Možda tražite i:
Moze provjera...
provjera?
Provjera kompjutera od virus-a ako moze ?
Provjera

MyCity » Ambulanta -> Arhiva Ambulante » Provjera

Provjera

Napisano na dan: 11.1.2013

Provjera

Sledeća strana

Pagination

Odgovori

TheSpringEagle Poslao: 11 Jan 2013 00:20 Idi na vrh
offline TheSpringEagle AMF student Anunnaki Pridružio: 20 Apr 2012 Poruke: 1645	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Htio bih da provjerim svoj notbuk da li ima koji virus. Sistem Windows 7 SP1 32-bit DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16457 Run by Luta at 23:48:19 on 2013-01-10 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.1013.279 [GMT 1:00] . AV: Microsoft Security Essentials Enabled/Updated {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials Enabled/Updated {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe C:\Program Files\MCShield\MCShieldRTM.exe C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe C:\Program Files\Join Air\AssistantServices.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\uTorrent\uTorrent.exe C:\Users\Luta\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [New Value #1] "ctfmon"="CTFMON.EXE" mRun: [MTel_ontenegro Imola ModemListener] c:\program files\hspa usb modem\backgroundservice\ModemListener.exe start uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:4 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{1CEB942B-B31A-4858-BB92-BCF298719D9C} : NameServer = 212.200.246.8 213.133.3.5 TCP: Interfaces\{F5A3423C-50F7-4A8C-A90B-48CFFE968F53} : DHCPNameServer = 192.168.1.254 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552] R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 99272] R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2012-12-20 106112] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-1-8 68208] R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2012-1-8 6766080] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2012-1-8 82768] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-7-20 9216] S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [2012-3-28 32377] S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-7-21 15576] S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-7-21 10200] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-9 14848] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2012-5-26 98432] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2012-5-26 14848] S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2012-5-26 123648] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-9 49664] . =============== Created Last 30 ================ . 2013-01-10 14:14:34 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{42a27062-ef0c-4884-9355-b105d87762ea}\mpengine.dll 2013-01-10 02:52:19 -------- d-----w- c:\programdata\Package Cache 2013-01-10 02:40:13 -------- d-----w- c:\users\luta\appdata\roaming\Rainmeter 2013-01-10 02:39:58 -------- d-----w- c:\program files\Rainmeter 2013-01-09 20:57:59 2739712 ----a-w- c:\windows\system32\rdpcorets.dll 2013-01-09 20:57:56 4916224 ----a-w- c:\windows\system32\mstscax.dll 2013-01-09 20:53:03 247808 ----a-w- c:\windows\system32\schannel.dll 2013-01-09 20:53:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys 2013-01-09 20:53:02 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2013-01-09 20:53:01 1039360 ----a-w- c:\windows\system32\lsasrv.dll 2013-01-09 14:04:21 -------- d-----w- c:\program files\MSXML 4.0 2013-01-09 13:32:07 6812136 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-01-09 13:16:49 626688 ----a-w- c:\windows\system32\usp10.dll 2013-01-09 13:16:11 2345984 ----a-w- c:\windows\system32\win32k.sys 2013-01-09 13:15:57 492032 ----a-w- c:\windows\system32\win32spl.dll 2013-01-09 12:16:31 46592 ----a-w- c:\windows\system32\fpb.rs 2013-01-09 12:12:35 220160 ----a-w- c:\windows\system32\ncrypt.dll 2013-01-09 12:12:31 49152 ----a-w- c:\windows\system32\taskhost.exe 2013-01-05 02:40:56 -------- d-----w- c:\users\luta\appdata\roaming\BSplayer PRO 2013-01-05 02:40:37 -------- d-----w- c:\program files\Webteh 2012-12-25 17:18:16 -------- d-----w- c:\program files\Cheat Engine 6.1 2012-12-21 15:35:35 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-21 15:35:32 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-20 12:32:58 106112 ----a-w- c:\windows\system32\drivers\jrdusbser.sys 2012-12-20 12:32:37 -------- d-----w- c:\program files\HSPA USB MODEM 2012-12-12 11:24:18 376832 ----a-w- c:\windows\system32\dpnet.dll 2012-12-12 11:20:28 2048 ----a-w- c:\windows\system32\tzres.dll . ==================== Find3M ==================== . 