Ai verificat cu Process Explorer? Acolo vezi ce proces si ce thread tine procesorul ocupat. Dai dublu click pe proces, tabul Threads. Edited by mhanor, 05 November 2013 - 10:02. |
|
#29
Posted 05 November 2013 - 11:16
|
Nu-i indicat sa folosesti doua programe antivirus. Procesorul ocupat il tine in mare marte procesul Firefox.exe si plugin-container.exe (cand inchid mozilla se inchide si plugin-container) Edited by Talkabout, 05 November 2013 - 11:17. |
#30
Posted 05 November 2013 - 11:19
|
Ai o cireada cu vaci si un taur. Mai tarziu instalezi un alt taur la cireada. Iti imaginezi ce se poate intampla cand ai 2 tauri la o cireada cu vaci?
Edited by Bursul, 05 November 2013 - 11:19. |
#31
Posted 05 November 2013 - 11:23
|
Pentru ca da conflicte software.
Mai pe romaneste, se bat cap in cap. Daca e vorba de Firefox, atunci hai sa vedem: Descarca si ruleaza OTL. Pentru Windows Vista sau Windows 7, click dreapta, selecteaza Run as administrator. Bifezi ca in imagine. [ http://s11.postimg.org/jaand9soj/otl1.jpg - Pentru incarcare in pagina (embed) Click aici ] La terminare vor apare 2 ferestre de Notepad - OTL.txt si Extras.txt. Copiaza pe rand continutul acestor ferestre si posteazale aici. |
#32
Posted 05 November 2013 - 14:35
|
Procesorul ocupat il tine in mare marte procesul Firefox.exe si plugin-container.exe (cand inchid mozilla se inchide si plugin-container) Ai CPU 100 % din cauza flash playerului ,tot asa aveam si eu cand intram pe un joc care foloseste Flash Player si din cauza animatiilor din joc ducea procesorul la 100 % si tot la fel imediat cum ieseam din joc scadea CPU la 2 %- 5% , plugin-container.exe apare cand folosesti Mozilla dar chiar si daca folosesti alt browser daca intri pe ceva care are nevoie de flash player (jocuri ,youtube,etc ) tot asa consuma resurse ,nu e din cauza tipului de browser . |
#33
Posted 05 November 2013 - 17:30
|
Ai o cireada cu vaci si un taur. Mai tarziu instalezi un alt taur la cireada. Iti imaginezi ce se poate intampla cand ai 2 tauri la o cireada cu vaci? Logurile sunt: OTL.txt OTL logfile created on: 05.11.2013 17:29:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Sorin\My Documents Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000418 | Country: Romania | Language: ROM | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 45,26% Memory free 3,84 Gb Paging File | 2,67 Gb Available in Paging File | 69,43% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 35,15 Gb Total Space | 9,46 Gb Free Space | 26,92% Space Free | Partition Type: NTFS Drive D: | 262,93 Gb Total Space | 0,91 Gb Free Space | 0,35% Space Free | Partition Type: NTFS Computer Name: ROGER | User Name: Sorin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.11.05 17:29:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sorin\My Documents\OTL.exe PRC - [2013.10.29 18:02:22 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013.10.11 03:44:25 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe PRC - [2013.09.04 15:31:14 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013.09.04 15:30:37 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.09.04 15:30:29 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2013.09.04 15:30:28 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.08.12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2013.08.12 09:11:20 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012.07.11 20:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011.11.03 10:29:04 | 004,657,048 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe PRC - [2011.09.28 01:26:14 | 000,012,288 | ---- | M] (Oracle Corporation) -- D:\oracle\app\product\11.2.0\dbhome_1\BIN\emagent.exe PRC - [2009.06.19 21:48:31 | 000,123,392 | ---- | M] (Viktoras Agejevas) -- C:\Documents and Settings\Sorin\Local Settings\Application Data\Yahoo\Widget Engine\Unzipped\SimpleMonitor.widget\SimpleMonitor-1.0.5.widget\Contents\resources\exe\SimpleMonitor.exe PRC - [2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.03.19 02:31:20 | 004,742,184 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe PRC - [2006.11.30 21:49:04 | 004,662,776 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe PRC - [2005.01.17 17:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2004.08.28 01:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe ========== Modules (No Company Name) ========== MOD - [2013.11.04 19:16:19 | 000,192,512 | ---- | M] () -- C:\TEMP\sfamcc00001.dll MOD - [2013.11.04 19:16:17 | 000,172,032 | ---- | M] () -- C:\TEMP\sfareca00001.dll MOD - [2013.10.29 18:01:12 | 003,368,048 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013.10.09 17:08:40 | 016,233,864 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013.03.11 16:40:21 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll MOD - [2012.01.09 19:44:20 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2010.07.04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll MOD - [2008.03.19 02:21:48 | 000,094,208 | ---- | M] () -- C:\Program Files\Yahoo!\Widgets\jsd.dll MOD - [2008.03.19 02:21:20 | 000,512,000 | ---- | M] () -- C:\Program Files\Yahoo!\Widgets\js32.dll MOD - [2008.01.09 00:50:10 | 000,349,147 | ---- | M] () -- C:\Program Files\Yahoo!\Widgets\sqlite3.dll MOD - [2007.06.01 10:44:36 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll MOD - [2006.11.30 21:49:10 | 000,081,920 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\Xmltok.dll MOD - [2006.11.30 20:34:06 | 000,757,760 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\YPluginRegistry.dll MOD - [2006.11.30 20:34:06 | 000,041,472 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\YIniDom.dll MOD - [2006.11.30 20:34:04 | 001,290,240 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\YCPFoundation.dll MOD - [2006.11.30 20:34:02 | 000,454,656 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\P2PCE.dll MOD - [2006.11.30 20:28:58 | 000,053,248 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\XMLParse.