Author Topic: problem with my pc (Read 1420 times)

bolededinje · « **on:** May 22, 2009, 01:30:14 PM »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:27:40, on 22.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rmctrl.exe
C:\WINDOWS\winlogon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [winlogon] C:\WINDOWS\winlogon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Update Service (gupdate1c9865efa06ba44) (gupdate1c9865efa06ba44) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 6075 bytes

guestolo · « **Reply #1 on:** May 22, 2009, 02:09:56 PM »

Download and Save to your desktop
[color=\"#FF0000\"]OTS.exe[/color] by OldTimer

Double click on OTS.exe to run it
Under Additional Scans click the button labelled "Extras"
Also, put a tick beside>> Reg - Disabled MS Config Items
So now all the following will be ticked

Afterwards: Click the button [color=\"#0000FF\"]Run Scan[/color]

Let this scan finish, when done, it will open a log
Can you copy and paste that log back here please
A copy of the log will also be on your desktop>>OTS.txt

NOTE: If you do get an error posting this log, please Upload it in a reply
Simply using the UPLOAD>Browse.. buttons on the bottom right of the reply box

bolededinje · « **Reply #2 on:** May 22, 2009, 03:09:42 PM »

[attachment=5007:OTS.Txt]

OTS logfile created on: 22.5.2009 22:02:21 - Run 1
OTS by OldTimer - Version 3.0.2.4 Folder = C:\Documents and Settings\Bosko i Nina\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000C1A | Country: Serbia and Montenegro | Language: SRB | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 514,26 Mb Available Physical Memory | 50,25% Memory free
2,40 Gb Paging File | 2,02 Gb Available in Paging File | 83,93% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,52 Gb Total Space | 0,30 Gb Free Space | 1,53% Space Free | Partition Type: FAT32
Drive D: | 56,79 Gb Total Space | 1,16 Gb Free Space | 2,04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KUCNA
Current User Name: Bosko i Nina
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

[Processes - Safe List]
ati2evxx.exe -> C:\WINDOWS\System32\Ati2evxx.exe -> [2006.02.21 20:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.)
ati2evxx.exe -> C:\WINDOWS\System32\Ati2evxx.exe -> [2006.02.21 20:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.)
btdna.exe -> C:\Program Files\DNA\btdna.exe -> [2008.12.19 20:53:06 | 00,342,848 | ---- | M] (BitTorrent, Inc.)
explorer.exe -> C:\WINDOWS\Explorer.EXE -> [2004.08.04 00:56:50 | 01,032,192 | ---- | M] (Microsoft Corporation)
googleupdate.exe -> C:\Program Files\Google\Update\GoogleUpdate.exe -> [2009.02.04 01:24:28 | 00,133,104 | ---- | M] (Google Inc.)
iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2006.10.17 13:04:40 | 00,622,080 | ---- | M] (Microsoft Corporation)
mdm.exe -> C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -> [2001.02.23 10:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation)
ots.exe -> C:\Documents and Settings\Bosko i Nina\Desktop\OTS.exe -> [2009.05.22 22:01:14 | 00,504,320 | ---- | M] (OldTimer Tools)
rmctrl.exe -> C:\WINDOWS\System32\rmctrl.exe -> [2001.11.09 21:17:26 | 00,032,768 | ---- | M] ()
wdfmgr.exe -> C:\WINDOWS\System32\wdfmgr.exe -> [2005.01.28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation)
wlloginproxy.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe -> [2007.09.20 10:35:36 | 00,118,336 | ---- | M] (Microsoft Corporation)
wmiprvse.exe -> C:\WINDOWS\System32\wbem\wmiprvse.exe -> [2004.08.04 00:56:58 | 00,218,112 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\Ati2evxx.exe -> [2006.02.21 20:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.)
(gupdate1c9865efa06ba44) Google Update Service (gupdate1c9865efa06ba44) [Win32_Own | Auto | Stopped] -> C:\Program Files\Google\Update\GoogleUpdate.exe -> [2009.02.04 01:24:28 | 00,133,104 | ---- | M] (Google Inc.)
(gusvc) Google Software Updater [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009.02.04 01:20:36 | 00,182,768 | ---- | M] (Google)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2004.08.04 00:56:46 | 00,038,912 | ---- | M] (Microsoft Corporation)
(kavsvc) kavsvc [Win32_Own | Auto | Running] -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe -> [2004.10.07 10:49:48 | 00,548,970 | ---- | M] (Kaspersky Lab)
(MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -> [2001.02.23 10:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation)
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\System32\HPZipm12.exe -> [2002.08.01 10:22:40 | 00,065,536 | ---- | M] (HP)
(RPCHE) Remote Procedure Call (RPCE) [Win32_Own | Auto | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Speech\csvd.exe -> [2009.01.19 23:22:02 | 11,573,248 | RHS- | M] (Microsoft Corporation)
(UMWdf) Windows User Mode Driver Framework [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\wdfmgr.exe -> [2005.01.28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation)
(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Live\Messenger\usnsvc.exe -> [2007.10.18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation)
(WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Live\installer\WLSetupSvc.exe -> [2007.10.25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -> [2006.02.21 20:46:26 | 01,505,792 | ---- | M] (ATI Technologies Inc.)
(gameenum) Game Port Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\gameenum.sys -> [2004.08.03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation)
(Klif) Klif [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\klif.sys -> [2004.10.07 10:52:38 | 00,135,952 | ---- | M] (Kaspersky Labs)
(Klmc) Klmc [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\klmc.sys -> [2004.10.07 10:52:42 | 00,009,939 | ---- | M] (Kaspersky Lab)
(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\mcdbus.sys -> [2009.02.24 18:42:14 | 00,116,736 | ---- | M] (MagicISO, Inc.)
(nvatabus) nvatabus [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\nvatabus.sys -> [2003.09.02 15:51:00 | 00,054,656 | ---- | M] (NVIDIA Corporation)
(nvax) Service for NVIDIAÂ® nForce(tm) Audio Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\nvax.sys -> [2003.09.02 15:51:00 | 00,036,864 | ---- | M] (NVIDIA Corporation)
(nvnforce) Service for NVIDIAÂ® nForce(tm) Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\nvapu.sys -> [2003.09.02 15:51:00 | 00,312,704 | ---- | M] (NVIDIA Corporation)
(nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\nv_agp.sys -> [2003.03.19 14:51:00 | 00,018,688 | ---- | M] (NVIDIA Corporation)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ptilink.sys -> [2001.08.23 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2007.03.08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions)
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -> [2004.08.03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation)
(Secdrv) Secdrv [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\secdrv.sys -> [2008.12.06 18:15:54 | 00,011,973 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2008.11.01 01:40:30 | 00,639,224 | ---- | M] ()

