problem sa 7c910919

problem sa 7c910919

offline
  • Pridružio: 11 Jan 2014
  • Poruke: 22

preuzeo sam KM pleyer i dobijo ovaj program sa njim ja koristim windos xp zastitu avg anti-virus-plus.firewaii napo mi mozilu i google to sam resijo nekako ali sad anti virus mi daje upozorenje da nemore da skenira datoteku 7c910919 trazi da preuzmem njegov program da on skenira ja sam probo preuzeti ali neznam sta da radim i kako pomoc

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Isprati uputstvo ispod i dostavi izvestaje

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Pridružio: 11 Jan 2014
  • Poruke: 22

‚preuzmem taj program on blokira sav kompijuter a iskljuciti nati virus neznam

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih c´e raditi na tvom sistemu, to c´e biti prava verzija.


dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor;
pričekati koji trenutak dok alat proverava postoji li novija verzija;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 11 Jan 2014
  • Poruke: 22

Napisano: 17 Feb 2014 16:22

mycity.rs/must-login.png



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by goran (administrator) on GORAN-B73602638 on 17-02-2014 16:13:39
Running from C:\Documents and Settings\goran\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgfws9.exe
() C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgam.exe
(PowerISO Computing, Inc.) C:\Program Files\PowerISO\PWRISOVM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgnsx.exe
() C:\Program Files\Winamp\winampa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgtray.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\WINDOWS\FixCamera.exe
() C:\Documents and Settings\All Users\Application Data\Mobilni internet\OnlineUpdate\ouc.exe
() C:\WINDOWS\tsnp325.exe
() C:\WINDOWS\vsnp325.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Smart Turn Off Inc.) C:\Program Files\Smart Turn Off\SMTimer.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\AthServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google) C:\Documents and Settings\goran\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [UnlockerAssistant] - C:\Program Files\Unlocker\UnlockerAssistant.exe [15872 2010-03-09] ()
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2006-02-07] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2006-02-07] (Intel Corporation)
HKLM\...\Run: [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [33792 2003-12-13] ()
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG)
HKLM\...\Run: [AVG9_TRAY] - C:\Program Files\AVG\AVG9\avgtray.exe [2077536 2013-09-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2552856 2014-02-03] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [FixCamera] - C:\WINDOWS\FixCamera.exe [20480 2007-02-12] ()
HKLM\...\Run: [tsnp325] - C:\WINDOWS\tsnp325.exe [270336 2007-04-21] ()
HKLM\...\Run: [snp325] - C:\WINDOWS\vsnp325.exe [835584 2007-05-09] ()
Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\.DEFAULT\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-19\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Run: [Google Update] - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2013-09-12] (Google Inc.)
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Run: [SMTimer.exe] - C:\Program Files\Smart Turn Off\SMTimer.exe [635524 2008-12-22] (Smart Turn Off Inc.)
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Run: [Facebook Update] - C:\Documents and Settings\goran\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096 2014-01-15] (Facebook Inc.)
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\MountPoints2: {39109ba8-5cd3-11e3-9845-000e7b174e1b} - G:\AutoRun.exe
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\MountPoints2: {39109bab-5cd3-11e3-9845-000e7b174e1b} - G:\AutoRun.exe
HKU\S-1-5-21-117609710-920026266-839522115-1003\...\MountPoints2: {39109bad-5cd3-11e3-9845-000e7b174e1b} - G:\AutoRun.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = us.yhs.search.yahoo.com/avg/search?fr=yhs-a....._us&p={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = yandex.ru/yandsearch?win=109&clid=2073738&text={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = yandex.ru/yandsearch?win=109&clid=2073738&text={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = isearch.avg.com/search?cid={C0A3CD70-6C79-4538-8AD7-1915CF3D2037}&mid=565bcfd0120147d3b43cd1473df3a7e8-47da994c0b1cd408437b200520ccf9e6aa3c350a&lang=sr&ds=AVG&pr=&d=2013-09-13 03:58:19&v=15.5.0.2&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\goran\Application Data\Mozilla\Firefox\Profiles\uf6fp1kb.default
FF user.js: detected! => C:\Documents and Settings\goran\Application Data\Mozilla\Firefox\Profiles\uf6fp1kb.default\user.js
FF SearchEngineOrder.3: Bing
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\goran\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\goran\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\goran\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\goran\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\goran\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\goran\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\goran\Application Data\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Documents and Settings\goran\Application Data\Mozilla\Firefox\Profiles\uf6fp1kb.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Documents and Settings\goran\Application Data\Mozilla\Firefox\Profiles\uf6fp1kb.default\searchplugins\yqs-barff-yandex.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml
FF HKLM\...\Firefox\Extensions: [{3f963a5b-e555-4543-90e2-c3908898db71}] - C:\Program Files\AVG\AVG9\Firefox
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG9\Firefox [2013-09-13]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-10]

Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\system32\npDeployJava1.dll No File
CHR Extension: (Google диск) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-12]
CHR Extension: (YouTube) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-12]
CHR Extension: (Google претрага) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-12]
CHR Extension: (AVG Security Toolbar) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-09-16]
CHR Extension: (Google новчаник) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (Gmail) - C:\Documents and Settings\goran\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-12]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-10]

========================== Services (Whitelisted) =================

R2 acs; C:\WINDOWS\system32\acs.exe [499796 2011-12-26] (Atheros)
R2 avg9wd; C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136 2013-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgfws9; C:\Program Files\AVG\AVG9\avgfws9.exe [2331544 2013-09-13] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S3 jswpsapi; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [360529 2011-12-26] (wireless)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
S2 Mobilni internet. RunOuc; C:\Program Files\Mobilni internet\UpdateDog\ouc.exe [246112 2013-12-04] ()
R2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-10] (AVG Secure Search)
S3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2012-10-18] (Atheros Communications, Inc.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30104 2013-09-13] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30104 2013-09-13] (AVG Technologies CZ, s.r.o.)
R1 AvgLdx86; C:\WINDOWS\System32\Drivers\avgldx86.sys [226016 2013-09-13] (AVG Technologies CZ, s.r.o.)
R1 AvgMfx86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [29712 2013-09-13] (AVG Technologies CZ, s.r.o.)
R0 AvgRkx86; C:\WINDOWS\System32\Drivers\avgrkx86.sys [52872 2013-09-13] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\WINDOWS\System32\Drivers\avgtdix.sys [243152 2013-09-13] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-10-02] (AVG Technologies)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 JSWSCIMD; C:\WINDOWS\System32\DRIVERS\jswscimd.sys [57440 2011-12-26] (Atheros Communications, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 SNP325; C:\WINDOWS\System32\DRIVERS\snp325.sys [10343168 2007-05-07] (Sonix Co. Ltd.)
R3 STAC97; C:\WINDOWS\System32\drivers\STAC97.sys [276816 2004-11-11] (SigmaTel, Inc.)
S3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2216064 2008-01-07] (Intel® Corporation)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [58208 2011-12-26] (Atheros Communications, Inc.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [235392 2013-12-04] (Huawei Technologies Co., Ltd.)
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-07-12] (Microsoft Corporation)
S3 rt2870; system32\DRIVERS\rt2870.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-03-09] ()
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-17 16:13 - 2014-02-17 16:13 - 00000000 ____D () C:\FRST
2014-02-16 19:24 - 2014-02-16 18:40 - 00688992 ____R (Swearware) C:\Documents and Settings\goran\Desktop\dds.pif
2014-02-16 18:39 - 2014-02-16 18:39 - 00000000 ___HD () C:\WINDOWS\PIF
2014-02-16 06:19 - 2014-02-16 06:19 - 00001773 _____ () C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 06:19 - 2014-02-16 06:19 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 06:19 - 2014-02-16 06:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
2014-02-15 08:31 - 2014-02-15 08:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-09 06:51 - 2014-02-09 06:51 - 00000000 ____D () C:\Program Files\Common Files\snp325
2014-02-09 06:51 - 2014-02-09 06:51 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\InstallShield
2014-02-09 06:51 - 2007-05-09 10:46 - 00835584 _____ () C:\WINDOWS\vsnp325.exe
2014-02-09 06:51 - 2007-05-07 18:38 - 10343168 _____ (Sonix Co. Ltd.) C:\WINDOWS\system32\Drivers\snp325.sys
2014-02-09 06:51 - 2007-04-24 15:40 - 00057344 _____ ( ) C:\WINDOWS\system32\vsnp325.dll
2014-02-09 06:51 - 2007-04-21 09:30 - 00270336 _____ () C:\WINDOWS\tsnp325.exe
2014-02-09 06:51 - 2007-02-12 14:50 - 00020480 _____ () C:\WINDOWS\FixCamera.exe
2014-02-09 06:51 - 2006-07-03 10:31 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\amcap.exe
2014-02-09 06:51 - 2006-04-12 12:11 - 00147456 _____ ( ) C:\WINDOWS\system32\rsnp325.dll
2014-02-09 06:51 - 2004-02-27 17:36 - 00015498 _____ () C:\WINDOWS\snp325.ini
2014-02-09 06:51 - 2004-02-27 17:36 - 00013023 _____ () C:\WINDOWS\snp325.src
