MyCity » Ambulanta -> Arhiva Ambulante » Problemi sa laptopom

Problemi sa laptopom

Napisano na dan: 2.1.2014

Problemi sa laptopom
Sledeća strana Pagination

Idi na vrh

Poslao: 02 Jan 2014 17:52
Idi na vrh
offline
  • Pridružio: 29 Nov 2012
  • Poruke: 36

Napisano: 02 Jan 2014 17:45

Model je toshiba satellite, ne znam koji tacno.. nije ni bitno, u zadnje vreme jako puno zapucava! udjem na youtube zabuca youtube, instaliram chrome sve radi, par sati kasnije ista prica.. hocu da smanjim muziku zapuca Razz imam vise tabova i browseru, probajte da pogodite, zapuca Smile glupo je uopste pricati da nema neki virus, osim ako nije hardverski problem.

Dopuna: 02 Jan 2014 17:51

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by lazar at 17:46:02 on 2014-01-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2806.1473 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
E:\Windows\system32\wininit.exe
E:\Windows\system32\lsm.exe
E:\Windows\system32\nvvsvc.exe
E:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
E:\Program Files\AVAST Software\Avast\AvastSvc.exe
E:\Windows\system32\WLANExt.exe
E:\Windows\system32\conhost.exe
E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
E:\Windows\system32\nvvsvc.exe
E:\Windows\System32\spoolsv.exe
E:\Windows\system32\taskhost.exe
E:\Windows\system32\Dwm.exe
E:\Windows\Explorer.EXE
E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
E:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
E:\Windows\system32\SearchIndexer.exe
E:\Program Files\Windows Media Player\wmpnetwk.exe
E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
E:\Windows\system32\taskhost.exe
E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Windows\system32\SndVol.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Windows\system32\SearchProtocolHost.exe
E:\Windows\system32\SearchFilterHost.exe
E:\Windows\system32\conhost.exe
E:\Windows\system32\wbem\wmiprvse.exe
E:\Windows\system32\svchost.exe -k DcomLaunch
E:\Windows\system32\svchost.exe -k RPCSS
E:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
E:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
E:\Windows\system32\svchost.exe -k LocalService
E:\Windows\system32\svchost.exe -k netsvcs
E:\Windows\system32\svchost.exe -k GPSvcGroup
E:\Windows\system32\svchost.exe -k NetworkService
E:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
E:\Windows\system32\svchost.exe -k imgsvc
E:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
E:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
E:\Windows\System32\svchost.exe -k secsvcs
E:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - e:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - e:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - e:\program files\avast software\avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - e:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - e:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - e:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Skype] "e:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [AdobeBridge] <no file>
mRun: [AvastUI.exe] "e:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "e:\program files\common files\java\java update\jusched.exe"
mRun: [BCSSync] "e:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "e:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AdobeAAMUpdater-1.0] "e:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] e:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "e:\program files\common files\adobe\cs6servicemanager\CS6ServiceManager.exe" -launchedbylogin
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - e:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - e:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - e:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - e:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{166B6045-D4E3-4596-AF2C-519BEA882F75} : DHCPNameServer = 172.16.40.242
TCP: Interfaces\{F801ED75-3540-49F2-8483-6AF023B3F0F3} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F801ED75-3540-49F2-8483-6AF023B3F0F3}\D6F6A616F5D62756A716 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - e:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - e:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - e:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "e:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;e:\windows\system32\drivers\aswRvrt.sys [2013-2-28 49944]
R0 aswVmm;avast! VM Monitor;e:\windows\system32\drivers\aswVmm.sys [2013-2-28 178304]
R1 aswSnx;aswSnx;e:\windows\system32\drivers\aswSnx.sys [2012-7-9 774392]
R1 aswSP;aswSP;e:\windows\system32\drivers\aswSP.sys [2012-7-9 403440]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [2012-7-9 35656]
R2 aswMonFlt;aswMonFlt;e:\windows\system32\drivers\aswMonFlt.sys [2012-7-9 70384]
R2 avast! Antivirus;avast! Antivirus;e:\program files\avast software\avast\AvastSvc.exe [2013-11-28 50344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;e:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-1-18 383264]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;e:\windows\system32\drivers\L1C62x86.sys [2010-11-8 68208]
R3 MEI;Intel(R) Management Engine Interface ;e:\windows\system32\drivers\HECI.sys [2010-10-19 41088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;e:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;e:\program files\skype\updater\Updater.exe [2013-9-5 171680]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;e:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;e:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;e:\windows\system32\ieetwcollector.exe [2013-12-11 108032]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;e:\windows\system32\drivers\rdpvideominiport.sys [2013-5-2 14848]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;e:\windows\system32\drivers\RtsUStor.sys [2012-7-10 197224]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;e:\windows\system32\drivers\RtsUVStor.sys [2012-7-10 226408]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);e:\windows\system32\drivers\ss_bbus.sys [2009-9-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);e:\windows\system32\drivers\ss_bmdfl.sys [2009-9-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;e:\windows\system32\drivers\ss_bmdm.sys [2009-9-19 123648]
S3 SwitchBoard;SwitchBoard;e:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;e:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;e:\windows\system32\drivers\terminpt.sys [2013-5-2 24064]
S3 TsUsbFlt;TsUsbFlt;e:\windows\system32\drivers\TsUsbFlt.sys [2013-5-2 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;e:\windows\system32\drivers\TsUsbGD.sys [2013-5-2 27136]
S3 tsusbhub;tsusbhub;e:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
.
=============== Created Last 30 ================
.
2013-12-31 08:43:26 7760024 ----a-w- e:\programdata\microsoft\windows defender\definition updates\{81bd7b64-c9d5-411c-87ff-90d7a8f5b8c6}\mpengine.dll
2013-12-30 20:05:50 -------- d-----w- e:\users\lazar\appdata\local\FluxSoftware
2013-12-29 18:49:15 -------- d-----w- e:\users\lazar\appdata\roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2013-12-29 18:49:13 -------- d-----w- e:\users\lazar\appdata\roaming\MarketSamurai
2013-12-29 18:48:26 -------- d-----w- e:\program files\Market Samurai
2013-12-28 21:31:40 -------- d-----w- e:\users\lazar\appdata\local\Opera Software
2013-12-28 21:31:37 -------- d-----w- e:\users\lazar\appdata\roaming\Opera Software
2013-12-28 20:16:02 -------- d-----w- e:\users\lazar\appdata\roaming\NVIDIA
2013-12-28 20:13:50 -------- d-----w- e:\programdata\regid.1986-12.com.adobe
2013-12-27 20:29:57 -------- d-----w- e:\users\lazar\appdata\roaming\GSA Captcha Breaker
2013-12-27 20:27:33 -------- d-----w- e:\program files\GSA Captcha Breaker
2013-12-26 11:17:25 -------- d-----w- e:\users\lazar\appdata\roaming\GSA Search Engine Ranker
2013-12-26 11:17:19 -------- d-----w- e:\program files\GSA Search Engine Ranker
2013-12-25 11:03:30 -------- d-----w- e:\users\lazar\appdata\local\IsolatedStorage
2013-12-25 11:01:09 -------- d-----w- e:\program files\HMA! Pro VPN
2013-12-24 15:01:26 -------- d-----w- e:\program files\Microsoft Synchronization Services
2013-12-24 14:58:54 -------- d-----w- e:\windows\PCHEALTH
2013-12-24 14:58:54 -------- d-----w- e:\program files\Microsoft SQL Server Compact Edition
2013-12-24 14:56:02 -------- d-----w- e:\program files\Microsoft Visual Studio 8
2013-12-24 14:53:41 -------- d-----w- e:\program files\Microsoft Analysis Services
2013-12-24 14:52:39 -------- d-----w- e:\users\lazar\appdata\local\Microsoft Help
2013-12-22 17:37:31 -------- d-----w- e:\users\lazar\appdata\roaming\LolClient
2013-12-21 12:03:33 68616 ----a-w- e:\windows\system32\XAPOFX1_1.dll
2013-12-21 12:03:33 509448 ----a-w- e:\windows\system32\XAudio2_2.dll
2013-12-21 12:03:32 467984 ----a-w- e:\windows\system32\d3dx10_39.dll
2013-12-21 12:03:32 3851784 ----a-w- e:\windows\system32\D3DX9_39.dll
2013-12-21 12:03:32 1493528 ----a-w- e:\windows\system32\D3DCompiler_39.dll
2013-12-21 12:02:07 -------- d-sh--w- e:\windows\system32\AI_RecycleBin
2013-12-21 12:01:59 -------- d-----w- E:\Riot Games
2013-12-21 11:58:10 -------- d-----w- e:\users\lazar\appdata\local\PMB Files
2013-12-21 11:57:59 -------- d-----w- e:\programdata\PMB Files
2013-12-21 11:57:49 -------- d-----w- e:\program files\Pando Networks
2013-12-21 11:57:10 -------- d-----w- e:\users\lazar\appdata\roaming\Riot Games
2013-12-20 23:47:38 -------- d-----w- e:\users\lazar\appdata\roaming\Affilorama
2013-12-20 20:18:45 -------- d-----w- e:\users\lazar\appdata\local\Adobe
2013-12-20 18:53:29 1974616 ----a-w- e:\windows\system32\D3DCompiler_42.dll
2013-12-20 18:53:27 1892184 ----a-w- e:\windows\system32\D3DX9_42.dll
2013-12-20 18:53:20 -------- d-----w- e:\program files\Grinding Gear Games
2013-12-13 20:57:22 -------- d-----w- e:\users\lazar\appdata\roaming\dclogs
2013-12-11 22:41:52 164864 ----a-w- e:\program files\windows media player\wmplayer.exe
2013-12-11 22:41:52 12625408 ----a-w- e:\windows\system32\wmploc.DLL
2013-12-11 14:03:13 301568 ----a-w- e:\windows\system32\msieftp.dll
2013-12-11 14:03:08 159232 ----a-w- e:\windows\system32\imagehlp.dll
2013-12-11 14:03:02 121856 ----a-w- e:\windows\system32\wshom.ocx
2013-12-11 14:03:01 163840 ----a-w- e:\windows\system32\scrrun.dll
2013-12-11 14:03:01 141824 ----a-w- e:\windows\system32\wscript.exe
2013-12-11 14:03:01 126976 ----a-w- e:\windows\system32\cscript.exe
2013-12-11 14:02:59 417792 ----a-w- e:\windows\system32\WMPhoto.dll
2013-12-11 14:02:54 2048 ----a-w- e:\windows\system32\tzres.dll
2013-12-11 14:02:44 2349056 ----a-w- e:\windows\system32\win32k.sys
2013-12-11 14:02:42 81408 ----a-w- e:\windows\system32\drivers\drmk.sys
2013-12-11 14:02:42 177152 ----a-w- e:\windows\system32\drivers\portcls.sys
.
==================== Find3M ====================
.
2013-12-20 20:21:49 71048 ----a-w- e:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-20 20:21:49 692616 ----a-w- e:\windows\system32\FlashPlayerApp.exe
2013-11-28 10:36:36 79720 ----a-w- e:\windows\system32\drivers\aswRdr2.sys
2013-11-28 10:36:36 774392 ----a-w- e:\windows\system32\drivers\aswSnx.sys
2013-11-28 10:36:36 70384 ----a-w- e:\windows\system32\drivers\aswMonFlt.sys
2013-11-28 10:36:36 49944 ----a-w- e:\windows\system32\drivers\aswRvrt.sys
2013-11-28 10:36:36 178304 ----a-w- e:\windows\system32\drivers\aswVmm.sys
2013-11-28 10:36:35 43152 ----a-w- e:\windows\avastSS.scr
2013-11-26 09:23:02 2724864 ----a-w- e:\windows\system32\mshtml.tlb
2013-11-26 09:22:11 4096 ----a-w- e:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53:56 61952 ----a-w- e:\windows\system32\iesetup.dll
2013-11-26 08:52:26 51200 ----a-w- e:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29:55 112128 ----a-w- e:\windows\system32\ieUnatt.exe
2013-11-26 08:29:52 108032 ----a-w- e:\windows\system32\ieetwcollector.exe
2013-11-26 08:28:16 553472 ----a-w- e:\windows\system32\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- e:\windows\system32\jscript9.dll
2013-11-26 07:32:06 1928192 ----a-w- e:\windows\system32\inetcpl.cpl
2013-11-26 06:33:33 1820160 ----a-w- e:\windows\system32\wininet.dll
2013-11-21 13:44:34 35288 ----a-w- e:\windows\system32\drivers\tap0901.sys
2013-11-19 02:33:38 230048 ------w- e:\windows\system32\MpSigStub.exe
2013-10-12 02:03:08 656896 ----a-w- e:\windows\system32\nshwfp.dll
2013-10-12 02:01:41 679424 ----a-w- e:\windows\system32\IKEEXT.DLL
2013-10-12 02:01:25 216576 ----a-w- e:\windows\system32\FWPUCLNT.DLL
2013-10-08 06:50:41 94632 ----a-w- e:\windows\system32\WindowsAccessBridge.dll
2013-10-05 19:57:25 1168384 ----a-w- e:\windows\system32\crypt32.dll
.
============= FINISH: 17:46:51.71 ===============