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}" [HKLM] -> C:\Program Files\Winamp Toolbar\winamptb.dll [Winamp Search Class] -> [2008.07.16 21:51:34 | 01,266,992 | ---- | M] (AOL LLC.)
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Live Search ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://search.live.com/results.aspx?q={sea...ferrer:source?} ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> about:blank ->
HKEY_CURRENT_USER\: Search\\"AutoSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/src...autosearch.aspx ->
HKEY_CURRENT_USER\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://home.microsoft.com/access/autosearch.asp?p=%s ->
HKEY_CURRENT_USER\: URLSearchHooks\\"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}" [HKLM] -> C:\Program Files\Winamp Toolbar\winamptb.dll [Winamp Search Class] -> [2008.07.16 21:51:34 | 01,266,992 | ---- | M] (AOL LLC.)
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
HKEY_CURRENT_USER\: "ProxyOverride" -> <local> ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
< HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
Reset Hosts
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009.02.27 12:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2008.08.12 18:19:02 | 01,437,696 | ---- | M] (Skype Technologies S.A.)
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} [HKLM] -> C:\Program Files\Winamp Toolbar\winamptb.dll [Winamp Toolbar Loader] -> [2008.07.16 21:51:34 | 01,266,992 | ---- | M] (AOL LLC.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2007.09.20 10:30:18 | 00,328,752 | ---- | M] (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar Helper] -> [2009.04.28 22:54:46 | 00,259,696 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [Google Toolbar Notifier BHO] -> [2009.04.28 22:58:08 | 00,668,656 | ---- | M] (Google Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [Google Dictionary Compression sdch] -> [2009.04.28 22:54:44 | 00,470,512 | ---- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar] -> [2009.04.28 22:54:46 | 00,259,696 | ---- | M] (Google Inc.)
"{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}" [HKLM] -> C:\Program Files\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> [2008.07.16 21:51:34 | 01,266,992 | ---- | M] (AOL LLC.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar] -> [2009.04.28 22:54:46 | 00,259,696 | ---- | M] (Google Inc.)
WebBrowser\\"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" [HKLM] -> C:\Program Files\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> [2008.07.16 21:51:34 | 01,266,992 | ---- | M] (AOL LLC.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"KAVPersonal50" -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize] -> [2004.10.07 10:51:24 | 00,127,079 | ---- | M] (Kaspersky Lab)
"RemoteControl" -> C:\WINDOWS\System32\rmctrl.exe [C:\WINDOWS\system32\rmctrl.exe] -> [2001.11.09 21:17:26 | 00,032,768 | ---- | M] ()
"winlogon" -> C:\WINDOWS\winlogon.exe [C:\WINDOWS\winlogon.exe] -> File not found
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"BitTorrent DNA" -> C:\Program Files\DNA\btdna.exe ["C:\Program Files\DNA\btdna.exe"] -> [2008.12.19 20:53:06 | 00,342,848 | ---- | M] (BitTorrent, Inc.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE -> [2001.02.13 01:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation)
< Bosko i Nina Startup Folder > -> C:\Documents and Settings\Bosko i Nina\Start Menu\Programs\Startup ->
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->

-> File not found

\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Winamp Search -> C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html [C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html] -> [2008.03.19 23:12:24 | 00,000,748 | ---- | M] ()
Add to AMV Converter... -> C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html [C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html] -> [2006.02.16 10:37:38 | 00,000,890 | ---- | M] ()
Add to Media Manager... -> C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html [C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html] -> [2006.02.15 09:30:44 | 00,000,890 | ---- | M] ()
E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000] -> [2001.02.16 01:05:38 | 09,164,192 | R--- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2008.08.12 18:19:02 | 01,437,696 | ---- | M] (Skype Technologies S.A.)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2004.08.04 00:56:54 | 01,667,584 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004.08.04 00:56:54 | 01,667,584 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{77BF5300-1474-4EC7-9980-D32B190E9B07}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2008.08.12 18:19:02 | 01,437,696 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2004.08.04 00:56:54 | 01,667,584 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.1...toUploader5.cab [Facebook Photo Uploader 5 Control] ->
{74DBCB52-F298-4110-951D-AD2FF67BC8AB} [HKLM] -> http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab [NVIDIA Smart Scan] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab [Shockwave Flash Object] ->
DirectAnimation Java Classes [HKLM] -> file://C:\WINDOWS\Java\classes\dajava.cab [Reg Error: Key error.] ->
Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\Explorer.exe -> [2004.08.04 00:56:50 | 01,032,192 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> C:\WINDOWS\System32\Ati2evxx.dll -> [2006.02.21 20:40:30 | 00,061,440 | ---- | M] (ATI Technologies Inc.)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004.08.04 00:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007.10.02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007.10.18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004.08.04 00:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation)
"C:\Program Files\ApexDC++\ApexDC.exe" -> C:\Program Files\ApexDC++\ApexDC.exe [C:\Program Files\ApexDC++\ApexDC.exe:*:Enabled:ApexDC++ - Pinnacle of File Sharing] -> [2009.05.07 08:05:56 | 03,134,464 | ---- | M] (ApexDC++ Development Team)
"C:\Program Files\BitTorrent\bittorrent.exe" -> C:\Program Files\BitTorrent\bittorrent.exe [C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [2008.09.27 00:44:20 | 00,634,672 | ---- | M] (BitTorrent, Inc.)
"C:\Program Files\DNA\btdna.exe" -> C:\Program Files\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA] -> [2008.12.19 20:53:06 | 00,342,848 | ---- | M] (BitTorrent, Inc.)
"C:\Program Files\Google\Google Talk\googletalk.exe" -> C:\Program Files\Google\Google Talk\googletalk.exe [C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk] -> [2007.01.01 22:22:02 | 03,739,648 | ---- | M] (Google)
"C:\Program Files\Half Life 2\hl2.exe" -> C:\Program Files\Half Life 2\hl2.exe [C:\Program Files\Half Life 2\hl2.exe:*:Enabled:hl2] -> File not found
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe" -> C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe [C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Disabled:javaw] -> [2001.05.06 11:14:22 | 00,020,549 | ---- | M] ()
"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2004.08.04 00:56:54 | 01,667,584 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2008.08.12 18:19:02 | 21,741,864 | R--- | M] (Skype Technologies S.A.)
"C:\Program Files\Warcraft III\Warcraft III.exe" -> C:\Program Files\Warcraft III\Warcraft III.exe [C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III] -> File not found
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" -> C:\Program Files\Winamp Remote\bin\OrbTray.exe [C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Disabled:Orb] -> File not found
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007.10.02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007.10.18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)
"D:\Codemasters\Severance\Bin\Blade.exe" -> D:\Codemasters\Severance\Bin\Blade.exe [D:\Codemasters\Severance\Bin\Blade.exe:*:Enabled:Blade] -> File not found
"D:\Program Files\eMule\emule.exe" -> D:\Program Files\eMule\emule.exe [D:\Program Files\eMule\emule.exe:*:Enabled:eMule] -> [2009.02.22 21:15:14 | 05,668,864 | ---- | M] (http://www.emule-project.net)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [System32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ FAT32 ] -> [2008.10.31 00:20:54 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->

