MyCity » Ambulanta -> Arhiva Ambulante » Pretraživači me prebacuju na phishing site i usporena internet konekcija

Pretraživači me prebacuju na phishing site i usporena internet konekcija

Napisano na dan: 1.3.2014

Pretraživači me prebacuju na phishing site i usporena internet konekcija
Sledeća strana Pagination

Idi na vrh

Poslao: 01 Mar 2014 02:20
Idi na vrh
offline
  • Pridružio: 29 Sep 2005
  • Poruke: 316
  • Gde živiš: ZR

Pozdrav svima.

Problem je u tome što kada otvorim bilo koji pretraživač (Chrome, Opera, Explorer), i pokušam da odem na neki poznatiji sajt (Facebook, Youtube napr.) otvara mi se phishing stranica gde me obaveštava da mi je flash player zastareo. Samo da napomenem da nisam kliknuo na ni jedan link na toj stranici. Takođe internet pa i sam kompjuter su usporili.



Ovo sve je počelo juče. Kao zaštitu koristim avast free antivirus i Malwarebytes anti-malware. Ni jedan od programa nije ništa prijavio. Takođe sam skenirao sa Drweb Cureit!, spybot search and destroy i neki sitni alati specjalizirani za malware koje su preporučili na forumima u vezi ovog problema. Naravno uradio sam i deepscan u safe mode sa svakim ponaosob, ali ništa nije detektovano. Problem je jutros nestao, i sve je radilo normalno da bi kasnije uveče opet sve počelo. Prvo uspori internet konekcija pa krene da izbacuje tu stranicu.

Koristim ADSL 6Mbit.

Na računaru su instalirane samo proverene besplatne aplikacije, ne koristim (zabranjeno) i slične stvari.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.51.2
Run by Vladimir at 1:46:47 on 2014-03-01
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2754 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mWinlogon: Userinit = c:\windows\syswow64\userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [GoogleChromeAutoLaunch_E7E7B640C719C6D8CE20F2E50D91D1E8] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 5.45.75.11 5.45.75.36
TCP: Interfaces\{9FCB3906-A6C3-4864-9197-64F719B0341D} : DHCPNameServer = 5.45.75.11 5.45.75.36
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [CmPCIaudio] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-2-28 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-2-28 207904]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-2-28 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-2-28 421704]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064]
R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-2-28 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-28 50344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2013-2-27 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2013-2-27 213504]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-3-14 726160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2013-4-12 139592]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2013-4-12 418632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
S3 b06diag;Broadcom NetXtreme II Diag Driver;C:\Windows\System32\drivers\bxdiaga.sys [2013-3-14 88104]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2013-3-14 157288]
S3 bxfcoe;bxfcoe;C:\Windows\System32\drivers\bxfcoe.sys [2013-3-14 178216]
S3 bxois;bxois;C:\Windows\System32\drivers\bxois.sys [2013-3-14 539176]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-2-27 65152]
S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;C:\Windows\System32\drivers\EtronSTOR.sys [2013-2-27 32512]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-2-27 88832]
S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2013-3-14 40144]
S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2013-3-14 42192]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-12 366216]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-12 786056]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-17 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-6-17 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-17 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-17 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-17 1255736]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-03-01 00:16:59 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-01 00:16:58 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-28 23:53:45 -------- d-----w- C:\Users\Vladimir\AppData\Roaming\Free Download Manager
2014-02-28 23:53:43 -------- d-----w- C:\Program Files (x86)\Free Download Manager
2014-02-28 07:12:27 -------- d-----w- C:\Users\Vladimir\Doctor Web
2014-02-28 06:43:54 -------- d-----w- C:\Windows\System32\appmgmt
2014-02-28 03:44:22 -------- d-----w- C:\Users\Vladimir\AppData\Local\NPE
2014-02-28 03:44:22 -------- d-----w- C:\ProgramData\Norton
2014-02-28 03:32:34 -------- d-----w- C:\Program Files\CCleaner
2014-02-28 03:13:30 -------- d-----w- C:\Program Files\Enigma Software Group
2014-02-28 03:13:06 -------- d-----w- C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-02-28 03:13:05 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-02-28 02:56:09 -------- d-----w- C:\Users\Vladimir\AppData\Roaming\AVAST Software
2014-02-28 02:55:35 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-02-28 02:55:35 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-02-28 02:55:34 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-02-28 02:55:33 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-02-28 02:55:28 43152 ----a-w- C:\Windows\avastSS.scr
2014-02-28 02:55:22 -------- d-----w- C:\Program Files\AVAST Software
2014-02-28 02:54:17 -------- d-----w- C:\ProgramData\AVAST Software
2014-02-28 02:37:44 -------- d-----w- C:\Windows\pss
2014-02-28 00:26:37 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E3D69FC2-4454-4459-ABB8-BB1C06E7FC8B}\mpengine.dll
2014-02-28 00:24:19 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-02-28 00:24:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-26 02:58:17 -------- d-----w- C:\Windows\ERUNT
2014-02-26 02:56:00 -------- d-----w- C:\AdwCleaner
2014-02-24 20:38:37 8151040 ------w- C:\Windows\SysWow64\CMICNFG3.dll
2014-02-24 20:38:37 792576 ------w- C:\Windows\System32\Cmeaupci.exe
2014-02-24 20:38:37 389120 ------w- C:\Windows\System32\CMICNFG3.cpl
2014-02-24 20:38:37 200704 ------w- C:\Windows\SysWow64\CMPaOxy.dll
2014-02-24 20:38:37 143360 ------w- C:\Windows\SysWow64\VmixP6.dll
2014-02-24 20:38:06 524768 ----a-w- C:\Windows\difxapi.dll
2014-02-24 20:38:06 359424 ------w- C:\Windows\System32\CmiInstallResAll64.dll
2014-02-22 18:27:25 -------- d-----w- C:\Users\Vladimir\AppData\Local\Adobe
.
==================== Find3M ====================
.
2014-01-15 11:48:03 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-02 20:20:29 0 ----a-w- C:\Windows\ativpsrm.bin
2013-12-18 05:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2013-12-06 22:04:10 143304 ----a-w- C:\Windows\System32\atiuxp64.dll
2013-12-06 22:03:46 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2013-12-06 22:03:00 115512 ----a-w- C:\Windows\System32\atiu9p64.dll
2013-12-06 22:02:38 98496 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2013-12-06 22:01:52 1318552 ----a-w- C:\Windows\System32\aticfx64.dll
2013-12-06 22:01:04 1100216 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2013-12-06 22:00:16 9753752 ----a-w- C:\Windows\System32\atidxx64.dll
2013-12-06 21:59:50 8406024 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2013-12-06 21:59:00 8287008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2013-12-06 21:58:10 6630232 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2013-12-06 21:57:20 8927704 ----a-w- C:\Windows\System32\atiumd6a.dll
2013-12-06 21:56:54 7751920 ----a-w- C:\Windows\System32\atiumd64.dll
2013-12-06 21:52:14 13207552 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2013-12-06 21:38:52 230912 ----a-w- C:\Windows\System32\clinfo.exe
2013-12-06 21:38:40 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2013-12-06 21:38:40 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2013-12-06 21:38:38 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2013-12-06 21:38:38 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2013-12-06 21:38:34 99840 ----a-w- C:\Windows\System32\OpenVideo64.dll
2013-12-06 21:38:28 83968 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2013-12-06 21:38:22 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2013-12-06 21:38:18 73728 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2013-12-06 21:37:58 29382144 ----a-w- C:\Windows\System32\amdocl64.dll
2013-12-06 21:35:36 24860160 ----a-w- C:\Windows\SysWow64\amdocl.dll
2013-12-06 21:33:28 63488 ----a-w- C:\Windows\System32\OpenCL.dll
2013-12-06 21:33:24 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-12-06 21:26:44 129536 ----a-w- C:\Windows\System32\coinst_13.251.dll
2013-12-06 21:16:40 26352128 ----a-w- C:\Windows\System32\atio6axx.dll
2013-12-06 21:13:02 368640 ----a-w- C:\Windows\System32\atiapfxx.exe
2013-12-06 21:12:52 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2013-12-06 21:12:50 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2013-12-06 21:12:42 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2013-12-06 21:12:40 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2013-12-06 21:12:26 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2013-12-06 21:09:18 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2013-12-06 20:58:50 22157824 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2013-12-06 20:53:18 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2013-12-06 20:53:10 31232 ----a-w- C:\Windows\System32\atimuixx.dll
2013-12-06 20:53:04 588288 ----a-w- C:\Windows\System32\atieclxx.exe
2013-12-06 20:52:10 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2013-12-06 20:50:36 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2013-12-06 20:22:42 1144320 ----a-w- C:\Windows\System32\atiadlxx.dll
2013-12-06 20:22:28 825344 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2013-12-06 20:22:12 74752 ----a-w- C:\Windows\System32\atig6pxx.dll
2013-12-06 20:22:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2013-12-06 20:22:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2013-12-06 20:22:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll
2013-12-06 20:21:54 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2013-12-06 20:21:44 626176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2013-12-06 20:18:12 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2013-12-06 15:49:18 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2013-12-06 15:44:26 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
.
============= FINISH: 1:47:08.71 ===============