Dopuna: 02 Jan 2014 17:52

Attach cu morati da ostavim ovde posto zeza "prikaci fajl" opcija, verovatno je do mog kompa:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 7/9/2012 5:17:24 AM
System Uptime: 1/2/2014 1:51:10 PM (4 hours ago)
.
Motherboard: Intel Corp. | | Base Board Product Name
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz | CPU1 | 1587/1333mhz
.
==== Disk Partitions =========================
.
D: is CDROM ()
E: is FIXED (NTFS) - 108 GiB total, 74.111 GiB free.
F: is FIXED (NTFS) - 488 GiB total, 484.819 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\QCI0701\2&DABA3FF&2
Manufacturer:
Name:
PNP Device ID: ACPI\QCI0701\2&DABA3FF&2
Service:
.
Class GUID:
Description:
Device ID: ACPI\TOS6205\2&DABA3FF&2
Manufacturer:
Name:
PNP Device ID: ACPI\TOS6205\2&DABA3FF&2
Service:
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_FC501179&REV_04\4&171A0E51&0&00E1
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_FC501179&REV_04\4&171A0E51&0&00E1
Service:
.
==== System Restore Points ===================
.
RP337: 12/30/2013 9:21:04 AM - Windows Update
RP339: 12/31/2013 1:34:28 AM - Windows Update
RP340: 1/1/2014 8:26:19 AM - Windows Update
RP341: 1/2/2014 3:00:11 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader XI (11.0.05)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
avast! Free Antivirus
CCleaner
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Chrome
Google Update Helper
HMA! Pro VPN 2.8.3.1
Java 7 Update 45
Java Auto Updater
JavaFX 2.1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
NVIDIA 3D Vision Driver 311.06
NVIDIA Control Panel 311.06
NVIDIA Graphics Driver 311.06
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
Pando Media Booster
PDF Settings CS6
Realtek USB 2.0 Reader Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Skype™ 6.11
TOSHIBA Assist
TOSHIBA Wireless LAN Indicator
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
VLC media player 2.0.6
WinRAR 5.00 beta 6 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
12/30/2013 11:57:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
12/30/2013 11:57:43 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/30/2013 11:57:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/30/2013 11:57:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/29/2013 7:28:23 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
12/29/2013 12:39:34 AM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/27/2013 9:49:31 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
12/27/2013 9:43:33 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
1/2/2014 3:06:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871).
1/1/2014 8:54:35 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
1/1/2014 8:54:35 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
.
==== End Of File ===========================

Poslao: 02 Jan 2014 19:41
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,
DDS log ne pokazuje znakove aktivnog malware-a. No kada si vec ovde, idemo na dodatnu proveru.
Ponovicemo dijagnostiku sistema no ovaj put za to cemo koristiti ova dva mocna alata.






Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.

dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor;
pričekati koji trenutak dok alat proverava postoji li novija verzija;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl



===== ===== ===== =====



Preuzmite program GMER, RootKit Detektor sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;
kliknite Scan i sačekajte da skeniranje bude završeno;
kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom ARK);

kliknite taster >>> i odaberite Autostart karticu;
po završetku kratkotrajnog skeniranja, kliknite Copy;
otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom autostart);


Priložite sve GMER izveštaje korišćenjem opcije Prikači fajl.

Poslao: 02 Jan 2014 19:58
Idi na vrh
offline
  • Pridružio: 29 Nov 2012
  • Poruke: 36

