LinkBucks / ultrafiles.net problem

1

LinkBucks / ultrafiles.net problem

offline
  • Pridružio: 20 Feb 2014
  • Poruke: 15

Napisano: 20 Feb 2014 21:39

Pojavljuje se dok surfujem, klikom na neki link (nema pravila) otvara mi ovu napast i pokreće download. Svašta sam pokušao, AdwCleaner pa Malwarebytes Anti-Malware pa HitmanPro...Ništa nije pomoglo, doduše, blokira automatski download ali i dalje mi iskače LinkBucks (ultrafiles.net). Uradio sam reinstalaciju OS sa formatiranjem diska i ništa. Pozajmio sam od drugara lap top koji nije imao taj problem, čak ga nije ni koristio u zadnjih mesec dana, čim sam se povezao na net - LinkBucks!

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514
Run by Vlada at 21:24:48 on 2014-02-20
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.1014.275 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.1.20
TCP: Interfaces\{0CB11838-0A65-46C7-AA90-4B531E1D5439} : DHCPNameServer = 192.168.1.20
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2014-2-20 217600]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
.
=============== Created Last 30 ================
.
2014-02-20 23:53:33 -------- d-----w- c:\windows\Panther
2014-02-20 23:44:44 -------- d-sh--w- C:\Boot
2014-02-20 18:52:16 -------- d-----w- c:\users\vlada\appdata\local\Diagnostics
2014-02-20 18:29:14 7947048 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{995eec52-30e5-469a-822e-08ed6a9c90cb}\mpengine.dll
2014-02-20 18:29:13 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-02-20 18:22:21 -------- d-----w- c:\users\vlada\appdata\local\Skype
2014-02-20 18:21:37 -------- d-----r- c:\program files\Skype
2014-02-20 18:21:12 -------- d-sh--w- c:\windows\Installer
2014-02-20 18:20:39 1002008 ----a-w- c:\windows\system32\igxpun.exe
2014-02-20 18:20:39 -------- d-----w- c:\windows\system32\x64
2014-02-20 18:19:19 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2014-02-20 18:19:19 826880 ----a-w- c:\windows\system32\rdpcore.dll
2014-02-20 18:19:18 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-02-20 18:19:18 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-02-20 18:08:57 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-02-20 18:08:47 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-02-20 18:08:28 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-02-20 18:08:28 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-02-20 18:00:20 45056 ----a-w- c:\windows\system32\unwlsdrv.exe
2014-02-20 18:00:20 217600 ----a-w- c:\windows\system32\drivers\sis163u.sys
.
==================== Find3M ====================
.
.
============= FINISH: 21:25:13,46 ===============

mycity.rs/must-login.png

Dopuna: 20 Feb 2014 22:00



Dopuna: 20 Feb 2014 22:00

Orion internet

Dopuna: 20 Feb 2014 22:08

3.8 / 2.6 Mbps

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6101

Pozdrav,


Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.


dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor;
pričekati koji trenutak dok alat proverava postoji li novija verzija;
pod Optional Scan sekciji, štikliraj Shortcut.txt polja;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatna dva izveštaja (Addition.txt i Shortcut.txt);
okači oba dodatna izveštaja uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 20 Feb 2014
  • Poruke: 15

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014
Ran by Vlada (administrator) on VLADA-PC on 21-02-2014 08:07:35
Running from C:\Users\Vlada\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================


==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8D644A50672ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20