2014-02-07 18:27 - 2014-02-07 18:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-02-07 18:27 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-02-07 18:27 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-02-07 18:27 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-02-07 18:27 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-02-07 18:27 - 2013-12-18 20:46 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-02-07 18:26 - 2014-02-07 18:27 - 00005105 _____ () C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log
2014-02-05 21:34 - 2014-02-05 21:34 - 00000000 ____D () C:\Documents and Settings\goran\Local Settings\Application Data\Xpom
2014-02-05 07:29 - 2014-02-05 07:29 - 05556104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-02-02 07:20 - 2014-02-02 07:22 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\TP-LINK
2014-02-02 07:20 - 2014-02-02 07:20 - 00001908 _____ () C:\Documents and Settings\All Users\Desktop\TP-LINK Wireless Configuration Utility.lnk
2014-02-02 07:20 - 2014-02-02 07:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TP-LINK
2014-02-02 07:19 - 2014-02-02 07:19 - 00000000 ____D () C:\Program Files\TP-LINK
2014-02-02 07:19 - 2011-12-26 14:47 - 01269854 _____ (Devicescape) C:\WINDOWS\system32\dsa.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00499796 _____ (Atheros) C:\WINDOWS\system32\acs.exe
2014-02-02 07:19 - 2011-12-26 14:47 - 00422000 _____ () C:\WINDOWS\system32\wgapi.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00405504 _____ (Atheros) C:\WINDOWS\system32\wcapi.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00360539 _____ (Atheros) C:\WINDOWS\system32\wcapiU.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00311390 _____ (Atheros) C:\WINDOWS\system32\athcfg20U.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00262216 _____ () C:\WINDOWS\system32\IPTests.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00254022 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\wsfwDS.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00249924 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\wsimd.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00237568 _____ (Atheros) C:\WINDOWS\system32\athcfg20.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00127079 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\athcfg20resU.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00127053 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\athcfg20res.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00082017 _____ (Devicescape, Inc.) C:\WINDOWS\system32\dsaNac.dll
2014-02-02 07:19 - 2011-12-26 14:47 - 00058208 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\wsimd.sys
2014-02-02 07:19 - 2011-12-26 14:47 - 00058208 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\wsimd.sys
2014-02-02 07:19 - 2011-12-26 14:47 - 00042067 _____ () C:\WINDOWS\system32\wsimdp.cat
2014-02-02 07:19 - 2011-12-26 14:47 - 00042052 _____ () C:\WINDOWS\system32\wsimd.cat
2014-02-02 07:19 - 2011-12-26 14:46 - 00405582 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\jswscsup.dll
2014-02-02 07:19 - 2011-12-26 14:46 - 00057440 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\jswscimd.sys
2014-02-02 07:19 - 2011-12-26 14:46 - 00057440 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\jswscimd.sys
2014-02-02 07:19 - 2011-12-26 14:46 - 00035967 _____ () C:\WINDOWS\system32\jswscimdp.cat
2014-02-02 07:19 - 2011-12-26 14:46 - 00035538 _____ () C:\WINDOWS\system32\jswscimd.cat
2014-02-02 07:18 - 2012-10-18 15:04 - 01763584 ____N (Atheros Communications, Inc.) C:\WINDOWS\system32\athuw.sys
2014-02-02 07:18 - 2012-10-18 15:04 - 01763584 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athuw.sys
2014-02-02 07:18 - 2012-10-18 15:04 - 00007554 ____N () C:\WINDOWS\system32\netathuw.cat
2014-02-02 07:08 - 2014-02-02 07:08 - 00003398 _____ () C:\WINDOWS\system32\PerfStringBackup.TMP
2014-02-01 11:58 - 2014-02-01 11:58 - 00000000 ____D () C:\Documents and Settings\goran\Local Settings\Application Data\WMTools Downloaded Files
2014-01-31 19:04 - 2014-02-03 20:16 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\Yandex
2014-01-31 19:04 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Local Settings\Application Data\Opera
2014-01-31 19:04 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Local Settings\Application Data\Chromium
2014-01-31 19:04 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\Opera Software
2014-01-31 19:04 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\Opera
2014-01-31 19:01 - 2014-02-03 07:50 - 00000000 ____D () C:\The KMPlayer