[Registry - Additional Scans - Safe List]
< 64bit-Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ ->
C:^Documents and Settings^Bosko i Nina^Start Menu^Programs^Startup^MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe -> [2009.02.23 19:43:12 | 00,576,000 | ---- | M] (MagicISO, Inc.)
< 64bit-Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe -> [2009.02.27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)
DAEMON Tools hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\DAEMON Tools\daemon.exe -> [2006.11.12 11:48:48 | 00,157,592 | ---- | M] (DT Soft Ltd.)
HPLJ Config hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\hp LaserJet 1010 Series\SetConfig.exe -> [2003.03.31 18:32:18 | 00,028,672 | ---- | M] (Hewlett-Packard Inc.)
NeroCheck hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
Orb hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Winamp Remote\bin\OrbTray.exe -> File not found
QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\QuickTime\qttask.exe -> [2008.11.01 00:54:02 | 00,098,304 | ---- | M] (Apple Computer, Inc.)
StatusClient hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe -> [2002.12.16 16:51:24 | 00,036,864 | ---- | M] (Hewlett-Packard)
TomcatStartup hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe -> [2003.03.31 19:28:28 | 00,155,648 | ---- | M] (Hewlett-Packard)
winlogon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\winlogon.exe -> File not found
< 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state ->
"bootini" -> 0 ->
"services" -> 0 ->
"startup" -> 2 ->
"system.ini" -> 0 ->
"win.ini" -> 0 ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.html [@ = htmlfile] -> C:\Program Files\Internet Explorer\IEXPLORE.EXE -> [2006.10.17 13:04:40 | 00,622,080 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
x-sdch:{B1759355-3EEC-4C1E-B0F1-B719FE26E377} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll[Google Dictionary Compression filter] -> [2009.04.28 22:54:44 | 00,470,512 | ---- | M] (Google Inc.)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
cdo:{CD00020A-8B95-11D1-82DB-00C04FB1625D} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL[Microsoft PKM KnowledgePluggable Class] -> [2001.01.22 03:25:24 | 00,872,448 | ---- | M] (Microsoft Corporation)
ipp: [HKLM] -> No CLSID value
ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> C:\Program Files\Common Files\System\OLE DB\msdaipp.dll[MSDAMON.BINDER] -> [2001.02.12 03:25:24 | 01,187,840 | ---- | M] (Microsoft Corporation)
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll[Reg Error: Value error.] -> [2007.10.18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation)
msdaipp: [HKLM] -> No CLSID value
msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> C:\Program Files\Common Files\System\OLE DB\msdaipp.dll[MSDAMON.BINDER] -> [2001.02.12 03:25:24 | 01,187,840 | ---- | M] (Microsoft Corporation)
msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> C:\Program Files\Common Files\System\OLE DB\msdaipp.dll[MSDAIPP.BINDER] -> [2001.02.12 03:25:24 | 01,187,840 | ---- | M] (Microsoft Corporation)
ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL[Microsoft Infotech Storage Protocol for IE 4.0] -> [2000.04.19 18:47:36 | 00,520,117 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll[Reg Error: Value error.] -> [2007.10.18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation)
mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL[Data Page Pluggable Protocol mso-offdap Handler] -> [2001.02.23 18:36:24 | 07,436,272 | ---- | M] (Microsoft Corporation)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\Program Files\Common Files\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2008.08.12 18:19:02 | 01,942,864 | R--- | M] (Skype Technologies)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"AntiVirusDisableNotify" ->

-> File not found

\\"FirewallDisableNotify" ->

-> File not found

\\"UpdatesDisableNotify" -> [1] -> File not found
\\"AntiVirusOverride" ->

-> File not found

\\"FirewallOverride" ->

-> File not found

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus
\Monitoring\KasperskyAntiVirus\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DoNotAllowExceptions" ->

-> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
Protocol_Catalog9\Catalog_Entries\000000000004 -> C:\WINDOWS\System32\rsvpsp.dll -> [2001.08.23 12:00:00 | 00,090,112 | ---- | M] (Microsoft Corporation)
Protocol_Catalog9\Catalog_Entries\000000000005 -> C:\WINDOWS\System32\rsvpsp.dll -> [2001.08.23 12:00:00 | 00,090,112 | ---- | M] (Microsoft Corporation)
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{00203668-8170-44A0-BE44-B632FA4D780F} -> Adobe AIR
{18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer
{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk -> Google Talk (remove only)
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer
{292C47B2-8DB7-47BF-896C-C3C5EE8108C4} -> hp LaserJet 1010 Series
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{508CE775-4BA4-4748-82DF-FE28DA9F03B0} -> Windows Live Messenger
{548EAC70-EE00-11DD-908C-005056806466} -> Google Earth
{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} -> Skypeâ„¢ 3.8
{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{77DCDCE3-2DED-62F3-8154-05E745472D07} -> Acrobat.com
{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9} -> MP3 Player Utilities 4.15
{90280409-6000-11D3-8CFE-0050048383C9} -> Microsoft Office XP Professional with FrontPage
{9E17C94B-913A-48A4-B1A8-8CE25157C170} -> Media Player Product Tool 5.20
{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320} -> Windows Live installer
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{AC76BA86-7AD7-1033-7B44-A91000000001} -> Adobe Reader 9.1.1
{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} -> Windows Live Sign-in Assistant
{DFFE2B1F-07E0-45A9-8801-CD8514CAA876} -> Prince of Persia T2T
Ad-Aware SE Professional -> Ad-Aware SE Professional
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
ApexDC++ -> ApexDC++ 1.1.0
ATI Display Driver -> ATI Display Driver
BSPlayer1 -> BSPlayer
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Acrobat.com
eMule -> eMule
Governor of Poker1.0 -> Governor of Poker
Half Life 2 -> Half Life 2
HijackThis -> HijackThis 2.0.2
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs
ie7 -> Windows Internet Explorer 7
Kaspersky Anti-Virus Personal -> Kaspersky Anti-Virus Personal
KLiteCodecPack_is1 -> K-Lite Codec Pack 4.7.0 (Full)
MagicDisc 2.7.106 -> MagicDisc 2.7.106
Nero - Burning Rom!UninstallKey -> Ahead Nero Burning ROM
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs
NVIDIA nForce Drivers -> NVIDIA nForce Drivers
QuickTime -> QuickTime
RealAlt_is1 -> Real Alternative 1.7.5
SubtitleWorkshop -> Subtitle Workshop 2.51
Totalcmd -> Total Commander (Remove or Repair)
Wdf01007 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
WinAce Archiver -> WinAce Archiver
Winamp -> Winamp
Winamp Toolbar -> Winamp Toolbar for Internet Explorer
WinAVI Video Converter 9.09.0 -> WinAVI Video Converter 9.0
Windows Media Format Runtime -> Windows Media Format Runtime
Windows XP Service Pack -> Windows XP Service Pack 2
WinRAR archiver -> WinRAR archiver
winusb0100 -> Microsoft WinUsb 1.0
WinZip -> WinZip
Wudf01007 -> Microsoft User-Mode Driver Framework Feature Pack 1.7
< Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
BitTorrent -> BitTorrent
BitTorrent DNA -> DNA
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 21.5.2009 8:08:58 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 9:08:58 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 10:08:58 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 11:08:59 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 12:08:59 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 13:08:59 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 14:08:59 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 15:08:59 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 16:08:59 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 21.5.2009 17:08:59 Computer Name = KUCNA | Source = Google Update | ID = 20 -> Description =
System [ Error ] 19.5.2009 17:15:34 Computer Name = KUCNA | Source = Cdrom | ID = 262155 -> Description = The driver detected a controller error on \Device\CdRom0.
System [ Error ] 19.5.2009 17:21:29 Computer Name = KUCNA | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 19.5.2009 17:22:20 Computer Name = KUCNA | Source = Cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.
System [ Error ] 19.5.2009 17:22:24 Computer Name = KUCNA | Source = Cdrom | ID = 262155 -> Description = The driver detected a controller error on \Device\CdRom0.
System [ Error ] 19.5.2009 17:26:39 Computer Name = KUCNA | Source = Cdrom | ID = 262155 -> Description = The driver detected a controller error on \Device\CdRom0.
System [ Error ] 20.5.2009 17:10:19 Computer Name = KUCNA | Source = Service Control Manager | ID = 7034 -> Description = The Remote Procedure Call (RPCE) service terminated unexpectedly. It has done this 1 time(s).
System [ Error ] 21.5.2009 2:01:15 Computer Name = KUCNA | Source = Service Control Manager | ID = 7034 -> Description = The Remote Procedure Call (RPCE) service terminated unexpectedly. It has done this 1 time(s).
System [ Error ] 22.5.2009 1:57:30 Computer Name = KUCNA | Source = Service Control Manager | ID = 7034 -> Description = The Remote Procedure Call (RPCE) service terminated unexpectedly. It has done this 1 time(s).
System [ Error ] 22.5.2009 12:42:54 Computer Name = KUCNA | Source = Service Control Manager | ID = 7034 -> Description = The Remote Procedure Call (RPCE) service terminated unexpectedly. It has done this 1 time(s).
System [ Error ] 22.5.2009 15:57:29 Computer Name = KUCNA | Source = Service Control Manager | ID = 7034 -> Description = The Remote Procedure Call (RPCE) service terminated unexpectedly. It has done this 1 time(s).