https://www.mycity.rs/must-login.png

Poslao: 01 Mar 2014 10:55
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Arrow Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

Poslao: 01 Mar 2014 19:44
Idi na vrh
offline
  • Pridružio: 29 Sep 2005
  • Poruke: 316
  • Gde živiš: ZR

https://www.mycity.rs/must-login.png

Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Vladimir on Sat 03/01/2014 at 19:30:31.33.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\MyDownloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

3/1/2014 7:31:32 PM Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-02-28 07:00:30 0A34066D56D57C0DA73BFFC1E4169FF2 85 ----a-w- C:\Windows\wininit.ini
2014-02-24 20:38:37 C843C20E3070821E2E98C001A183E8AD 188 ----a-w- C:\Windows\Cmicnfg3.ini.cfl
2014-02-24 20:38:37 6E42CF0D47AF25DEA4CECDBE093D521C 10134 ------w- C:\Windows\cmeauPCI.ico
2014-02-24 20:38:06 A35E7311D73A5DD7AB288AFB0E12448C 2754 ------w- C:\Windows\cmudax3.ini
2014-02-24 20:38:06 9CADC91DF349C198FFB5477A5B23B6C2 524768 ----a-w- C:\Windows\difxapi.dll
2014-02-24 20:38:06 6DEC0DA34771EA20724A8B6D117D8148 2123 ------w- C:\Windows\Cmicnfg3.ini.cfg
2014-02-24 20:38:06 5A73E655E389FAB1E86F626FBF1668ED 247 ----a-w- C:\Windows\Cmicnfg3.ini.imi
====== C:\Users\Vladimir\AppData\Local\Temp ====
2014-03-01 03:52:37 D3BA1427D13E97C17762DB639D4AD36F 77147648 ----a-w- C:\Users\Vladimir\AppData\Local\Temp\RarSFX0\Sophos Virus Removal Tool.msi
2014-03-01 02:20:17 7777EA77E398380F9172FE7F32698267 379864 ----a-w- C:\Users\Vladimir\AppData\Local\Temp\InstHelper.exe
====== Java Cache =====
2014-02-10 18:03:24 D4837DDED57CA6C335EDF3F1FBF2647F 23196 ----a-w- C:\Users\Vladimir\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2fb889a6-6bbb7264
====== C:\Windows\SysWOW64 =====
2014-03-01 04:51:43 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll
2014-03-01 04:51:43 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL
2014-03-01 04:38:05 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll
2014-03-01 04:38:00 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 04:38:00 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-03-01 04:38:00 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll
2014-03-01 04:38:00 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll
2014-03-01 04:37:59 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:37:59 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:37:59 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:37:58 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:37:58 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-03-01 04:37:55 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-01 04:37:55 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec
2014-03-01 04:37:55 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx
2014-03-01 04:37:55 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-03-01 04:37:54 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-03-01 04:37:54 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat
2014-03-01 04:37:54 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 04:37:54 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-03-01 04:37:53 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll
2014-03-01 04:37:53 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-03-01 04:37:51 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf
2014-03-01 04:37:51 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll
2014-03-01 04:37:51 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:37:51 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2014-03-01 04:37:51 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 04:37:51 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:37:51 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll
2014-03-01 04:37:50 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2014-03-01 04:37:50 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe
2014-03-01 04:37:50 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-03-01 04:37:50 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-01 04:37:50 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2014-03-01 04:37:49 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:37:49 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-03-01 04:37:48 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2014-03-01 04:37:45 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-03-01 04:37:44 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37:44 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 04:37:44 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe
2014-03-01 04:37:44 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2014-03-01 04:37:44 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-01 04:37:44 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:37:44 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll
2014-03-01 04:37:43 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll
2014-03-01 04:37:43 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-01 04:37:43 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2014-03-01 04:37:43 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2014-03-01 04:37:42 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-01 04:37:42 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll
2014-03-01 04:37:42 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:37:42 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-01 04:37:42 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 04:37:42 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:32:10 AB5EFB103DB01C1912C9D2F545EA5621 17920 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll
2014-03-01 04:32:10 A5FE03D57097A45B8E7A4A09C9B78695 5698048 ----a-w- C:\Windows\SysWOW64\mstscax.dll
2014-03-01 04:32:10 8DEEE20D8D30E9B0FBDCA31E58A027BD 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll
2014-03-01 04:32:10 5E676B296B762E211D83B87635F2C330 855552 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-01 04:32:10 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe
2014-03-01 04:32:10 2EFB1279E7BEA7D12D9F4D6508D27880 50176 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-01 03:50:09 E4561704CBFA193761743E5AF746C669 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2014-03-01 03:50:08 17B06F23237FCD731FA2E10ECD6EDFE1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll
2014-03-01 03:50:07 AAB5D8C5ABE71873DC19ED004EF25009 792576 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-01 03:50:01 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2014-03-01 03:50:01 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2014-03-01 03:50:01 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2014-03-01 03:49:51 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2014-03-01 03:49:45 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\SysWOW64\msieftp.dll
2014-03-01 03:49:42 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2014-03-01 03:49:38 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll
2014-03-01 03:49:34 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll
2014-03-01 03:49:33 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\SysWOW64\locale.nls
2014-03-01 03:49:33 75F5E1FE8D55CF8E577E0EC5F2290D3F 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll
2014-03-01 03:49:17 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-01 03:49:17 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll
2014-03-01 03:49:17 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe
2014-03-01 03:49:17 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-01 03:49:17 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-01 03:49:16 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-01 03:49:16 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\SysWOW64\msdrm.dll