Napisano: 02 Jan 2014 19:56

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01
Ran by lazar (administrator) on lazar-PC on 02-01-2014 19:53:35
Running from E:\Users\lazar\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) E:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) E:\Windows\System32\wlanext.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) E:\Windows\System32\nvvsvc.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) E:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) E:\Program Files\Skype\Phone\Skype.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) E:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) E:\Users\lazar\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AvastUI.exe] - E:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - E:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [BCSSync] - E:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - E:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - E:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] - E:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKCU\...\Run: [Skype] - E:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [uTorrent] - E:\Users\lazar\AppData\Roaming\uTorrent\uTorrent.exe [1340496 2014-01-02] (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4796A8DD6FF6CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR Extension: (Google Docs) - E:\Users\lazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - E:\Users\lazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - E:\Users\lazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - E:\Users\lazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - E:\Users\lazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (Google Wallet) - E:\Users\lazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - E:\Users\lazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-28] (AVAST Software)
S3 OpenVPNService; E:\Program Files\HMA! Pro VPN\bin\openvpnserv.exe [32568 2013-11-21] (The OpenVPN Project)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; E:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-02] (AVAST Software)
R1 aswRdr; E:\Windows\system32\drivers\aswRdr2.sys [79720 2013-11-28] (AVAST Software)
R0 aswRvrt; E:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-28] ()
R1 aswSnx; E:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-02] (AVAST Software)
R1 aswSP; E:\Windows\system32\drivers\aswSP.sys [410528 2014-01-02] (AVAST Software)
S3 aswStm; E:\Windows\system32\drivers\aswStm.sys [64168 2014-01-02] (AVAST Software)
R0 aswVmm; E:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-02] ()
R3 MEI; E:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
S3 RSUSBVSTOR; E:\Windows\System32\Drivers\RTSUVSTOR.sys [226408 2010-11-30] (Realtek Semiconductor Corp.)
S3 ss_bbus; E:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; E:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; E:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
R3 tap0901; E:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-11-21] (The OpenVPN Project)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U3 mbr; \??\E:\Users\lazar\AppData\Local\Temp\mbr.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-02 19:53 - 2014-01-02 19:54 - 00007725 _____ E:\Users\lazar\Desktop\FRST.txt
2014-01-02 19:53 - 2014-01-02 19:53 - 00000000 ____D E:\FRST
2014-01-02 19:51 - 2014-01-02 19:52 - 01064581 _____ (Farbar) E:\Users\lazar\Desktop\FRST.exe
2014-01-02 19:50 - 2014-01-02 19:50 - 00000000 ____D E:\Users\lazar\Downloads\Counter-Strike Source
2014-01-02 19:47 - 2014-01-02 19:47 - 00000816 _____ E:\Users\lazar\Desktop\µTorrent.lnk
2014-01-02 19:47 - 2014-01-02 19:47 - 00000796 _____ E:\Users\lazar\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-01-02 19:46 - 2014-01-02 19:47 - 01340496 _____ (BitTorrent Inc.) E:\Users\lazar\Downloads\utorrent.exe
2014-01-02 17:52 - 2014-01-02 17:53 - 00064168 _____ (AVAST Software) E:\Windows\system32\Drivers\aswstm.sys
2014-01-02 17:52 - 2014-01-02 17:52 - 00066752 _____ (AVAST Software) E:\Windows\system32\Drivers\aswstm.sys.1388681601
2014-01-02 17:45 - 2014-01-02 17:45 - 00688992 ____R (Swearware) E:\Users\lazar\Downloads\dds.scr
2014-01-02 15:31 - 2014-01-02 15:31 - 00000696 _____ E:\Users\lazar\Downloads\free-premiumaccounts-com_20140102T143132Z_Sitemaps.csv
2014-01-02 08:16 - 2014-01-02 08:16 - 00002201 _____ E:\Users\Public\Desktop\Google Chrome.lnk
2014-01-01 20:34 - 2013-09-25 14:58 - 00000000 ____D E:\Users\lazar\Downloads\PPD KILLER
2013-12-31 13:34 - 2013-12-31 13:50 - 00037888 _____ E:\Users\lazar\Documents\How To Grow Taller.msam
2013-12-30 21:05 - 2014-01-02 08:14 - 00000000 ____D E:\Users\lazar\AppData\Local\FluxSoftware
2013-12-30 15:36 - 2014-01-01 12:07 - 00000000 ____D E:\Users\lazar\Desktop\SEO Project
2013-12-30 15:31 - 2013-12-30 15:57 - 00035840 _____ E:\Users\lazar\Documents\Xbox Live Gratuit.msam
2013-12-29 19:49 - 2013-12-29 19:49 - 00000000 ____D E:\Users\lazar\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2013-12-29 19:49 - 2013-12-29 19:49 - 00000000 ____D E:\Users\lazar\AppData\Roaming\MarketSamurai
2013-12-29 19:48 - 2013-12-29 19:48 - 00000901 _____ E:\Users\Public\Desktop\Market Samurai.lnk
2013-12-29 19:48 - 2013-12-29 19:48 - 00000000 ____D E:\Program Files\Market Samurai
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D E:\Users\Default\AppData\Roaming\Macromedia
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D E:\Users\Default User\AppData\Roaming\Macromedia
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D E:\Program Files\Common Files\Adobe AIR
2013-12-28 22:46 - 2013-12-31 23:20 - 00000132 _____ E:\Users\lazar\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-12-28 22:31 - 2014-01-02 08:13 - 00000000 ____D E:\Users\lazar\AppData\Local\Opera Software
2013-12-28 22:31 - 2014-01-02 08:13 - 00000000 ____D E:\Program Files\Opera
2013-12-28 22:31 - 2014-01-02 08:12 - 00000000 ____D E:\Users\lazar\AppData\Roaming\Opera Software
2013-12-28 22:31 - 2013-12-31 20:42 - 00000132 _____ E:\Users\lazar\AppData\Roaming\Adobe BMP Format CS6 Prefs
2013-12-28 21:16 - 2013-12-28 21:16 - 00000000 ____D E:\Users\lazar\AppData\Roaming\NVIDIA
2013-12-28 21:15 - 2013-12-28 21:15 - 00001165 _____ E:\Users\lazar\Desktop\Adobe Photoshop CS6.lnk
2013-12-28 21:13 - 2013-12-28 21:13 - 00000000 ____D E:\ProgramData\regid.1986-12.com.adobe
2013-12-27 21:29 - 2014-01-01 15:54 - 00000000 ____D E:\Users\lazar\AppData\Roaming\GSA Captcha Breaker
2013-12-27 21:28 - 2013-12-27 21:28 - 00001062 _____ E:\Users\lazar\Desktop\GSA Captcha Breaker.lnk
2013-12-27 21:27 - 2013-12-27 21:28 - 00000000 ____D E:\Program Files\GSA Captcha Breaker
2013-12-26 12:17 - 2013-12-31 10:10 - 00000000 ____D E:\Users\lazar\AppData\Roaming\GSA Search Engine Ranker
2013-12-26 12:17 - 2013-12-29 14:39 - 00000000 ____D E:\Program Files\GSA Search Engine Ranker
2013-12-26 12:17 - 2013-12-26 12:17 - 00001137 _____ E:\Users\lazar\Desktop\GSA Search Engine Ranker.lnk
2013-12-25 12:03 - 2013-12-25 12:03 - 00000000 ____D E:\Users\lazar\AppData\Local\IsolatedStorage
2013-12-25 12:01 - 2013-12-25 12:03 - 00000000 ____D E:\Program Files\HMA! Pro VPN
2013-12-25 12:01 - 2013-12-25 12:01 - 00001109 _____ E:\Users\Public\Desktop\HMA! Pro VPN.lnk
2013-12-24 21:05 - 2013-12-30 09:55 - 00000000 ____D E:\Program Files\Adobe
2013-12-24 21:05 - 2013-12-30 09:53 - 00000000 ____D E:\Program Files\Common Files\Adobe
2013-12-24 16:03 - 2013-12-24 16:03 - 00000000 ____D E:\Program Files\Common Files\DESIGNER
2013-12-24 16:01 - 2013-12-24 16:01 - 00000000 ____D E:\Program Files\Microsoft Synchronization Services
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D E:\Windows\PCHEALTH
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D E:\Program Files\Microsoft Sync Framework
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D E:\Program Files\Microsoft SQL Server Compact Edition
2013-12-24 15:56 - 2013-12-24 15:56 - 00000000 ____D E:\Program Files\Microsoft Visual Studio 8
2013-12-24 15:53 - 2013-12-24 15:53 - 00000000 ____D E:\Program Files\Microsoft Analysis Services
2013-12-24 15:52 - 2013-12-25 00:19 - 00000000 ____D E:\ProgramData\Microsoft Help
2013-12-24 15:52 - 2013-12-24 15:59 - 00000000 ____D E:\Program Files\Microsoft Office
2013-12-24 15:52 - 2013-12-24 15:52 - 00000000 ____D E:\Users\lazar\AppData\Local\Microsoft Help
2013-12-24 15:51 - 2013-12-24 15:51 - 00000000 __RHD E:\MSOCache
2013-12-22 18:37 - 2013-12-22 18:37 - 00000000 ____D E:\Users\lazar\AppData\Roaming\LolClient
2013-12-22 18:20 - 2013-12-31 23:13 - 00000242 _____ E:\Users\lazar\Desktop\Tasks.txt
2013-12-22 16:49 - 2014-01-02 18:27 - 00000170 _____ E:\Users\lazar\Desktop\Password.txt
2013-12-21 13:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) E:\Windows\system32\XAPOFX1_1.dll
2013-12-21 13:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) E:\Windows\system32\XAudio2_2.dll
2013-12-21 13:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) E:\Windows\system32\D3DX9_39.dll
2013-12-21 13:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) E:\Windows\system32\D3DCompiler_39.dll
2013-12-21 13:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) E:\Windows\system32\d3dx10_39.dll
2013-12-21 13:02 - 2013-12-29 13:33 - 00000000 __SHD E:\Windows\system32\AI_RecycleBin
2013-12-21 13:01 - 2013-12-21 13:01 - 00000000 ____D E:\Riot Games
2013-12-21 12:58 - 2013-12-28 12:40 - 00000000 ____D E:\Users\lazar\AppData\Local\PMB Files
2013-12-21 12:57 - 2013-12-28 12:40 - 00000000 ____D E:\ProgramData\PMB Files
2013-12-21 12:57 - 2013-12-21 12:57 - 00000000 ____D E:\Users\lazar\AppData\Roaming\Riot Games
2013-12-21 12:57 - 2013-12-21 12:57 - 00000000 ____D E:\Program Files\Pando Networks
2013-12-21 00:47 - 2013-12-21 00:47 - 00000000 ____D E:\Users\lazar\AppData\Roaming\Affilorama
2013-12-20 23:57 - 2014-01-01 17:36 - 00000000 ____D E:\Users\lazar\Desktop\Hulu Plus
2013-12-20 21:18 - 2014-01-02 02:00 - 00000000 ____D E:\Users\lazar\AppData\Local\Adobe
2013-12-20 19:54 - 2013-12-20 19:54 - 00000000 ____D E:\Users\lazar\Documents\My Games
2013-12-20 19:53 - 2013-12-20 19:53 - 00000000 ____D E:\Program Files\Grinding Gear Games
2013-12-20 19:53 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) E:\Windows\system32\D3DCompiler_42.dll
2013-12-20 19:53 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) E:\Windows\system32\D3DX9_42.dll
2013-12-13 22:04 - 2014-01-01 23:01 - 00000000 ____D E:\Users\lazar\Documents\MSDCSC
2013-12-13 21:57 - 2014-01-01 23:11 - 00000000 ____D E:\Users\lazar\Documents\DCSCMIN
2013-12-11 23:50 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.dll
2013-12-11 23:50 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.tlb
2013-12-11 23:50 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollectorres.dll
2013-12-11 23:50 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) E:\Windows\system32\iesetup.dll