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2013.10.29 18:02:19 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.10.09 17:08:47 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.09.26 05:49:40 | 000,077,824 | ---- | M] () [On_Demand | Stopped] -- c:\Oracle\Middleware\Oracle_FRHome1\ccr\bin\nmz.exe -- (OracleOH1036244575c_oracle_middleware_asinst_1ConfigurationManager) SRV - [2013.09.04 15:31:14 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.09.04 15:30:29 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.08.12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2012.07.11 20:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2011.11.12 02:27:12 | 001,413,120 | ---- | M] () [On_Demand | Stopped] -- C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe -- (OracleProcessManager_asinst_1) SRV - [2011.10.30 08:30:58 | 118,566,912 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- d:\oracle\app\product\11.2.0\dbhome_1\bin\ORACLE.EXE -- (OracleServiceORCL) SRV - [2011.10.30 08:27:00 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- d:\oracle\app\product\11.2.0\dbhome_1\Bin\extjob.exe -- (OracleJobSchedulerORCL) SRV - [2011.09.29 04:54:26 | 000,069,632 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- D:\oracle\app\product\11.2.0\dbhome_1\bin\omtsreco.exe -- (OracleMTSRecoveryService) SRV - [2011.09.29 03:48:00 | 000,012,800 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- D:\oracle\app\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe -- (OracleOraDb11g_home1ClrAgent) SRV - [2011.09.28 01:11:02 | 000,049,152 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- D:\oracle\app\product\11.2.0\dbhome_1\BIN\nmesrvc.exe -- (OracleDBConsoleorcl) SRV - [2011.09.27 14:50:22 | 000,516,096 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- D:\oracle\app\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe -- (OracleOraDb11g_home1TNSListener) SRV - [2008.04.14 14:00:00 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc) SRV - [2008.04.14 14:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip) SRV - [2005.01.17 17:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004.08.28 01:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Tosrfcom) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{532FE379-6D0A-45E5-B6FE-37419AB031BD}\MpKsl76b193e3.sys -- (MpKsl76b193e3) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\mkxnrtyl.sys -- (mkxnrtyl) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (af04s0ls) DRV - [2013.09.04 15:31:20 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2013.09.04 15:31:20 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.03.28 07:39:50 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.03.11 16:40:44 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012.07.26 21:46:59 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPER*****er.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPER*****er.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009.05.06 17:50:54 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008.10.21 10:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm) DRV - [2008.10.21 10:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic) DRV - [2008.10.21 10:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt) DRV - [2008.10.21 10:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex) DRV - [2008.10.21 10:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus) DRV - [2008.10.21 10:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5) DRV - [2008.10.21 10:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl) DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2008.02.25 12:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2007.05.29 15:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2007.04.04 13:46:52 | 002,210,048 | R--- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) DRV - [2005.07.29 09:55:46 | 000,030,592 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2005.06.23 09:16:08 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005.06.20 23:08:44 | 002,324,480 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2005.06.03 19:49:42 | 000,009,600 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav) DRV - [2005.06.02 04:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf) DRV - [2005.03.05 06:02:20 | 001,066,278 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2004.11.15 17:22:08 | 000,101,874 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2003.01.29 15:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) DRV - [2001.08.17 13:53:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop) DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-861567501-790525478-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-861567501-790525478-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-861567501-790525478-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ro/ IE - HKU\S-1-5-21-861567501-790525478-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-861567501-790525478-1417001333-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-861567501-790525478-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search IE - HKU\S-1-5-21-861567501-790525478-1417001333-1003\..\SearchScopes\{E8D3E1E7-BE25-43CE-880C-79ED8DE167F1}: "URL" = http://www.google.co...ie=utf8&oe=utf8 IE - HKU\S-1-5-21-861567501-790525478-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== Firefox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.startup.homepage: "http://www.google.ro/" FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0 FF - prefs.js..keyword.URL: "https://www.google.c...hannel=fflb&q=" FF - prefs.js..network.proxy.backup.ftp: "202.159.43.49" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.socks: "202.159.43.49" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "202.159.43.49" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "110.232.72.174" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "110.232.72.174" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "110.232.72.174" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "110.232.72.174" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Sorin\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Sorin\Application Data\iPumper\extension_firefox.xpi FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.02.16 19:21:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.29 18:01:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Extensions [2013.10.22 17:20:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\extensions [2013.10.22 17:20:40 | 000,000,000 | ---D | M] (Click&Clean) -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\extensions\[email protected] [2012.10.27 22:27:15 | 000,000,000 | ---D | M] ("Timeline") -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\extensions\[email protected] [2013.10.19 11:44:11 | 002,209,433 | ---- | M] () (No name found) -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\extensions\[email protected] [2013.06.18 19:41:00 | 000,252,969 | ---- | M] () (No name found) -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\extensions\[email protected] [2012.05.25 17:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013.10.10 18:50:21 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.09.06 15:39:04 | 000,091,556 | ---- | M] () (No name found) -- C:\Documents and Settings\Sorin\Application Data\Mozilla\Firefox\Profiles\mzzqxxm0.