==================== One Month Modified Files and Folders =======

2014-02-17 16:13 - 2014-02-17 16:13 - 00000000 ____D () C:\FRST
2014-02-17 16:09 - 2014-01-15 13:04 - 00000998 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-117609710-920026266-839522115-1003UA.job
2014-02-17 16:06 - 2013-09-25 09:40 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\Skype
2014-02-17 15:56 - 2013-11-15 19:38 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 15:56 - 2013-09-12 23:01 - 00334679 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-17 15:55 - 2013-09-13 00:17 - 00000000 ____D () C:\WINDOWS\system32\Drivers\Avg
2014-02-17 15:49 - 2013-11-15 19:38 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-17 15:49 - 2013-09-27 11:29 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-17 15:49 - 2013-09-27 11:29 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-02-17 15:49 - 2013-09-12 23:07 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-17 07:55 - 2013-10-22 22:06 - 00524288 _____ () C:\WINDOWS\system32\config\ACS.evt
2014-02-17 07:55 - 2013-09-12 23:08 - 00000178 ___SH () C:\Documents and Settings\goran\ntuser.ini
2014-02-17 07:55 - 2013-09-12 23:07 - 00032630 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-17 07:29 - 2013-10-11 06:06 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-920026266-839522115-1003UA.job
2014-02-17 07:28 - 2013-09-13 02:09 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-17 06:29 - 2013-10-11 06:06 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-920026266-839522115-1003Core.job
2014-02-16 18:40 - 2014-02-16 19:24 - 00688992 ____R (Swearware) C:\Documents and Settings\goran\Desktop\dds.pif
2014-02-16 18:39 - 2014-02-16 18:39 - 00000000 ___HD () C:\WINDOWS\PIF
2014-02-16 17:31 - 2013-09-12 23:41 - 00001125 _____ () C:\WINDOWS\winamp.ini
2014-02-16 06:19 - 2014-02-16 06:19 - 00001773 _____ () C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 06:19 - 2014-02-16 06:19 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 06:19 - 2014-02-16 06:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
2014-02-15 13:09 - 2014-01-15 13:04 - 00000976 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-117609710-920026266-839522115-1003Core.job
2014-02-15 12:36 - 2013-11-15 22:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-15 08:32 - 2014-02-15 08:31 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-11 06:23 - 2013-09-12 23:53 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\Mozilla
2014-02-09 10:33 - 2013-09-13 00:46 - 00000000 ____D () C:\WINDOWS\security
2014-02-09 06:52 - 2013-09-12 23:59 - 01113003 _____ () C:\WINDOWS\setupapi.log
2014-02-09 06:51 - 2014-02-09 06:51 - 00000000 ____D () C:\Program Files\Common Files\snp325
2014-02-09 06:51 - 2014-02-09 06:51 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\InstallShield
2014-02-09 06:51 - 2013-09-13 00:46 - 00000000 ____D () C:\WINDOWS\twain_32
2014-02-09 06:51 - 2008-04-14 09:00 - 00000923 _____ () C:\WINDOWS\win.ini
2014-02-08 06:36 - 2013-09-25 09:40 - 00002267 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-02-07 18:27 - 2014-02-07 18:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-02-07 18:27 - 2014-02-07 18:26 - 00005105 _____ () C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log
2014-02-07 18:27 - 2013-09-12 23:13 - 00000000 ____D () C:\Program Files\Java
2014-02-05 21:34 - 2014-02-05 21:34 - 00000000 ____D () C:\Documents and Settings\goran\Local Settings\Application Data\Xpom
2014-02-05 09:24 - 2013-12-04 18:25 - 00010233 _____ () C:\WINDOWS\tsoc.log
2014-02-05 09:24 - 2013-12-04 18:25 - 00006588 _____ () C:\WINDOWS\comsetup.log
2014-02-05 09:24 - 2013-12-04 18:25 - 00004291 _____ () C:\WINDOWS\ntdtcsetup.log
2014-02-05 09:24 - 2013-12-04 18:25 - 00003758 _____ () C:\WINDOWS\netfxocm.log
2014-02-05 09:24 - 2013-12-04 18:25 - 00001891 _____ () C:\WINDOWS\imsins.log
2014-02-05 09:24 - 2013-12-04 18:25 - 00001569 _____ () C:\WINDOWS\MedCtrOC.log
2014-02-05 09:24 - 2013-12-04 18:25 - 00001153 _____ () C:\WINDOWS\ocmsn.log
2014-02-05 09:24 - 2013-12-04 18:25 - 00001097 _____ () C:\WINDOWS\msgsocm.log
2014-02-05 09:24 - 2013-12-04 18:25 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2014-02-05 09:24 - 2013-12-04 18:24 - 00020011 _____ () C:\WINDOWS\iis6.log
2014-02-05 09:24 - 2013-12-04 18:24 - 00019158 _____ () C:\WINDOWS\FaxSetup.log
2014-02-05 09:24 - 2013-12-04 18:24 - 00013194 _____ () C:\WINDOWS\ocgen.log
2014-02-05 09:23 - 2013-12-04 18:25 - 00005628 _____ () C:\WINDOWS\msmqinst.log
2014-02-05 09:23 - 2013-09-12 23:03 - 00001607 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-02-05 09:22 - 2013-09-12 23:03 - 00001507 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-02-05 08:33 - 2013-11-15 19:42 - 00001809 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-02-05 07:29 - 2014-02-05 07:29 - 05556104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-02-05 07:29 - 2013-09-12 23:55 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 07:29 - 2013-09-12 23:55 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-04 20:15 - 2008-04-14 09:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-03 20:16 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\Yandex
2014-02-03 19:31 - 2013-09-13 00:29 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-02-03 07:50 - 2014-01-31 19:01 - 00000000 ____D () C:\The KMPlayer
2014-02-02 07:22 - 2014-02-02 07:20 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\TP-LINK
2014-02-02 07:20 - 2014-02-02 07:20 - 00001908 _____ () C:\Documents and Settings\All Users\Desktop\TP-LINK Wireless Configuration Utility.lnk
2014-02-02 07:20 - 2014-02-02 07:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TP-LINK
2014-02-02 07:19 - 2014-02-02 07:19 - 00000000 ____D () C:\Program Files\TP-LINK
2014-02-02 07:19 - 2013-09-12 23:16 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-02 07:18 - 2013-10-22 22:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TP-LINK
2014-02-02 07:08 - 2014-02-02 07:08 - 00003398 _____ () C:\WINDOWS\system32\PerfStringBackup.TMP
2014-02-01 21:29 - 2013-12-25 17:52 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2014-02-01 11:58 - 2014-02-01 11:58 - 00000000 ____D () C:\Documents and Settings\goran\Local Settings\Application Data\WMTools Downloaded Files
2014-02-01 11:51 - 2013-09-13 00:52 - 00575608 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-31 19:04 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Local Settings\Application Data\Opera
2014-01-31 19:04 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Local Settings\Application Data\Chromium
2014-01-31 19:04 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\Opera Software
2014-01-31 19:04 - 2014-01-31 19:04 - 00000000 ____D () C:\Documents and Settings\goran\Application Data\Opera
2014-01-31 19:02 - 2013-09-12 23:56 - 00000550 _____ () C:\Documents and Settings\goran\Desktop\KMPlayer.lnk
2014-01-31 19:02 - 2013-09-12 23:56 - 00000000 ____D () C:\Documents and Settings\goran\Start Menu\Programs\The KMPlayer
2014-01-30 09:33 - 2013-11-05 20:03 - 00921624 _____ () C:\img2-001.raw