========================== Services (Whitelisted) =================


==================== Drivers (Whitelisted) ====================

R3 SIS163u; C:\Windows\System32\DRIVERS\sis163u.sys [217600 2006-07-03] (Silicon Integrated Systems Corp.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 mbr; \??\C:\Users\Vlada\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-21 08:07 - 2014-02-21 08:08 - 00002308 _____ () C:\Users\Vlada\Desktop\FRST.txt
2014-02-21 07:50 - 2014-02-21 08:07 - 00000000 ____D () C:\FRST
2014-02-21 07:48 - 2014-02-21 07:49 - 01142784 _____ (Farbar) C:\Users\Vlada\Desktop\FRST.exe
2014-02-21 00:59 - 2014-02-21 08:08 - 01891678 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 00:58 - 2014-02-21 00:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-02-21 00:56 - 2014-02-21 00:59 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-02-21 00:53 - 2014-02-20 18:45 - 00000000 ____D () C:\Windows\Panther
2014-02-21 00:44 - 2014-02-21 00:53 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-21 00:44 - 2010-11-20 22:29 - 00383786 __RSH () C:\bootmgr
2014-02-20 21:25 - 2014-02-20 21:25 - 00005007 _____ () C:\Users\Vlada\Desktop\dds.txt
2014-02-20 21:25 - 2014-02-20 21:25 - 00001009 _____ () C:\Users\Vlada\Desktop\attach.txt
2014-02-20 21:24 - 2014-02-20 21:24 - 00688992 ____R (Swearware) C:\Users\Vlada\Desktop\dds.scr
2014-02-20 19:29 - 2013-12-18 06:13 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-02-20 19:22 - 2014-02-20 20:40 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Skype
2014-02-20 19:22 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Local\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ___RD () C:\Program Files\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-20 19:20 - 2014-02-20 19:20 - 00000000 ____D () C:\Windows\system32\x64
2014-02-20 19:20 - 2009-09-23 19:30 - 01002008 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe
2014-02-20 19:19 - 2012-02-17 06:34 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-02-20 19:19 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-02-20 19:19 - 2012-02-17 05:14 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-02-20 19:19 - 2012-02-17 05:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-02-20 19:09 - 2014-02-20 19:09 - 00436175 __RSH () C:\ULTBK
2014-02-20 19:08 - 2014-02-20 19:08 - 00057560 _____ () C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 19:08 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-02-20 19:08 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-02-20 19:08 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-02-20 19:08 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-02-20 19:08 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-02-20 19:08 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-20 19:00 - 2006-07-03 17:11 - 00217600 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sis163u.sys
2014-02-20 19:00 - 2006-05-25 15:02 - 00045056 _____ () C:\Windows\system32\unwlsdrv.exe
2014-02-20 18:46 - 2014-02-20 18:46 - 00001413 _____ () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-20 18:45 - 2014-02-20 18:46 - 00000000 ____D () C:\Users\Vlada
2014-02-20 18:45 - 2014-02-20 18:45 - 00000020 ___SH () C:\Users\Vlada\ntuser.ini
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 __SHD () C:\Recovery
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada\AppData\Local\VirtualStore
2014-02-20 18:45 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-20 18:45 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

2014-02-21 08:08 - 2014-02-21 08:07 - 00002308 _____ () C:\Users\Vlada\Desktop\FRST.txt
2014-02-21 08:08 - 2014-02-21 00:59 - 01891678 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 08:07 - 2014-02-21 07:50 - 00000000 ____D () C:\FRST
2014-02-21 07:49 - 2014-02-21 07:48 - 01142784 _____ (Farbar) C:\Users\Vlada\Desktop\FRST.exe
2014-02-21 07:46 - 2009-07-14 05:39 - 00026638 _____ () C:\Windows\setupact.log
2014-02-21 00:59 - 2014-02-21 00:56 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-02-21 00:58 - 2014-02-21 00:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-02-21 00:56 - 2010-11-21 01:46 - 00000000 ____D () C:\Windows\CSC
2014-02-21 00:56 - 2009-07-14 05:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-02-21 00:56 - 2009-07-14 05:33 - 00266808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-21 00:53 - 2014-02-21 00:44 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-21 00:53 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-02-21 00:53 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-02-20 23:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-20 21:25 - 2014-02-20 21:25 - 00005007 _____ () C:\Users\Vlada\Desktop\dds.txt
2014-02-20 21:25 - 2014-02-20 21:25 - 00001009 _____ () C:\Users\Vlada\Desktop\attach.txt
2014-02-20 21:24 - 2014-02-20 21:24 - 00688992 ____R (Swearware) C:\Users\Vlada\Desktop\dds.scr
2014-02-20 20:49 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 20:49 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 20:46 - 2010-11-20 22:01 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-20 20:42 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-20 20:40 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Skype
2014-02-20 19:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-20 19:22 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Local\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ___RD () C:\Program Files\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-20 19:20 - 2014-02-20 19:20 - 00000000 ____D () C:\Windows\system32\x64
2014-02-20 19:09 - 2014-02-20 19:09 - 00436175 __RSH () C:\ULTBK
2014-02-20 19:08 - 2014-02-20 19:08 - 00057560 _____ () C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 19:08 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-20 19:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-20 18:57 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-20 18:46 - 2014-02-20 18:46 - 00001413 _____ () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-20 18:46 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada
2014-02-20 18:45 - 2014-02-21 00:53 - 00000000 ____D () C:\Windows\Panther
2014-02-20 18:45 - 2014-02-20 18:45 - 00000020 ___SH () C:\Users\Vlada\ntuser.ini
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 __SHD () C:\Recovery
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada\AppData\Local\VirtualStore
2014-02-20 18:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Recovery