[Files/Folders - Created Within 30 Days]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
OTS.exe -> C:\Documents and Settings\Bosko i Nina\Desktop\OTS.exe -> [2009.05.22 22:01:08 | 00,504,320 | ---- | C] (OldTimer Tools)
HijackThis.lnk -> C:\Documents and Settings\Bosko i Nina\Desktop\HijackThis.lnk -> [2009.05.22 20:26:55 | 00,001,638 | ---- | C] ()
Trend Micro -> C:\Program Files\Trend Micro -> [2009.05.22 20:26:54 | 00,000,000 | ---D | C]
HJTInstall.exe -> C:\Documents and Settings\Bosko i Nina\Desktop\HJTInstall.exe -> [2009.05.22 20:26:44 | 00,812,344 | ---- | C] (Trend Micro Inc.)
seks i graddvd.sub -> C:\Documents and Settings\Bosko i Nina\Desktop\seks i graddvd.sub -> [2009.05.17 11:00:50 | 00,093,112 | ---- | C] ()
propratno pismo.doc -> C:\Documents and Settings\Bosko i Nina\Desktop\propratno pismo.doc -> [2009.05.13 21:42:04 | 00,024,064 | ---- | C] ()
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> C:\Documents and Settings\Bosko i Nina\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> [2009.05.13 21:17:11 | 00,000,000 | ---D | C]
ninacv.doc -> C:\Documents and Settings\Bosko i Nina\Desktop\ninacv.doc -> [2009.05.13 21:16:03 | 00,544,768 | ---- | C] ()
Governor of Poker .lnk -> C:\Documents and Settings\All Users\Desktop\Governor of Poker .lnk -> [2009.05.12 23:10:18 | 00,001,582 | ---- | C] ()
Governor of Poker -> C:\WINDOWS\Governor of Poker -> [2009.05.12 23:10:17 | 00,000,000 | ---D | C]
Governor of Poker -> C:\Program Files\Governor of Poker -> [2009.05.12 23:10:17 | 00,000,000 | ---D | C]
Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk -> [2009.05.12 23:08:51 | 00,001,633 | ---- | C] ()
cv-engleski.pdf -> C:\Documents and Settings\Bosko i Nina\Desktop\cv-engleski.pdf -> [2009.05.12 23:07:41 | 00,304,140 | ---- | C] ()
Guard_Advertisement.doc -> C:\Documents and Settings\Bosko i Nina\Desktop\Guard_Advertisement.doc -> [2009.05.12 18:40:54 | 00,029,696 | ---- | C] ()
seks i grad.sub -> C:\Documents and Settings\Bosko i Nina\Desktop\seks i grad.sub -> [2009.05.10 19:19:02 | 00,093,112 | ---- | C] ()
URUSoft -> C:\Program Files\URUSoft -> [2009.05.10 19:14:33 | 00,000,000 | ---D | C]
Sex.and.the.City[2008]DvDrip[Eng]-FXG.srt -> C:\Documents and Settings\Bosko i Nina\Desktop\Sex.and.the.City[2008]DvDrip[Eng]-FXG.srt -> [2009.05.10 19:09:21 | 00,090,819 | ---- | C] ()
2756b6cae4f29e0aec8b64325891d564d1f1c805.zip -> C:\Documents and Settings\Bosko i Nina\Desktop\2756b6cae4f29e0aec8b64325891d564d1f1c805.zip -> [2009.05.10 19:09:13 | 00,035,240 | ---- | C] ()
New Folder -> C:\Documents and Settings\Bosko i Nina\Desktop\New Folder -> [2009.05.09 19:44:37 | 00,000,000 | ---D | C]
FOUND.008 -> C:\FOUND.008 -> [2009.05.08 20:18:38 | 00,000,000 | -HSD | C]
Miki Maus vam pretsavlja.avi -> C:\Documents and Settings\Bosko i Nina\Desktop\Miki Maus vam pretsavlja.avi -> [2009.05.07 22:01:10 | 80,212,992 | ---- | C] ()
Donald Duck, Mickey Mouse & Goofy - How to Ski.mpg -> C:\Documents and Settings\Bosko i Nina\Desktop\Donald Duck, Mickey Mouse & Goofy - How to Ski.mpg -> [2009.05.07 19:00:12 | 75,246,472 | ---- | C] ()
gordana lazarevic - merak merak.mp3 -> C:\Documents and Settings\Bosko i Nina\Desktop\gordana lazarevic - merak merak.mp3 -> [2009.05.07 12:53:25 | 02,797,946 | ---- | C] ()
MagicDisc.lnk -> C:\Documents and Settings\Bosko i Nina\Desktop\MagicDisc.lnk -> [2009.05.03 20:20:35 | 00,000,544 | ---- | C] ()
mcdbus.sys -> C:\WINDOWS\System32\drivers\mcdbus.sys -> [2009.05.03 20:20:25 | 00,116,736 | ---- | C] (MagicISO, Inc.)
MagicDisc -> C:\Program Files\MagicDisc -> [2009.05.03 20:20:21 | 00,000,000 | ---D | C]