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2008-04-14 09:00] - [2008-04-14 09:00] - 0399360 ____A (Microsoft Corporation) 2589fe6015a316c0f5d5112b4da7b509

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Dopuna: 17 Feb 2014 16:34

mycity.rs/must-login.png

Dopuna: 17 Feb 2014 16:36

jeli to taj dokument

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Koliko vidim, koristis nelegalnu/modifikovanu verziju sistema, tako da ti ja ne mogu pomoci, jer neki od alata na rade.

offline
  • Pridružio: 11 Jan 2014
  • Poruke: 22

sta da radim

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Prvo instaliraj regularnu verziju Windowsa, pa onda zatrazi pomoc na forumu.

17 Feb 2014 20:07 TwinHeadedEagle Zaključavanje topica Razlog: Odgovoreno je, dalja diskusija nema svrhu  
Ko je trenutno na forumu
 

Ukupno su 1400 korisnika na forumu :: 43 registrovanih, 11 sakrivenih i 1346 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Ageofloneliness, antonije64, Boris BM, Brana01, CikaKURE, darkangel, Dorcolac, draganca, Dukelander, dzoni19, Excalibur13, Georgius, gmlale, hyla, janbo, Kibice, kolle.the.kid, ladro, lord sir giga, Lošmi, Luka Blažević, Magistar78, Mcdado, mercedesamg, Metanoja, milimoj, Milometer, Misirac, Mixelotti, mocnijogurt, Nemanja.M, raptorsi, Smajser, Stanlio, stegonosa, Toper, Vlad000, Vlada1389, vladulns, yrraf, zbazin, zlaya011