2014-03-01 03:49:16 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-01 03:49:16 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\SysWOW64\secproc.dll
2014-03-01 03:48:07 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-01 03:47:29 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll
2014-03-01 03:47:29 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll
2014-03-01 03:47:00 EAF4712B706936C0B10D3B5319B37E81 81920 ----a-w- C:\Windows\SysWOW64\davclnt.dll
2014-03-01 03:47:00 75E8EBD7040CE238684333F97014762A 205824 ----a-w- C:\Windows\SysWOW64\WebClnt.dll
2014-03-01 03:46:57 365A5034093AD9E04F433046C4CDF6AB 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2014-03-01 03:46:56 1B7343C3765638D4D17CB925F84F8ABE 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2014-03-01 03:46:55 812A161FC470FA832C3F0CC3D7ACA2F9 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2014-03-01 03:46:47 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll
2014-03-01 03:46:40 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2014-03-01 03:46:40 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll
2014-03-01 03:46:40 42B924C5F3924C1EB2539F22C10D7DF1 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2014-03-01 03:46:40 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2014-03-01 03:46:28 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\SysWOW64\authui.dll
2014-03-01 03:46:28 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\SysWOW64\credui.dll
2014-03-01 03:46:28 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-03-01 03:46:14 CC23295DA8F7B5C53F93804D2F5D30EB 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll
2014-03-01 03:46:14 8CC4638FA7B5B921B9080CF962582C0B 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2014-03-01 03:46:14 7D27E63B54DB093BB0D9E95F81094D75 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2014-03-01 03:46:14 5C6B44F9CAAC475B7B9EBBC29CB7F065 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2014-03-01 03:46:14 2342EC9254F4C60CA98441BD65C89E12 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll
2014-03-01 03:46:01 E94C583CDE2348950155F2AF2876F34D 231424 ----a-w- C:\Windows\SysWOW64\mswsock.dll
2014-03-01 03:46:01 1C0E369575F387460E2A5F28269B2CC4 1247744 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2014-03-01 03:45:55 674EB817CF6E43B7DF3EC26E06E98D98 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll
2014-03-01 03:45:43 A2B0924D50F4435FD389499047CE553A 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2014-03-01 03:45:43 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-01 03:45:43 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-01 03:45:43 401D25136E26B237D77DA1BF1198B3BD 619520 ----a-w- C:\Windows\SysWOW64\tdh.dll
2014-03-01 03:45:42 DEE3A05EB88EAFE9C5FF9643676ECC60 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2014-03-01 03:45:42 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2014-03-01 03:45:42 D67472125471784DE7147946EDA25FEB 640512 ----a-w- C:\Windows\SysWOW64\advapi32.dll
2014-03-01 03:45:42 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2014-03-01 03:45:41 D37B27C1F5FE8CFFCCA80FFD4F91149B 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2014-03-01 03:45:41 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2014-03-01 03:45:34 E02781D4871844DCD30DF1D69A650F78 12872704 ----a-w- C:\Windows\SysWOW64\shell32.dll
2014-03-01 03:45:33 2C4A87CA8C00E98EFDCFA2E8EC9A3503 180224 ----a-w- C:\Windows\SysWOW64\shdocvw.dll
2014-03-01 03:45:17 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\SysWOW64\scrrun.dll
2014-03-01 03:45:17 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe
2014-03-01 03:45:17 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe
2014-03-01 03:45:17 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\SysWOW64\wshom.ocx
2014-03-01 03:45:16 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-01 03:45:16 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\SysWOW64\nshwfp.dll
2014-03-01 03:45:15 56E3313690866F99CD17AA1342F64AE1 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll
2014-03-01 03:44:55 2A01B40C8334A8124001CFAC256FCA83 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-01 00:16:59 72F76B12C09B36F26219920D0B2E7EF3 692616 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-01 00:16:58 FD38EBD137378FE594E7EFEBB5B3E096 71048 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-24 20:38:37 D95A09848A91C22D55CCAC9FCB1032FD 143360 ------w- C:\Windows\SysWOW64\VmixP6.dll
2014-02-24 20:38:37 9F009D41E2577BA3D50D6EB37E866422 1144983 ------w- C:\Windows\SysWOW64\KB936225x64.msu
2014-02-24 20:38:37 8AC47B5D5A2521C194B9433B9A0159D6 200704 ------w- C:\Windows\SysWOW64\CMPaOxy.dll
2014-02-24 20:38:37 5BB2B1EE2C909D32D72AC3A612AA4420 8151040 ------w- C:\Windows\SysWOW64\CMICNFG3.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-03-01 04:51:44 AB272BBFB05A8585C3405EFA9F605774 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL
2014-03-01 04:51:42 8CBBB27369F9F07BC5E874E750EAF9D0 14631424 ----a-w- C:\Windows\Sysnative\wmp.dll
2014-03-01 04:41:34 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE
2014-03-01 04:38:05 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-03-01 04:38:00 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll
2014-03-01 04:37:38 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll
2014-03-01 04:37:38 43D9CE875F8FC8370C6BA2F74D50D01C 1394176 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-03-01 04:37:38 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2014-03-01 04:37:38 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll
2014-03-01 04:37:37 E6CB36B85BE59095337427E853A5B65A 2332160 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-03-01 04:37:37 5BECC17076F1806F60BB259B654FAC5C 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-03-01 04:37:37 3168FA85740503BAE77DB821CB3EE4FB 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-03-01 04:37:37 092F3E7D054FDF779054E29A0A0D4267 2764288 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-03-01 04:37:36 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe
2014-03-01 04:37:36 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll
2014-03-01 04:37:35 FB9459892AF2AD60BDA98F820C1A28C3 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-03-01 04:37:35 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll
2014-03-01 04:37:35 C70F72684CDCF9BB142F50F98BB1DD9C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-03-01 04:37:35 B99C7CC6ED6917E3035A12171F40D240 5765120 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-03-01 04:37:35 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe
2014-03-01 04:37:35 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll
2014-03-01 04:37:35 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2014-03-01 04:37:34 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf
2014-03-01 04:37:34 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-03-01 04:37:34 E36FDC470352C8F351F31959619CADD8 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-03-01 04:37:34 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-03-01 04:37:34 D36A88D22B843C3812B501434E5A67A0 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-03-01 04:37:34 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx
2014-03-01 04:37:34 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll
2014-03-01 04:37:34 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-03-01 04:37:34 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat
2014-03-01 04:37:34 95951E6A277F78FA13A85F2F408F4C0B 12995584 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-03-01 04:37:34 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-03-01 04:37:34 5FAC15F872026BBC31C11D3A32B84624 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-03-01 04:37:34 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec
2014-03-01 04:37:34 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll
2014-03-01 04:37:34 05018A4E76F1636EFBB7DCB76900872A 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-03-01 04:37:34 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-03-01 04:37:32 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll
2014-03-01 04:37:32 CC84F4E36AA96810AD766C88DD657ADB 626176 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-03-01 04:37:32 A8C830CABD7640EE8E6F0F1019F91E83 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-03-01 04:37:32 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll
2014-03-01 04:37:32 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-03-01 04:37:32 612DC699EBF0AA1AAA065898D33B553A 1993728 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-03-01 04:37:32 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll
2014-03-01 04:37:32 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe
2014-03-01 04:37:32 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe
2014-03-01 04:37:31 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll
2014-03-01 04:37:31 E949B344680691F255C0E662D4B5BFF1 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-03-01 04:37:31 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll
2014-03-01 04:37:31 D233E1A32CE6AF918C9DE1BC44AFEB2A 23212032 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-03-01 04:37:31 5A54ED24D5D42102A64904809215E0DC 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-03-01 04:37:30 F34C20D099CF94A606A2B5B0C668B570 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-03-01 04:37:30 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll
2014-03-01 04:37:30 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll
2014-03-01 04:37:30 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-03-01 04:37:30 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe
2014-03-01 04:37:30 45152BA21450811F4619C9C1790E7353 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-03-01 04:37:30 3AFA03119583647136C49B80DAD38F19 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-03-01 04:37:30 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll
2014-03-01 04:32:13 DDED7C5558B3AE09F568945281A9A6D1 44544 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll
2014-03-01 04:32:11 FEC6178962DFF33074D39CA907971405 12800 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-01 04:32:11 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe
2014-03-01 04:32:10 DB40DA256AD836C0D84716796247662E 6578176 ----a-w- C:\Windows\Sysnative\mstscax.dll
2014-03-01 04:32:10 A4420969E5AB94856E5C0C02E6099D3F 1057280 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll
2014-03-01 04:32:10 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\Sysnative\mstsc.exe
2014-03-01 04:32:10 7BD2E6E2458A5B95F8341244C7FC7DD4 18944 ----a-w- C:\Windows\Sysnative\wksprtPS.dll
2014-03-01 04:32:10 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\Sysnative\wksprt.exe
2014-03-01 04:32:10 5289A00E2D21BB3A7D6761646543ED5C 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll
2014-03-01 04:32:10 149A388C17F04AD1F99B477A43BE1A9F 56832 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll
2014-03-01 04:32:10 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe
2014-03-01 03:50:09 0D298133C359AB8CB9EB4FA178BF3947 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll
2014-03-01 03:50:08 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll
2014-03-01 03:50:07 9E2EDE952A3EC44754A829F048CE93A0 1030144 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll
2014-03-01 03:50:01 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2014-03-01 03:50:01 780F6ECC4F55D76C9730E6B6C9B31913 1474048 ----a-w- C:\Windows\Sysnative\crypt32.dll
2014-03-01 03:50:01 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2014-03-01 03:49:51 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll
2014-03-01 03:49:45 AC38EC8D0C1B4C783CA6A24D239A71B7 335360 ----a-w- C:\Windows\Sysnative\msieftp.dll
2014-03-01 03:49:42 5FD67F205773EC80674DBBD609DB5315 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
2014-03-01 03:49:38 4EDF8812713291DBBFDA67CE6215F236 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll
2014-03-01 03:49:34 B4F29F65AD3114051F01E9403346047F 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll
2014-03-01 03:49:33 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\Sysnative\locale.nls
2014-03-01 03:49:33 9028D1621C43DF8DFBD1C76860412A11 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll
2014-03-01 03:49:17 C6AC2C91541D24F9E236A670C0CA793D 528384 ----a-w- C:\Windows\Sysnative\msdrm.dll
2014-03-01 03:49:17 5693212AB2EBCACBBE05EC3A642113E2 485888 ----a-w- C:\Windows\Sysnative\secproc_isv.dll
2014-03-01 03:49:17 399FC1B75790EE606A6FD9F2FB4C891C 488448 ----a-w- C:\Windows\Sysnative\secproc.dll
2014-03-01 03:49:17 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe
2014-03-01 03:49:17 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\Sysnative\RMActivate.exe
2014-03-01 03:49:17 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe
2014-03-01 03:49:17 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe
2014-03-01 03:49:16 DC6DD779F35BB42E2E76FDFEC565C251 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll
2014-03-01 03:49:16 B41B1FEDEBBD955B4E25676B42087885 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll
2014-03-01 03:48:07 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL
2014-03-01 03:47:29 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll
2014-03-01 03:47:29 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll
2014-03-01 03:47:00 B32AB94A432289AC2DF77A3DCAD32EED 102400 ----a-w- C:\Windows\Sysnative\davclnt.dll
2014-03-01 03:47:00 0EB0E5D22B1760F2DBCE632F2DD7A54D 259584 ----a-w- C:\Windows\Sysnative\WebClnt.dll
2014-03-01 03:46:57 B22C00ED0491FD7B8803D7DDE2849F4C 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2014-03-01 03:46:56 F0970A4BC8395659C22BF53D0FADF16F 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2014-03-01 03:46:56 D8973E71F1B35CD3F3DEA7C12D49D0F0 1161216 ----a-w- C:\Windows\Sysnative\kernel32.dll
2014-03-01 03:46:56 BF95EA5809E3BBF55370F7CB309FEBD0 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2014-03-01 03:46:56 88EDD0B34EED542745931E581AD21A32 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2014-03-01 03:46:56 216BABD555BC550952320EEA89C25DDF 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2014-03-01 03:46:55 70A1D465390C393AA118D9764E065B06 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2014-03-01 03:46:47 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll
2014-03-01 03:46:40 B08EA91C774AA734E0B9881F85CD9F42 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll
2014-03-01 03:46:40 7C46EC9CCDE6E793713FA01DB2EB918E 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2014-03-01 03:46:40 747B9BA5412422F27934CB21131F0A3E 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2014-03-01 03:46:40 4D71227301DD8D09097B9E4CC6527E5A 30720 ----a-w- C:\Windows\Sysnative\lsass.exe
2014-03-01 03:46:40 31FFED18C7B836CEC1B559347E32E151 340992 ----a-w- C:\Windows\Sysnative\schannel.dll
2014-03-01 03:46:40 208EAAFF40DA400190AA0605C797BEA2 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2014-03-01 03:46:40 086F906B1D30C0A5D35FE0F6362DAB21 1447936 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2014-03-01 03:46:28 8563BA40DF4F1E93A61B70E2C8B60CF8 190464 ----a-w- C:\Windows\Sysnative\SmartcardCredentialProvider.dll