MagicISO -> C:\Program Files\MagicISO -> [2009.05.03 19:59:34 | 00,000,000 | ---D | C]
Lepa Brena - Pazi kome zavidis.mp3 -> C:\Documents and Settings\Bosko i Nina\Desktop\Lepa Brena - Pazi kome zavidis.mp3 -> [2009.05.01 22:24:54 | 06,329,832 | ---- | C] ()
Fati se-kolo..mp3 -> C:\Documents and Settings\Bosko i Nina\Desktop\Fati se-kolo..mp3 -> [2009.05.01 22:02:08 | 02,272,444 | ---- | C] ()
Thumbs.db -> C:\Documents and Settings\Bosko i Nina\Desktop\Thumbs.db -> [2009.04.27 20:00:56 | 00,007,680 | -HS- | C] ()
eMule.lnk -> C:\Documents and Settings\All Users\Desktop\eMule.lnk -> [2009.04.27 18:29:05 | 00,000,565 | ---- | C] ()
eMule0.49c-Installer.exe -> C:\Documents and Settings\Bosko i Nina\Desktop\eMule0.49c-Installer.exe -> [2009.04.27 18:24:39 | 03,342,809 | ---- | C] ()
BAMBI 2 SINHRONIZOVAN -> C:\Documents and Settings\Bosko i Nina\Desktop\BAMBI 2 SINHRONIZOVAN -> [2009.04.26 10:54:45 | 00,000,000 | ---D | C]
Riblja Corba - Poslednja Pesma O Tebi.mp3 -> C:\Documents and Settings\Bosko i Nina\Desktop\Riblja Corba - Poslednja Pesma O Tebi.mp3 -> [2009.04.25 12:19:31 | 04,335,351 | ---- | C] ()
unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2009.03.06 23:16:22 | 00,168,448 | ---- | C] ()
xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2009.03.06 23:16:14 | 00,795,648 | ---- | C] ()
xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2009.03.06 23:16:14 | 00,130,048 | ---- | C] ()
qt-dx331.dll -> C:\WINDOWS\System32\qt-dx331.dll -> [2009.03.06 23:16:13 | 03,596,288 | ---- | C] ()
ff_vfw.dll -> C:\WINDOWS\System32\ff_vfw.dll -> [2009.03.06 23:16:11 | 00,067,584 | ---- | C] ()
ff_vfw.dll.manifest -> C:\WINDOWS\System32\ff_vfw.dll.manifest -> [2009.03.06 23:16:11 | 00,000,547 | ---- | C] ()
WININIT.INI -> C:\WINDOWS\WININIT.INI -> [2009.03.06 22:32:41 | 00,000,010 | ---- | C] ()
SIntfNT.dll -> C:\WINDOWS\System32\SIntfNT.dll -> [2009.01.31 19:52:47 | 00,021,840 | ---- | C] ()
SIntf32.dll -> C:\WINDOWS\System32\SIntf32.dll -> [2009.01.31 19:52:47 | 00,017,212 | ---- | C] ()
SIntf16.dll -> C:\WINDOWS\System32\SIntf16.dll -> [2009.01.31 19:52:47 | 00,012,067 | ---- | C] ()
ctrldll.dll -> C:\WINDOWS\System32\ctrldll.dll -> [2009.01.12 22:16:43 | 00,036,864 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009.01.10 15:06:16 | 00,000,376 | ---- | C] ()
WORDPAD.INI -> C:\WINDOWS\WORDPAD.INI -> [2008.12.01 17:42:48 | 00,000,754 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2008.11.01 20:14:44 | 00,000,375 | ---- | C] ()
hpbvnstp.ini -> C:\WINDOWS\hpbvnstp.ini -> [2008.11.01 20:14:40 | 00,001,003 | ---- | C] ()
hpbvnstp.dll -> C:\WINDOWS\System32\hpbvnstp.dll -> [2008.11.01 20:14:33 | 00,196,608 | R--- | C] ()
hplj1010.ini -> C:\WINDOWS\hplj1010.ini -> [2008.11.01 19:59:14 | 00,013,318 | ---- | C] ()
sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2008.11.01 01:40:29 | 00,639,224 | ---- | C] ()
wincmd.ini -> C:\WINDOWS\wincmd.ini -> [2008.10.31 17:35:44 | 00,000,932 | ---- | C] ()
AMV_DecDLL.dll -> C:\WINDOWS\System32\AMV_DecDLL.dll -> [2006.03.06 10:41:02 | 00,073,728 | ---- | C] ()
ADFUUD.SYS -> C:\WINDOWS\System32\drivers\ADFUUD.SYS -> [2004.09.16 13:26:40 | 00,012,634 | ---- | C] ()
ADFUUD.SYS -> C:\WINDOWS\ADFUUD.SYS -> [2004.09.16 13:26:40 | 00,012,634 | ---- | C] ()
idecoi.dll -> C:\WINDOWS\System32\idecoi.dll -> [2003.09.02 15:51:00 | 00,032,768 | ---- | C] ()
HPBHEALR.DLL -> C:\WINDOWS\System32\HPBHEALR.DLL -> [2003.08.29 10:13:12 | 00,094,274 | ---- | C] ()
win.ini -> C:\WINDOWS\win.ini -> [2001.08.23 12:00:00 | 00,000,865 | ---- | C] ()
system.ini -> C:\WINDOWS\system.ini -> [2001.08.23 12:00:00 | 00,000,227 | ---- | C] ()

