MyCity » Ambulanta -> Arhiva Ambulante » lnk-runner-n Fleska virus

lnk-runner-n Fleska virus

Napisano na dan: 27.10.2013

Strana:
1
2

lnk-runner-n Fleska virus

Sledeća strana

Pagination

Odgovori

Strana:
1
2

djordjee88 Poslao: 27 Okt 2013 20:49 Idi na vrh
offline djordjee88 Građanin Arhitekta Pridružio: 13 Okt 2009 Poruke: 79	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Zarazio sam 2 USB-flash-a kod druga, a na Fleski imam jako bitne stvari, virus se zove LNK-runner-N Fleksa pokazuje da ima zauzeto memorije cak i kad anti virus skenira pokazuje da skenira foldere, ali kad otvorim flesku nema nista. Koristim avast kao anti virus. DDS.txt : DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2 Run by Guslarevic at 19:37:09 on 2013-10-27 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3070.803 [GMT 1:00] . AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Bitdefender Antivirus Disabled/Updated {9B5F5313-CAF9-DD97-C460-E778420237B4} SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Bitdefender Antispyware Disabled/Updated {203EB2F7-ECC3-D219-FED0-DC0A39857D09} FW: Bitdefender Firewall Disabled {A364D236-8096-DCCF-EF3F-4E4DBCD170CF} FW: avast! Internet Security Disabled {131692B0-0864-D491-4E21-3A3A1D8BBB47} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe C:\Windows\vsnp2uvc.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = about:blank uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned> mWinlogon: Userinit = userinit.exe BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui dRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Open with Scansoft PDF Converter 3.0 - C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\IEShellExt.dll /100 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{07135660-3B03-49A6-8FF7-6902DA545A12} : DHCPNameServer = 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = about:blank x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe x64-Run: [snp2uvc] C:\Windows\vsnp2uvc.exe x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll . ---- FIREFOX POLICIES ---- . FF - user.js: extensions.autoDisableScopes - 14 . FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=7cd36ba600000000000000fffc201505&q= FF - user.js: extensions.BabylonToolbar.id - 7cd36ba600000000000000fffc201505 FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15653 FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8 FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.822:02:32 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-23 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-23 204880] R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-10-2 150256] R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-9-1 22600] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-7-23 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-7-23 378944] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-12 283200] R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-12-21 59440] R2 ASO3DiskOptimizer;ASO3DiskOptimizer;C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [2013-10-11 263480] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-7-23 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-23 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-21 46808] R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-6-19 95184] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264] R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-7 5087584] R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-8-27 67320] R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2013-6-19 261056] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2012-4-19 31232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\smhwadb.sys [2012-3-28 31744] S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2013-6-19 82824] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-5-15 1436424] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-3-20 57856] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-23 19456] S3 smhwdev;SmartPhone dummy USB PNP Device (Normal);C:\Windows\System32\drivers\smhwdev.sys [2012-3-28 114432] S3 smhwser;USB Device for Legacy Serial Communication (Normal);C:\Windows\System32\drivers\smhwser.sys [2012-3-28 122624] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-23 57856] S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-4-19 736104] S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-6-19 69392] . =============== File Associations =============== . FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1" ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1" . =============== Created Last 30 ================ . 2013-10-27 10:01:57 -------- d-----w- C:\ProgramData\WinterSoft 2013-10-18 21:06:49 -------- d-----w- C:\ProgramData\Oracle 2013-10-18 21:06:03 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-10-14 12:19:12 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin 2013-10-11 16:56:56 -------- d-----w- C:\ProgramData\Systweak 2013-10-11 16:46:04 18744 ----a-w- C:\Windows\System32\ROBoot64.exe 2013-10-11 16:46:04 1844 ----a-w- C:\Windows\System32\ASOROSet.bin 2013-10-11 16:38:16 -------- d-----w- C:\Users\Guslarevic\AppData\Roaming\Systweak 2013-10-11 16:34:51 16896 ----a-w- C:\Windows\System32\sasnative64.exe 2013-10-11 16:34:41 -------- d-----w- C:\Program Files (x86)\Advanced System Optimizer 3 2013-10-09 11:19:33 633856 ----a-w- C:\Windows\System32\comctl32.dll 2013-10-09 11:18:56 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 11:18:56 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 11:18:55 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-10-09 11:18:52 461312 ----a-w- C:\Windows\System32\scavengeui.dll 2013-10-09 11:18:50 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-10-09 11:18:50 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-10-09 11:18:50 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-10-09 11:18:50 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-10-09 11:18:50 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-10-09 11:18:49 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-10-09 11:18:49 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-10-02 20:05:59 150256 ----a-w- C:\Windows\System32\drivers\gzflt.sys 2013-09-27 23:03:04 -------- d-----w- C:\Program Files (x86)\Zona 2013-09-27 23:02:59 -------- d-----w- C:\Users\Guslarevic\AppData\Roaming\Zona . ==================== Find3M ==================== . 2013-10-08 20:05:41 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-08 20:05:41 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-10-02 20:05:38 389240 ----a-w- C:\Windows\System32\drivers\trufos.sys 2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll 2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll 2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr 2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll 2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll 2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll 2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll 2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys 2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe 2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe 2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2013-08-01 13:46:07 601360 ----a-w- C:\Windows\System32\drivers\avckf.sys 2013-08-01 13:46:01 82824 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys 2013-08-01 13:45:43 727592 ----a-w- C:\Windows\System32\drivers\avc3.sys . ============= FINISH: 19:39:03.21 =============== mycity.rs/must-login.png

Profil

argus Poslao: 27 Okt 2013 21:25 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi MCShield sa sljedeće adrese: http://www.mcshield.net/download/MCShield-Setup.exe Instaliraj MCShield i sačekaj da se završi uvodno skeniranje. Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani. Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd. Idi na Start -> All Programs -> MCShield -> Logs -> AllScans Otvoriće ti se izvještaj u Notepad-u čiji sadržaj treba da postaviš u poruku Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pod Optional Scan sekciji, štikliraj List BCD i Driver MD5 polja; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