2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll 2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll 2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe 2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-11-08 10:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll 2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll 2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 13:12:38 2560 ----a-w- c:\windows\_MSRSTRT.EXE . ============= FINISH: 23:50:49,36 =============== https://www.mycity.rs/must-login.png OTL logfile created on: 10.1.2013 23:51:54 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luta\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000241A \| Country: Serbia \| Language: SRM \| Date Format: d.M.yyyy 1013,09 Mb Total Physical Memory \| 195,77 Mb Available Physical Memory \| 19,32% Memory free 1,99 Gb Paging File \| 0,86 Gb Available in Paging File \| 43,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 232,79 Gb Total Space \| 33,76 Gb Free Space \| 14,50% Space Free \| Partition Type: NTFS Computer Name: LUTA-PC \| User Name: Luta \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.10 23:47:06 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Users\Luta\Desktop\OTL.exe PRC - [2013.01.06 13:54:48 \| 000,035,512 \| ---- \| M] () -- C:\Program Files\Rainmeter\Rainmeter.exe PRC - [2012.12.16 10:38:44 \| 000,605,184 \| ---- \| M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe PRC - [2012.12.10 18:59:26 \| 000,969,104 \| ---- \| M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2012.11.23 03:48:41 \| 000,049,152 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012.09.15 13:35:26 \| 000,212,432 \| ---- \| M] (Google Inc.) -- C:\Users\Luta\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe PRC - [2012.09.12 16:25:24 \| 000,287,824 \| ---- \| M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe PRC - [2012.09.12 16:25:22 \| 000,020,472 \| ---- \| M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2012.09.12 16:19:44 \| 000,947,176 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012.05.14 14:27:54 \| 000,125,504 \| ---- \| M] () -- C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe PRC - [2012.03.14 12:05:10 \| 000,053,312 \| ---- \| M] () -- C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe PRC - [2011.02.25 06:30:54 \| 002,616,320 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.07.14 20:34:14 \| 000,252,784 \| ---- \| M] () -- C:\Program Files\Join Air\AssistantServices.exe ========== Modules (No Company Name) ========== MOD - [2013.01.09 16:05:24 \| 011,493,376 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013.01.06 13:54:48 \| 000,035,512 \| ---- \| M] () -- C:\Program Files\Rainmeter\Rainmeter.exe MOD - [2013.01.06 13:54:46 \| 000,620,728 \| ---- \| M] () -- C:\Program Files\Rainmeter\Rainmeter.dll MOD - [2012.12.05 02:15:15 \| 012,456,040 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll MOD - [2012.12.05 02:15:15 \| 000,460,904 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll MOD - [2012.12.05 02:15:14 \| 004,008,040 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012.12.05 02:14:29 \| 000,587,880 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll MOD - [2012.12.05 02:14:28 \| 000,124,520 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll MOD - [2012.12.05 02:14:21 \| 000,157,304 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012.12.05 02:14:20 \| 000,275,576 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012.12.05 02:14:19 \| 002,168,952 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012.05.14 14:27:54 \| 000,125,504 \| ---- \| M] () -- C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe MOD - [2011.05.28 22:04:56 \| 000,140,288 \| ---- \| M] () -- C:\Program Files\WinRAR\RarExt.dll ========== Services (SafeList) ========== SRV - [2012.09.12 16:25:24 \| 000,287,824 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012.09.12 16:25:22 \| 000,020,472 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.07.13 12:28:36 \| 000,160,944 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.14 12:05:10 \| 000,053,312 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe -- (MTel_ontenegro Imola Modem Device Helper) SRV - [2010.07.14 20:34:14 \| 000,252,784 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\Join Air\AssistantServices.exe -- (UI Assistant Service) SRV - [2009.07.14 02:16:13 \| 000,025,088 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 \| 001,004,544 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 \| 000,680,960 