2014-03-01 03:46:28 4403D5ECE7D8323CAF1207D1AA38FA01 197120 ----a-w- C:\Windows\Sysnative\credui.dll
2014-03-01 03:46:28 34152997FB906895290E0199AC94B85F 1930752 ----a-w- C:\Windows\Sysnative\authui.dll
2014-03-01 03:46:14 E1BB958681BE311E7CFF06CFEC5F1F2B 368128 ----a-w- C:\Windows\Sysnative\atmfd.dll
2014-03-01 03:46:14 D6BAE9B4B210D71CDDADC224CEFCDB5F 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2014-03-01 03:46:14 A5ED9421B8D09ED4F57CDA386307713E 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll
2014-03-01 03:46:14 796B47A4B82EF1C39F13435B88834C48 41472 ----a-w- C:\Windows\Sysnative\lpk.dll
2014-03-01 03:46:14 142671F462619CB64BA74F5B70136CB4 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2014-03-01 03:46:05 F2BF71FCEAB8FB8A691408C478E2FF4C 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys
2014-03-01 03:46:02 9A9F9F1A77D6A80EE28B57664F00013E 327168 ----a-w- C:\Windows\Sysnative\mswsock.dll
2014-03-01 03:46:01 DD85F00EC31F77315AE992B7B0411D65 1643520 ----a-w- C:\Windows\Sysnative\DWrite.dll
2014-03-01 03:45:55 A3EC566925BEC505E2418C1AC14E541E 624128 ----a-w- C:\Windows\Sysnative\qedit.dll
2014-03-01 03:45:44 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2014-03-01 03:45:43 CAAAC014C5C56A69F710B5F1B836DE22 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll
2014-03-01 03:45:43 A3FCC4F97551087D65F8FEE879FEF736 859648 ----a-w- C:\Windows\Sysnative\tdh.dll
2014-03-01 03:45:43 63A580C88CFAF72A92550940054569EF 878080 ----a-w- C:\Windows\Sysnative\advapi32.dll
2014-03-01 03:45:42 70833F5A59F65908698093889C34BCA2 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2014-03-01 03:45:34 AD662B34B161198B9D66A564EDDA7D43 14172672 ----a-w- C:\Windows\Sysnative\shell32.dll
2014-03-01 03:45:33 23B001185B7C3CB1F4BDEB143E6B45B7 197120 ----a-w- C:\Windows\Sysnative\shdocvw.dll
2014-03-01 03:45:17 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\Sysnative\cscript.exe
2014-03-01 03:45:17 731131A477F69476F2D739B0DB6A9281 202752 ----a-w- C:\Windows\Sysnative\scrrun.dll
2014-03-01 03:45:17 05D80FF3483BD8F268B01703C859198A 150016 ----a-w- C:\Windows\Sysnative\wshom.ocx
2014-03-01 03:45:17 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\Sysnative\wscript.exe
2014-03-01 03:45:16 D07EB640618F96490DB88C3CE58DB608 324096 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL
2014-03-01 03:45:16 660C06F663F27760F565FD567B57625C 830464 ----a-w- C:\Windows\Sysnative\nshwfp.dll
2014-03-01 03:45:16 344789398EC3EE5A4E00C52B31847946 859648 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL
2014-03-01 03:45:15 56325BB1FF19F2A5AC8713756AC41140 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll
2014-03-01 03:45:12 56661BB55AE4633677F846FFCD080ECA 461312 ----a-w- C:\Windows\Sysnative\scavengeui.dll
2014-03-01 03:44:54 764DF431D13537A575752009E7740F18 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2014-03-01 03:28:07 D9EF901DCA379CFE914E9FA13B73B4C4 2428952 ----a-w- C:\Windows\Sysnative\wuaueng.dll
2014-03-01 03:28:07 C1C03EA437EDDA8A7D4D8786E5AE6751 57880 ----a-w- C:\Windows\Sysnative\wuauclt.exe
2014-03-01 03:28:07 7FE0D0C8F53735EA17C9AE93EFE7AD5A 44056 ----a-w- C:\Windows\Sysnative\wups2.dll
2014-03-01 03:28:07 50EBD31C3527366FAFA468BD609F7352 2622464 ----a-w- C:\Windows\Sysnative\wucltux.dll
2014-03-01 03:28:03 E746ED90132C6B6313CE9179F56BD31D 38424 ----a-w- C:\Windows\Sysnative\wups.dll
2014-03-01 03:28:03 C47F35CC6FA4F1BDBEF8F87AC1A46537 701976 ----a-w- C:\Windows\Sysnative\wuapi.dll
2014-03-01 03:28:03 4AA6AA52A16EED6481E83D73EED4C8D5 99840 ----a-w- C:\Windows\Sysnative\wudriver.dll
2014-03-01 03:28:00 FF0729002E081668620A681182D63FE6 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe
2014-03-01 03:28:00 3E38C20AC83B01C45723B63B0F7A8FDC 186752 ----a-w- C:\Windows\Sysnative\wuwebv.dll
2014-02-24 20:38:37 E94D563109A2EA6A00A41465F9AB399F 792576 ------w- C:\Windows\Sysnative\Cmeaupci.exe
2014-02-24 20:38:37 3CE16CE89CB53CA77C0E5B6B2C471F48 389120 ------w- C:\Windows\Sysnative\CMICNFG3.cpl
2014-02-24 20:38:06 11BB3D5DC9336037C14A46873FA1FFDF 359424 ------w- C:\Windows\Sysnative\CmiInstallResAll64.dll
====== C:\Windows\Sysnative\drivers =====
2014-03-01 04:32:11 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys
2014-03-01 03:49:37 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2014-03-01 03:49:31 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys
2014-03-01 03:49:31 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys
2014-03-01 03:49:31 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys
2014-03-01 03:47:00 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2014-03-01 03:46:50 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2014-03-01 03:46:49 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2014-03-01 03:46:40 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2014-03-01 03:46:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2014-03-01 03:46:40 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-03-01 03:46:13 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2014-03-01 03:46:13 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2014-03-01 03:46:12 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-03-01 03:46:12 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2014-03-01 03:46:12 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2014-03-01 03:46:12 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-03-01 03:46:12 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2014-03-01 03:46:12 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-03-01 03:46:12 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-03-01 03:46:04 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2014-03-01 03:46:04 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2014-03-01 03:45:55 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
2014-03-01 03:45:20 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2014-03-01 03:37:40 DD8C29C96307FDBD2DFA6F1730FBCE9A 127384 ----a-w- C:\Windows\Sysnative\drivers\scdemu.sys
2014-02-28 06:41:52 B6ADD92240D23D5B3318DBCFCAB4BB2D 480 ----a-w- C:\Windows\Sysnative\drivers\kgpcpy.cfg
====== C:\Windows\Tasks ======
2014-02-28 03:12:54 -------- d-----w- C:\Windows\Sysnative\Tasks\Safer-Networking
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-03-01 02:18:35 -------- d-----w- C:\Program Files\ESET
2014-02-28 03:13:30 -------- d-----w- C:\Program Files\Enigma Software Group
======= C:\PROGRA~2 =====
2014-03-01 03:37:40 -------- d-----w- C:\PROGRA~2\PowerISO
2014-02-28 23:53:43 -------- d-----w- C:\PROGRA~2\Free Download Manager
2014-02-28 03:13:05 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard
======= C: =====
2014-02-28 03:14:34 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\Vladimir\AppData\Roaming ======
2014-03-01 03:58:05 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\ESET
2014-02-28 23:53:45 -------- d-----w- C:\Users\Vladimir\AppData\Roaming\Free Download Manager
2014-02-28 03:44:22 -------- d-----w- C:\Users\Vladimir\AppData\Local\NPE
2014-02-22 18:27:25 -------- d-----w- C:\Users\Vladimir\AppData\Local\Adobe
====== C:\Users\Vladimir ======
2014-03-01 03:53:11 -------- d-----w- C:\ProgramData\Sophos
2014-03-01 03:37:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-03-01 02:18:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-03-01 02:18:36 -------- d-----w- C:\ProgramData\ESET
2014-02-28 23:53:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2014-02-28 07:12:27 -------- d-----w- C:\Users\Vladimir\Doctor Web
2014-02-28 02:51:40 644F0A49DD3BBF9033A624EE276353F2 88504776 ----a-w- C:\Users\Vladimir\Downloads\avast_free_antivirus_setup.exe
2014-02-26 02:57:23 2075EBB7954277A05193412881EC8FDE 1037734 ----a-w- C:\Users\Vladimir\Downloads\JRT.exe