djordjee88 Poslao: 27 Okt 2013 22:46 Idi na vrh
offline djordjee88 Građanin Arhitekta Pridružio: 13 Okt 2009 Poruke: 79	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: MCShield : >>> MCShield AllScans.txt <<< MCShield ::Anti-Malware Tool:: mcshield.net/ >>> v 2.8.3.24 / DB: 2013.10.26.1 / Windows 7 <<< 27-Oct-13 9:21:46 PM > Drive C: - scan started (no label ~150 GB, NTFS HDD )... => The drive is clean. 27-Oct-13 9:21:48 PM > Drive D: - scan started (no label ~100 GB, NTFS HDD )... => The drive is clean. 27-Oct-13 9:21:48 PM > Drive E: - scan started (no label ~48 GB, NTFS HDD )... => The drive is clean. MCShield ::Anti-Malware Tool:: mcshield.net/ >>> v 2.8.3.24 / DB: 2013.10.26.1 / Windows 7 <<< 27-Oct-13 9:27:29 PM > Drive J: - scan started (no label ~3813 MB, FAT32 flash drive )... >>> J:\autorun.inf > Suspicious > Renamed. (MD5: d41d8cd98f00b204e9800998ecf8427e) >>> J:\desktop.ini - Malware > Deleted. (13.10.27. 21.27 desktop.ini.830548; MD5: 6616cb2c024617327a3dc439b7fd2cb0) => Malicious files : 1/1 deleted. => Suspicious files : 1/1 renamed. ____________________________________________ ::::: Scan duration: 5sec :::::::::::::::::: ____________________________________________ MCShield ::Anti-Malware Tool:: mcshield.net/ >>> v 2.8.3.24 / DB: 2013.10.26.1 / Windows 7 <<< 27-Oct-13 9:29:06 PM > Drive I: - scan started (KINGSTON ~30564 MB, NTFS flash drive )... >>> I:\autorun.inf > Suspicious > Renamed. (MD5: d41d8cd98f00b204e9800998ecf8427e) >>> I:\desktop.ini - Malware > Deleted. (13.10.27. 21.29 desktop.ini.349804; MD5: 10821e7d08b3a386db8b58097a1d6235) => Malicious files : 1/1 deleted. => Suspicious files : 1/1 renamed. ____________________________________________ ::::: Scan duration: 1sec :::::::::::::::::: ____________________________________________ FARBAR : Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2013 01 Ran by Guslarevic (administrator) on BARBOSA on 27-10-2013 21:32:29 Running from C:\Users\Guslarevic\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Systweak Inc., (www.systweak.com)) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Systweak Inc., (www.systweak.com)) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe (Sonix) C:\Windows\vsnp2uvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6963744 2009-01-20] (Realtek Semiconductor) HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-01-20] (Realtek Semiconductor Corp.) HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKCU\...\Run: [Gadwin PrintScreen] - C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [487424 2011-05-03] (Gadwin Systems, Inc) HKCU\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\MCShieldRTM.exe [607232 2013-10-26] (MyCity) MountPoints2: H - H:\PcOptions.exe MountPoints2: {07dd9894-8ada-11e1-8e43-00241dc10b35} - I:\PcOptions.exe MountPoints2: {10525ecc-f68e-11e1-802c-00241dc10b35} - H:\PcOptions.exe MountPoints2: {586c57fe-245a-11e2-b52c-00241dc10b35} - I:\PcOptions.exe MountPoints2: {6a28ebf4-78d4-11e1-9e3f-00241dc10b35} - H:\PcOptions.exe MountPoints2: {6a28ec00-78d4-11e1-9e3f-00241dc10b35} - I:\PcOptions.exe MountPoints2: {6e82b5e3-7e71-11e2-b8f4-00241dc10b35} - I:\Startme.exe MountPoints2: {c7d4832d-ec41-11e1-80c4-00241dc10b35} - H:\PcOptions.exe MountPoints2: {cb97f940-45e8-11e2-82e2-806e6f6e6963} - H:\noautorun.exe MountPoints2: {f3c669d7-6c33-11e1-90dd-00241dc10b35} - G:\noautorun.exe HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software) AppInit_DLLs-x32: [ ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DA3BEA116FACC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = search.babylon.com/?q={searchTerms}&affID=109220&tt=4512_8&babsrc=SP_ss&mntrId=7cd36ba600000000000000fffc201505 SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = blekko.com/ws/?source=c3348dd4&tbp=rbox&too.....E6FDF85&q={searchTerms} SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default FF user.js: detected! => C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default\user.js FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml FF Extension: soafuE sauve - C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default\Extensions\yoiu_cuvt@mqz-fnji.edu FF Extension: adblockpopups - C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default\Extensions\adblockpopups@jessehakanen.net.xpi FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= CHR HomePage: hxxp://search.babylon.com/?affID=109220&tt=4512_8&babsrc=HP_ss&mntrId=7cd36ba600000000000000fffc201505 CHR RestoreOnStartup: "https://www.google.com/" CHR DefaultSearchURL: (google.com) - google.com/search?hl=sr&tbo=d&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1 CHR DefaultSuggestURL: (google.com) - "suggest_url": "", CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.30.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (YouTube) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0 CHR Extension: (Autodesk Homestyler) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn10.crx CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Guslarevic\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx ==================== Services (Whitelisted) ================= R2 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [263480 2010-08-26] (Systweak Inc., (www.systweak.com)) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-08-27] (Bitdefender) R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [95184 2013-06-19] (Bitdefender) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [736104 2012-04-19] (Tunngle.net GmbH) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-08-27] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-02] (Bitdefender) ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\smhwadb.sys [31744 2009-12-23] (Google Inc) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2013-06-19] (BitDefender) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-08-01] (BitDefender SRL) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-12] (DT Soft Ltd) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2012-12-21] (ESET) S3 gdrv; C:\Windows\gdrv.sys [25640 2013-06-21] (Windows (R) Server 2003 DDK provider) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC) S3 smhwdev; C:\Windows\System32\DRIVERS\smhwdev.sys [114432 2010-01-13] (Huawei Technologies Co., Ltd.) S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [122624 2010-02-04] (QUALCOMM Incorporated) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3565056 2011-04-29] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-11-07] (Duplex Secure Ltd.) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) U3 anj8earn; C:\Windows\System32\Drivers\anj8earn.sys [0 ] (Microsoft Corporation) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys 314C17917AC8523EC77A710215012A65 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\System32\Drivers\smhwadb.sys 9C59BF508C5D408BB348254E0BA2EE30 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit C:\Windows\System32\Drivers\aswFsBlk.sys A83C9C15680BB9E270ACF7172068E287 C:\Windows\System32\Drivers\aswKbd.sys 890918D53B80B474CFAFB48995B85AF3 C:\Windows\system32\drivers\aswMonFlt.sys 5C40B8D77EBEE1DE0E7A8CDD0CD75773 C:\Windows\System32\Drivers\aswrdr2.sys 997F6977294B9ACB7F400431DF8E3A4A C:\Windows\System32\Drivers\aswRvrt.sys 286193DC28CFB4CEB8D378E20A0850A9 C:\Windows\System32\Drivers\aswSnx.sys 58B93BA20D4693D0800D2B0A62B8059D C:\Windows\System32\Drivers\aswSP.sys EC7148DB4D126C81426A67602822E62C C:\Windows\System32\Drivers\aswTdi.sys 0E422E9CB7CD9C0AA6D4DFEAFA086EAA C:\Windows\System32\Drivers\aswVmm.sys 9FE455C916C656144B004E3EB48507CE C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\avchv.sys 3B9549FEF98AB1768A1D6A919F355B70 C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\system32\drivers\bdsandbox.sys 5B9DECBB17E58AB7C3A41EEF6B216768 C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8 C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52 C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\EpfwLWF.sys 0C9EC63C5BAE9506161F14B8A5C10280 C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\fssfltr.sys B16B626996C74B564005BA855C5DEE90 C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit C:\Windows\gdrv.sys 7907E14F9BCF3A4689C9A74A1A873CB6 C:\Windows\System32\DRIVERS\gzflt.sys 0A9D58AABD01DA97B1D101473EFA7659 C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit C:\Windows\System32\drivers\RTKVHD64.sys 4B071AEBBC13D60430EE0371B262F681 C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4 C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404 C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nvlddmkm.sys FCBA1C22727939E7CFF9EB08FE9692AB C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34 C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RMCAST.sys CAF88D6573D21CD2AA27001DDBFDC74D C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Rt64win7.sys ABCB5A38A0D85BDF69B7877E1AD1EED5 C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smhwdev.sys D6A7B4B28FA50EFEBC67168FAA23F158 C:\Windows\System32\DRIVERS\smhwser.sys 9122A68375D990280644DF33973B506A C:\Windows\System32\DRIVERS\snp2uvc.sys 95C094F5B6220A152E435C9FC2AB1466 C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\Drivers\sptd.sys A15860E920B02C9A7CE8F3A6C2FF1E3A C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tap0901t.sys B08740047145B9BCE15BF75CA0F9718A C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09 C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2 C:\Windows\System32\DRIVERS\usbccgp.sys ACCEA6BC68D0C9A78EB97EE159028B4E C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\System32\DRIVERS\usbehci.sys 311C1DD1088E55BEAE15954D17F50646 C:\Windows\System32\DRIVERS\usbhub.sys 280E90CBF4B2DDD169F0728CB44D726F C:\Windows\system32\drivers\usbohci.sys 9406D801042FAF859CF81B2C886413DC C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\System32\DRIVERS\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471 C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 C:\Windows\System32\Drivers\anj8earn.sys ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-27 21:32 - 2013-10-27 21:32 - 01956442 _____ (Farbar) C:\Users\Guslarevic\Desktop\FRST64.exe 2013-10-27 21:32 - 2013-10-27 21:32 - 00000000 ____D C:\FRST 2013-10-27 21:29 - 2013-10-27 21:29 - 00001274 _____ C:\Users\Guslarevic\Desktop\kingston 32 gb.txt 2013-10-27 21:28 - 2013-10-27 21:28 - 00001274 _____ C:\Users\Guslarevic\Desktop\kingston 4gb.txt 2013-10-27 21:21 - 2013-10-27 21:21 - 00001088 _____ C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk 2013-10-27 21:01 - 2013-10-27 21:29 - 00000000 ____D C:\ProgramData\MCShield 2013-10-27 21:01 - 2013-10-27 21:01 - 00000000 ____D C:\Program Files (x86)\MCShield 2013-10-27 20:59 - 2013-10-27 20:59 - 02633042 _____ C:\Users\Guslarevic\Desktop\MCShield-Setup.exe 2013-10-27 19:39 - 2013-10-27 19:39 - 00020846 _____ C:\Users\Guslarevic\Desktop\dds.txt 2013-10-27 19:39 - 2013-10-27 19:39 - 00012612 _____ C:\Users\Guslarevic\Desktop\attach.txt 2013-10-27 19:36 - 2013-10-27 19:36 - 00688992 ____R (Swearware) C:\Users\Guslarevic\Desktop\dds.pif 2013-10-27 19:36 - 2013-10-27 19:36 - 00688992 _____ (Swearware) C:\Users\Guslarevic\Desktop\dds.scr 2013-10-27 11:01 - 2013-10-27 11:01 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 10:41 - 2013-10-27 10:49 - 00000000 ____D C:\Users\Guslarevic\Desktop\malisa telefon 2013-10-26 01:09 - 2013-10-27 17:59 - 00000000 ____D C:\Users\Guslarevic\Desktop\kafana 2013-10-24 18:06 - 2013-10-24 18:47 - 18149888 _____ C:\Users\Guslarevic\Desktop\Presentation1.ppt 2013-10-24 14:59 - 2013-10-24 14:59 - 00001213 _____ C:\Users\Guslarevic\Desktop\Adobe Photoshop CS5.lnk 2013-10-23 08:00 - 2013-10-23 08:16 - 00000000 ____D C:\Users\Guslarevic\Desktop\3D 2013-10-23 06:02 - 2013-10-23 07:58 - 00000000 ____D C:\Users\Guslarevic\Desktop\vizeualizaija 2013-10-23 04:43 - 2013-10-23 04:43 - 00000000 ____D C:\Users\Guslarevic\Desktop\DIPLOMSKI FARBA 2013-10-22 00:39 - 2013-10-24 18:33 - 00000000 ____D C:\Users\Guslarevic\Desktop\ДИПЛОМСКИ СТАМПА 2013-10-21 22:15 - 2013-10-21 22:15 - 00093255 _____ C:\Users\Guslarevic\Documents\skica.skp 2013-10-21 22:07 - 2013-10-27 10:44 - 00002724 _____ C:\Windows\setupact.log 2013-10-21 22:07 - 2013-10-21 22:07 - 00000000 _____ C:\Windows\setuperr.log 2013-10-20 17:19 - 2013-10-20 22:05 - 00000000 ____D C:\Users\Guslarevic\Desktop\vaskovic primer 2013-10-20 15:15 - 2013-10-23 18:52 - 00000000 ____D C:\Users\Guslarevic\Desktop\SINTEZNI sitnice 2013-10-19 18:01 - 2013-10-19 18:03 - 00000000 ____D C:\Users\Guslarevic\Desktop\vlasina brana 2013-10-18 22:07 - 2013-10-18 22:07 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Oracle 2013-10-18 22:06 - 2013-10-18 22:06 - 00000000 ____D C:\ProgramData\Oracle 2013-10-18 22:06 - 2013-10-18 22:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-16 22:30 - 2013-10-18 07:23 - 01169261 _____ C:\Users\Guslarevic\Documents\situacija novaa.dwg 2013-10-16 22:30 - 2013-10-18 02:53 - 01169261 _____ C:\Users\Guslarevic\Documents\situacija novaa.bak 2013-10-16 22:19 - 2013-10-16 22:19 - 00206319 _____ C:\Users\Guslarevic\Documents\krov.dwg 2013-10-16 22:06 - 2013-10-16 22:06 - 00334968 _____ C:\Users\Guslarevic\Documents\Untitled.dwg 2013-10-16 22:01 - 2013-10-16 22:01 - 08527766 _____ C:\Users\Guslarevic\Documents\AutoSave_Untitled_3.skp 2013-10-16 21:39 - 2013-10-16 21:39 - 07718481 _____ C:\Users\Guslarevic\Documents\11.skp 2013-10-16 20:18 - 2013-10-16 20:18 - 05808485 _____ C:\Users\Guslarevic\Documents\AutoSave_Untitled_2.skp 2013-10-13 18:48 - 2013-10-17 03:30 - 08766749 _____ C:\Users\Guslarevic\Documents\Untitled.skb 2013-10-13 00:12 - 2013-10-17 04:09 - 08745310 _____ C:\Users\Guslarevic\Documents\Untitled.skp 2013-10-11 17:56 - 2013-10-11 17:56 - 00000000 ____D C:\ProgramData\Systweak 2013-10-11 17:46 - 2013-10-11 17:52 - 00001844 _____ C:\Windows\system32\ASOROSet.bin 2013-10-11 17:46 - 2010-08-26 14:38 - 00018744 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\ROBoot64.exe 2013-10-11 17:38 - 2013-10-11 17:38 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Systweak 2013-10-11 17:34 - 2013-10-11 17:42 - 00000000 ____D C:\Program Files (x86)\Advanced System Optimizer 3 2013-10-11 17:34 - 2013-10-11 17:34 - 00003158 _____ C:\Windows\System32\Tasks\Advanced System Optimizer 2013-10-11 17:34 - 2013-10-11 17:34 - 00001276 _____ C:\Users\Public\Desktop\Smart PC Care.lnk 2013-10-11 17:34 - 2013-10-11 17:34 - 00000000 ____D C:\Users\Guslarevic\Downloads\Advanced.System.Optimizer.3.1.648.6951 2013-10-11 17:34 - 2010-07-30 17:35 - 00016896 _____ C:\Windows\system32\sasnative64.exe 2013-10-11 17:33 - 2013-10-11 17:33 - 10407672 _____ C:\Users\Guslarevic\Downloads\Advanced.System.Optimizer.3.1.648.6951.rar 2013-10-10 01:03 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-10 01:03 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-10-10 01:03 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-10 01:03 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-10 01:03 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-10 01:03 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-10 01:03 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-10 01:03 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-10 01:03 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-10 01:03 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-10-09 16:34 - 2013-10-09 16:35 - 00000000 ____D C:\Users\Guslarevic\Desktop\gus sintezni 2013-10-09 12:19 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-10-09 12:19 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-09 12:19 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-10-09 12:19 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-10-09 12:19 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-09 12:19 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-09 12:19 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-10-09 12:19 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-10-09 12:19 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-10-09 12:19 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 12:19 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 12:19 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-09 12:19 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-10-09 12:19 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-10-09 12:19 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-10-09 12:19 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-10-09 12:19 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-10-09 12:19 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-10-09 12:19 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-10-09 12:19 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 12:19 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2013-10-09 12:19 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-09 12:19 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2013-10-09 12:19 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-10-09 12:19 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 12:19 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-10-09 12:19 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-10-09 12:19 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-10-09 12:19 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 12:19 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-10-09 12:19 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-09 12:19 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 12:19 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 12:19 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-09 12:19 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-09 12:19 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-09 12:19 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 12:19 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-10-09 12:19 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-09 12:19 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-10-09 12:19 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 12:19 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-09 12:19 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 12:18 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-09 12:18 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-10-09 12:18 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 12:18 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 12:18 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-06 17:29 - 2013-10-22 08:50 - 00000000 ____D C:\Users\Guslarevic\Desktop\reperi 6.10.2013 2013-10-04 14:35 - 2013-10-18 22:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-02 21:05 - 2013-10-02 21:05 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2013-09-29 11:49 - 2013-09-29 11:50 - 08984539 _____ C:\Users\Guslarevic\Downloads\Marbles.themepack 2013-09-28 20:44 - 2013-09-28 22:10 - 00000000 ____D C:\Users\Guslarevic\Downloads\strelyaushie_gory_[tfile.ru] 2013-09-28 00:03 - 2013-09-28 00:03 - 00000000 ____D C:\Program Files (x86)\Zona 2013-09-28 00:02 - 2013-09-28 00:03 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Zona 2013-09-27 14:37 - 2013-09-27 15:02 - 00000000 ____D C:\Users\Guslarevic\Desktop\108___09 ==================== One Month Modified Files and Folders ======= 2013-10-27 21:32 - 2013-10-27 21:32 - 01956442 _____ (Farbar) C:\Users\Guslarevic\Desktop\FRST64.exe 2013-10-27 21:32 - 2013-10-27 21:32 - 00000000 ____D C:\FRST 2013-10-27 21:30 - 2009-07-14 06:13 - 00730448 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-27 21:29 - 2013-10-27 21:29 - 00001274 _____ C:\Users\Guslarevic\Desktop\kingston 32 gb.txt 2013-10-27 21:29 - 2013-10-27 21:01 - 00000000 ____D C:\ProgramData\MCShield 2013-10-27 21:28 - 2013-10-27 21:28 - 00001274 _____ C:\Users\Guslarevic\Desktop\kingston 4gb.txt 2013-10-27 21:21 - 2013-10-27 21:21 - 00001088 _____ C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk 2013-10-27 21:05 - 2012-12-11 18:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-27 21:01 - 2013-10-27 21:01 - 00000000 ____D C:\Program Files (x86)\MCShield 2013-10-27 20:59 - 2013-10-27 20:59 - 02633042 _____ C:\Users\Guslarevic\Desktop\MCShield-Setup.exe 2013-10-27 20:38 - 2013-02-05 00:06 