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2013.10.29 18:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013.10.29 18:00:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013.10.29 18:02:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll CHR - plugin: RealDownloader Plugin (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Google Docs = C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Disc Google = C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: căutare Google = C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: RealDownloader = C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\ CHR - Extension: Gmail = C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013.06.25 17:21:24 | 000,000,788 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-861567501-790525478-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-861567501-790525478-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-21-861567501-790525478-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI69DF~1\Office12\EXCEL.EXE/3000 File not found O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1340458597843 (MUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2) O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} http://roger:8889/fo...iator/jinit.exe (JInitiator 1.3.1.22) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://javadl-esd.su...indows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11DF7433-DA8E-4CFB-BB04-331B86F2B2F2}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Sorin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sorin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (Super*****er.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.02.28 12:49:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{93d76750-9c41-11e1-bac5-00166f8b978d}\Shell - "" = AutoRun O33 - MountPoints2\{93d76750-9c41-11e1-bac5-00166f8b978d}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{93d76750-9c41-11e1-bac5-00166f8b978d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{93d76753-9c41-11e1-bac5-00166f8b978d}\Shell - "" = AutoRun O33 - MountPoints2\{93d76753-9c41-11e1-bac5-00166f8b978d}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{93d76753-9c41-11e1-bac5-00166f8b978d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.11.05 17:29:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sorin\My Documents\OTL.exe [2013.11.04 19:07:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013.11.04 19:04:32 | 001,033,335 | ---- | C] (Thisisu) -- C:\Documents and Settings\Sorin\My Documents\JRT.exe [2013.11.04 18:56:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013.10.29 18:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.10.11 02:56:50 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys [2013.10.11 02:53:24 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys [2013.10.11 02:53:24 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys [2013.10.11 02:53:21 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys [2013.10.09 17:08:17 | 017,813,896 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013.10.07 17:59:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorin\My Documents\resized [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [201 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.11.05 17:45:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\Windows Driver Foundation.job [2013.11.05 17:29:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sorin\My Documents\OTL.exe [2013.11.05 07:08:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.11.05 06:54:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.11.05 05:58:00 | 000,001,202 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-861567501-790525478-1417001333-1003UA.job [2013.11.05 04:54:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.11.04 23:58:00 | 000,001,180 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-861567501-790525478-1417001333-1003Core.job [2013.11.04 19:11:03 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft AntiMalware Scheduled Scan.job [2013.11.04 19:06:45 | 001,033,335 | ---- | M] (Thisisu) -- C:\Documents and Settings\Sorin\My Documents\JRT.exe [2013.11.04 19:06:45 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-861567501-790525478-1417001333-1003.job [2013.11.04 19:06:27 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-861567501-790525478-1417001333-1003.job [2013.11.04 19:06:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.11.04 19:01:04 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Go for FilesUpdate.job [2013.11.04 19:00:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.11.04 19:00:54 | 2137,509,888 | -HS- | M] () -- C:\hiberfil.sys [2013.11.04 18:50:36 | 001,073,258 | ---- | M] () -- C:\Documents and Settings\Sorin\Desktop\adwcleaner.exe [2013.11.04 18:48:34 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\Sorin\Desktop\HiJackThis.lnk [2013.11.02 20:32:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nmesrvc_core_2013_11_2_20_32_49.dmp [2013.11.02 20:17:34 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2013.11.02 20:15:48 | 000,013,520 | ---- | M] () -- C:\WINDOWS\System32\nmesrvc_core_2013_11_2_20_15_47.dmp [2013.11.02 20:10:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nmesrvc_core_2013_11_2_20_10_9.dmp [2013.11.02 19:47:08 | 000,014,606 | ---- | M] () -- C:\WINDOWS\System32\nmesrvc_core_2013_11_2_19_47_8.dmp [2013.11.02 19:34:04 | 000,487,368 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.11.02 19:34:04 | 000,082,284 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.10.31 23:51:05 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nmesrvc_core_2013_10_31_23_51_5.dmp [2013.10.19 18:06:44 | 436,569,649 | ---- | M] () -- C:\Documents and Settings\Sorin\Desktop\13-10-2013 - Tmp.rar [2013.10.16 23:09:58 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2013.10.13 02:05:05 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2013.10.11 