====== C: exe-files ==
2014-03-01 04:51:44 D21DD7BFC81C8623DE48EBB17133D59C 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-03-01 04:51:44 9AED8E824CF5FAAB67957EDBC5512060 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-03-01 04:41:34 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\System32\IEUDINIT.EXE
2014-03-01 04:38:05 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:38:00 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-03-01 04:38:00 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 04:37:55 ED45D1C3FDA215374FBCFC161A57AA80 467456 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-03-01 04:37:55 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-03-01 04:37:50 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2014-03-01 04:37:50 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe
2014-03-01 04:37:44 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37:44 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe
2014-03-01 04:37:43 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2014-03-01 04:37:42 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-01 04:37:42 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
2014-03-01 04:37:38 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-03-01 04:37:38 0685765C0CBE095BA0C6C8790BAE21EF 804560 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-03-01 04:37:36 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\System32\msfeedssync.exe
2014-03-01 04:37:35 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2014-03-01 04:37:34 D68007F924B9F387AA7C76F48D0A260A 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-03-01 04:37:34 70D721CC971A9EFFCF7845CEFBB02704 480256 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-03-01 04:37:34 41F922D6A794C0F8425C8436D7077C84 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
2014-03-01 04:37:34 05018A4E76F1636EFBB7DCB76900872A 218624 ----a-w- C:\Windows\System32\ie4uinit.exe
2014-03-01 04:37:32 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\System32\iexpress.exe
2014-03-01 04:37:32 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\System32\wextract.exe
2014-03-01 04:37:31 E949B344680691F255C0E662D4B5BFF1 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:37:30 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\System32\mshta.exe
2014-03-01 04:37:30 3AFA03119583647136C49B80DAD38F19 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:11 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-01 04:32:10 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2014-03-01 04:32:10 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\System32\wksprt.exe
2014-03-01 04:32:10 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe
2014-03-01 04:32:10 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2014-03-01 03:49:17 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-01 03:49:17 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe
2014-03-01 03:49:17 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2014-03-01 03:49:17 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2014-03-01 03:49:17 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2014-03-01 03:49:17 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-01 03:49:17 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-01 03:49:17 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2014-03-01 03:46:56 F0970A4BC8395659C22BF53D0FADF16F 112640 ----a-w- C:\Windows\System32\smss.exe
2014-03-01 03:46:56 BF95EA5809E3BBF55370F7CB309FEBD0 338432 ----a-w- C:\Windows\System32\conhost.exe
2014-03-01 03:46:40 4D71227301DD8D09097B9E4CC6527E5A 30720 ----a-w- C:\Windows\System32\lsass.exe
2014-03-01 03:45:44 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-01 03:45:43 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-01 03:45:43 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-01 03:45:42 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2014-03-01 03:45:42 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2014-03-01 03:45:41 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2014-03-01 03:45:17 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-03-01 03:45:17 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe
2014-03-01 03:45:17 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe
2014-03-01 03:45:17 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-03-01 03:37:42 1687F6DE43055AFFD36474859BA22C54 128432 ----a-w- C:\Program Files (x86)\PowerISO\uninstall.exe
2014-03-01 03:28:07 C1C03EA437EDDA8A7D4D8786E5AE6751 57880 ----a-w- C:\Windows\System32\wuauclt.exe
2014-03-01 03:28:00 FF0729002E081668620A681182D63FE6 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-03-01 02:20:17 7777EA77E398380F9172FE7F32698267 379864 ----a-w- C:\Users\Vladimir\AppData\Local\Temp\InstHelper.exe
2014-03-01 02:19:54 B237D9D29FA55BEB1B4EBE5B82F76A30 2953096 ----a-w- C:\Program Files\ESET\ESET NOD32 Antivirus\speclean.exe
2014-03-01 00:16:59 72F76B12C09B36F26219920D0B2E7EF3 692616 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-28 23:53:44 DF33A25C8521EAF07D6BC9682A8625C8 6149120 ----a-w- C:\Program Files (x86)\Free Download Manager\fdm.exe
2014-02-28 23:53:44 B71D754AFD61560B356229635E9B3750 56320 ----a-w- C:\Program Files (x86)\Free Download Manager\etasks.exe
2014-02-28 23:53:44 964BF6957BF97AAD0CC2EA7778759779 1720832 ----a-w- C:\Program Files (x86)\Free Download Manager\fdmwi.exe
2014-02-28 23:53:44 67345E5B022D68430F69CD3E70F27A34 49664 ----a-w- C:\Program Files (x86)\Free Download Manager\Updater.exe
2014-02-28 23:53:43 2D35BAC59A75BD64D73F781895C4F9D6 716789 ----a-w- C:\Program Files (x86)\Free Download Manager\unins000.exe