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-27 19:39 - 2013-10-27 19:39 - 00020846 _____ C:\Users\Guslarevic\Desktop\dds.txt 2013-10-27 19:39 - 2013-10-27 19:39 - 00012612 _____ C:\Users\Guslarevic\Desktop\attach.txt 2013-10-27 19:36 - 2013-10-27 19:36 - 00688992 ____R (Swearware) C:\Users\Guslarevic\Desktop\dds.pif 2013-10-27 19:36 - 2013-10-27 19:36 - 00688992 _____ (Swearware) C:\Users\Guslarevic\Desktop\dds.scr 2013-10-27 17:59 - 2013-10-26 01:09 - 00000000 ____D C:\Users\Guslarevic\Desktop\kafana 2013-10-27 17:52 - 2012-06-29 13:55 - 01637502 _____ C:\Windows\WindowsUpdate.log 2013-10-27 15:38 - 2013-02-05 00:06 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-27 11:20 - 2013-07-26 11:31 - 00000000 ____D C:\Users\Guslarevic\Desktop\stefan muzika 2013-10-27 11:01 - 2013-10-27 11:01 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 11:01 - 2013-06-20 14:43 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-27 10:49 - 2013-10-27 10:41 - 00000000 ____D C:\Users\Guslarevic\Desktop\malisa telefon 2013-10-27 10:44 - 2013-10-21 22:07 - 00002724 _____ C:\Windows\setupact.log 2013-10-27 10:27 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-27 10:27 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-27 10:20 - 2012-03-04 15:59 - 00000000 ____D C:\ProgramData\NVIDIA 2013-10-27 10:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-26 17:53 - 2013-03-20 20:37 - 00000000 ____D C:\Users\Guslarevic\AppData\Local\Windows Live 2013-10-26 01:07 - 2013-07-23 14:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-10-25 01:28 - 2013-07-07 13:48 - 00000000 ____D C:\Users\Guslarevic\Documents\Lumion 3 2013-10-24 18:47 - 2013-10-24 18:06 - 18149888 _____ C:\Users\Guslarevic\Desktop\Presentation1.ppt 2013-10-24 18:33 - 2013-10-22 00:39 - 00000000 ____D C:\Users\Guslarevic\Desktop\ДИПЛОМСКИ СТАМПА 2013-10-24 14:59 - 2013-10-24 14:59 - 00001213 _____ C:\Users\Guslarevic\Desktop\Adobe Photoshop CS5.lnk 2013-10-23 20:19 - 2012-03-04 19:52 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Skype 2013-10-23 18:52 - 2013-10-20 15:15 - 00000000 ____D C:\Users\Guslarevic\Desktop\SINTEZNI sitnice 2013-10-23 08:16 - 2013-10-23 08:00 - 00000000 ____D C:\Users\Guslarevic\Desktop\3D 2013-10-23 07:58 - 2013-10-23 06:02 - 00000000 ____D C:\Users\Guslarevic\Desktop\vizeualizaija 2013-10-23 07:50 - 2012-09-24 08:19 - 00000000 ____D C:\Users\Guslarevic\Desktop\Sintezni 2013-10-23 07:21 - 2012-03-06 16:25 - 00000000 ____D C:\Users\Guslarevic\Documents\PrintScreen Files 2013-10-23 04:43 - 2013-10-23 04:43 - 00000000 ____D C:\Users\Guslarevic\Desktop\DIPLOMSKI FARBA 2013-10-23 02:52 - 2012-05-27 13:52 - 00005478 _____ C:\Users\Guslarevic\Documents\plot.log 2013-10-22 08:50 - 2013-10-06 17:29 - 00000000 ____D C:\Users\Guslarevic\Desktop\reperi 6.10.2013 2013-10-21 22:15 - 2013-10-21 22:15 - 00093255 _____ C:\Users\Guslarevic\Documents\skica.skp 2013-10-21 22:07 - 2013-10-21 22:07 - 00000000 _____ C:\Windows\setuperr.log 2013-10-20 22:05 - 2013-10-20 17:19 - 00000000 ____D C:\Users\Guslarevic\Desktop\vaskovic primer 2013-10-19 18:03 - 2013-10-19 18:01 - 00000000 ____D C:\Users\Guslarevic\Desktop\vlasina brana 2013-10-18 22:08 - 2012-03-04 16:28 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-18 22:07 - 2013-10-18 22:07 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Oracle 2013-10-18 22:07 - 2013-10-04 14:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-18 22:06 - 2013-10-18 22:06 - 00000000 ____D C:\ProgramData\Oracle 2013-10-18 22:05 - 2013-10-18 22:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-18 22:05 - 2013-06-19 21:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-18 22:05 - 2013-06-19 21:08 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-18 22:05 - 2013-06-19 21:07 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-18 07:23 - 2013-10-16 22:30 - 01169261 _____ C:\Users\Guslarevic\Documents\situacija novaa.dwg 2013-10-18 07:23 - 2012-06-01 17:37 - 00103936 ___SH C:\Users\Guslarevic\Documents\Thumbs.db 2013-10-18 02:53 - 2013-10-16 22:30 - 01169261 _____ C:\Users\Guslarevic\Documents\situacija novaa.bak 2013-10-17 04:09 - 2013-10-13 00:12 - 08745310 _____ C:\Users\Guslarevic\Documents\Untitled.skp 2013-10-17 03:30 - 2013-10-13 18:48 - 08766749 _____ C:\Users\Guslarevic\Documents\Untitled.skb 2013-10-17 03:01 - 2012-03-04 16:29 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\uTorrent 2013-10-16 22:19 - 2013-10-16 22:19 - 00206319 _____ C:\Users\Guslarevic\Documents\krov.dwg 2013-10-16 22:06 - 2013-10-16 22:06 - 00334968 _____ C:\Users\Guslarevic\Documents\Untitled.dwg 2013-10-16 22:01 - 2013-10-16 22:01 - 08527766 _____ C:\Users\Guslarevic\Documents\AutoSave_Untitled_3.skp 2013-10-16 21:39 - 2013-10-16 21:39 - 07718481 _____ C:\Users\Guslarevic\Documents\11.skp 2013-10-16 20:18 - 2013-10-16 20:18 - 05808485 _____ C:\Users\Guslarevic\Documents\AutoSave_Untitled_2.skp 2013-10-13 08:42 - 2009-07-14 05:45 - 05054040 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-12 13:32 - 2012-03-04 20:01 - 00142472 _____ C:\Users\Guslarevic\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-11 18:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-10-11 17:56 - 2013-10-11 17:56 - 00000000 ____D C:\ProgramData\Systweak 2013-10-11 17:54 - 2012-03-04 15:44 - 00000000 ____D C:\Users\Guslarevic 2013-10-11 17:52 - 2013-10-11 17:46 - 00001844 _____ C:\Windows\system32\ASOROSet.bin 2013-10-11 17:52 - 2009-07-14 03:34 - 88342528 _____ C:\Windows\system32\config\SOFTWARE.bak 2013-10-11 17:52 - 2009-07-14 03:34 - 18874368 _____ C:\Windows\system32\config\SYSTEM.bak 2013-10-11 17:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak 2013-10-11 17:46 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak 2013-10-11 17:46 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak 2013-10-11 17:45 - 2013-06-09 21:55 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C&C Generals 2013-10-11 17:45 - 2013-06-03 18:14 - 00000000 ____D C:\Users\Guslarevic\Desktop\FLESKA za rezanje 2013-10-11 17:42 - 2013-10-11 17:34 - 00000000 ____D C:\Program Files (x86)\Advanced System Optimizer 3 2013-10-11 17:38 - 2013-10-11 17:38 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Systweak 2013-10-11 17:34 - 2013-10-11 17:34 - 00003158 _____ C:\Windows\System32\Tasks\Advanced System Optimizer 2013-10-11 17:34 - 2013-10-11 17:34 - 00001276 _____ C:\Users\Public\Desktop\Smart PC Care.lnk 2013-10-11 17:34 - 2013-10-11 17:34 - 00000000 ____D C:\Users\Guslarevic\Downloads\Advanced.System.Optimizer.3.1.648.6951 2013-10-11 17:33 - 2013-10-11 17:33 - 10407672 _____ C:\Users\Guslarevic\Downloads\Advanced.System.Optimizer.3.1.648.6951.rar 2013-10-11 17:14 - 2012-03-05 00:38 - 00000000 ____D C:\Windows\Panther 2013-10-10 13:51 - 2013-03-14 02:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-10 13:51 - 2013-03-14 02:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 01:05 - 2012-03-17 11:26 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-10 00:55 - 2013-07-23 17:43 - 00000000 ____D C:\Windows\system32\MRT 2013-10-10 00:52 - 2012-03-05 00:46 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-09 16:35 - 2013-10-09 16:34 - 00000000 ____D C:\Users\Guslarevic\Desktop\gus sintezni 2013-10-09 14:33 - 2013-02-05 00:06 - 00003902 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-09 14:33 - 2013-02-05 00:06 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-08 21:05 - 2012-12-11 18:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-08 21:05 - 2012-12-11 18:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-08 21:05 - 2012-12-11 18:49 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-10-05 22:11 - 2012-03-04 16:32 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Winamp 2013-10-04 16:08 - 2012-05-03 20:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-04 14:42 - 2012-03-04 16:33 - 00000000 ____D C:\Users\Guslarevic\AppData\Local\Mozilla 2013-10-02 21:05 - 2013-10-02 21:05 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2013-10-02 21:05 - 2013-07-23 15:01 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2013-09-29 11:50 - 2013-09-29 11:49 - 08984539 _____ C:\Users\Guslarevic\Downloads\Marbles.themepack 2013-09-28 22:10 - 2013-09-28 20:44 - 00000000 ____D C:\Users\Guslarevic\Downloads\strelyaushie_gory_[tfile.ru] 2013-09-28 00:03 - 2013-09-28 00:03 - 00000000 ____D C:\Program Files (x86)\Zona 2013-09-28 00:03 - 2013-09-28 00:02 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Zona 2013-09-27 15:02 - 2013-09-27 14:37 - 00000000 ____D C:\Users\Guslarevic\Desktop\108___09 ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {1246ba19-6653-11e1-8998-e3f06000f0ba} displayorder {current} toolsdisplayorder {bdbdbd00-6057-11e0-a7f3-ce9adfd72001} {memdiag} timeout 30 Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale en-US inherit {bootloadersettings} recoverysequence {1246ba1b-6653-11e1-8998-e3f06000f0ba} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {1246ba19-6653-11e1-8998-e3f06000f0ba} nx OptIn Windows Boot Loader ------------------- identifier {1246ba1b-6653-11e1-8998-e3f06000f0ba} device ramdisk=[C:]\Recovery\1246ba1b-6653-11e1-8998-e3f06000f0ba\Winre.wim,{1246ba1c-6653-11e1-8998-e3f06000f0ba} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\1246ba1b-6653-11e1-8998-e3f06000f0ba\Winre.wim,{1246ba1c-6653-11e1-8998-e3f06000f0ba} systemroot \windows nx OptIn winpe Yes Resume from Hibernate --------------------- identifier {1246ba19-6653-11e1-8998-e3f06000f0ba} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale en-US inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes Real-mode Boot Sector --------------------- identifier {bdbdbd00-6057-11e0-a7f3-ce9adfd72001} device partition=C: path \bdr-ld01.mbr description Bitdefender Rescue Mode - Windows 7 Ultimate SP 1 (x64) EMS Settings ------------ identifier {emssettings} bootems Yes Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {1246ba1c-6653-11e1-8998-e3f06000f0ba} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\1246ba1b-6653-11e1-8998-e3f06000f0ba\boot.sdi LastRegBack: 2013-10-21 17:39 ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