2013-12-11 23:50 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) E:\Windows\system32\ieetwproxystub.dll
2013-12-11 23:50 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) E:\Windows\system32\iertutil.dll
2013-12-11 23:50 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) E:\Windows\system32\jsproxy.dll
2013-12-11 23:50 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) E:\Windows\system32\iernonce.dll
2013-12-11 23:50 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) E:\Windows\system32\ieui.dll
2013-12-11 23:50 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) E:\Windows\system32\ieUnatt.exe
2013-12-11 23:50 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollector.exe
2013-12-11 23:50 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) E:\Windows\system32\jscript9diag.dll
2013-12-11 23:50 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) E:\Windows\system32\jscript9.dll
2013-12-11 23:50 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) E:\Windows\system32\ie4uinit.exe
2013-12-11 23:50 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) E:\Windows\system32\inetcpl.cpl
2013-12-11 23:50 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) E:\Windows\system32\ieframe.dll
2013-12-11 23:50 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) E:\Windows\system32\ieapfltr.dll
2013-12-11 23:50 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) E:\Windows\system32\wininet.dll
2013-12-11 23:50 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) E:\Windows\system32\urlmon.dll
2013-12-11 23:41 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) E:\Windows\system32\wmploc.DLL
2013-12-11 23:41 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) E:\Windows\system32\wmp.dll
2013-12-11 15:03 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) E:\Windows\system32\msieftp.dll
2013-12-11 15:03 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) E:\Windows\system32\imagehlp.dll
2013-12-11 15:03 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) E:\Windows\system32\wshom.ocx
2013-12-11 15:03 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) E:\Windows\system32\scrrun.dll
2013-12-11 15:03 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) E:\Windows\system32\wscript.exe
2013-12-11 15:03 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) E:\Windows\system32\cscript.exe
2013-12-11 15:02 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) E:\Windows\system32\WMPhoto.dll
2013-12-11 15:02 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) E:\Windows\system32\tzres.dll
2013-12-11 15:02 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) E:\Windows\system32\win32k.sys
2013-12-11 15:02 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\drmk.sys
2013-12-11 15:02 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\portcls.sys
2013-12-10 19:50 - 2013-12-28 22:58 - 00000000 ____D E:\Program Files\Mozilla Firefox
2013-12-03 23:16 - 2013-12-03 23:16 - 01051136 _____ (Microsoft Corporation) E:\Windows\system32\mshtmlmedia.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00646144 _____ (Microsoft Corporation) E:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00645120 _____ (Microsoft Corporation) E:\Windows\system32\jsIntl.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00616104 _____ (Microsoft Corporation) E:\Windows\system32\ieapfltr.dat
2013-12-03 23:16 - 2013-12-03 23:16 - 00610304 _____ (Microsoft Corporation) E:\Windows\system32\jscript.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00523776 _____ (Microsoft Corporation) E:\Windows\system32\msfeeds.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00454656 _____ (Microsoft Corporation) E:\Windows\system32\vbscript.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00367104 _____ (Microsoft Corporation) E:\Windows\system32\dxtmsft.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00337408 _____ (Microsoft Corporation) E:\Windows\system32\html.iec
2013-12-03 23:16 - 2013-12-03 23:16 - 00244736 _____ (Microsoft Corporation) E:\Windows\system32\dxtrans.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00238288 _____ (Microsoft Corporation) E:\Windows\system32\iedkcs32.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00233472 _____ (Microsoft Corporation) E:\Windows\system32\url.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00208384 _____ (Microsoft Corporation) E:\Windows\system32\webcheck.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00194048 _____ (Microsoft Corporation) E:\Windows\system32\elshyph.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00182272 _____ (Microsoft Corporation) E:\Windows\system32\msls31.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00164864 _____ (Microsoft Corporation) E:\Windows\system32\msrating.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00151552 _____ (Microsoft Corporation) E:\Windows\system32\iexpress.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00139264 _____ (Microsoft Corporation) E:\Windows\system32\wextract.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00127488 _____ (Microsoft Corporation) E:\Windows\system32\occache.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00116736 _____ (Microsoft Corporation) E:\Windows\system32\iepeers.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00111616 _____ (Microsoft Corporation) E:\Windows\system32\IEAdvpack.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00086016 _____ (Microsoft Corporation) E:\Windows\system32\iesysprep.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00083456 _____ (Microsoft Corporation) E:\Windows\system32\inseng.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00074240 _____ (Microsoft Corporation) E:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00071680 _____ (Microsoft Corporation) E:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00069632 _____ (Microsoft Corporation) E:\Windows\system32\mshtmled.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00069120 _____ (Microsoft Corporation) E:\Windows\system32\icardie.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00062464 _____ (Microsoft Corporation) E:\Windows\system32\tdc.ocx
2013-12-03 23:16 - 2013-12-03 23:16 - 00061952 _____ (Microsoft Corporation) E:\Windows\system32\MshtmlDac.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00056832 _____ (Microsoft Corporation) E:\Windows\system32\pngfilt.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00048640 _____ (Microsoft Corporation) E:\Windows\system32\mshtmler.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00043008 _____ (Microsoft Corporation) E:\Windows\system32\msfeedsbs.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00036352 _____ (Microsoft Corporation) E:\Windows\system32\imgutil.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00034816 _____ (Microsoft Corporation) E:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00024576 _____ (Microsoft Corporation) E:\Windows\system32\licmgr10.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00013312 _____ (Microsoft Corporation) E:\Windows\system32\mshta.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00012800 _____ (Microsoft Corporation) E:\Windows\system32\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2014-01-02 19:54 - 2014-01-02 19:53 - 00007725 _____ E:\Users\lazar\Desktop\FRST.txt
2014-01-02 19:53 - 2014-01-02 19:53 - 00000000 ____D E:\FRST
2014-01-02 19:53 - 2013-02-26 17:06 - 00000000 ____D E:\Users\lazar\AppData\Roaming\uTorrent
2014-01-02 19:52 - 2014-01-02 19:51 - 01064581 _____ (Farbar) E:\Users\lazar\Desktop\FRST.exe
2014-01-02 19:51 - 2012-07-10 21:32 - 00000000 ____D E:\Users\lazar\AppData\Roaming\Skype
2014-01-02 19:50 - 2014-01-02 19:50 - 00000000 ____D E:\Users\lazar\Downloads\Counter-Strike Source
2014-01-02 19:48 - 2013-10-01 19:15 - 01464698 _____ E:\Windows\WindowsUpdate.log
2014-01-02 19:48 - 2013-04-08 17:45 - 00000830 _____ E:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-02 19:47 - 2014-01-02 19:47 - 00000816 _____ E:\Users\lazar\Desktop\µTorrent.lnk
2014-01-02 19:47 - 2014-01-02 19:47 - 00000796 _____ E:\Users\lazar\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-01-02 19:47 - 2014-01-02 19:46 - 01340496 _____ (BitTorrent Inc.) E:\Users\lazar\Downloads\utorrent.exe
2014-01-02 19:12 - 2013-01-16 19:45 - 00000890 _____ E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-02 18:27 - 2013-12-22 16:49 - 00000170 _____ E:\Users\lazar\Desktop\Password.txt
2014-01-02 17:53 - 2014-01-02 17:52 - 00064168 _____ (AVAST Software) E:\Windows\system32\Drivers\aswstm.sys
2014-01-02 17:53 - 2012-07-09 18:08 - 00002047 _____ E:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-02 17:52 - 2014-01-02 17:52 - 00066752 _____ (AVAST Software) E:\Windows\system32\Drivers\aswstm.sys.1388681601
2014-01-02 17:52 - 2013-02-28 13:42 - 00180248 _____ E:\Windows\system32\Drivers\aswVmm.sys
2014-01-02 17:52 - 2012-07-09 18:07 - 00775952 _____ (AVAST Software) E:\Windows\system32\Drivers\aswSnx.sys
2014-01-02 17:52 - 2012-07-09 18:07 - 00410528 _____ (AVAST Software) E:\Windows\system32\Drivers\aswSP.sys
2014-01-02 17:52 - 2012-07-09 18:07 - 00067824 _____ (AVAST Software) E:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-02 17:52 - 2012-07-09 18:05 - 00270240 _____ (AVAST Software) E:\Windows\system32\aswBoot.exe
2014-01-02 17:52 - 2012-07-09 18:05 - 00043152 _____ (AVAST Software) E:\Windows\avastSS.scr
2014-01-02 17:45 - 2014-01-02 17:45 - 00688992 ____R (Swearware) E:\Users\lazar\Downloads\dds.scr
2014-01-02 16:16 - 2013-01-16 19:45 - 00000886 _____ E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-02 15:31 - 2014-01-02 15:31 - 00000696 _____ E:\Users\lazar\Downloads\free-premiumaccounts-com_20140102T143132Z_Sitemaps.csv
2014-01-02 13:55 - 2009-07-14 05:34 - 00023680 ____H E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-02 13:55 - 2009-07-14 05:34 - 00023680 ____H E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-02 13:47 - 2013-05-02 11:18 - 00000000 ____D E:\ProgramData\NVIDIA
2014-01-02 13:47 - 2009-07-14 05:53 - 00000006 ____H E:\Windows\Tasks\SA.DAT
2014-01-02 08:16 - 2014-01-02 08:16 - 00002201 _____ E:\Users\Public\Desktop\Google Chrome.lnk
2014-01-02 08:15 - 2013-01-16 19:45 - 00000000 ____D E:\Program Files\Google
2014-01-02 08:14 - 2013-12-30 21:05 - 00000000 ____D E:\Users\lazar\AppData\Local\FluxSoftware
2014-01-02 08:13 - 2013-12-28 22:31 - 00000000 ____D E:\Users\lazar\AppData\Local\Opera Software
2014-01-02 08:13 - 2013-12-28 22:31 - 00000000 ____D E:\Program Files\Opera
2014-01-02 08:12 - 2013-12-28 22:31 - 00000000 ____D E:\Users\lazar\AppData\Roaming\Opera Software
2014-01-02 08:11 - 2012-07-10 02:43 - 00000000 ____D E:\Users\lazar\AppData\Local\Deployment
2014-01-02 03:30 - 2009-07-14 03:37 - 00000000 ____D E:\Windows\Microsoft.NET
2014-01-02 02:00 - 2013-12-20 21:18 - 00000000 ____D E:\Users\lazar\AppData\Local\Adobe
2014-01-01 23:11 - 2013-12-13 21:57 - 00000000 ____D E:\Users\lazar\Documents\DCSCMIN