2014-02-28 06:43:38 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla31.exe
2014-02-28 06:43:38 15E51E8ADDED68AE73CD46AE671923E2 190437 ----a-w- C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla36.exe
2014-02-28 02:51:40 644F0A49DD3BBF9033A624EE276353F2 88504776 ----a-w- C:\Users\Vladimir\Downloads\avast_free_antivirus_setup.exe
2014-02-27 23:32:07 E326EA7DB340F3F9A120B7C03CC04EBC 17858952 ----a-w- C:\Users\Vladimir\AppData\Local\Adobe\AIH.7d7225575a33e7f8e883fd15fed444e60ef69a5a\install_flash_player.exe
2014-02-27 23:32:05 AD6274FC24DF32A8433FDC7969CD5AD3 121856 ----a-w- C:\Users\Vladimir\AppData\Local\Adobe\AIH.7d7225575a33e7f8e883fd15fed444e60ef69a5a\gccheck.exe
2014-02-26 02:57:23 2075EBB7954277A05193412881EC8FDE 1037734 ----a-w- C:\Users\Vladimir\Downloads\JRT.exe
2014-02-24 20:38:37 E94D563109A2EA6A00A41465F9AB399F 792576 ------w- C:\Windows\System32\Cmeaupci.exe
=== C: other files ==
2014-03-01 04:32:11 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2014-03-01 03:49:37 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-03-01 03:49:31 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-03-01 03:49:31 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-03-01 03:49:31 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2014-03-01 03:47:00 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-03-01 03:46:50 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2014-03-01 03:46:49 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2014-03-01 03:46:40 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2014-03-01 03:46:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-03-01 03:46:40 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-03-01 03:46:13 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2014-03-01 03:46:13 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-03-01 03:46:12 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-03-01 03:46:12 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-03-01 03:46:12 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-03-01 03:46:12 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-03-01 03:46:12 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-03-01 03:46:12 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-03-01 03:46:12 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-03-01 03:46:05 F2BF71FCEAB8FB8A691408C478E2FF4C 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-01 03:46:04 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-03-01 03:46:04 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-03-01 03:45:55 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-03-01 03:45:20 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-03-01 03:37:40 DD8C29C96307FDBD2DFA6F1730FBCE9A 127384 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2014-03-01 02:13:09 958FA7C865D99D9B73239E5EB4552F7E 1098 ----a-w- C:\Users\Vladimir\AppData\Local\Temp\systemsurvey_17931999034.zip
2014-02-28 03:14:34 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
2014-02-28 00:30:13 F41EAD5FE807A40DEDCAE8EA7C63945E 1151132 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.football.today-2.1.3.zip
2014-02-28 00:29:44 810167938CBCAC7759409AC8796A5773 106112 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\metadata.themoviedb.org-3.7.6.zip
2014-02-27 01:06:58 5873737C8991D74F650D87E338F4BF54 265391 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.dailyflix-1.31.zip
2014-02-27 01:06:53 0161CEDE984E67B404CC670DC9FA07E6 201097 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.videophile-1.1.2.5.zip
2014-02-27 01:06:37 486D7A5023CF8D3491B8A264AE0347C0 379754 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.muchmovies.hd-1.4.3.zip
2014-02-27 01:06:35 8B636E94C6EC872BCB54FBE72ECCC430 1151067 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.football.today-2.1.2.zip
2014-02-27 01:06:29 7348991AD15285EE37D63923E61C5B54 1523963 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\script.xbmc.subtitles-3.9.18.zip
2014-02-27 01:06:28 151A1F2AA5CF4F96F63A64FC6A731244 57981 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\script.common.plugin.cache-2.5.4.zip
2014-02-27 01:06:26 9BE2EFB0BAC9C2897EDCB535C9002E98 178206 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.rt-1.9.2.zip
2014-02-27 01:06:25 C251A9F5AEBAA0620428E8025E61B86F 113687 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.popcornflix-1.9.0.zip
2014-02-27 01:06:25 5A427EB174D51031200CD59A33D6E0E4 79568 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\script.module.beautifulsoup4-4.3.2.zip
2014-02-27 01:06:24 01D45C347BAAF4BDF3D234FDB76ABCD5 57279 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\metadata.common.themoviedb.org-2.11.4.zip
2014-02-27 01:06:22 46A089DF26BFD1B1196B71F809EED8E7 78184 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.veetle-0.2.3.zip
2014-02-27 01:06:07 CD78329C759BDED7D40A28F4B7876355 3234222 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.F.T.V-1.1.6a.zip
2014-02-27 01:06:05 E659D21BF543E0C420658398D2DBD14D 2641657 ----a-w- C:\Users\Vladimir\AppData\Roaming\XBMC\addons\packages\plugin.video.aob-0.0.5.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1685461964-451087640-2126645316-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_E7E7B640C719C6D8CE20F2E50D91D1E8"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_E7E7B640C719C6D8CE20F2E50D91D1E8"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"CmPCIaudio"="C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd"
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/02/2014 07:21 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/02/2014 07:21 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