argus Poslao: 28 Okt 2013 07:18 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Deinstaliraj Sledece: Advanced System Optimizer Sta ti je ovo, Bitdefender Anrivirus? ---------------------------------------- 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start MountPoints2: H - H:\PcOptions.exe MountPoints2: {07dd9894-8ada-11e1-8e43-00241dc10b35} - I:\PcOptions.exe MountPoints2: {10525ecc-f68e-11e1-802c-00241dc10b35} - H:\PcOptions.exe MountPoints2: {586c57fe-245a-11e2-b52c-00241dc10b35} - I:\PcOptions.exe MountPoints2: {6a28ebf4-78d4-11e1-9e3f-00241dc10b35} - H:\PcOptions.exe MountPoints2: {6a28ec00-78d4-11e1-9e3f-00241dc10b35} - I:\PcOptions.exe MountPoints2: {6e82b5e3-7e71-11e2-b8f4-00241dc10b35} - I:\Startme.exe MountPoints2: {c7d4832d-ec41-11e1-80c4-00241dc10b35} - H:\PcOptions.exe MountPoints2: {cb97f940-45e8-11e2-82e2-806e6f6e6963} - H:\noautorun.exe MountPoints2: {f3c669d7-6c33-11e1-90dd-00241dc10b35} - G:\noautorun.exe URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=109220&tt=4512_8&babsrc=SP_ss&mntrId=7cd36ba600000000000000fffc201505 SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://blekko.com/ws/?source=c3348dd4&tbp=rbox&too.....E6FDF85&q={searchTerms} SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 CHR HomePage: hxxp://search.babylon.com/?affID=109220&tt=4512_8&babsrc=HP_ss&mntrId=7cd36ba600000000000000fffc201505 CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn10.crx CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx Task: {76403D80-821F-4320-A102-3E13A107513D} - System32\Tasks\Advanced System Optimizer => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [2010-08-26] (Systweak Inc., (www.systweak.com)) End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Ponovo pokreni MCShield i cekiraj opciju sa slike Prikljuci flesku, sacekaj da je skenira i dostavi rezultate na uvid.