[Files/Folders - Modified Within 30 Days]
272 C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\*.tmp ->
10 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
OTS.exe -> C:\Documents and Settings\Bosko i Nina\Desktop\OTS.exe -> [2009.05.22 22:01:14 | 00,504,320 | ---- | M] (OldTimer Tools)
GoogleUpdateTaskMachine.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job -> [2009.05.22 21:57:18 | 00,000,882 | ---- | M] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009.05.22 21:57:14 | 00,000,006 | -H-- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009.05.22 21:57:12 | 00,002,048 | --S- | M] ()
NTUSER.DAT -> C:\Documents and Settings\Bosko i Nina\NTUSER.DAT -> [2009.05.22 21:56:38 | 04,456,448 | -H-- | M] ()
ntuser.ini -> C:\Documents and Settings\Bosko i Nina\ntuser.ini -> [2009.05.22 21:56:28 | 00,000,178 | -HS- | M] ()
win.ini -> C:\WINDOWS\win.ini -> [2009.05.22 21:56:20 | 00,000,865 | ---- | M] ()
system.ini -> C:\WINDOWS\system.ini -> [2009.05.22 21:56:20 | 00,000,227 | ---- | M] ()
boot. ini -> C:\boot. ini -> [2009.05.22 21:56:20 | 00,000,211 | RHS- | M] ()
HijackThis.lnk -> C:\Documents and Settings\Bosko i Nina\Desktop\HijackThis.lnk -> [2009.05.22 20:26:58 | 00,001,638 | ---- | M] ()
HJTInstall.exe -> C:\Documents and Settings\Bosko i Nina\Desktop\HJTInstall.exe -> [2009.05.22 20:26:50 | 00,812,344 | ---- | M] (Trend Micro Inc.)
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009.05.19 23:13:36 | 00,002,228 | ---- | M] ()
seks i graddvd.sub -> C:\Documents and Settings\Bosko i Nina\Desktop\seks i graddvd.sub -> [2009.05.17 11:00:52 | 00,093,112 | ---- | M] ()
Perflib_Perfdata_550.dat -> C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\Perflib_Perfdata_550.dat -> [2009.05.17 10:49:12 | 00,016,384 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009.05.17 10:21:06 | 00,006,878 | ---- | M] ()
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009.05.17 10:21:06 | 00,005,322 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Bosko i Nina\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009.05.15 22:11:22 | 00,064,000 | ---- | M] ()
propratno pismo.doc -> C:\Documents and Settings\Bosko i Nina\Desktop\propratno pismo.doc -> [2009.05.13 21:42:06 | 00,024,064 | ---- | M] ()
ninacv.doc -> C:\Documents and Settings\Bosko i Nina\Desktop\ninacv.doc -> [2009.05.13 21:21:26 | 00,544,768 | ---- | M] ()
Governor of Poker .lnk -> C:\Documents and Settings\All Users\Desktop\Governor of Poker .lnk -> [2009.05.12 23:10:20 | 00,001,582 | ---- | M] ()
Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk -> [2009.05.12 23:08:52 | 00,001,633 | ---- | M] ()
cv-engleski.pdf -> C:\Documents and Settings\Bosko i Nina\Desktop\cv-engleski.pdf -> [2009.05.12 23:07:42 | 00,304,140 | ---- | M] ()
Guard_Advertisement.doc -> C:\Documents and Settings\Bosko i Nina\Desktop\Guard_Advertisement.doc -> [2009.05.12 18:40:54 | 00,029,696 | ---- | M] ()
seks i grad.sub -> C:\Documents and Settings\Bosko i Nina\Desktop\seks i grad.sub -> [2009.05.10 19:19:14 | 00,093,112 | ---- | M] ()
2756b6cae4f29e0aec8b64325891d564d1f1c805.zip -> C:\Documents and Settings\Bosko i Nina\Desktop\2756b6cae4f29e0aec8b64325891d564d1f1c805.zip -> [2009.05.10 19:09:14 | 00,035,240 | ---- | M] ()
wincmd.ini -> C:\WINDOWS\wincmd.ini -> [2009.05.08 08:43:34 | 00,000,932 | ---- | M] ()
Miki Maus vam pretsavlja.avi -> C:\Documents and Settings\Bosko i Nina\Desktop\Miki Maus vam pretsavlja.avi -> [2009.05.08 01:24:26 | 80,212,992 | ---- | M] ()
Donald Duck, Mickey Mouse & Goofy - How to Ski.mpg -> C:\Documents and Settings\Bosko i Nina\Desktop\Donald Duck, Mickey Mouse & Goofy - How to Ski.mpg -> [2009.05.07 19:10:52 | 75,246,472 | ---- | M] ()
gordana lazarevic - merak merak.mp3 -> C:\Documents and Settings\Bosko i Nina\Desktop\gordana lazarevic - merak merak.mp3 -> [2009.05.07 13:03:26 | 02,797,946 | ---- | M] ()
_Setup.dll -> C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\isp77.tmp\_Setup.dll -> [2009.05.03 20:22:18 | 00,270,336 | ---- | M] (Macrovision Corporation)
MagicDisc.lnk -> C:\Documents and Settings\Bosko i Nina\Desktop\MagicDisc.lnk -> [2009.05.03 20:20:36 | 00,000,544 | ---- | M] ()
2.exe -> C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\2.exe -> [2009.05.03 20:18:40 | 01,753,088 | ---- | M] (MagicISO, Inc.)
Lepa Brena - Pazi kome zavidis.mp3 -> C:\Documents and Settings\Bosko i Nina\Desktop\Lepa Brena - Pazi kome zavidis.mp3 -> [2009.05.01 22:25:30 | 06,329,832 | ---- | M] ()
Fati se-kolo..mp3 -> C:\Documents and Settings\Bosko i Nina\Desktop\Fati se-kolo..mp3 -> [2009.05.01 22:04:56 | 02,272,444 | ---- | M] ()
biografija.doc -> C:\Documents and Settings\Bosko i Nina\Desktop\biografija.doc -> [2009.04.27 20:06:56 | 19,910,157 | ---- | M] ()
Thumbs.db -> C:\Documents and Settings\Bosko i Nina\Desktop\Thumbs.db -> [2009.04.27 20:01:00 | 00,007,680 | -HS- | M] ()
eMule.lnk -> C:\Documents and Settings\All Users\Desktop\eMule.lnk -> [2009.04.27 18:29:06 | 00,000,565 | ---- | M] ()
eMule0.49c-Installer.exe -> C:\Documents and Settings\Bosko i Nina\Desktop\eMule0.49c-Installer.exe -> [2009.04.27 18:24:40 | 03,342,809 | ---- | M] ()
Riblja Corba - Poslednja Pesma O Tebi.mp3 -> C:\Documents and Settings\Bosko i Nina\Desktop\Riblja Corba - Poslednja Pesma O Tebi.mp3 -> [2009.04.25 12:31:42 | 04,335,351 | ---- | M] ()
Down(0).exe -> C:\WINDOWS\Temp\Down(0).exe -> [2009.03.03 17:23:44 | 00,044,032 | ---- | M] ()
AtiCimUn.exe -> C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\AtiCimUn.exe -> [2009.02.04 03:05:00 | 00,139,264 | ---- | M] (ATI Technologies Inc.)
SIntfNT.dll -> C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\SIntfNT.dll -> [2009.01.19 14:22:50 | 00,024,516 | ---- | M] ()
SIntf32.dll -> C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\SIntf32.dll -> [2009.01.19 14:22:50 | 00,017,212 | ---- | M] ()
SIntf16.dll -> C:\Documents and Settings\Bosko i Nina\Local Settings\Temp\SIntf16.dll ->