==== Chrome Look ======================

Google Docs - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
TweetDeck by Twitter - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
Hangouts - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd
Google Wallet - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Checker Plus for Gmail™ - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj
Gmail - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Sat 03/01/2014 at 19:34:12.65 ======================

Poslao: 01 Mar 2014 20:17
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Deinstaliraj Free Download Manager.



Arrow Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

Poslao: 02 Mar 2014 02:29
Idi na vrh
offline
  • Pridružio: 29 Sep 2005
  • Poruke: 316
  • Gde živiš: ZR

Napisano: 01 Mar 2014 20:47

Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Vladimir on Sat 03/01/2014 at 20:36:53.76.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\MyDownloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-03-01-183412.log 53861 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\Windows\wininit.ini deleted

==== Chrome Look ======================

AdBlock - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
TweetDeck by Twitter - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
Checker Plus for Gmail™ - Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vladimir\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vladimir\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=14 folders=15 14060718 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Vladimir\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Vladimir\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Sat 03/01/2014 at 20:45:28.96 ======================

Dopuna: 01 Mar 2014 22:39

samo da dodam. Bio sam kod sestre danas i požalila se da ima isti problem, tamo su bili i neki poznanici i oni su se isto žalili na identičnu stranicu. Preko dana je sve radilo i sad uveče oko 21:40 je opet počelo. Zvao sam sestru i kod nje je ista situacija. Jedino što imamo zajedničko je da koristimo orion telekom adsl. Njen OS je windows 7 home premium i koristi avira free antivirus.

Dopuna: 02 Mar 2014 2:29

Otkrio sam još nešto pa da podelim. Dosetio sam se da probam sa kaspersky rescue CD. Podigao sam sistem i ostavio da skenira. Ono što sam primetio da se i tu ispoljava problem što me je veoma iznenadilo jer je u pitanju vrsta linux distribucije.






Da li postoji mogućnost da je provider zaražen, ili virus radi i na linuxu skroz sam zbunjen.

Poslao: 02 Mar 2014 13:49
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Napisano: 02 Mar 2014 11:04

Da li imaš samo ADSL modem ili uz njega imaš još jedan wireless ruter?

Dopuna: 02 Mar 2014 13:49

Izgleda da su im DNS serveri kompromitovani. Podesi Windows tako da koristi OpenDNS servere prema ovom uputstvu:
http://use.opendns.com/#win7

Restartuj računar i vidi da li će se problem i dalje manifestovati.

Poslao: 04 Mar 2014 21:09
Idi na vrh
offline
  • Pridružio: 29 Sep 2005
  • Poruke: 316
  • Gde živiš: ZR

Promenio sam DNS servere i sve radi ok već 2 dana. Nije bilo nikakvog virusa. Juče su i zvanično objavili da imaju nekih problema. http://www.oriontelekom.rs/orion_telekom/press_cen.....newsId=130

Hvala na pomoći.

Poslao: 04 Mar 2014 21:55
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ostaje ti još da uradiš sljedeće:

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.



Arrow

Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: http://www.mcshield.net
Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v3.html
Facebook stranica MCShield-a: http://www.facebook.com/MCShield

MyCity » Ambulanta -> Arhiva Ambulante » Pretraživači me prebacuju na phishing site i usporena internet konekcija

Ko je trenutno na forumu
 

Ukupno su 866 korisnika na forumu :: 30 registrovanih, 4 sakrivenih i 832 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., bigfoot, bojank, DonRumataEstorski, DPera, esx66, jackreacher011011, Jahorina, JOntra, Još malo pa deda, Krvava Devetka, Kubovac, laurusri, Lucije Kvint, MB120mm, mercedesamg, mikrimaus, milutin134, mrav pesadinac, nemkea71, nuke92, ozzy, pein, rajkoplje, vathra, Vlad000, vladulns, voja64, wizzardone, zbazin