Profil

djordjee88 Poslao: 28 Okt 2013 15:42 Idi na vrh
offline djordjee88 Građanin Arhitekta Pridružio: 13 Okt 2009 Poruke: 79	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 28 Okt 2013 15:21 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-10-2013 01 Ran by Guslarevic at 2013-10-28 14:47:41 Run:1 Running from C:\Users\Guslarevic\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** Start MountPoints2: H - H:\PcOptions.exe MountPoints2: {07dd9894-8ada-11e1-8e43-00241dc10b35} - I:\PcOptions.exe MountPoints2: {10525ecc-f68e-11e1-802c-00241dc10b35} - H:\PcOptions.exe MountPoints2: {586c57fe-245a-11e2-b52c-00241dc10b35} - I:\PcOptions.exe MountPoints2: {6a28ebf4-78d4-11e1-9e3f-00241dc10b35} - H:\PcOptions.exe MountPoints2: {6a28ec00-78d4-11e1-9e3f-00241dc10b35} - I:\PcOptions.exe MountPoints2: {6e82b5e3-7e71-11e2-b8f4-00241dc10b35} - I:\Startme.exe MountPoints2: {c7d4832d-ec41-11e1-80c4-00241dc10b35} - H:\PcOptions.exe MountPoints2: {cb97f940-45e8-11e2-82e2-806e6f6e6963} - H:\noautorun.exe MountPoints2: {f3c669d7-6c33-11e1-90dd-00241dc10b35} - G:\noautorun.exe URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = search.babylon.com/?q={searchTerms}&affID=109220&tt=4512_8&babsrc=SP_ss&mntrId=7cd36ba600000000000000fffc201505 SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = blekko.com/ws/?source=c3348dd4&tbp=rbox&too.....E6FDF85&q={searchTerms} SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 CHR HomePage: hxxp://search.babylon.com/?affID=109220&tt=4512_8&babsrc=HP_ss&mntrId=7cd36ba600000000000000fffc201505 CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn10.crx CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx Task: {76403D80-821F-4320-A102-3E13A107513D} - System32\Tasks\Advanced System Optimizer => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [2010-08-26] (Systweak Inc., (www.systweak.com)) End *************** HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => Key deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07dd9894-8ada-11e1-8e43-00241dc10b35} => Key deleted successfully. HKCR\CLSID\{07dd9894-8ada-11e1-8e43-00241dc10b35} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10525ecc-f68e-11e1-802c-00241dc10b35} => Key deleted successfully. HKCR\CLSID\{10525ecc-f68e-11e1-802c-00241dc10b35} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{586c57fe-245a-11e2-b52c-00241dc10b35} => Key deleted successfully. HKCR\CLSID\{586c57fe-245a-11e2-b52c-00241dc10b35} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a28ebf4-78d4-11e1-9e3f-00241dc10b35} => Key deleted successfully. HKCR\CLSID\{6a28ebf4-78d4-11e1-9e3f-00241dc10b35} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a28ec00-78d4-11e1-9e3f-00241dc10b35} => Key deleted successfully. HKCR\CLSID\{6a28ec00-78d4-11e1-9e3f-00241dc10b35} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e82b5e3-7e71-11e2-b8f4-00241dc10b35} => Key deleted successfully. HKCR\CLSID\{6e82b5e3-7e71-11e2-b8f4-00241dc10b35} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7d4832d-ec41-11e1-80c4-00241dc10b35} => Key deleted successfully. HKCR\CLSID\{c7d4832d-ec41-11e1-80c4-00241dc10b35} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb97f940-45e8-11e2-82e2-806e6f6e6963} => Key deleted successfully. HKCR\CLSID\{cb97f940-45e8-11e2-82e2-806e6f6e6963} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3c669d7-6c33-11e1-90dd-00241dc10b35} => Key deleted successfully. HKCR\CLSID\{f3c669d7-6c33-11e1-90dd-00241dc10b35} => Key not found. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key deleted successfully. HKCR\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully. HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found. CHR HomePage: hxxp://search.babylon.com/?affID=109220&tt=4512_8&babsrc=HP_ss&mntrId=7cd36ba600000000000000fffc201505 ==> The Chrome "Settings" can be used to fix the entry. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf => Key deleted successfully. "C:\Program Files (x86)\TornTV.com\torn10.crx " => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh => Key deleted successfully. "C:\Program Files (x86)\1ClickDownload\1click12.crx " => File/Directory not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{76403D80-821F-4320-A102-3E13A107513D} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76403D80-821F-4320-A102-3E13A107513D} => Key deleted successfully. C:\Windows\System32\Tasks\Advanced System Optimizer => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Optimizer => Key deleted successfully. ==== End of Fixlog ==== MCSHIELD : fleska 32gb MCShield ::Anti-Malware Tool:: mcshield.net/ >>> v 2.8.3.24 / DB: 2013.10.26.1 / Windows 7 <<< 28-Oct-13 3:16:32 PM > Диск I: - скенирање започето (KINGSTON ~30564 MB, NTFS флeш диск )... => Диск је чист. fleska 4 gb MCShield ::Anti-Malware Tool:: mcshield.net/ >>> v 2.8.3.24 / DB: 2013.10.26.1 / Windows 7 <<< 28-Oct-13 3:20:12 PM > Drive J: - scan started (no label ~3813 MB, FAT32 flash drive )... => The drive is clean. Dopuna: 28 Okt 2013 15:42 zaboravio sam da kazem da taj BITDEFENDER ne mogu da izbrisem nikako iz kompijutera!