2014-01-01 23:01 - 2013-12-13 22:04 - 00000000 ____D E:\Users\lazar\Documents\MSDCSC
2014-01-01 17:36 - 2013-12-20 23:57 - 00000000 ____D E:\Users\lazar\Desktop\Hulu Plus
2014-01-01 17:35 - 2013-05-02 20:20 - 00000000 ____D E:\Users\lazar\AppData\Roaming\vlc
2014-01-01 15:54 - 2013-12-27 21:29 - 00000000 ____D E:\Users\lazar\AppData\Roaming\GSA Captcha Breaker
2014-01-01 12:07 - 2013-12-30 15:36 - 00000000 ____D E:\Users\lazar\Desktop\SEO Project
2013-12-31 23:20 - 2013-12-28 22:46 - 00000132 _____ E:\Users\lazar\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-12-31 23:13 - 2013-12-22 18:20 - 00000242 _____ E:\Users\lazar\Desktop\Tasks.txt
2013-12-31 20:42 - 2013-12-28 22:31 - 00000132 _____ E:\Users\lazar\AppData\Roaming\Adobe BMP Format CS6 Prefs
2013-12-31 13:50 - 2013-12-31 13:34 - 00037888 _____ E:\Users\lazar\Documents\How To Grow Taller.msam
2013-12-31 10:10 - 2013-12-26 12:17 - 00000000 ____D E:\Users\lazar\AppData\Roaming\GSA Search Engine Ranker
2013-12-30 15:57 - 2013-12-30 15:31 - 00035840 _____ E:\Users\lazar\Documents\Xbox Live Gratuit.msam
2013-12-30 09:55 - 2013-12-24 21:05 - 00000000 ____D E:\Program Files\Adobe
2013-12-30 09:53 - 2013-12-24 21:05 - 00000000 ____D E:\Program Files\Common Files\Adobe
2013-12-30 09:14 - 2013-04-08 17:42 - 00000000 ____D E:\ProgramData\Adobe
2013-12-29 19:49 - 2013-12-29 19:49 - 00000000 ____D E:\Users\lazar\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2013-12-29 19:49 - 2013-12-29 19:49 - 00000000 ____D E:\Users\lazar\AppData\Roaming\MarketSamurai
2013-12-29 19:48 - 2013-12-29 19:48 - 00000901 _____ E:\Users\Public\Desktop\Market Samurai.lnk
2013-12-29 19:48 - 2013-12-29 19:48 - 00000000 ____D E:\Program Files\Market Samurai
2013-12-29 18:32 - 2010-11-20 22:01 - 00772110 _____ E:\Windows\system32\PerfStringBackup.INI
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D E:\Users\Default\AppData\Roaming\Macromedia
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D E:\Users\Default User\AppData\Roaming\Macromedia
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D E:\Program Files\Common Files\Adobe AIR
2013-12-29 15:24 - 2012-07-09 17:56 - 00000000 ____D E:\Users\lazar\AppData\Roaming\Adobe
2013-12-29 14:39 - 2013-12-26 12:17 - 00000000 ____D E:\Program Files\GSA Search Engine Ranker
2013-12-29 13:33 - 2013-12-21 13:02 - 00000000 __SHD E:\Windows\system32\AI_RecycleBin
2013-12-29 07:27 - 2009-07-14 05:33 - 03805616 _____ E:\Windows\system32\FNTCACHE.DAT
2013-12-28 22:58 - 2013-12-10 19:50 - 00000000 ____D E:\Program Files\Mozilla Firefox
2013-12-28 21:16 - 2013-12-28 21:16 - 00000000 ____D E:\Users\lazar\AppData\Roaming\NVIDIA
2013-12-28 21:15 - 2013-12-28 21:15 - 00001165 _____ E:\Users\lazar\Desktop\Adobe Photoshop CS6.lnk
2013-12-28 21:15 - 2012-07-10 02:43 - 00109280 _____ E:\Users\lazar\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-28 21:13 - 2013-12-28 21:13 - 00000000 ____D E:\ProgramData\regid.1986-12.com.adobe
2013-12-28 18:11 - 2009-07-14 03:37 - 00000000 ____D E:\Windows\rescache
2013-12-28 12:40 - 2013-12-21 12:58 - 00000000 ____D E:\Users\lazar\AppData\Local\PMB Files
2013-12-28 12:40 - 2013-12-21 12:57 - 00000000 ____D E:\ProgramData\PMB Files
2013-12-27 21:28 - 2013-12-27 21:28 - 00001062 _____ E:\Users\lazar\Desktop\GSA Captcha Breaker.lnk
2013-12-27 21:28 - 2013-12-27 21:27 - 00000000 ____D E:\Program Files\GSA Captcha Breaker
2013-12-26 12:17 - 2013-12-26 12:17 - 00001137 _____ E:\Users\lazar\Desktop\GSA Search Engine Ranker.lnk
2013-12-25 19:04 - 2012-07-09 04:18 - 00000000 ____D E:\Users\lazar
2013-12-25 12:03 - 2013-12-25 12:03 - 00000000 ____D E:\Users\lazar\AppData\Local\IsolatedStorage
2013-12-25 12:03 - 2013-12-25 12:01 - 00000000 ____D E:\Program Files\HMA! Pro VPN
2013-12-25 12:01 - 2013-12-25 12:01 - 00001109 _____ E:\Users\Public\Desktop\HMA! Pro VPN.lnk
2013-12-25 00:19 - 2013-12-24 15:52 - 00000000 ____D E:\ProgramData\Microsoft Help
2013-12-24 16:03 - 2013-12-24 16:03 - 00000000 ____D E:\Program Files\Common Files\DESIGNER
2013-12-24 16:03 - 2009-07-14 05:52 - 00000000 ____D E:\Program Files\MSBuild
2013-12-24 16:03 - 2009-07-14 03:37 - 00000000 ____D E:\Program Files\Common Files\microsoft shared
2013-12-24 16:01 - 2013-12-24 16:01 - 00000000 ____D E:\Program Files\Microsoft Synchronization Services
2013-12-24 16:01 - 2010-11-21 01:46 - 00000000 ____D E:\Windows\ShellNew
2013-12-24 15:59 - 2013-12-24 15:52 - 00000000 ____D E:\Program Files\Microsoft Office
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D E:\Windows\PCHEALTH
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D E:\Program Files\Microsoft Sync Framework
2013-12-24 15:58 - 2013-12-24 15:58 - 00000000 ____D E:\Program Files\Microsoft SQL Server Compact Edition
2013-12-24 15:58 - 2013-06-23 09:08 - 00000000 ____D E:\Program Files\Microsoft.NET
2013-12-24 15:56 - 2013-12-24 15:56 - 00000000 ____D E:\Program Files\Microsoft Visual Studio 8
2013-12-24 15:54 - 2009-07-14 03:37 - 00000000 ____D E:\Program Files\Common Files\System
2013-12-24 15:54 - 2009-07-14 03:04 - 00000478 _____ E:\Windows\win.ini
2013-12-24 15:53 - 2013-12-24 15:53 - 00000000 ____D E:\Program Files\Microsoft Analysis Services
2013-12-24 15:52 - 2013-12-24 15:52 - 00000000 ____D E:\Users\lazar\AppData\Local\Microsoft Help
2013-12-24 15:51 - 2013-12-24 15:51 - 00000000 __RHD E:\MSOCache
2013-12-22 18:37 - 2013-12-22 18:37 - 00000000 ____D E:\Users\lazar\AppData\Roaming\LolClient
2013-12-21 13:01 - 2013-12-21 13:01 - 00000000 ____D E:\Riot Games
2013-12-21 12:57 - 2013-12-21 12:57 - 00000000 ____D E:\Users\lazar\AppData\Roaming\Riot Games
2013-12-21 12:57 - 2013-12-21 12:57 - 00000000 ____D E:\Program Files\Pando Networks
2013-12-21 00:47 - 2013-12-21 00:47 - 00000000 ____D E:\Users\lazar\AppData\Roaming\Affilorama
2013-12-20 21:21 - 2013-04-08 17:45 - 00692616 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerApp.exe
2013-12-20 21:21 - 2013-04-08 17:45 - 00071048 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-20 20:04 - 2009-07-14 03:37 - 00000000 ___RD E:\Users\Public
2013-12-20 19:54 - 2013-12-20 19:54 - 00000000 ____D E:\Users\lazar\Documents\My Games
2013-12-20 19:53 - 2013-12-20 19:53 - 00000000 ____D E:\Program Files\Grinding Gear Games
2013-12-15 15:30 - 2012-07-09 05:01 - 00000000 ____D E:\Windows\Panther
2013-12-13 22:06 - 2009-07-14 05:53 - 00032576 _____ E:\Windows\Tasks\SCHEDLGU.TXT
2013-12-12 17:14 - 2009-07-14 03:37 - 00000000 ____D E:\Windows\system32\sr-Latn-CS
2013-12-11 23:48 - 2013-08-09 13:02 - 00000000 ____D E:\Windows\system32\MRT
2013-12-11 23:47 - 2013-02-28 13:07 - 88123800 _____ (Microsoft Corporation) E:\Windows\system32\MRT.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 01051136 _____ (Microsoft Corporation) E:\Windows\system32\mshtmlmedia.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00646144 _____ (Microsoft Corporation) E:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00645120 _____ (Microsoft Corporation) E:\Windows\system32\jsIntl.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00616104 _____ (Microsoft Corporation) E:\Windows\system32\ieapfltr.dat
2013-12-03 23:16 - 2013-12-03 23:16 - 00610304 _____ (Microsoft Corporation) E:\Windows\system32\jscript.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00523776 _____ (Microsoft Corporation) E:\Windows\system32\msfeeds.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00454656 _____ (Microsoft Corporation) E:\Windows\system32\vbscript.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00367104 _____ (Microsoft Corporation) E:\Windows\system32\dxtmsft.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00337408 _____ (Microsoft Corporation) E:\Windows\system32\html.iec
2013-12-03 23:16 - 2013-12-03 23:16 - 00244736 _____ (Microsoft Corporation) E:\Windows\system32\dxtrans.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00238288 _____ (Microsoft Corporation) E:\Windows\system32\iedkcs32.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00233472 _____ (Microsoft Corporation) E:\Windows\system32\url.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00208384 _____ (Microsoft Corporation) E:\Windows\system32\webcheck.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00194048 _____ (Microsoft Corporation) E:\Windows\system32\elshyph.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00182272 _____ (Microsoft Corporation) E:\Windows\system32\msls31.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00164864 _____ (Microsoft Corporation) E:\Windows\system32\msrating.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00151552 _____ (Microsoft Corporation) E:\Windows\system32\iexpress.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00139264 _____ (Microsoft Corporation) E:\Windows\system32\wextract.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00127488 _____ (Microsoft Corporation) E:\Windows\system32\occache.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00116736 _____ (Microsoft Corporation) E:\Windows\system32\iepeers.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00111616 _____ (Microsoft Corporation) E:\Windows\system32\IEAdvpack.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00086016 _____ (Microsoft Corporation) E:\Windows\system32\iesysprep.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00083456 _____ (Microsoft Corporation) E:\Windows\system32\inseng.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00074240 _____ (Microsoft Corporation) E:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00071680 _____ (Microsoft Corporation) E:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00069632 _____ (Microsoft Corporation) E:\Windows\system32\mshtmled.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00069120 _____ (Microsoft Corporation) E:\Windows\system32\icardie.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00062464 _____ (Microsoft Corporation) E:\Windows\system32\tdc.ocx
2013-12-03 23:16 - 2013-12-03 23:16 - 00061952 _____ (Microsoft Corporation) E:\Windows\system32\MshtmlDac.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00056832 _____ (Microsoft Corporation) E:\Windows\system32\pngfilt.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00048640 _____ (Microsoft Corporation) E:\Windows\system32\mshtmler.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00043008 _____ (Microsoft Corporation) E:\Windows\system32\msfeedsbs.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00036352 _____ (Microsoft Corporation) E:\Windows\system32\imgutil.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00034816 _____ (Microsoft Corporation) E:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00024576 _____ (Microsoft Corporation) E:\Windows\system32\licmgr10.dll
2013-12-03 23:16 - 2013-12-03 23:16 - 00013312 _____ (Microsoft Corporation) E:\Windows\system32\mshta.exe
2013-12-03 23:16 - 2013-12-03 23:16 - 00012800 _____ (Microsoft Corporation) E:\Windows\system32\msfeedssync.exe