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel \| On_Demand \| Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel \| On_Demand \| Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel \| On_Demand \| Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel \| On_Demand \| Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd) DRV - File not found [Kernel \| On_Demand \| Unknown] -- C:\Users\Luta\AppData\Local\Temp\mbr.sys -- (mbr) DRV - File not found [Kernel \| System \| Stopped] -- -- (AntiKill) DRV - [2013.01.10 23:50:48 \| 000,029,904 \| ---- \| M] (Microsoft Corporation) [Kernel \| System \| Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{42A27062-EF0C-4884-9355-B105D87762EA}\MpKsl99af2018.sys -- (MpKsl99af2018) DRV - [2012.08.30 21:03:50 \| 000,099,272 \| ---- \| M] (Microsoft Corporation) [Kernel \| Auto \| Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2012.08.23 15:44:32 \| 000,014,848 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012.08.23 15:40:25 \| 000,049,664 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012.06.18 12:34:38 \| 000,015,576 \| ---- \| M] () [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio) DRV - [2012.06.18 12:34:38 \| 000,010,200 \| ---- \| M] () [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio) DRV - [2011.10.27 02:25:48 \| 000,123,648 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2011.10.27 02:25:48 \| 000,098,432 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2011.10.27 02:25:48 \| 000,014,848 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2011.10.27 02:25:44 \| 000,123,776 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2011.10.27 02:25:44 \| 000,098,560 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) DRV - [2011.10.27 02:25:44 \| 000,014,848 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2011.06.20 09:00:46 \| 000,106,112 \| ---- \| M] (TCT International Mobile Ltd) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\jrdusbser.sys -- (jrdusbser) DRV - [2010.11.20 13:30:15 \| 000,175,360 \| ---- \| M] (Microsoft Corporation) [Kernel \| Boot \| Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 13:30:15 \| 000,040,704 \| ---- \| M] (Microsoft Corporation) [Kernel \| Boot \| Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 13:30:15 \| 000,028,032 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 10:59:44 \| 000,035,968 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 10:14:45 \| 000,017,920 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 10:14:41 \| 000,005,632 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.06.17 14:50:38 \| 000,082,768 \| ---- \| M] (ENE Technology Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\EUCR6SK.sys -- (EUCR) DRV - [2010.05.31 12:04:30 \| 006,766,080 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) DRV - [2010.05.20 14:10:32 \| 000,068,208 \| ---- \| M] (Atheros Communications, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2009.10.29 18:28:24 \| 000,105,088 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009.10.29 18:28:24 \| 000,105,088 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009.10.29 18:28:24 \| 000,105,088 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009.10.29 18:28:24 \| 000,009,216 \| ---- \| M] (ZTE Incorporated) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2008.07.23 23:29:16 \| 000,047,744 \| ---- \| M] () [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\vserial.sys -- (vserial) DRV - [2008.07.23 23:29:16 \| 000,015,264 \| ---- \| M] () [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\vsb.sys -- (vsbus) DRV - [2006.08.29 15:56:20 \| 000,032,377 \| ---- \| M] (B-phreaks) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\prodigy.sys -- (PRODIGY) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F4 B7 A7 83 3F CE CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Luta\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Luta\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Luta\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Luta\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Download Plugin (Disabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Google Update (Enabled) = C:\Users\Luta\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google Search = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Gmail = C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012.09.09 15:14:53 \| 000,000,027 \| ---- \| M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [MTel_ontenegro Imola ModemListener] C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe () O4 - HKLM..