Profil

argus Poslao: 28 Okt 2013 16:23 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! . 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-08-27] (Bitdefender) R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [95184 2013-06-19] (Bitdefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-08-27] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-02] (Bitdefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2013-06-19] (BitDefender) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-08-01] (BitDefender SRL) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC) 2013-10-02 21:05 - 2013-10-02 21:05 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2013-10-02 21:05 - 2013-07-23 15:01 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe 2013-08-27 19:52 - 2013-08-27 19:52 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Kad ovo zavrsis postavi mi svez FRST log.

Profil

djordjee88 Poslao: 28 Okt 2013 18:33 Idi na vrh
offline djordjee88 Građanin Arhitekta Pridružio: 13 Okt 2009 Poruke: 79	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-10-2013 01 Ran by Guslarevic at 2013-10-28 18:19:48 Run:2 Running from C:\Users\Guslarevic\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** Start (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-08-27] (Bitdefender) R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [95184 2013-06-19] (Bitdefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-08-27] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-02] (Bitdefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2013-06-19] (BitDefender) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-08-01] (BitDefender SRL) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC) 2013-10-02 21:05 - 2013-10-02 21:05 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2013-10-02 21:05 - 2013-07-23 15:01 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe 2013-08-27 19:52 - 2013-08-27 19:52 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll End *************** C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe => No running process found BdDesktopParental => Service deleted successfully. SafeBox => Service deleted successfully. UPDATESRV => Unable to delete service VSSERV => Unable to delete service avchv => Service deleted successfully. BDSandBox => Service deleted successfully. gzflt => Unable to delete service C:\Windows\system32\Drivers\gzflt.sys => Moved successfully. C:\Windows\system32\Drivers\trufos.sys => Moved successfully. C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe => No running process found C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe => No running process found C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe => No running process found Could not move "C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll " => Scheduled to move on reboot. =========== Result of Scheduled Files to move =========== C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll => Moved successfully. ==== End of Fixlog ====

Profil

argus Poslao: 28 Okt 2013 21:32 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Citat:Kad ovo zavrsis postavi mi svez FRST log.