==================== Bamital & volsnap Check =================

E:\Windows\explorer.exe => MD5 is legit
E:\Windows\System32\winlogon.exe => MD5 is legit
E:\Windows\System32\wininit.exe => MD5 is legit
E:\Windows\System32\svchost.exe => MD5 is legit
E:\Windows\System32\services.exe => MD5 is legit
E:\Windows\System32\User32.dll => MD5 is legit
E:\Windows\System32\userinit.exe => MD5 is legit
E:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-02 00:49

==================== End Of Log ============================

Dopuna: 02 Jan 2014 19:58

ponovo ne mogu da koristim opciju "prikaci fajl" pa cu okaciti "rucno":
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-01-2014 01
Ran by lazar at 2014-01-02 19:54:36
Running from E:\Users\lazar\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent (Version: 3.3.2.30446 - BitTorrent Inc.)
Adobe AIR (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (Version: 11.0.05 - Adobe Systems Incorporated)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36 - Atheros Communications Inc.)
Atheros Driver Installation Program (Version: 9.2 - Atheros)
avast! Free Antivirus (Version: 9.0.2011 - Avast Software)
CCleaner (Version: 4.08 - Piriform)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft)
Google Chrome (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
GSA Captcha Breaker v2.36 (Version: 2.36 - GSA Software)
GSA Search Engine Ranker v7.25 (Version: 7.25 - GSA Software)
HMA! Pro VPN 2.8.3.1 (Version: 2.8.3.1 - )
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation)
Market Samurai (Version: 0.93.00 - Alliance Software Pty Ltd)
Market Samurai (Version: 0.93.00 - Alliance Software Pty Ltd) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
NVIDIA 3D Vision Driver 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Pando Media Booster (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek USB 2.0 Reader Driver (Version: 1.0.0.12 - Realtek Semiconductor Corp.)
Skype™ 6.11 (Version: 6.11.102 - Skype Technologies S.A.)
TOSHIBA Assist (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Wireless LAN Indicator (Version: 1.0.5 - TOSHIBA CORPORATION)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2494150) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (Version: - Microsoft)
VLC media player 2.0.6 (Version: 2.0.6 - VideoLAN)
WinRAR 5.00 beta 6 (32-bit) (Version: 5.00.6 - win.rar GmbH)

==================== Restore Points =========================

30-12-2013 08:21:04 Windows Update
31-12-2013 00:34:28 Windows Update
01-01-2014 07:26:19 Windows Update
02-01-2014 02:00:11 Windows Update
02-01-2014 16:50:23 avast! antivirus system restore point

==================== Hosts content: ==========================

2009-07-14 03:04 - 2014-01-01 15:54 - 00000824 ____A E:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C013626-DBF0-41A3-8195-6B3DD6FAB555} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
Task: {18940C34-C958-4EED-A2B0-760A18200AB4} - System32\Tasks\avast! Emergency Update => E:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-02] (AVAST Software)
Task: {53D3DE63-051E-4724-B94A-F3ADCC2006DE} - System32\Tasks\Adobe Flash Player Updater => E:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-20] (Adobe Systems Incorporated)
Task: {B51FEBAE-46D4-464C-8760-AE63DA47FF9B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C979389D-2276-41D6-BEB4-1561A8C5D4F7} - System32\Tasks\AdobeAAMUpdater-1.0-lazar-PC-lazar => E:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {D02BA4CB-5C56-4C96-9E0E-3E4F85DA9A34} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {E228D5A2-4E28-4AF2-8093-177EB4F8909E} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
Task: E:\Windows\Tasks\Adobe Flash Player Updater.job => E:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files\Google\Update\GoogleUpdate.exe
Task: E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () E:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () E:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-11-28 11:36 - 2013-11-28 11:36 - 19336120 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-02 08:16 - 2013-12-04 03:47 - 00702416 _____ () E:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2014-01-02 08:16 - 2013-12-04 03:47 - 00099792 _____ () E:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll
2014-01-02 08:16 - 2013-12-04 03:48 - 04055504 _____ () E:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
2014-01-02 08:16 - 2013-12-04 03:48 - 00399312 _____ () E:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2014-01-02 08:16 - 2013-12-04 03:47 - 01619408 _____ () E:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2014-01-02 08:16 - 2013-12-04 03:48 - 13586896 _____ () E:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/02/2014 05:50:21 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {909b8675-21c2-4680-bc38-d828eb0a13ce}

Error: (01/02/2014 01:48:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2014 08:10:54 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.16428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1040

Start Time: 01cf0789b1d61701

Termination Time: 50

Application Path: E:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (01/02/2014 08:10:31 AM) (Source: Application Hang) (User: )
Description: The program opera.exe version 18.0.1284.68 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c24

Start Time: 01cf07890d3275d6

Termination Time: 132

Application Path: E:\Program Files\Opera\18.0.1284.68\opera.exe

Report Id: f3afa202-737c-11e3-832c-047d7b6f62db

Error: (01/02/2014 07:59:16 AM) (Source: Application Hang) (User: )
Description: The program opera.exe version 18.0.1284.68 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9e8

Start Time: 01cf0787ffb62225

Termination Time: 67

Application Path: E:\Program Files\Opera\18.0.1284.68\opera.exe

Report Id: 5a7c7d9e-737b-11e3-832c-047d7b6f62db

Error: (01/02/2014 07:52:14 AM) (Source: Application Hang) (User: )
Description: The program opera.exe version 18.0.1284.68 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: dc8

Start Time: 01cf0786b08cfe7b

Termination Time: 120

Application Path: E:\Program Files\Opera\18.0.1284.68\opera.exe

Report Id: 5f573cc9-737a-11e3-832c-047d7b6f62db

Error: (01/02/2014 03:04:49 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2468871' could not be installed. Error code 1603. Additional information is available in the log file E:\Windows\TEMP\KB2468871v2_20140102_030147005-Microsoft .NET Framework 4 Client Profile-MSP0.txt.

Error: (01/02/2014 00:20:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2014 11:02:25 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.16428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 984

Start Time: 01cf073d06017fb2

Termination Time: 80

Application Path: E:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (01/01/2014 11:01:29 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.16428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1460

Start Time: 01cf073cf1a516d3

Termination Time: 90

Application Path: E:\Program Files\Internet Explorer\iexplore.exe

Report Id:


System errors:
=============
Error: (01/02/2014 03:06:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871).

Error: (01/02/2014 03:01:52 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/02/2014 03:01:51 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/01/2014 08:54:35 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/01/2014 08:54:35 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (01/01/2014 08:34:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871).

Error: (01/01/2014 08:33:01 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/01/2014 08:33:01 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/01/2014 08:18:59 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/01/2014 08:18:59 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.


Microsoft Office Sessions:
=========================
Error: (01/02/2014 05:50:21 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {909b8675-21c2-4680-bc38-d828eb0a13ce}

Error: (01/02/2014 01:48:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2014 08:10:54 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.16428104001cf0789b1d6170150E:\Program Files\Internet Explorer\iexplore.exe

Error: (01/02/2014 08:10:31 AM) (Source: Application Hang)(User: )
Description: opera.exe18.0.1284.68c2401cf07890d3275d6132E:\Program Files\Opera\18.0.1284.68\opera.exef3afa202-737c-11e3-832c-047d7b6f62db

Error: (01/02/2014 07:59:16 AM) (Source: Application Hang)(User: )
Description: opera.exe18.0.1284.689e801cf0787ffb6222567E:\Program Files\Opera\18.0.1284.68\opera.exe5a7c7d9e-737b-11e3-832c-047d7b6f62db

Error: (01/02/2014 07:52:14 AM) (Source: Application Hang)(User: )
Description: opera.exe18.0.1284.68dc801cf0786b08cfe7b120E:\Program Files\Opera\18.0.1284.68\opera.exe5f573cc9-737a-11e3-832c-047d7b6f62db

Error: (01/02/2014 03:04:49 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft .NET Framework 4 Client ProfileKB24688711603E:\Windows\TEMP\KB2468871v2_20140102_030147005-Microsoft .NET Framework 4 Client Profile-MSP0.txt(NULL)(NULL)

Error: (01/02/2014 00:20:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2014 11:02:25 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.1642898401cf073d06017fb280E:\Program Files\Internet Explorer\iexplore.exe

Error: (01/01/2014 11:01:29 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.16428146001cf073cf1a516d390E:\Program Files\Internet Explorer\iexplore.exe


==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 2805.86 MB
Available physical RAM: 1279.7 MB
Total Pagefile: 5610.01 MB
Available Pagefile: 3810.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.69 MB

==================== Drives ================================

Drive e: () (Fixed) (Total:108.4 GB) (Free:72.03 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: () (Fixed) (Total:487.76 GB) (Free:484.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 4DB0B0F5)
Partition 1: (Active) - (Size=108 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488 GB) - (Type=OF Extended)

==================== End Of Log ============================

Poslao: 02 Jan 2014 20:30
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Citat:ponovo ne mogu da koristim opciju "prikaci fajl" pa cu okaciti "rucno":

Sto ne mozes da koristis Prikaci fajl opciju?

Poslao: 02 Jan 2014 20:40
Idi na vrh
offline
  • Pridružio: 29 Nov 2012
  • Poruke: 36

Napisano: 02 Jan 2014 20:37

I ove GMER logove cu morati rucno Razz prvo ark:





GMER 2.1.19163 - gmer.net
Rootkit scan 2014-01-02 20:33:03
Windows 6.1.7601 Service Pack 1
Running: od1uut3p.exe; Driver: E:\Users\lazar\AppData\Local\Temp\awdyqkod.sys


---- System - GMER 2.1 ----

SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwAddBootEntry [0x8F86BB10]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0x8F86C5EE]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateEvent [0x8F8785E0]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateEventPair [0x8F87862C]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0x8F8787C6]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateMutant [0x8F87854E]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateSection [0x8F878670]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateSemaphore [0x8F878596]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateThread [0x8F86CB24]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateThreadEx [0x8F86CD40]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwCreateTimer [0x8F878780]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0x8F86D3DC]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0x8F86BB76]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwDuplicateObject [0x8F870B58]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwLoadDriver [0x8F86B75E]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwModifyBootEntry [0x8F86BBDC]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0x8F870F4E]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0x8F86DE6C]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenEvent [0x8F87860A]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenEventPair [0x8F87864E]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0x8F8787EA]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenMutant [0x8F878574]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenProcess [0x8F870452]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenSection [0x8F8786FE]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenSemaphore [0x8F8785BE]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenThread [0x8F87083A]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwOpenTimer [0x8F8787A4]
SSDT \??\E:\Windows\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0x904450CC]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwQueryObject [0x8F86DD38]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwQueueApcThreadEx [0x8F86DA46]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0x8F86BC42]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwSetBootOptions [0x8F86BCA8]
SSDT \??\E:\Windows\system32\drivers\aswSP.sys ZwSetContextThread [0x90445316]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwSetSystemInformation [0x8F86B7F8]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0x8F86B9CE]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwShutdownSystem [0x8F86B95C]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwSuspendProcess [0x8F86D5A6]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwSuspendThread [0x8F86D708]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwSystemDebugControl [0x8F86BA56]
SSDT \??\E:\Windows\system32\drivers\aswSP.sys ZwTerminateProcess [0x90445194]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwTerminateThread [0x8F86D236]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwVdmControl [0x8F86BD0E]
SSDT \??\E:\Windows\system32\drivers\aswSnx.sys ZwWriteVirtualMemory [0x8F86C64A]