\Run: [New Value #1] "ctfmon"="CTFMON.EXE" File not found O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity) O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 4 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CEB942B-B31A-4858-BB92-BCF298719D9C}: NameServer = 212.200.246.8 213.133.3.5 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5A3423C-50F7-4A8C-A90B-48CFFE968F53}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 \| 000,000,024 \| ---- \| M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk ) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.10 23:46:02 \| 000,602,112 \| ---- \| C] (OldTimer Tools) -- C:\Users\Luta\Desktop\OTL.exe [2013.01.10 23:43:10 \| 000,688,992 \| R--- \| C] (Swearware) -- C:\Users\Luta\Desktop\dds.com [2013.01.10 03:52:19 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Package Cache [2013.01.10 03:43:58 \| 000,000,000 \| R--D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [2013.01.10 03:40:13 \| 000,000,000 \| ---D \| C] -- C:\Users\Luta\Desktop\Documents\Rainmeter [2013.01.10 03:40:13 \| 000,000,000 \| ---D \| C] -- C:\Users\Luta\AppData\Roaming\Rainmeter [2013.01.10 03:39:58 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Rainmeter [2013.01.09 21:58:22 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe [2013.01.09 21:58:20 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys [2013.01.09 21:58:17 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [2013.01.09 21:58:17 \| 000,012,800 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll [2013.01.09 21:58:11 \| 000,049,664 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys [2013.01.09 21:58:03 \| 000,046,592 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll [2013.01.09 21:58:03 \| 000,037,376 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2013.01.09 21:58:03 \| 000,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll [2013.01.09 21:58:03 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll [2013.01.09 21:58:02 \| 000,269,312 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2013.01.09 21:58:02 \| 000,221,184 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll [2013.01.09 21:58:02 \| 000,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe [2013.01.09 21:58:01 \| 000,317,440 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe [2013.01.09 21:58:01 \| 000,192,000 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll [2013.01.09 21:57:59 \| 002,739,712 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll [2013.01.09 15:04:21 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MSXML 4.0 [2013.01.09 14:16:11 \| 002,345,984 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.09 13:19:08 \| 000,271,360 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.01.09 13:19:08 \| 000,169,984 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.01.09 13:19:06 \| 000,005,120 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.01.09 13:19:05 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.09 13:19:05 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.01.09 13:19:04 \| 000,004,608 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.09 13:19:04 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.09 13:19:04 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.01.09 13:19:04 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.09 13:19:04 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.09 13:19:04 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.01.09 13:19:04 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.01.09 13:19:03 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.01.09 13:19:03 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.09 13:19:03 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.01.09 13:19:03 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.09 13:19:03 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.09 13:19:03 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.01.09 13:19:03 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.01.09 13:19:03 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.01.09 13:19:02 \| 000,006,144 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.01.09 13:19:02 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.01.09 13:19:02 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.01.09 13:19:02 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.01.09 13:19:02 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.01.09 13:19:01 \| 000,004,608 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.09 13:19:01 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.01.09 