21:27:07 | 000,073,852 | ---- | M] () -- C:\Documents and Settings\Sorin\My Documents\1012523_631496010214080_1167173318_n.jpg [2013.10.11 16:24:02 | 000,265,416 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.10.11 16:18:09 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.10.09 17:08:46 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.10.09 17:08:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.10.09 17:08:23 | 017,813,896 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013.10.08 19:52:26 | 000,184,120 | ---- | M] () -- C:\Documents and Settings\Sorin\My Documents\1293069_584223651612886_427986102_o.jpg [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [201 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.11.04 18:50:19 | 001,073,258 | ---- | C] () -- C:\Documents and Settings\Sorin\Desktop\adwcleaner.exe [2013.11.02 20:32:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nmesrvc_core_2013_11_2_20_32_49.dmp [2013.11.02 20:15:47 | 000,013,520 | ---- | C] () -- C:\WINDOWS\System32\nmesrvc_core_2013_11_2_20_15_47.dmp [2013.11.02 20:10:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nmesrvc_core_2013_11_2_20_10_9.dmp [2013.11.02 19:47:08 | 000,014,606 | ---- | C] () -- C:\WINDOWS\System32\nmesrvc_core_2013_11_2_19_47_8.dmp [2013.10.31 23:51:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nmesrvc_core_2013_10_31_23_51_5.dmp [2013.10.19 17:55:09 | 436,569,649 | ---- | C] () -- C:\Documents and Settings\Sorin\Desktop\13-10-2013 - Tmp.rar [2013.10.13 02:14:45 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013.10.11 21:27:10 | 000,073,852 | ---- | C] () -- C:\Documents and Settings\Sorin\My Documents\1012523_631496010214080_1167173318_n.jpg [2013.10.08 19:52:23 | 000,184,120 | ---- | C] () -- C:\Documents and Settings\Sorin\My Documents\1293069_584223651612886_427986102_o.jpg [2013.08.02 21:25:26 | 000,000,083 | ---- | C] () -- C:\Program Files\GPACgpac_pl.m3u [2013.07.17 22:20:38 | 000,053,016 | ---- | C] () -- C:\Documents and Settings\Sorin\ashrpt_1_0717_2320.html [2013.06.13 17:05:52 | 000,000,302 | ---- | C] () -- C:\WINDOWS\pdf2word.INI [2013.03.15 08:19:43 | 000,466,579 | ---- | C] () -- C:\Documents and Settings\Sorin\Local Settings\Application Data\census.cache [2013.03.15 08:17:30 | 000,198,828 | ---- | C] () -- C:\Documents and Settings\Sorin\Local Settings\Application Data\ars.cache [2013.03.12 23:37:39 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Sorin\Local Settings\Application Data\housecall.guid.cache [2013.02.24 20:35:16 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Sorin\Local Settings\Application Data\llftool.4.25.agreement [2012.12.20 19:35:30 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\Sorin\.myeclipse.properties [2012.09.24 22:32:07 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4670.dll [2012.09.09 16:11:18 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\Sorin\.asadmintruststore [2012.09.09 10:39:40 | 000,000,063 | ---- | C] () -- C:\Documents and Settings\Sorin\.asadminpass [2012.09.09 10:18:38 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Sorin\.keystore [2012.04.28 15:30:09 | 000,000,020 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2012.04.24 15:55:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.03.11 21:24:16 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Sorin\jinitiator13122.trace [2012.03.11 21:23:53 | 000,036,962 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2012.03.11 21:21:15 | 000,009,168 | ---- | C] () -- C:\Documents and Settings\Sorin\MODULE1.fmx [2012.03.11 20:16:56 | 000,094,720 | ---- | C] () -- C:\WINDOWS\System32\SH30W32.DLL [2012.03.11 20:16:56 | 000,080,624 | ---- | C] () -- C:\WINDOWS\System32\SH31W32.DLL [2012.03.11 20:16:55 | 000,254,464 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT2X.DLL [2012.03.07 18:03:12 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2012.03.03 18:40:12 | 000,163,126 | ---- | C] () -- C:\WINDOWS\hphins25.dat [2012.03.03 18:40:11 | 000,000,795 | ---- | C] () -- C:\WINDOWS\hphmdl25.dat [2012.03.02 00:58:01 | 000,180,000 | ---- | C] () -- C:\WINDOWS\aaRemove.exe [2012.02.29 00:36:17 | 000,002,439 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2012.02.28 21:15:00 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\Sorin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.28 19:24:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sorin\initdebug.nfo [2012.02.28 18:45:06 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2012.02.28 18:45:06 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2012.02.28 18:45:06 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2012.02.28 18:45:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2012.02.28 18:03:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2012.02.28 17:59:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.02.28 17:50:40 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2012.02.28 17:50:40 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012.02.28 17:50:38 | 000,001,256 | R--- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat [2012.02.28 17:50:38 | 000,000,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\alcxhweq.dat [2012.02.28 17:50:38 | 000,000,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\alcxeq.dat [2012.02.28 17:49:37 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL [2012.02.28 16:48:59 | 000,051,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys [2012.02.28 16:48:59 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2012.02.28 14:38:15 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012.02.28 14:36:40 | 000,265,416 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.02.28 12:52:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.02.28 12:45:54 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== ZeroAccess Check ========== [2012.02.28 18:19:34 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2011.12.19 10:53:33 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.03.18 21:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2012.07.26 21:47:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2012.07.26 22:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2012.03.05 21:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DFX [2012.07.17 01:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure [2012.12.20 21:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate [2013.08.24 22:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony [2012.07.26 21:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2013.01.05 17:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual CertExam Suite [2012.07.26 21:47:42 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.03.07 16:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\DAEMON Tools Lite [2013.03.18 16:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\e-academy Inc [2012.07.17 01:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\f-secure [2012.03.02 21:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\Oracle [2013.05.12 13:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\PLSQL Developer [2012.11.03 23:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\Publish Providers [2012.11.17 22:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\QuickScan [2012.11.03 23:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\Sony [2012.03.17 18:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\Stellarium [2012.03.31 09:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\streamripper [2012.12.22 01:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\Subversion [2013.06.02 22:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\TeamViewer [2012.02.28 18:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\toshiba [2012.07.26 21:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\TuneUp Software [2012.09.08 14:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\updatetool [2013.07.13 23:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\uTorrent [2012.12.23 13:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\Wireshark ========== Purity Check ========== ========== Files - Unicode (All) ========== [2013.11.05 17:25:57 | 105,048,247 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�畱呄6 [2013.11.05 17:25:57 | 105,048,247 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�畱呄6 [2013.10.11 11:01:57 | 100,446,413 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\輾涘呄6 [2013.10.11 11:01:57 | 100,446,413 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\輾涘呄6 [2013.10.11 06:32:25 | 100,442,783 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쳧⡐呄6 [2013.10.11 05:09:54 | 100,442,783 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쳧⡐呄6 [2013.09.17 22:12:11 | 098,062,984 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\좊呄6 [2013.09.17 22:12:11 | 098,062,984 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\좊呄6 < End of report > Si Extrasu': OTL Extras logfile created on: 05.11.2013 17:29:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Sorin\My Documents Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000418 | Country: Romania | Language: ROM | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 45,26% Memory free 3,84 Gb Paging File | 2,67 Gb Available in Paging File | 69,43% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 35,15 Gb Total Space | 9,46 Gb Free Space | 26,92% Space Free | Partition Type: NTFS Drive D: | 262,93 Gb Total Space | 0,91 Gb Free Space | 0,35% Space Free | Partition Type: NTFS Computer Name: ROGER | User Name: Sorin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-861567501-790525478-1417001333-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping "3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP) "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping "3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP) "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management "80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In) "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.) "C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Documents and Settings\Sorin\Local Settings\Temp\OraInstall2012-02-29_10-34-41PM\jdk\jre\bin\javaw.exe" = C:\Documents and Settings\Sorin\Local Settings\Temp\OraInstall2012-02-29_10-34-41PM\jdk\jre\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary "D:\oracle\app\product\11.2.0\dbhome_1\jdk\jre\bin\java.exe" = D:\oracle\app\product\11.2.0\dbhome_1\jdk\jre\bin\java.exe:*:Enabled:Java™ 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.) "C:\Program Files\Java\jdk1.7.0_03\bin\java.exe" = C:\Program Files\Java\jdk1.7.0_03\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Oracle Corporation) "C:\Program Files\Java\jrockit-jdk1.6.0_29-R28.2.2-4.1.0\bin\jrmc.exe" = C:\Program Files\Java\jrockit-jdk1.6.0_29-R28.2.2-4.1.0\bin\jrmc.exe:*:Enabled:Oracle JRockit Mission Control "C:\Documents and Settings\Sorin\Local Settings\Temp\sfx47.tmp\jre160_05\bin\javaw.exe" = C:\Documents and Settings\Sorin\Local Settings\Temp\sfx47.tmp\jre160_05\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary "C:\Documents and Settings\Sorin\Local Settings\Temp\sfx18.tmp\jre160_05\bin\javaw.exe" = C:\Documents and Settings\Sorin\Local Settings\Temp\sfx18.tmp\jre160_05\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary "C:\Documents and Settings\Sorin\Local Settings\Temp\sfx14.tmp\jre160_05\bin\javaw.exe" = C:\Documents and Settings\Sorin\Local Settings\Temp\sfx14.tmp\jre160_05\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary "D:\oracle-Middleware\Middleware\jdk160_29\bin\java.exe" = D:\oracle-Middleware\Middleware\jdk160_29\bin\java.exe:*:Enabled:Java™ Platform SE binary "C:\Documents and Settings\Sorin\Local Settings\Temp\OraInstall2012-03-04_10-34-00PM\jdk\jre\bin\javaw.exe" = C:\Documents and Settings\Sorin\Local Settings\Temp\OraInstall2012-03-04_10-34-00PM\jdk\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "D:\oracle-Middleware\Middleware\jdk160_29\jre\bin\javaw.exe" = D:\oracle-Middleware\Middleware\jdk160_29\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "D:\oracle-Middleware\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe" = D:\oracle-Middleware\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe:*:Enabled:Oracle Application Server "D:\oracle-Middleware\Middleware\Oracle_FRHome1\BIN\rwbuilder.exe" = D:\oracle-Middleware\Middleware\Oracle_FRHome1\BIN\rwbuilder.exe:*:Enabled:Reports Builder "C:\Documents and Settings\Sorin\Local Settings\Temp\OraInstall2012-03-06_08-18-38PM\jdk\jre\bin\javaw.exe" = C:\Documents and Settings\Sorin\Local Settings\Temp\OraInstall2012-03-06_08-18-38PM\jdk\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "C:\Program Files\Strong DC\StrongDC.exe" = C:\Program Files\Strong DC\StrongDC.exe:*:Enabled:StrongDC++ -- () "C:\TEMP\OraInstall2012-03-07_07-06-33PM\jdk\jre\bin\javaw.exe" = C:\TEMP\OraInstall2012-03-07_07-06-33PM\jdk\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "C:\OracleMiddleware\Middleware\jrockit_160_24_D1.1.2-4\bin\java.exe" = C:\OracleMiddleware\Middleware\jrockit_160_24_D1.1.2-4\bin\java.exe:*:Enabled:Java™ Platform SE binary "C:\OracleMiddleware\Middleware\jrockit_160_24_D1.1.2-4\jre\bin\javaw.exe" = C:\OracleMiddleware\Middleware\jrockit_160_24_D1.1.2-4\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "C:\TEMP\OraInstall2012-03-08_12-18-18AM\jre\bin\javaw.exe" = C:\TEMP\OraInstall2012-03-08_12-18-18AM\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "D:\Oracle_Middleware\jrockit_160_24_D1.1.2-4\bin\java.exe" = D:\Oracle_Middleware\jrockit_160_24_D1.1.2-4\bin\java.exe:*:Enabled:Java™ Platform SE binary "D:\OracleMiddleware\Middleware\jrockit_160_24_D1.1.2-4\bin\java.exe" = D:\OracleMiddleware\Middleware\jrockit_160_24_D1.1.2-4\bin\java.exe:*:Enabled:Java™ Platform SE binary "C:\Middleware\jrockit_160_17_R28.0.0-679\jre\bin\javaw.exe" = C:\Middleware\jrockit_160_17_R28.0.0-679\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "D:\Middleware\jrockit_160_17_R28.0.0-679\bin\java.exe" = D:\Middleware\jrockit_160_17_R28.0.0-679\bin\java.exe:*:Enabled:Java™ Platform SE binary "C:\TEMP\OraInstall2012-03-19_05-45-58PM\jre\bin\javaw.exe" = C:\TEMP\OraInstall2012-03-19_05-45-58PM\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "D:\Middleware\jrockit_160_17_R28.0.0-679\jre\bin\javaw.exe" = D:\Middleware\jrockit_160_17_R28.0.0-679\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "C:\Oracle\Middleware\jdk160_24\bin\java.exe" = C:\Oracle\Middleware\jdk160_24\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) "C:\TEMP\OraInstall2012-03-19_11-09-04PM\jdk\jre\bin\javaw.exe" = C:\TEMP\OraInstall2012-03-19_11-09-04PM\jdk\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "C:\Oracle\Middleware\jrockit_160_24_D1.1.2-4\bin\java.exe" = C:\Oracle\Middleware\jrockit_160_24_D1.1.2-4\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Oracle Corporation) "C:\Oracle\Middleware\jrockit_160_24_D1.1.2-4\jre\bin\javaw.exe" = C:\Oracle\Middleware\jrockit_160_24_D1.1.2-4\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Oracle Corporation) "C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe" = C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe:*:Enabled:Oracle Application Server -- () "C:\Oracle\Middleware\Oracle_FRHome1\bin\frmweb.exe" = C:\Oracle\Middleware\Oracle_FRHome1\bin\frmweb.exe:*:Enabled:Oracle Forms Runform -- (Oracle Corporation) "C:\Oracle\Middleware\Oracle_FRHome1\bin\rwbuilder.exe" = C:\Oracle\Middleware\Oracle_FRHome1\bin\rwbuilder.exe:*:Enabled:Reports Builder -- (Oracle Corporation) "C:\Documents and Settings\Sorin\Desktop\{Oracle_Enterprise_Manager_11g__Grid_Control_Essentials}_downloader_411b.exe" = C:\Documents and Settings\Sorin\Desktop\{Oracle_Enterprise_Manager_11g__Grid_Control_Essentials}_downloader_411b.exe:*:Enabled:ExpressFilesInstaller "C:\Documents and Settings\Sorin\Desktop\{Oracle_Linux_Linux_Fundamentals}_downloader_411b.exe" = C:\Documents and Settings\Sorin\Desktop\{Oracle_Linux_Linux_Fundamentals}_downloader_411b.exe:*:Enabled:ExpressFilesInstaller "C:\TEMP\OraInstall2012-04-28_03-42-33PM\jdk\jre\bin\javaw.exe" = C:\TEMP\OraInstall2012-04-28_03-42-33PM\jdk\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "D:\Middleware\jdk160_24\bin\java.exe" = D:\Middleware\jdk160_24\bin\java.exe:*:Enabled:Java™ Platform SE binary "D:\Middleware\jdk160_24\jre\bin\javaw.exe" = D:\Middleware\jdk160_24\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary "D:\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe" = D:\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe:*:Enabled:Oracle Application Server "D:\Middleware\Oracle_FRHome1\bin\frmweb.exe" = D:\Middleware\Oracle_FRHome1\bin\frmweb.exe:*:Enabled:Oracle Forms Runform "C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com) "C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation) "E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe" = E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant "D:\Middleware\Oracle_FRHome1\bin\frmbld.exe" = D:\Middleware\Oracle_FRHome1\bin\frmbld.exe:*:Enabled:Oracle Forms Designer "C:\Program Files\Java\jdk1.7.0_03\jre\bin\javaw.exe" = C:\Program Files\Java\jdk1.7.0_03\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Oracle Corporation) "C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Oracle Corporation) "C:\Program Files\Java\jdk1.7.0_03\jre\bin\java.exe" = C:\Program Files\Java\jdk1.7.0_03\jre\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Oracle Corporation) "C:\Documents and Settings\Sorin\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Sorin\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin "C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com) "C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation) "C:\sts\sts-3.0.0.RELEASE\STS.exe" = C:\sts\sts-3.0.0.RELEASE\STS.exe:*:Enabled:STS "C:\Program Files\EPractize Labs Software\Java SE 7 OCP Training Lab 1.0\OCPJavaSE7.exe" = C:\Program Files\EPractize Labs Software\Java SE 7 OCP Training Lab 1.0\OCPJavaSE7.exe:*:Enabled:OCPJavaSE7 -- () "C:\TEMP\TeamViewer\Version8\TeamViewer.exe" = C:\TEMP\TeamViewer\Version8\TeamViewer.exe:*:Enabled:TeamViewer 8 -- (TeamViewer GmbH) "C:\Program Files\PANDORA.TV\PanService\PanProcess.exe" = C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess "C:\Program Files\PANDORA.TV\PanService\PandoraService.exe" = C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{32A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java™ SE Development Kit 7 Update 3 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D24F198-A2CB-46B5-BB16-41B69C644B6C}" = Microsoft Security Client "{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver "{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch "{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility "{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{718B4606-2FEF-411B-B96E-4FC53B91EBC0}" = Secure Download Manager "{7236B969-6A18-42DD-ADE4-BBA2604F34C8}" = DJ_SF_03_D2500_Software_Min "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73E0D3A0-9C30-4F59-ABBF-6233686FB396}_is1" = ConTEXT v0.98.6 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) "{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser "{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree "{BF9D56EF-88F6-466A-92C4-7519E6D0547C}" = BrainDumps