---- Kernel code sections - GMER 2.1 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82C80A15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CBA212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 82CC1460 4 Bytes [10, BB, 86, 8F]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1153 82CC14E8 4 Bytes [EE, C5, 86, 8F]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 82CC153C 8 Bytes [E0, 85, 87, 8F, 2C, 86, 87, ...] {LOOPNZ 0xffffff87; XCHG [EDI-0x707879d4], ECX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 82CC1548 4 Bytes [C6, 87, 87, 8F]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11CF 82CC1564 4 Bytes [4E, 85, 87, 8F]
.text ...
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 82E7C4DF 4 Bytes CALL 8F86E52F \??\E:\Windows\system32\drivers\aswSnx.sys
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 82E96347 4 Bytes CALL 8F86E545 \??\E:\Windows\system32\drivers\aswSnx.sys
? E:\Windows\system32\drivers\aswTdi.sys The system cannot find the file specified. !
? E:\Windows\system32\drivers\aswFsBlk.sys The system cannot find the file specified. !
? E:\Users\lazar\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 2.1 ----

.text E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[404] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\csrss.exe[424] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtCreateFile + 6 77A7560E 4 Bytes [28, 58, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtCreateFile + B 77A75613 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtMapViewOfSection + 6 77A75C6E 4 Bytes [28, 5B, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtMapViewOfSection + B 77A75C73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenFile + 6 77A75D1E 4 Bytes [68, 58, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenFile + B 77A75D23 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenProcess + 6 77A75DCE 4 Bytes [A8, 59, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenProcess + B 77A75DD3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenProcessToken + 6 77A75DDE 4 Bytes CALL 76A82C3C E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenProcessToken + B 77A75DE3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DEE 4 Bytes [A8, 5A, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenProcessTokenEx + B 77A75DF3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenThread + 6 77A75E4E 4 Bytes [68, 59, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenThread + B 77A75E53 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenThreadToken + 6 77A75E5E 4 Bytes [68, 5A, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenThreadToken + B 77A75E63 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E6E 4 Bytes CALL 76A82CCD E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtOpenThreadTokenEx + B 77A75E73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtQueryAttributesFile + 6 77A75F7E 4 Bytes [A8, 58, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtQueryAttributesFile + B 77A75F83 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtQueryFullAttributesFile + 6 77A7602E 4 Bytes CALL 76A82E8B E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtQueryFullAttributesFile + B 77A76033 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtSetInformationFile + 6 77A7667E 4 Bytes [28, 59, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtSetInformationFile + B 77A76683 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtSetInformationThread + 6 77A766DE 4 Bytes [28, 5A, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtSetInformationThread + B 77A766E3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtUnmapViewOfSection + 6 77A769FE 4 Bytes [68, 5B, CE, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!NtUnmapViewOfSection + B 77A76A03 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!LdrUnloadDll 77A8C8DE 5 Bytes JMP 00DA03FC
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] ntdll.dll!LdrLoadDll 77A922AE 5 Bytes JMP 00DA01F8
.text E:\Program Files\Google\Chrome\Application\chrome.exe[440] KERNEL32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\wininit.exe[492] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\csrss.exe[504] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\services.exe[552] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\lsass.exe[568] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text ...
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtCreateFile + 6 77A7560E 4 Bytes [28, 10, B5, 00] {SUB [EAX], DL; MOV CH, 0x0}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtCreateFile + B 77A75613 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtMapViewOfSection + 6 77A75C6E 4 Bytes [28, 13, B5, 00] {SUB [EBX], DL; MOV CH, 0x0}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtMapViewOfSection + B 77A75C73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenFile + 6 77A75D1E 4 Bytes [68, 10, B5, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenFile + B 77A75D23 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenProcess + 6 77A75DCE 4 Bytes [A8, 11, B5, 00] {TEST AL, 0x11; MOV CH, 0x0}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenProcess + B 77A75DD3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenProcessToken + 6 77A75DDE 4 Bytes CALL 76A812F4 E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenProcessToken + B 77A75DE3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DEE 4 Bytes [A8, 12, B5, 00] {TEST AL, 0x12; MOV CH, 0x0}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenProcessTokenEx + B 77A75DF3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenThread + 6 77A75E4E 4 Bytes [68, 11, B5, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenThread + B 77A75E53 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenThreadToken + 6 77A75E5E 4 Bytes [68, 12, B5, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenThreadToken + B 77A75E63 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E6E 4 Bytes CALL 76A81385 E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtOpenThreadTokenEx + B 77A75E73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtQueryAttributesFile + 6 77A75F7E 4 Bytes [A8, 10, B5, 00] {TEST AL, 0x10; MOV CH, 0x0}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtQueryAttributesFile + B 77A75F83 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtQueryFullAttributesFile + 6 77A7602E 4 Bytes CALL 76A81543 E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtQueryFullAttributesFile + B 77A76033 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtSetInformationFile + 6 77A7667E 4 Bytes [28, 11, B5, 00] {SUB [ECX], DL; MOV CH, 0x0}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtSetInformationFile + B 77A76683 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtSetInformationThread + 6 77A766DE 4 Bytes [28, 12, B5, 00] {SUB [EDX], DL; MOV CH, 0x0}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtSetInformationThread + B 77A766E3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtUnmapViewOfSection + 6 77A769FE 4 Bytes [68, 13, B5, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!NtUnmapViewOfSection + B 77A76A03 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!LdrUnloadDll 77A8C8DE 5 Bytes JMP 00BB03FC
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] ntdll.dll!LdrLoadDll 77A922AE 5 Bytes JMP 00BB01F8
.text E:\Program Files\Google\Chrome\Application\chrome.exe[2612] KERNEL32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Users\lazar\Downloads\od1uut3p.exe[2648] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\svchost.exe[3264] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\svchost.exe[3304] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\SearchIndexer.exe[3340] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[3540] ntdll.dll!LdrUnloadDll 77A8C8DE 5 Bytes JMP 000E03FC
.text E:\Program Files\Google\Chrome\Application\chrome.exe[3540] ntdll.dll!LdrLoadDll 77A922AE 5 Bytes JMP 000E01F8
.text E:\Program Files\Google\Chrome\Application\chrome.exe[3540] KERNEL32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Program Files\Windows Media Player\wmpnetwk.exe[3552] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[3780] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtCreateFile + 6 77A7560E 4 Bytes [28, 28, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtCreateFile + B 77A75613 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtMapViewOfSection + 6 77A75C6E 4 Bytes [28, 2B, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtMapViewOfSection + B 77A75C73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenFile + 6 77A75D1E 4 Bytes [68, 28, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenFile + B 77A75D23 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcess + 6 77A75DCE 4 Bytes [A8, 29, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcess + B 77A75DD3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcessToken + 6 77A75DDE 4 Bytes CALL 76A8580C E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcessToken + B 77A75DE3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DEE 4 Bytes [A8, 2A, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcessTokenEx + B 77A75DF3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThread + 6 77A75E4E 4 Bytes [68, 29, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThread + B 77A75E53 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThreadToken + 6 77A75E5E 4 Bytes [68, 2A, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThreadToken + B 77A75E63 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E6E 4 Bytes CALL 76A8589D E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThreadTokenEx + B 77A75E73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtQueryAttributesFile + 6 77A75F7E 4 Bytes [A8, 28, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtQueryAttributesFile + B 77A75F83 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtQueryFullAttributesFile + 6 77A7602E 4 Bytes CALL 76A85A5B E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtQueryFullAttributesFile + B 77A76033 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtSetInformationFile + 6 77A7667E 4 Bytes [28, 29, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtSetInformationFile + B 77A76683 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtSetInformationThread + 6 77A766DE 4 Bytes [28, 2A, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtSetInformationThread + B 77A766E3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtUnmapViewOfSection + 6 77A769FE 4 Bytes [68, 2B, FA, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtUnmapViewOfSection + B 77A76A03 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!LdrUnloadDll 77A8C8DE 5 Bytes JMP 010703FC
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!LdrLoadDll 77A922AE 5 Bytes JMP 010701F8
.text E:\Program Files\Google\Chrome\Application\chrome.exe[4356] KERNEL32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Users\lazar\AppData\Roaming\uTorrent\uTorrent.exe[4452] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\svchost.exe[4728] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtCreateFile + 6 77A7560E 4 Bytes [28, 00, C5, 00] {SUB [EAX], AL; LDS EAX, [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtCreateFile + B 77A75613 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtMapViewOfSection + 6 77A75C6E 1 Byte [28]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtMapViewOfSection + 6 77A75C6E 4 Bytes [28, 03, C5, 00] {SUB [EBX], AL; LDS EAX, [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtMapViewOfSection + B 77A75C73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenFile + 6 77A75D1E 4 Bytes [68, 00, C5, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenFile + B 77A75D23 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenProcess + 6 77A75DCE 4 Bytes [A8, 01, C5, 00] {TEST AL, 0x1; LDS EAX, [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenProcess + B 77A75DD3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenProcessToken + 6 77A75DDE 4 Bytes CALL 76A822E4 E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenProcessToken + B 77A75DE3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DEE 4 Bytes [A8, 02, C5, 00] {TEST AL, 0x2; LDS EAX, [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenProcessTokenEx + B 77A75DF3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenThread + 6 77A75E4E 4 Bytes [68, 01, C5, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenThread + B 77A75E53 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenThreadToken + 6 77A75E5E 4 Bytes [68, 02, C5, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenThreadToken + B 77A75E63 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E6E 4 Bytes CALL 76A82375 E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtOpenThreadTokenEx + B 77A75E73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtQueryAttributesFile + 6 77A75F7E 4 Bytes [A8, 00, C5, 00] {TEST AL, 0x0; LDS EAX, [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtQueryAttributesFile + B 77A75F83 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtQueryFullAttributesFile + 6 77A7602E 4 Bytes CALL 76A82533 E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtQueryFullAttributesFile + B 77A76033 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtSetInformationFile + 6 77A7667E 4 Bytes [28, 01, C5, 00] {SUB [ECX], AL; LDS EAX, [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtSetInformationFile + B 77A76683 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtSetInformationThread + 6 77A766DE 4 Bytes [28, 02, C5, 00] {SUB [EDX], AL; LDS EAX, [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtSetInformationThread + B 77A766E3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtUnmapViewOfSection + 6 77A769FE 1 Byte [68]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtUnmapViewOfSection + 6 77A769FE 4 Bytes [68, 03, C5, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!NtUnmapViewOfSection + B 77A76A03 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!LdrUnloadDll 77A8C8DE 5 Bytes JMP 00C903FC
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] ntdll.dll!LdrLoadDll 77A922AE 5 Bytes JMP 00C901F8
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5496] KERNEL32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\AUDIODG.EXE[5500] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtCreateFile + 6 77A7560E 4 Bytes [28, 4C, DD, 00] {SUB [EBP+EBX*8+0x0], CL}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtCreateFile + B 77A75613 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtMapViewOfSection + 6 77A75C6E 4 Bytes [28, 4F, DD, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtMapViewOfSection + B 77A75C73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenFile + 6 77A75D1E 4 Bytes [68, 4C, DD, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenFile + B 77A75D23 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenProcess + 6 77A75DCE 4 Bytes [A8, 4D, DD, 00] {TEST AL, 0x4d; FLD QWORD [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenProcess + B 77A75DD3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenProcessToken + 6 77A75DDE 4 Bytes CALL 76A83B30 E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenProcessToken + B 77A75DE3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DEE 4 Bytes [A8, 4E, DD, 00] {TEST AL, 0x4e; FLD QWORD [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenProcessTokenEx + B 77A75DF3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenThread + 6 77A75E4E 4 Bytes [68, 4D, DD, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenThread + B 77A75E53 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenThreadToken + 6 77A75E5E 4 Bytes [68, 4E, DD, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenThreadToken + B 77A75E63 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E6E 4 Bytes CALL 76A83BC1 E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtOpenThreadTokenEx + B 77A75E73 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtQueryAttributesFile + 6 77A75F7E 4 Bytes [A8, 4C, DD, 00] {TEST AL, 0x4c; FLD QWORD [EAX]}
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtQueryAttributesFile + B 77A75F83 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtQueryFullAttributesFile + 6 77A7602E 4 Bytes CALL 76A83D7F E:\Windows\system32\SHELL32.dll
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtQueryFullAttributesFile + B 77A76033 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtSetInformationFile + 6 77A7667E 4 Bytes [28, 4D, DD, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtSetInformationFile + B 77A76683 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtSetInformationThread + 6 77A766DE 4 Bytes [28, 4E, DD, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtSetInformationThread + B 77A766E3 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtUnmapViewOfSection + 6 77A769FE 4 Bytes [68, 4F, DD, 00]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!NtUnmapViewOfSection + B 77A76A03 1 Byte [E2]
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!LdrUnloadDll 77A8C8DE 5 Bytes JMP 00EA03FC
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] ntdll.dll!LdrLoadDll 77A922AE 5 Bytes JMP 00EA01F8
.text E:\Program Files\Google\Chrome\Application\chrome.exe[5604] KERNEL32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]
.text E:\Windows\system32\taskhost.exe[6084] kernel32.dll!GetBinaryTypeW + 70 763769E4 1 Byte [62]