13:19:01 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.09 13:19:00 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.01.09 13:19:00 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.01.09 13:16:31 \| 000,046,592 \| ---- \| C] (Microsoft) -- C:\Windows\System32\fpb.rs [2013.01.09 13:16:31 \| 000,045,568 \| ---- \| C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs [2013.01.09 13:16:31 \| 000,044,544 \| ---- \| C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs [2013.01.09 13:16:31 \| 000,043,520 \| ---- \| C] (Microsoft) -- C:\Windows\System32\csrr.rs [2013.01.09 13:16:31 \| 000,040,960 \| ---- \| C] (Microsoft) -- C:\Windows\System32\cob-au.rs [2013.01.09 13:16:31 \| 000,015,360 \| ---- \| C] (Microsoft) -- C:\Windows\System32\djctq.rs [2013.01.09 13:16:30 \| 000,030,720 \| ---- \| C] (Microsoft) -- C:\Windows\System32\usk.rs [2013.01.09 13:16:30 \| 000,021,504 \| ---- \| C] (Microsoft) -- C:\Windows\System32\grb.rs [2013.01.09 13:16:30 \| 000,020,480 \| ---- \| C] (Microsoft) -- C:\Windows\System32\pegi.rs [2013.01.09 13:16:29 \| 002,576,384 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2013.01.09 13:16:29 \| 000,020,480 \| ---- \| C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs [2013.01.09 13:16:28 \| 000,308,736 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2013.01.09 13:16:24 \| 000,051,712 \| ---- \| C] (Microsoft) -- C:\Windows\System32\esrb.rs [2013.01.09 13:16:23 \| 000,055,296 \| ---- \| C] (Microsoft) -- C:\Windows\System32\cero.rs [2013.01.09 13:16:23 \| 000,023,552 \| ---- \| C] (Microsoft) -- C:\Windows\System32\oflc.rs [2013.01.09 13:16:23 \| 000,020,480 \| ---- \| C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs [2013.01.09 13:12:35 \| 000,220,160 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.09 13:12:31 \| 000,049,152 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013.01.05 03:44:28 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh [2013.01.05 03:40:56 \| 000,000,000 \| ---D \| C] -- C:\Users\Luta\AppData\Roaming\BSplayer PRO [2013.01.05 03:40:37 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Webteh [2012.12.25 18:26:18 \| 000,000,000 \| ---D \| C] -- C:\Users\Luta\Desktop\Documents\My Cheat Tables [2012.12.25 18:18:39 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1 [2012.12.25 18:18:16 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Cheat Engine 6.1 [2012.12.23 21:40:30 \| 000,000,000 \| ---D \| C] -- C:\Users\Luta\Desktop\Rade Lackovic [2012.12.21 16:35:35 \| 000,295,424 \| ---- \| C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.21 16:35:32 \| 000,034,304 \| ---- \| C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.20 13:32:58 \| 000,106,112 \| ---- \| C] (TCT International Mobile Ltd) -- C:\Windows\System32\drivers\jrdusbser.sys [2012.12.20 13:32:50 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HSPA USB MODEM [2012.12.20 13:32:37 \| 000,000,000 \| ---D \| C] -- C:\Program Files\HSPA USB MODEM [2012.12.14 19:17:57 \| 000,000,000 \| R--D \| C] -- C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.12.12 12:59:19 \| 002,382,848 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.12.12 12:59:17 \| 000,065,024 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.12.12 12:59:16 \| 000,176,640 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.12.12 12:59:15 \| 000,142,848 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.12.12 12:59:14 \| 000,607,744 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.12.12 12:59:11 \| 001,800,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.12.12 12:59:11 \| 000,231,936 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.12.12 12:59:06 \| 001,427,968 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.12.12 12:24:18 \| 000,376,832 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2012.12.12 12:20:28 \| 000,002,048 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll ========== Files - Modified Within 30 Days ========== [2013.01.10 23:47:06 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Users\Luta\Desktop\OTL.exe [2013.01.10 23:45:29 \| 000,365,568 \| ---- \| M] () -- C:\Users\Luta\Desktop\yhfocg8e.exe [2013.01.10 23:44:40 \| 000,688,992 \| R--- \| M] (Swearware) -- C:\Users\Luta\Desktop\dds.com [2013.01.10 23:40:02 \| 000,000,904 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000UA.job [2013.01.10 21:32:05 \| 000,000,924 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000UA.job [2013.01.10 21:32:02 \| 000,000,902 \| ---- \| M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000Core.job [2013.01.10 