Profil

djordjee88 Poslao: 28 Okt 2013 22:27 Idi na vrh
offline djordjee88 Građanin Arhitekta Pridružio: 13 Okt 2009 Poruke: 79	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2013 01 Ran by Guslarevic (administrator) on BARBOSA on 28-10-2013 22:25:12 Running from C:\Users\Guslarevic\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Sonix) C:\Windows\vsnp2uvc.exe (Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Microsoft Corporation) C:\Windows\splwow64.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6963744 2009-01-20] (Realtek Semiconductor) HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-01-20] (Realtek Semiconductor Corp.) HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKCU\...\Run: [Gadwin PrintScreen] - C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [487424 2011-05-03] (Gadwin Systems, Inc) HKCU\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\MCShieldRTM.exe [607232 2013-10-26] (MyCity) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software) AppInit_DLLs-x32: [ ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DA3BEA116FACC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default FF user.js: detected! => C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default\user.js FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml FF Extension: soafuE sauve - C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default\Extensions\yoiu_cuvt@mqz-fnji.edu FF Extension: adblockpopups - C:\Users\Guslarevic\AppData\Roaming\Mozilla\Firefox\Profiles\5w3fo8k6.default\Extensions\adblockpopups@jessehakanen.net.xpi FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= CHR HomePage: hxxp://search.babylon.com/?affID=109220&tt=4512_8&babsrc=HP_ss&mntrId=7cd36ba600000000000000fffc201505 CHR RestoreOnStartup: "https://www.google.com/" CHR DefaultSearchURL: (google.com) - google.com/search?hl=sr&tbo=d&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1 CHR DefaultSuggestURL: (google.com) - "suggest_url": "", CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.30.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (YouTube) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0 CHR Extension: (Autodesk Homestyler) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\GUSLAR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Guslarevic\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [736104 2012-04-19] (Tunngle.net GmbH) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-08-27] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-02] (Bitdefender) ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\smhwadb.sys [31744 2009-12-23] (Google Inc) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-12] (DT Soft Ltd) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2012-12-21] (ESET) S3 gdrv; C:\Windows\gdrv.sys [25640 2013-06-21] (Windows (R) Server 2003 DDK provider) S0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-28] (BitDefender LLC) S3 smhwdev; C:\Windows\System32\DRIVERS\smhwdev.sys [114432 2010-01-13] (Huawei Technologies Co., Ltd.) S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [122624 2010-02-04] (QUALCOMM Incorporated) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3565056 2011-04-29] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-11-07] (Duplex Secure Ltd.) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) U3 aoh1x6gd; C:\Windows\System32\Drivers\aoh1x6gd.sys [0 ] (Microsoft Corporation) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-28 20:42 - 2013-10-28 21:00 - 00000000 ____D C:\Users\Guslarevic\Desktop\FB-kafana 2013-10-28 18:52 - 2013-10-28 18:52 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2013-10-28 18:52 - 2013-10-28 18:52 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2013-10-28 18:18 - 2013-10-28 18:19 - 00000000 ____D C:\Users\Guslarevic\Desktop\flees 2013-10-28 12:02 - 2013-10-28 12:02 - 00000352 _____ C:\Windows\PFRO.log 2013-10-27 21:32 - 2013-10-28 18:31 - 00000000 ____D C:\FRST 2013-10-27 21:32 - 2013-10-27 21:32 - 01956442 _____ (Farbar) C:\Users\Guslarevic\Desktop\FRST64.exe 2013-10-27 21:21 - 2013-10-27 21:21 - 00001088 _____ C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk 2013-10-27 21:01 - 2013-10-28 22:25 - 00000000 ____D C:\ProgramData\MCShield 2013-10-27 21:01 - 2013-10-27 21:01 - 00000000 ____D C:\Program Files (x86)\MCShield 2013-10-27 20:59 - 2013-10-27 20:59 - 02633042 _____ C:\Users\Guslarevic\Desktop\MCShield-Setup.exe 2013-10-27 19:36 - 2013-10-27 19:36 - 00688992 _____ (Swearware) C:\Users\Guslarevic\Desktop\dds.scr 2013-10-27 11:01 - 2013-10-27 11:01 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 10:41 - 2013-10-27 10:49 - 00000000 ____D C:\Users\Guslarevic\Desktop\malisa telefon 2013-10-26 01:09 - 2013-10-28 21:00 - 00000000 ____D C:\Users\Guslarevic\Desktop\kafana 2013-10-24 18:06 - 2013-10-24 18:47 - 18149888 _____ C:\Users\Guslarevic\Desktop\Presentation1.ppt 2013-10-24 14:59 - 2013-10-24 14:59 - 00001213 _____ C:\Users\Guslarevic\Desktop\Adobe Photoshop CS5.lnk 2013-10-23 08:00 - 2013-10-23 08:16 - 00000000 ____D C:\Users\Guslarevic\Desktop\3D 2013-10-23 06:02 - 2013-10-23 07:58 - 00000000 ____D C:\Users\Guslarevic\Desktop\vizeualizaija 2013-10-23 04:43 - 2013-10-23 04:43 - 00000000 ____D C:\Users\Guslarevic\Desktop\DIPLOMSKI FARBA 2013-10-22 00:39 - 2013-10-24 18:33 - 00000000 ____D C:\Users\Guslarevic\Desktop\ДИПЛОМСКИ СТАМПА 2013-10-21 22:15 - 2013-10-21 22:15 - 00093255 _____ C:\Users\Guslarevic\Documents\skica.skp 2013-10-21 22:07 - 2013-10-28 18:21 - 00002836 _____ C:\Windows\setupact.log 2013-10-21 22:07 - 2013-10-21 22:07 - 00000000 _____ C:\Windows\setuperr.log 2013-10-20 17:19 - 2013-10-20 22:05 - 00000000 ____D C:\Users\Guslarevic\Desktop\vaskovic primer 2013-10-20 15:15 - 2013-10-23 18:52 - 00000000 ____D C:\Users\Guslarevic\Desktop\SINTEZNI sitnice 2013-10-19 18:01 - 2013-10-19 18:03 - 00000000 ____D C:\Users\Guslarevic\Desktop\vlasina brana 2013-10-18 22:07 - 2013-10-18 22:07 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Oracle 2013-10-18 22:06 - 2013-10-18 22:06 - 00000000 ____D C:\ProgramData\Oracle 2013-10-18 22:06 - 2013-10-18 22:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-16 22:30 - 2013-10-18 07:23 - 01169261 _____ C:\Users\Guslarevic\Documents\situacija novaa.dwg 2013-10-16 22:30 - 2013-10-18 02:53 - 01169261 _____ C:\Users\Guslarevic\Documents\situacija novaa.bak 2013-10-16 22:19 - 2013-10-16 22:19 - 00206319 _____ C:\Users\Guslarevic\Documents\krov.dwg 2013-10-16 22:06 - 2013-10-16 22:06 - 00334968 _____ C:\Users\Guslarevic\Documents\Untitled.dwg 2013-10-16 22:01 - 2013-10-16 22:01 - 08527766 _____ C:\Users\Guslarevic\Documents\AutoSave_Untitled_3.skp 2013-10-16 21:39 - 2013-10-16 21:39 - 07718481 _____ C:\Users\Guslarevic\Documents\11.skp 2013-10-16 20:18 - 2013-10-16 20:18 - 05808485 _____ C:\Users\Guslarevic\Documents\AutoSave_Untitled_2.skp 2013-10-13 18:48 - 2013-10-17 03:30 - 08766749 _____ C:\Users\Guslarevic\Documents\Untitled.skb 2013-10-13 00:12 - 2013-10-17 04:09 - 08745310 _____ C:\Users\Guslarevic\Documents\Untitled.skp 2013-10-11 17:56 - 2013-10-28 12:29 - 00000000 ____D C:\ProgramData\Systweak 2013-10-11 17:46 - 2013-10-11 17:52 - 00001844 _____ C:\Windows\system32\ASOROSet.bin 2013-10-11 17:46 - 2010-08-26 14:38 - 00018744 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\ROBoot64.exe 2013-10-11 17:38 - 2013-10-28 12:29 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Systweak 2013-10-11 17:34 - 2013-10-11 17:34 - 00000000 ____D C:\Users\Guslarevic\Downloads\Advanced.System.Optimizer.3.1.648.6951 2013-10-11 17:33 - 2013-10-11 17:33 - 10407672 _____ C:\Users\Guslarevic\Downloads\Advanced.System.Optimizer.3.1.648.6951.rar 2013-10-10 01:03 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-10 01:03 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-10 01:03 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-10-10 01:03 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-10 01:03 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-10 01:03 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-10 01:03 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-10 01:03 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-10 01:03 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-10 01:03 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-10 01:03 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-10 01:03 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-10-09 16:34 - 2013-10-09 16:35 - 00000000 ____D C:\Users\Guslarevic\Desktop\gus sintezni 2013-10-09 12:19 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-10-09 12:19 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-09 12:19 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-10-09 12:19 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-10-09 12:19 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-09 12:19 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-09 12:19 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-10-09 12:19 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-10-09 12:19 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-10-09 12:19 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 12:19 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 12:19 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-09 12:19 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-10-09 12:19 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-10-09 12:19 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-10-09 12:19 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-10-09 12:19 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-10-09 12:19 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-10-09 12:19 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-10-09 12:19 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 12:19 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2013-10-09 12:19 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-09 12:19 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2013-10-09 12:19 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-10-09 12:19 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 12:19 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-10-09 12:19 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-10-09 12:19 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-10-09 12:19 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 12:19 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-10-09 12:19 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-09 12:19 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 12:19 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 12:19 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-09 12:19 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-09 12:19 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-09 12:19 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 12:19 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-10-09 12:19 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-09 12:19 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-10-09 12:19 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 12:19 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-09 12:19 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 12:18 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-09 12:18 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-09 12:18 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-10-09 12:18 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 12:18 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 12:18 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-06 17:29 - 2013-10-22 08:50 - 00000000 ____D C:\Users\Guslarevic\Desktop\reperi 6.10.2013 2013-10-04 14:35 - 2013-10-18 22:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-29 11:49 - 2013-09-29 11:50 - 08984539 _____ C:\Users\Guslarevic\Downloads\Marbles.themepack 2013-09-28 20:44 - 2013-09-28 22:10 - 00000000 ____D C:\Users\Guslarevic\Downloads\strelyaushie_gory_[tfile.ru] 2013-09-28 00:03 - 2013-09-28 00:03 - 00000000 ____D C:\Program Files (x86)\Zona 2013-09-28 00:02 - 2013-09-28 00:03 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Zona ==================== One Month Modified Files and Folders ======= 2013-10-28 22:25 - 2013-10-27 21:01 - 00000000 ____D C:\ProgramData\MCShield 2013-10-28 22:05 - 2012-12-11 18:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-28 21:38 - 2013-02-05 00:06 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-28 21:29 - 2009-07-14 06:13 - 00730448 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-28 21:00 - 2013-10-28 20:42 - 00000000 ____D C:\Users\Guslarevic\Desktop\FB-kafana 2013-10-28 21:00 - 2013-10-26 01:09 - 00000000 ____D C:\Users\Guslarevic\Desktop\kafana 2013-10-28 18:52 - 2013-10-28 18:52 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2013-10-28 18:52 - 2013-10-28 18:52 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2013-10-28 18:31 - 2013-10-27 21:32 - 00000000 ____D C:\FRST 2013-10-28 18:29 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-28 18:29 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-28 18:23 - 2013-02-05 00:06 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-28 18:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-28 18:21 - 2013-10-21 22:07 - 00002836 _____ C:\Windows\setupact.log 2013-10-28 18:21 - 2012-03-04 15:59 - 00000000 ____D C:\ProgramData\NVIDIA 2013-10-28 18:20 - 2012-06-29 13:55 - 01707739 _____ C:\Windows\WindowsUpdate.log 2013-10-28 18:19 - 2013-10-28 18:18 - 00000000 ____D C:\Users\Guslarevic\Desktop\flees 2013-10-28 12:29 - 2013-10-11 17:56 - 00000000 ____D C:\ProgramData\Systweak 2013-10-28 12:29 - 2013-10-11 17:38 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Systweak 2013-10-28 12:04 - 2013-07-23 14:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-10-28 12:02 - 2013-10-28 12:02 - 00000352 _____ C:\Windows\PFRO.log 2013-10-27 21:32 - 2013-10-27 21:32 - 01956442 _____ (Farbar) C:\Users\Guslarevic\Desktop\FRST64.exe 2013-10-27 21:21 - 2013-10-27 21:21 - 00001088 _____ C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk 2013-10-27 21:01 - 2013-10-27 21:01 - 00000000 ____D C:\Program Files (x86)\MCShield 2013-10-27 20:59 - 2013-10-27 20:59 - 02633042 _____ C:\Users\Guslarevic\Desktop\MCShield-Setup.exe 2013-10-27 19:36 - 2013-10-27 19:36 - 00688992 _____ (Swearware) C:\Users\Guslarevic\Desktop\dds.scr 2013-10-27 11:20 - 2013-07-26 11:31 - 00000000 ____D C:\Users\Guslarevic\Desktop\stefan muzika 2013-10-27 11:01 - 2013-10-27 11:01 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-27 11:01 - 2013-06-20 14:43 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-27 10:49 - 2013-10-27 10:41 - 00000000 ____D C:\Users\Guslarevic\Desktop\malisa telefon 2013-10-26 17:53 - 2013-03-20 20:37 - 00000000 ____D C:\Users\Guslarevic\AppData\Local\Windows Live 2013-10-25 01:28 - 2013-07-07 13:48 - 00000000 ____D C:\Users\Guslarevic\Documents\Lumion 3 2013-10-24 18:47 - 2013-10-24 18:06 - 18149888 _____ C:\Users\Guslarevic\Desktop\Presentation1.ppt 2013-10-24 18:33 - 2013-10-22 00:39 - 00000000 ____D C:\Users\Guslarevic\Desktop\ДИПЛОМСКИ СТАМПА 2013-10-24 14:59 - 2013-10-24 14:59 - 00001213 _____ C:\Users\Guslarevic\Desktop\Adobe Photoshop CS5.lnk 2013-10-23 20:19 - 2012-03-04 19:52 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Skype 2013-10-23 18:52 - 2013-10-20 15:15 - 00000000 ____D C:\Users\Guslarevic\Desktop\SINTEZNI sitnice 2013-10-23 08:16 - 2013-10-23 08:00 - 00000000 ____D C:\Users\Guslarevic\Desktop\3D 2013-10-23 07:58 - 2013-10-23 06:02 - 00000000 ____D C:\Users\Guslarevic\Desktop\vizeualizaija 2013-10-23 07:50 - 2012-09-24 08:19 - 00000000 ____D C:\Users\Guslarevic\Desktop\Sintezni 2013-10-23 07:21 - 2012-03-06 16:25 - 00000000 ____D C:\Users\Guslarevic\Documents\PrintScreen Files 2013-10-23 04:43 - 2013-10-23 04:43 - 00000000 ____D C:\Users\Guslarevic\Desktop\DIPLOMSKI FARBA 2013-10-23 02:52 - 2012-05-27 13:52 - 00005478 _____ C:\Users\Guslarevic\Documents\plot.log 2013-10-22 08:50 - 2013-10-06 17:29 - 00000000 ____D C:\Users\Guslarevic\Desktop\reperi 6.10.2013 2013-10-21 22:15 - 2013-10-21 22:15 - 00093255 _____ C:\Users\Guslarevic\Documents\skica.skp 2013-10-21 22:07 - 2013-10-21 22:07 - 00000000 _____ C:\Windows\setuperr.log 2013-10-20 22:05 - 2013-10-20 17:19 - 00000000 ____D C:\Users\Guslarevic\Desktop\vaskovic primer 2013-10-19 18:03 - 2013-10-19 18:01 - 00000000 ____D C:\Users\Guslarevic\Desktop\vlasina brana 2013-10-18 22:08 - 2012-03-04 16:28 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-18 22:07 - 2013-10-18 22:07 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Oracle 2013-10-18 22:07 - 2013-10-04 14:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-18 22:06 - 2013-10-18 22:06 - 00000000 ____D C:\ProgramData\Oracle 2013-10-18 22:05 - 2013-10-18 22:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-18 22:05 - 2013-06-19 21:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-18 22:05 - 2013-06-19 21:08 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-18 22:05 - 2013-06-19 21:07 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-18 07:23 - 2013-10-16 22:30 - 01169261 _____ C:\Users\Guslarevic\Documents\situacija novaa.dwg 2013-10-18 07:23 - 2012-06-01 17:37 - 00103936 ___SH C:\Users\Guslarevic\Documents\Thumbs.db 2013-10-18 02:53 - 2013-10-16 22:30 - 01169261 _____ C:\Users\Guslarevic\Documents\situacija novaa.bak 2013-10-17 04:09 - 2013-10-13 00:12 - 08745310 _____ C:\Users\Guslarevic\Documents\Untitled.skp 2013-10-17 03:30 - 2013-10-13 18:48 - 08766749 _____ C:\Users\Guslarevic\Documents\Untitled.skb 2013-10-17 03:01 - 2012-03-04 16:29 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\uTorrent 2013-10-16 22:19 - 2013-10-16 22:19 - 00206319 _____ C:\Users\Guslarevic\Documents\krov.dwg 2013-10-16 22:06 - 2013-10-16 22:06 - 00334968 _____ C:\Users\Guslarevic\Documents\Untitled.dwg 2013-10-16 22:01 - 2013-10-16 22:01 - 08527766 _____ C:\Users\Guslarevic\Documents\AutoSave_Untitled_3.skp 2013-10-16 21:39 - 2013-10-16 21:39 - 07718481 _____ C:\Users\Guslarevic\Documents\11.skp 2013-10-16 20:18 - 2013-10-16 20:18 - 05808485 _____ C:\Users\Guslarevic\Documents\AutoSave_Untitled_2.skp 2013-10-13 08:42 - 2009-07-14 05:45 - 05054040 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-12 13:32 - 2012-03-04 20:01 - 00142472 _____ C:\Users\Guslarevic\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-11 18:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-10-11 17:54 - 2012-03-04 15:44 - 00000000 ____D C:\Users\Guslarevic 2013-10-11 17:52 - 2013-10-11 17:46 - 00001844 _____ C:\Windows\system32\ASOROSet.bin 2013-10-11 17:52 - 2009-07-14 03:34 - 88342528 _____ C:\Windows\system32\config\SOFTWARE.bak 2013-10-11 17:52 - 2009-07-14 03:34 - 18874368 _____ C:\Windows\system32\config\SYSTEM.bak 2013-10-11 17:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak 2013-10-11 17:46 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak 2013-10-11 17:46 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak 2013-10-11 17:45 - 2013-06-09 21:55 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C&C Generals 2013-10-11 17:45 - 2013-06-03 18:14 - 00000000 ____D C:\Users\Guslarevic\Desktop\FLESKA za rezanje 2013-10-11 17:34 - 2013-10-11 17:34 - 00000000 ____D C:\Users\Guslarevic\Downloads\Advanced.System.Optimizer.3.1.648.6951 2013-10-11 17:33 - 2013-10-11 17:33 - 10407672 _____ C:\Users\Guslarevic\Downloads\Advanced.System.Optimizer.3.1.648.6951.rar 2013-10-11 17:14 - 2012-03-05 00:38 - 00000000 ____D C:\Windows\Panther 2013-10-10 13:51 - 2013-03-14 02:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-10 13:51 - 2013-03-14 02:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 01:05 - 2012-03-17 11:26 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-10 00:55 - 2013-07-23 17:43 - 00000000 ____D C:\Windows\system32\MRT 2013-10-10 00:52 - 2012-03-05 00:46 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-09 16:35 - 2013-10-09 16:34 - 00000000 ____D C:\Users\Guslarevic\Desktop\gus sintezni 2013-10-09 14:33 - 2013-02-05 00:06 - 00003902 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-09 14:33 - 2013-02-05 00:06 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-08 21:05 - 2012-12-11 18:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-08 21:05 - 2012-12-11 18:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-08 21:05 - 2012-12-11 18:49 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-10-05 22:11 - 2012-03-04 16:32 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Winamp 2013-10-04 16:08 - 2012-05-03 20:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-04 14:42 - 2012-03-04 16:33 - 00000000 ____D C:\Users\Guslarevic\AppData\Local\Mozilla 2013-09-29 11:50 - 2013-09-29 11:49 - 08984539 _____ C:\Users\Guslarevic\Downloads\Marbles.themepack 2013-09-28 22:10 - 2013-09-28 20:44 - 00000000 ____D C:\Users\Guslarevic\Downloads\strelyaushie_gory_[tfile.ru] 2013-09-28 00:03 - 2013-09-28 00:03 - 00000000 ____D C:\Program Files (x86)\Zona 2013-09-28 00:03 - 2013-09-28 00:02 - 00000000 ____D C:\Users\Guslarevic\AppData\Roaming\Zona ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-21 17:39 ==================== End Of Log ============================

Profil

argus Poslao: 28 Okt 2013 23:19 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt Kazi kakvo je stanje.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » lnk-runner-n Fleska virus

Ko je trenutno na forumu

Ukupno su 1180 korisnika na forumu :: 46 registrovanih, 6 sakrivenih i 1128 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Areal84, celik, crnitrn, dane007, Dimitrise93, draganca, dragoljub11987, Duh sa sekirom, dushan, FOX, goxin, Griffon vulture, hatman, hologram, hooraay, Ivica1102, janbo, Karla, Koridor, ksyyaj, kybonacci, Leonov, Lieutenant, mackenzie, marsovac 2, mercedesamg, Mercury, milenko crazy north, miodrag, MiroslavD, Mixelotti, Ne doznajem se u oružje, ObelixSRB, pein, procesor, radoznao, ruger357, slonic_tonic, Sokic, styg, uruk, Vlad000, vlajkox, yrraf, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by