---- Devices - GMER 2.1 ----

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.sys

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ?????????????????????e???????????j?????????r?k??tunnel??????? ???????????????????Confused,?? ?????????w????????????????????????????????????????????????????????????}??@input.inf,%hid_device%;HID-compliant device????? ??????????????????????????????????????? ??????? ??????yA???$??????????????????????????????????????? ?????????????}?????k??????????N?????????????s?????????????{00000000-0000-0000-0000-000000000000}??????????????????? ???????l?????752???????????????????$??????????????????????????@o??????????????????????????????????6.1.7601.18251??????????????????????????????????????????????? ??????????????????Unknown Device???????????????????????????&???&???&???&???&???&???&???&???&???&???&?7?&???&???&???&???&???&???&???&???&??????????????????????????? ???????F?????EE4??? ?????????????????????1????????????????????????? ??????????????????@input.inf,%stdmfg%;(Standard system devices)?????z?????????????{8ECC055D-047F-11D1-A537-0000F8753ED1}???????????????e????????????????????????????????0??????f???h??????????? ?????????????

---- EOF - GMER 2.1 ----





evo ga i autostart:





GMER 2.1.19163 - gmer.net
Autostart scan 2014-01-02 20:35:31
Windows 6.1.7601 Service Pack 1


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = autocheck autochk * /*file not found*/

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AdobeARMservice@ = "E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
avast! Antivirus@ = "E:\Program Files\AVAST Software\Avast\AvastSvc.exe"
gupdate@ = "E:\Program Files\Google\Update\GoogleUpdate.exe" /svc
nvsvc@ = "E:\Windows\system32\nvvsvc.exe"
nvUpdatusService@ = "E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
Stereo Service@ = "E:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@AvastUI.exe"E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui = "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
@SunJavaUpdateSched"E:\Program Files\Common Files\Java\Java Update\jusched.exe" = "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
@Adobe ARM"E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" = "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
@AdobeAAMUpdater-1.0"E:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" = "E:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
@SwitchBoardE:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe = E:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
@AdobeCS6ServiceManager"E:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin = "E:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@AdobeBridge /*file not found*/ = /*file not found*/
@uTorrentE:\Users\Marijana\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED = E:\Users\Marijana\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WebCheck =

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{472083B0-C522-11CF-8763-00608CC02F24} /*avast*/E:\Program Files\AVAST Software\Avast\ashShell.dll = E:\Program Files\AVAST Software\Avast\ashShell.dll
@{E6FB5E20-DE35-11CF-9C87-00AA005127ED} /*WebCheck*/(null) =
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/E:\Program Files\NVIDIA Corporation\Display\nvui.dll = E:\Program Files\NVIDIA Corporation\Display\nvui.dll
@{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} /*NVIDIA Play On My TV Context Menu Extension*/%SystemRoot%\system32\nvshext.dll = %SystemRoot%\system32\nvshext.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/E:\Program Files\WinRAR\rarext.dll = E:\Program Files\WinRAR\rarext.dll
@{A8065B9E-193F-4797-B62D-8F6321E7FCCB} /*Blueberry FlashBack Client*/(null) =

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = E:\Program Files\AVAST Software\Avast\ashShell.dll
BB FlashBack 2@{A8065B9E-193F-4797-B62D-8F6321E7FCCB} =
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = E:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\NvCplDesktopContext@{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = %SystemRoot%\system32\nvshext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = E:\Program Files\AVAST Software\Avast\ashShell.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = E:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers@{F9DB5320-233E-11D1-9F84-707F02C10627} = E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}E:\Program Files\Java\jre7\bin\ssv.dll = E:\Program Files\Java\jre7\bin\ssv.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}E:\Program Files\Java\jre7\bin\jp2ssv.dll = E:\Program Files\Java\jre7\bin\jp2ssv.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/p/?LinkId=255141 = go.microsoft.com/fwlink/p/?LinkId=255141
@Start Pagehttp://go.microsoft.com/fwlink/p/?LinkId=255141 = go.microsoft.com/fwlink/p/?LinkId=255141
@Local PageE:\Windows\System32\blank.htm = E:\Windows\System32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = go.microsoft.com/fwlink/?LinkId=69157
@Local PageE:\Windows\system32\blank.htm = E:\Windows\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Handler\skype4com@CLSID = E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ >>>
000000000001@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000002@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000003@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000004@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000005@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000006@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000007@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000008@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000009@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000010@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000011@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000012@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000013@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000014@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000015@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000016@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000017@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000018@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000019@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000020@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000021@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000022@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000023@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000024@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000025@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000026@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000027@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000028@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/
000000000029@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000030@PackedCatalogItem = %SystemRoot%\system32\mswsock.dllp /*file not found*/

---- EOF - GMER 2.1 ----

Dopuna: 02 Jan 2014 20:40

magna86 ::Citat:ponovo ne mogu da koristim opciju "prikaci fajl" pa cu okaciti "rucno":

Sto ne mozes da koristis Prikaci fajl opciju?
Ceo kompjuter mi se odjednom sj%(@ skajp mi zakucava, ne moze da mi pokrene klip na youtube-u(nije do flesa 100%), itd, itd.. bukvalno odjednom! zato i sumnjam da imam virus

Poslao: 02 Jan 2014 21:04
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Citat:Ceo kompjuter mi se odjednom sj%(@ skajp mi zakucava, ne moze da mi pokrene klip na youtube-u(nije do flesa 100%), itd, itd.. bukvalno odjednom! zato i sumnjam da imam virus

Nazalost (ako tako smem da se izrazim Smile ) ali ti ovde nemas malware. Postavljeni logovi su cisti.

Sve alate koje smo ovde koristili mozes obrisati rucno. Jedino je FRST kreirao svoj radni folder na sistemskoj particiji ( kod tebe na E:\FRST ) koji sadrzi Hivs backup (zdrav registry backup) koji mozes sacuvati ili pak obrisati, izbor je skroz na tebi.


Moja je preporuka da izneses svoj problem u Windows forum. Kolege sa tog foruma verujem da mogu udeliti koji savet.

Poslao: 02 Jan 2014 21:09
Idi na vrh
offline
  • Pridružio: 29 Nov 2012
  • Poruke: 36

magna86 ::Citat:Ceo kompjuter mi se odjednom sj%(@ skajp mi zakucava, ne moze da mi pokrene klip na youtube-u(nije do flesa 100%), itd, itd.. bukvalno odjednom! zato i sumnjam da imam virus

Nazalost (ako tako smem da se izrazim Smile ) ali ti ovde nemas malware. Postavljeni logovi su cisti.

Sve alate koje smo ovde koristili mozes obrisati rucno. Jedino je FRST kreirao svoj radni folder na sistemskoj particiji ( kod tebe na E:\FRST ) koji sadrzi Hivs backup (zdrav registry backup) koji mozes sacuvati ili pak obrisati, izbor je skroz na tebi.


Moja je preporuka da izneses svoj problem u Windows forum. Kolege sa tog foruma verujem da mogu udeliti koji savet.
Vazi! Hvala Smile

Poslao: 02 Jan 2014 21:12
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Takodje dok budes navodio problem za Windows forum, malo bolje pojasni to "zakucava", tj detaljnije opisi problem. Ovakav vid problema lako moze da asocira i na hardware related problem.

Da ti skrtim muke:

Citat:Error: (01/02/2014 03:01:52 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/02/2014 03:01:51 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

...hoce da kaze da HDD poseduje los sektor(e) i to je najverovatnije uzrok problemu.

MyCity » Ambulanta -> Arhiva Ambulante » Problemi sa laptopom

Ko je trenutno na forumu
 

Ukupno su 630 korisnika na forumu :: 13 registrovanih, 2 sakrivenih i 615 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: bigfoot, darios, kybonacci, Mixelotti, nemkea71, Nikolaa11, nuke92, pein, S1Mk3, saputnik plavetnila, slonic_tonic, vlad4, VladaKG1980