guestolo · « **Reply #3 on:** May 22, 2009, 04:03:18 PM »

Start OTS.exe. Copy/Paste the information in the codebox below into the pane where it says "Paste fix here" and then click the [color=\"#2E8B57\"]Run Fix[/color] button.

Code: [Select]

[Kill Explorer]
[Processes - Safe List]
YN -> iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe
[Registry - Safe List]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "winlogon" -> C:\WINDOWS\winlogon.exe [C:\WINDOWS\winlogon.exe]
[Registry - Additional Scans - Safe List]
< 64bit-Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
YN -> winlogon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\winlogon.exe
[Files/Folders - Modified Within 30 Days]
NY -> Down(0).exe -> C:\WINDOWS\Temp\Down(0).exe
[Empty Temp Folders]
[Start Explorer]
[Reboot]

The fix should only take a very short time. When the fix is completed a message box will popup either telling you that it is finished, or that a reboot is needed to complete the fix. If the fix is complete, click the Ok button and Notepad will open with a log of actions taken during the fix. Post that log back here in your next reply.

If a reboot is required, click the "Yes" button to reboot the machine. After the reboot, OTS will finish moving any files that could not be moved during the fix and NotePad will open with the final results at that time
I'll need to see that log in a bit, a copy of it should be on your desktop

Afterwards:
Download [color=\"#FF0000\"]> ATF Cleaner <[/color] by Atribune and save it to your Desktop.

Double Click on ATF-Cleaner.exe to Run it
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
*Prefetch (Windows XP) only.
Java Cache

The rest are optional - if you want to remove the lot, check "Select All".
Finally click Empty Selected. When you get the "Done Cleaning" message, click OK.
Click Exit from the Main menu

download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to [color=\"#006400\"]Update Malwarebytes' Anti-Malware[/color] and [color=\"#006400\"]Launch Malwarebytes' Anti-Malware[/color], then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

I need to see all the following back here please
1. Post the log from MBAM
2. Post the fix log from OTS.exe
3. Run a fresh scan and save logfile with Hijackthis and post the log

Please keep me informed how things are now running
NOTE: It's Normal to have a slow startup of Windows for a couple startups
ATF-Cleaner cleared the Prefetch folder, speed will increase as this folder is repopulated

bolededinje · « **Reply #4 on:** May 22, 2009, 05:22:15 PM »

Process Explorer.EXE killed successfully!
[Processes - Safe List]
Process iexplore.exe killed successfully!
[Registry - Safe List]
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\winlogon deleted successfully.
[Registry - Additional Scans - Safe List]
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\winlogon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ not found.
File not found.
[Files/Folders - Modified Within 30 Days]
C:\WINDOWS\Temp\Down(0).exe moved successfully.
[Empty Temp Folders]
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
RecycleBin -> emptied.
Explorer started successfully
< End of fix log >
OTS by OldTimer - Version 3.0.2.4 fix logfile created on 05232009_001421

Files moved on Reboot...

Registry entries deleted on Reboot...

guestolo · « **Reply #5 on:** May 22, 2009, 05:26:23 PM »

Did you allow the computer to reboot before posting the log from OTS.exe?

Also, I need to see that log from Malwarebytes' Anti-Malware and a fresh Hijackthis log

bolededinje · « **Reply #6 on:** May 22, 2009, 05:42:27 PM »

Malwarebytes' Anti-Malware 1.36
Database version: 2167
Windows 5.1.2600 Service Pack 2

23.5.2009 0:33:50
mbam-log-2009-05-23 (00-33-50).txt

Scan type: Quick Scan
Objects scanned: 75028
Time elapsed: 3 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Nvchost (Trojan.Goldun) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

bolededinje · « **Reply #7 on:** May 22, 2009, 05:43:36 PM »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:43:09, on 23.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\rmctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Update Service (gupdate1c9865efa06ba44) (gupdate1c9865efa06ba44) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5584 bytes

bolededinje · « **Reply #8 on:** May 22, 2009, 05:45:07 PM »

ost.exe waz before reboot if I did everythin correctlly

guestolo · « **Reply #9 on:** May 22, 2009, 05:58:57 PM »

[quote name=\'bolededinje\' post=\'462910\' date=\'May 22 2009, 03:45 PM\']ost.exe waz before reboot if I did everythin correctlly[/quote]

Ah, that would explain why some files weren't listed as being cleaned after reboot
Here's part of the instructions I posted earlier

Quote

If a reboot is required, click the "Yes" button to reboot the machine. After the reboot, OTS will finish moving any files that could not be moved during the fix and NotePad will open with the final results at that time
I'll need to see that log in a bit, a copy of it should be on your desktop

OTS.exe should of asked for a reboot, as I put it into the script, you may have cut off that part, I'm not sure?
Anyways, don't worry about that part now
How are things now running?

If Malwarebytes did not have you reboot the machine
Can you reboot the machine before letting me how things are now running

Keep in mind what I said earlier

Quote

NOTE: It's Normal to have a slow startup of Windows for a couple startups
ATF-Cleaner cleared the Prefetch folder, speed will increase as this folder is repopulated

bolededinje · « **Reply #10 on:** May 22, 2009, 06:14:00 PM »

Tnx 4 help, gotta go to bed *here is 01 am* Ill let u know whats happening first thing 2morrow. C u.

guestolo · « **Reply #11 on:** May 22, 2009, 06:37:03 PM »

No problem, It's 4:35 pm here, If I don't see your response before midnight tonight
I'll probably see it tomorrow for me, my time anyways, later in the evening, we'll be out of town all day

bolededinje · « **Reply #12 on:** May 23, 2009, 07:36:17 AM »

So far so good. Seems its been working a bit faster but nothing spectacular. Ok, if u need anythin else 2 b checked contact me. Tnx again.

guestolo · « **Reply #13 on:** May 24, 2009, 12:32:38 PM »

We should cleanup a bit from the tools we used

Is the computer still behaving properly?

bolededinje · « **Reply #14 on:** May 27, 2009, 02:48:43 PM »

Its ok for now. Having some probs with IE and opening of internet, kinda slow, dunno if thats connected with my previous problem. Everything else is ok.

TheTechGuide Forum

News:

Author Topic: problem with my pc (Read 1420 times)

bolededinje

problem with my pc

guestolo

problem with my pc

bolededinje

problem with my pc

guestolo

problem with my pc

bolededinje

problem with my pc

guestolo

problem with my pc

bolededinje

problem with my pc

bolededinje

problem with my pc

bolededinje

problem with my pc

guestolo

problem with my pc

bolededinje

problem with my pc

guestolo

problem with my pc

bolededinje

problem with my pc

guestolo

problem with my pc

bolededinje

problem with my pc