Q and A for Oracle 1z0-117 Demo "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module "{CAFECAFE-0013-0001-0122-ABCDEFABCDEF}" = Oracle JInitiator 1.3.1.22 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D10AB8DE-0ED1-4152-A247-FB89CF1435D5}" = HP Deskjet D2500 Printer Driver Software 11.0 Rel .3 "{E18E644D-4FC1-4E7F-87B7-A0288A14A322}" = TIxx21/x515 "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "2D95D04E60ABC0EE3E3C38D90F622E9118C87C24" = Windows Driver Package - Intel net (06/20/2007 11.1.1.16) "657B5BB40AEA7A9E3DA5BCFBA200249C4544532C" = Windows Driver Package - Intel net (06/20/2007 11.1.1.16) "7-Zip" = 7-Zip 9.20 "A52334752DB8BF051DEADD0BADDDA32C2255FDC0" = Windows Driver Package - Intel (w29n51) net (04/04/2007 9.0.4.36) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 12.0 "Avira AntiVir Desktop" = Avira Free Antivirus "CC1FA12D40D5B9FE6AEB8C5A3527FD347734408A" = Windows Driver Package - Intel (NETw4x32) net (06/20/2007 11.1.1.16) "DAEMON Tools Lite" = Daemon Tools Lite "DFX for Winamp" = DFX for Winamp "Google Chrome" = Google Chrome "HDMI" = Intel® Graphics Media Accelerator Driver "ie8" = Windows Internet Explorer 8 "InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility "InstallShield_{E18E644D-4FC1-4E7F-87B7-A0288A14A322}" = Texas Instruments PCIxx21/x515 drivers. "Java_Deploy_0" = Java SE 7 OCP Training Lab 1.3 "JPEG Japery_is1" = JPEG Japery "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versiunea 1.75.0.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "Mobile Partner" = Mobile Partner "MozBackup" = MozBackup 1.4.9 "Mozilla Firefox 25.0 (x86 ro)" = Mozilla Firefox 25.0 (x86 ro) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Oracle WebLogic" = Oracle WebLogic "PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool "PL/SQL Developer [80687277]" = PL/SQL Developer 10.0.3.1701 "Power Saver" = TOSHIBA Power Saver "ProInst" = Intel® PROSet/Wireless Software "RealPlayer 16.0" = RealPlayer "SopCast" = Sopcast 3.4.0 "SpeedFan" = SpeedFan (remove only) "Stellarium_is1" = Stellarium 0.11.2 "Streamripper" = StreamRipper (Remove only) "The KMPlayer" = The KMPlayer (remove only) "TOSHIBA Software Modem" = TOSHIBA Software Modem "uCertify O1Z0-528" = uCeritify O1Z0-528 - Oracle Database 11g Security Essentials (1Z0-528) exam "UltimateDefrag" = Disktrix UltimateDefrag "Unlocker" = Unlocker 1.9.1 "uTorrent" = µTorrent "Visual CertExam Suite_is1" = Visual CertExam Suite "VLC media player" = VLC media player 2.0.0 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = WinRAR 4.10 (32-bit) "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Widget Engine" = Yahoo! Widgets "YInstHelper" = Yahoo! Install Manager ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-861567501-790525478-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uCertify O1Z0-528" = uCeritify O1Z0-528 - Oracle Database 11g Security Essentials (1Z0-528) exam ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 13.10.2013 09:07:22 | Computer Name = ROGER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.9901.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 13.10.2013 11:17:09 | Computer Name = ROGER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.9901.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 23.10.2013 10:24:45 | Computer Name = ROGER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.10003.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 26.10.2013 11:44:06 | Computer Name = ROGER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.10003.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 27.10.2013 04:08:22 | Computer Name = ROGER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.10003.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 02.11.2013 13:47:07 | Computer Name = ROGER | Source = OracleDBConsoleorcl | ID = 131076 Description = Process exited abnormally during initialization. Error - 02.11.2013 13:52:30 | Computer Name = ROGER | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error - 02.11.2013 14:10:09 | Computer Name = ROGER | Source = OracleDBConsoleorcl | ID = 131076 Description = Process exited abnormally during initialization. Error - 02.11.2013 14:15:46 | Computer Name = ROGER | Source = OracleDBConsoleorcl | ID = 131076 Description = Process exited abnormally during initialization. Error - 03.11.2013 13:07:02 | Computer Name = ROGER | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved [ System Events ] Error - 03.11.2013 13:27:31 | Computer Name = ROGER | Source = Service Control Manager | ID = 7034 Description = The OracleServiceORCL service terminated unexpectedly. It has done this 1 time(s). Error - 03.11.2013 15:51:51 | Computer Name = ROGER | Source = Service Control Manager | ID = 7031 Description = The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. Error - 04.11.2013 12:26:03 | Computer Name = ROGER | Source = Dhcp | ID = 1000 Description = Your computer has lost the lease to its IP address 192.168.1.100 on the Network Card with network address 00166F8B978D. Error - 04.11.2013 13:03:38 | Computer Name = ROGER | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the OracleMTSRecoveryService service to connect. Error - 04.11.2013 13:03:38 | Computer Name = ROGER | Source = Service Control Manager | ID = 7000 Description = The OracleMTSRecoveryService service failed to start due to the following error: %%1053 Error - 04.11.2013 13:03:38 | Computer Name = ROGER | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the OracleOraDb11g_home1TNSListener service to connect. Error - 04.11.2013 13:03:38 | Computer Name = ROGER | Source = Service Control Manager | ID = 7000 Description = The OracleOraDb11g_home1TNSListener service failed to start due to the following error: %%1053 Error - 04.11.2013 13:03:38 | Computer Name = ROGER | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the OracleServiceORCL service to connect. Error - 04.11.2013 13:03:38 | Computer Name = ROGER | Source = Service Control Manager | ID = 7000 Description = The OracleServiceORCL service failed to start due to the following error: %%1053 Error - 05.11.2013 11:24:50 | Computer Name = ROGER | Source = Dhcp | ID = 1000 Description = Your computer has lost the lease to its IP address 192.168.1.100 on the Network Card with network address 00166F8B978D. < End of report > Edited by Talkabout, 05 November 2013 - 17:51. |
|
#34
Posted 06 November 2013 - 07:16
|
Ruleaza din nou OTL.