20:05:27 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2013.01.10 19:04:24 \| 000,031,138 \| ---- \| M] () -- C:\Users\Luta\Desktop\23362_270583489736513_667586537_n.jpg [2013.01.10 14:40:03 \| 000,000,852 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000Core.job [2013.01.10 12:05:25 \| 000,652,148 \| ---- \| M] () -- C:\Windows\System32\perfh009.dat [2013.01.10 12:05:25 \| 000,121,080 \| ---- \| M] () -- C:\Windows\System32\perfc009.dat [2013.01.10 00:02:41 \| 000,016,944 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.10 00:02:41 \| 000,016,944 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.09 23:56:31 \| 796,725,248 \| -HS- \| M] () -- C:\hiberfil.sys [2013.01.09 16:02:46 \| 000,269,568 \| ---- \| M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.05 03:44:28 \| 000,001,089 \| ---- \| M] () -- C:\Users\Luta\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk [2013.01.05 02:39:36 \| 000,008,476 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\vanillaice_320x245.jpg [2013.01.02 14:29:46 \| 000,014,047 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\layer_pentagram_white.jpg [2013.01.02 14:18:02 \| 000,006,038 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\Pentagram.jpg [2012.12.30 16:29:08 \| 000,007,457 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\7.jpg [2012.12.27 00:50:04 \| 000,006,946 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\Ricardo_Quaresma_Inter_Catania-2470961.jpg [2012.12.25 18:18:41 \| 000,001,007 \| ---- \| M] () -- C:\Users\Luta\Desktop\Cheat Engine.lnk [2012.12.24 20:46:24 \| 000,006,744 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\3.jpg [2012.12.24 20:45:54 \| 000,008,514 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\2.jpg [2012.12.24 20:41:18 \| 000,006,820 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\1.jpg [2012.12.23 23:46:10 \| 000,005,023 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\59498_snajper_f.jpg [2012.12.22 10:54:18 \| 000,044,166 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\rafael_nadal22233444.png [2012.12.20 14:29:22 \| 000,078,336 \| ---- \| M] () -- C:\Users\Luta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.12.20 13:32:49 \| 000,001,011 \| ---- \| M] () -- C:\Users\Public\Desktop\HSPA USB MODEM.lnk [2012.12.16 15:13:28 \| 000,295,424 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.16 15:13:20 \| 000,034,304 \| ---- \| M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.15 18:55:26 \| 000,011,001 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\59307_317811391652523_802398900_n.jpg [2012.12.14 19:52:07 \| 000,001,014 \| ---- \| M] () -- C:\Windows\ARPR.INI [2012.12.14 17:46:38 \| 000,038,689 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\530485_175958965879209_1029985782_n.png [2012.12.13 20:09:34 \| 000,009,801 \| ---- \| M] () -- C:\Users\Luta\Desktop\Documents\393361_385631281526971_108489490_n.jpg ========== Files Created - No Company Name ========== [2013.01.10 23:44:59 \| 000,365,568 \| ---- \| C] () -- C:\Users\Luta\Desktop\yhfocg8e.exe [2013.01.10 19:03:52 \| 000,031,138 \| ---- \| C] () -- C:\Users\Luta\Desktop\23362_270583489736513_667586537_n.jpg [2013.01.10 03:40:06 \| 000,001,823 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk [2013.01.05 03:44:28 \| 000,001,089 \| ---- \| C] () -- C:\Users\Luta\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk [2013.01.05 02:39:53 \| 000,008,476 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\vanillaice_320x245.jpg [2013.01.02 14:30:33 \| 000,014,047 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\layer_pentagram_white.jpg [2013.01.02 14:21:44 \| 000,006,038 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\Pentagram.jpg [2012.12.31 21:27:36 \| 000,000,924 \| ---- \| C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000UA.job [2012.12.31 21:27:32 \| 000,000,902 \| ---- \| C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2787396597-1344915912-1888278398-1000Core.job [2012.12.30 16:30:24 \| 000,007,457 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\7.jpg [2012.12.27 00:50:39 \| 000,006,946 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\Ricardo_Quaresma_Inter_Catania-2470961.jpg [2012.12.25 18:18:41 \| 000,001,007 \| ---- \| C] () -- C:\Users\Luta\Desktop\Cheat Engine.lnk [2012.12.24 20:54:11 \| 000,006,744 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\3.jpg [2012.12.24 20:51:16 \| 000,008,514 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\2.jpg [2012.12.24 20:49:53 \| 000,006,820 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\1.jpg [2012.12.23 23:46:34 \| 000,005,023 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\59498_snajper_f.jpg [2012.12.23 13:01:42 \| 000,012,304 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\270076_420481408006994_1728741765_n.jpg [2012.12.23 12:57:42 \| 000,038,689 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\530485_175958965879209_1029985782_n.png [2012.12.22 10:54:45 \| 000,044,166 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\rafael_nadal22233444.png [2012.12.20 13:32:49 \| 000,001,011 \| ---- \| C] () -- C:\Users\Public\Desktop\HSPA USB MODEM.lnk [2012.12.17 22:44:13 \| 000,011,001 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\59307_317811391652523_802398900_n.jpg [2012.12.14 19:22:37 \| 000,001,014 \| ---- \| C] () -- C:\Windows\ARPR.INI [2012.12.13 23:27:25 \| 000,009,801 \| ---- \| C] () -- C:\Users\Luta\Desktop\Documents\393361_385631281526971_108489490_n.jpg [2012.09.10 18:51:48 \| 000,080,896 \| ---- \| C] () -- C:\Windows\System32\RDVGHelper.exe [2012.09.10 18:47:43 \| 000,066,048 \| ---- \| C] () -- C:\Windows\System32\PrintBrmUi.exe [2012.07.21 18:23:46 \| 002,872,512 \| ---- \| C] () -- C:\Windows\System32\pwNative.exe [2012.07.21 18:23:46 \| 000,015,576 \| ---- \| C] () -- C:\Windows\System32\pwdrvio.sys [2012.07.21 18:23:41 \| 000,010,200 \| ---- \| C] () -- C:\Windows\System32\pwdspio.sys [2012.06.15 09:49:54 \| 000,007,554 \| ---- \| C] () -- C:\Users\Luta\AppData\Local\Temp22.html [2012.06.15 09:46:24 \| 000,001,858 \| ---- \| C] () -- C:\Users\Luta\AppData\Local\Temp1.html [2012.06.13 19:21:01 \| 000,002,560 \| ---- \| C] () -- C:\Windows\_MSRSTRT.EXE [2012.06.09 14:17:41 \| 000,057,904 \| ---- \| C] () -- C:\Windows\System32\wbload.dll [2012.05.26 19:05:15 \| 000,000,193 \| ---- \| C] () -- C:\Windows\WORDPAD.INI [2012.02.09 00:26:52 \| 000,000,160 \| ---- \| C] () -- C:\Windows\MyDrivers.ini [2012.01.12 00:38:19 \| 000,078,336 \| ---- \| C] () -- C:\Users\Luta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.08 17:55:35 \| 000,361,808 \| ---- \| C] () -- C:\Windows\EMCRI_E.dll [2012.01.08 06:55:29 \| 000,175,616 \| ---- \| C] () -- C:\Windows\System32\unrar.dll [2012.01.08 06:31:15 \| 000,451,072 \| ---- \| C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012.01.08 06:23:54 \| 000,006,656 \| ---- \| C] () -- C:\Windows\System32\bcmwlrc.dll [2012.01.08 06:02:30 \| 000,247,560 \| ---- \| C] () -- C:\Windows\System32\drivers\RTConvEQ.dat [2012.01.08 06:02:30 \| 000,037,468 \| ---- \| C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT [2012.01.08 06:02:30 \| 000,001,448 \| ---- \| C] () -- C:\Windows\System32\drivers\RtHdatEx.dat [2012.01.08 06:02:30 \| 000,000,520 \| ---- \| C] () -- C:\Windows\System32\drivers\RTEQEX3.dat [2012.01.08 06:02:30 \| 000,000,520 \| ---- \| C] () -- C:\Windows\System32\drivers\RTEQEX2.dat [2012.01.08 06:02:30 \| 000,000,520 \| ---- \| C] () -- C:\Windows\System32\drivers\RTEQEX1.dat [2012.01.08 06:02:30 \| 000,000,520 \| ---- \| C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2012.01.08 06:02:30 \| 000,000,176 \| ---- \| C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2012.01.08 06:02:30 \| 000,000,024 \| ---- \| C] () -- C:\Windows\System32\drivers\rtkhdaud.dat ========== ZeroAccess Check ========== [2009.07.14 05:42:31 \| 000,000,227 \| RHS- \| M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 \| 012,873,728 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 \| 000,606,208 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 \| 000,342,528 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png Hvala unaprijed

Profil

TwinHeadedEagle Poslao: 11 Jan 2013 13:22 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Komp je cist, ponovo pokreni OTL i klikni na CleanUp. To bi bilo to

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera

Ko je trenutno na forumu

Ukupno su 1110 korisnika na forumu :: 55 registrovanih, 6 sakrivenih i 1049 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Andrija357, Atomski čoban, babaroga, Bobrock1, bojank, croato, Denaya, Dimitrije Paunovic, Dimitrise93, doklevise, DonRumataEstorski, Dorcolac, dragoljub11987, FOX, Frunze, Gargantua, ivica976, jaeger, Karla, kikisp, Koridor, kunktator, Leonov, Lošmi, MaksicZoran, mercedesamg, Metanoja, MikeHammer, milenko crazy north, Milometer, mkukoleca, mrav pesadinac, MrNo, naki011, NoOneEver Dreams, nuke92, Oscar, Panter, Parker, pein, procesor, raptorsi, robert1979, ruger357, S2M, sasa76, slonic_tonic, Srle993, stegonosa, Tvrtko I, vathra, VP6919, YugoSlav, zodiac94

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by