Copiaza ce e citat mai jos si "Paste"(Lipeste) textul in OTL. Quote
:PROCESSES killallprocesses :OTL SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Sorin\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll CHR - plugin: RealDownloader Plugin (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll CHR - Extension: RealDownloader = C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\ O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI69DF~1\Office12\EXCEL.EXE/3000 File not found [2013.11.05 17:45:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\Windows Driver Foundation.job [2013.11.04 19:11:03 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft AntiMalware Scheduled Scan.job [2013.10.13 02:14:45 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012.03.11 21:24:16 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Sorin\jinitiator13122.trace [2012.03.31 09:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorin\Application Data\streamripper :Files ipconfig /flushdns /c :Commands [purity] [Resethosts] [emptytemp] [emptyjava] [emptyflash] [Reboot] Apasa Run Fix. Posteaza logul aici. [ http://s23.postimg.org/6ui8tyrrv/OTLsc.jpg - Pentru incarcare in pagina (embed) Click aici ] Pe Firefox folosesti proxy? Verifica sa ai ultima versiune de Java. |
#36
Posted 06 November 2013 - 17:34
|
Logul:
All processes killed ========== PROCESSES ========== ========== OTL ========== Service HidServ stopped successfully! Service HidServ deleted successfully! File %SystemRoot%\System32\hidserv.dll not found. Service RealNetworks Downloader Resolver Service stopped successfully! Service RealNetworks Downloader Resolver Service deleted successfully! C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0\ deleted successfully. C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0\ deleted successfully. C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0\ deleted successfully. C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282\ deleted successfully. C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1\ deleted successfully. C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll moved successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin\ deleted successfully. File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll not found. File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll not found. File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll not found. File C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll not found. File C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll not found. C:\Documents and Settings\Sorin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0 folder moved successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully. C:\WINDOWS\tasks\Windows Driver Foundation.job moved successfully. C:\WINDOWS\tasks\Microsoft AntiMalware Scheduled Scan.job moved successfully. File C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job not found. C:\Documents and Settings\Sorin\jinitiator13122.trace moved successfully. C:\Documents and Settings\Sorin\Application Data\streamripper folder moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Could not flush the DNS Resolver Cache: Function failed during execution. C:\Documents and Settings\Sorin\My Documents\cmd.bat deleted successfully. C:\Documents and Settings\Sorin\My Documents\cmd.txt deleted successfully. ========== COMMANDS ========== File move failed. C:\WINDOWS\System32\drivers\etc\Hosts scheduled to be moved on reboot. Error: Unble to create default HOSTS file! [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: All Users ->Temp folder emptied: 0 bytes User: ASPNET User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Guest User: HelpAssistant User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 2488352 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Sorin ->Temp folder emptied: 875208038 bytes ->Temporary Internet Files folder emptied: 29058067 bytes ->Java cache emptied: 266275 bytes ->FireFox cache emptied: 88068917 bytes ->Google Chrome cache emptied: 248657819 bytes ->Flash cache emptied: 5411 bytes User: SUPPORT_388945a0 %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 8073952 bytes %systemroot%\System32 .tmp files removed: 3923985 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 123451475 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 375440616 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1.674,00 mb [EMPTYJAVA] User: Administrator User: All Users User: ASPNET User: Default User User: Guest User: HelpAssistant User: LocalService User: NetworkService User: Sorin ->Java cache emptied: 0 bytes User: SUPPORT_388945a0 Total Java Files Cleaned = 0,00 mb [EMPTYFLASH] User: Administrator User: All Users User: ASPNET User: Default User User: Guest User: HelpAssistant User: LocalService User: NetworkService User: Sorin ->Flash cache emptied: 0 bytes User: SUPPORT_388945a0 Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 11062013_172814 Files\Folders moved on Reboot... C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. C:\WINDOWS\temp\Perflib_Perfdata_b90.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
-
- Change Theme
- English
- Mark Community Read
- Termene & conditii
- Confidentialitate
- Consimtamant
- Cookies
- Help
© 2001-2024 Softpedia. All rights reserved. Softpedia® and the Softpedia logo are registered trademarks of SoftNews Net SRL.
Ora implicita a Forumului Softpedia este ora standard a Romaniei (GMT+2). Mai multe informatii →
⚠ Postarile afisate pe Forumul Softpedia reprezinta o opinie subiectiva a membrilor care le-au publicat si nu a SoftNews Net SRL.