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-20 20:29

==================== End Of Log ============================



mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6101

Pozdrav,

Arrow Ne koristi USB memorijske uredjaje dok ti to ne zatrazim.

Imaj na umu da je ovaj malware koji si ti postavio svez, nova varijanta malware. Jos nam nije poznat ovaj malware u potpunosti te prikupljamo i sve moguce informacije.

Vlada_Koja ::Pozajmio sam od drugara lap top koji nije imao taj problem, čak ga nije ni koristio u zadnjih mesec dana, čim sam se povezao na net - LinkBucks!

Cek' da razjasnimo. Kada si od drugara pozajmio laptop (koji nije imao problem) i kada si ga povezao na internet, sta se onda desilo? Da li je i taj laptop dobio isti "LinkBucks!" problem? Kada kazes "cim sam se povezao na net" hoces da kazes da si ga povezao za svoj ruter/modem ?

Da li ti je poznat ovaj folder?
F:\laptop


--- --- --- --- --- --- --- --- ---
Arrow FRST Fix
--- ---


1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:
Start
Folder: C:\Windows\system32\x64
Folder: C:\ULTBK
File: C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\20120829_125711.lnk
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\download.lnk
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\laptop.lnk
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\ultrafiles.net.lnk
F:\laptop\20120829_125711.jpg
C:\Users\Vlada\Desktop\ultrafiles.net.jpg
End

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.





--- --- --- --- --- --- --- --- ---
Arrow FRSTScan
--- ---


Ponovo pokreni FRST . . .
dvoklikom pokreni program...
pričekati koji trenutak dok alat proverava postoji li novija verzija;
pod Optional Scan sekciji, štikliraj Shortcut.txt polje;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
alat bi trebao formirati i dodatni izveštaj (Shortcut.txt);
okači Shortcut.txt izveštaj uz poruku koristeći opciju Prikači fajl





--- --- --- --- --- --- --- --- ---
Arrow Zoek Scan
--- ---



Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

QuickScan;
SilentRunners;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Okači zoek-results.log izveštaj uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 20 Feb 2014
  • Poruke: 15

Zdravo,
lap top sam pozajmio juče, hteo sam da proverim da li će se i na njemu pojaviti ovaj LinkBucks / Ultrafiles pošto znam da nije uključivan bar mesec dana. Kad sam ga uključio i povezao se bežično na moj ruter, počeo da surfujem i pojavio se isti LinkBucks / Ultrafiles.
F:\Laptop je folder na prenosivom hard disku. Sve datoteke sam sačuvao na eksterni hard pre reinstalacije W7. Nakon reinstalacije sam priključio eksterni hard.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-02-2014
Ran by Vlada at 2014-02-21 18:16:47 Run:1
Running from C:\Users\Vlada\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
Folder: C:\Windows\system32\x64
Folder: C:\ULTBK
File: C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\20120829_125711.lnk
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\download.lnk
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\laptop.lnk
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\ultrafiles.net.lnk
F:\laptop\20120829_125711.jpg
C:\Users\Vlada\Desktop\ultrafiles.net.jpg
End
*****************


========================= Folder: C:\Windows\system32\x64 ========================


====== End of Folder: ======


========================= Folder: C:\ULTBK ========================

2014-02-20 19:09 - 2014-02-20 19:09 - 0436175 __RSH () C:\ULTBK

====== End of Folder: ======


========================= File: C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT ========================

MD5: FEB670D9FFB1EF411E559B6BC34DF0A2
Creation and modification date: 2014-02-20 19:08 - 2014-02-20 19:08
Size: 0057560
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:

====== End Of File: ======

C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\20120829_125711.lnk => Moved successfully.
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\download.lnk => Moved successfully.
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\laptop.lnk => Moved successfully.
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Recent\ultrafiles.net.lnk => Moved successfully.
"F:\laptop\20120829_125711.jpg" => File/Directory not found.
C:\Users\Vlada\Desktop\ultrafiles.net.jpg => Moved successfully.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014
Ran by Vlada (administrator) on VLADA-PC on 21-02-2014 18:18:40
Running from C:\Users\Vlada\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\LogonUI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================


==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8D644A50672ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20

========================== Services (Whitelisted) =================


==================== Drivers (Whitelisted) ====================

R3 SIS163u; C:\Windows\System32\DRIVERS\sis163u.sys [217600 2006-07-03] (Silicon Integrated Systems Corp.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-21 18:10 - 2014-02-21 18:10 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Adobe
2014-02-21 10:12 - 2012-07-26 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-02-21 10:12 - 2012-07-26 04:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-02-21 10:12 - 2012-07-26 04:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-02-21 10:12 - 2012-07-26 04:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-02-21 10:12 - 2012-07-26 04:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-02-21 10:12 - 2012-07-26 03:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-02-21 10:12 - 2012-07-26 03:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-02-21 10:12 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-02-21 10:11 - 2012-03-01 06:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-02-21 10:11 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-02-21 10:08 - 2014-02-21 10:10 - 00003604 _____ () C:\Windows\IE9_main.log
2014-02-21 09:56 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-02-21 09:56 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-21 09:49 - 2014-02-21 09:49 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-21 09:49 - 2014-02-21 09:49 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-21 09:49 - 2014-02-21 09:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-21 09:49 - 2014-02-21 09:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-21 09:49 - 2014-02-21 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-21 09:48 - 2014-02-21 09:48 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-21 09:48 - 2014-02-21 09:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-02-21 09:48 - 2014-02-21 09:48 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-02-21 09:48 - 2014-02-21 09:48 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-02-21 09:48 - 2014-02-21 09:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-02-21 09:46 - 2014-02-21 09:46 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-21 09:44 - 2014-02-21 09:52 - 00013878 _____ () C:\Windows\IE11_main.log
2014-02-21 09:44 - 2014-02-21 09:44 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-02-21 08:13 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-02-21 08:13 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-02-21 08:13 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-02-21 08:13 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-02-21 08:13 - 2013-07-09 05:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-02-21 08:13 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-02-21 08:13 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-21 08:13 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-02-21 08:13 - 2013-04-12 14:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-02-21 08:13 - 2012-11-22 05:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-02-21 08:13 - 2012-08-22 18:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-02-21 08:13 - 2012-07-04 20:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-02-21 08:13 - 2011-04-29 03:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-02-21 08:13 - 2011-04-29 03:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-02-21 08:13 - 2011-04-29 03:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-02-21 08:12 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-02-21 08:12 - 2013-02-12 04:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-02-21 08:12 - 2013-01-24 05:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-02-21 08:12 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-02-21 08:12 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-02-21 08:12 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-02-21 08:11 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-02-21 08:11 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-02-21 08:11 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-02-21 08:11 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-02-21 08:11 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-02-21 08:11 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-02-21 08:11 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-02-21 08:11 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-02-21 08:11 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-02-21 08:11 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-02-21 08:11 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-02-21 08:11 - 2011-03-03 06:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-02-21 08:11 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-02-21 08:10 - 2014-02-21 08:10 - 00017615 _____ () C:\Users\Vlada\Desktop\Shortcut.txt
2014-02-21 08:10 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-21 08:10 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-21 08:10 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-21 08:10 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-02-21 08:10 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-21 08:10 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-21 08:10 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-21 08:10 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-21 08:10 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-21 08:10 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-02-21 08:10 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-02-21 08:10 - 2013-04-10 06:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-02-21 08:10 - 2013-03-19 05:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-02-21 08:10 - 2013-03-19 04:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-02-21 08:10 - 2012-08-21 21:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-02-21 08:10 - 2012-04-28 04:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-02-21 08:10 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-02-21 08:10 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-02-21 08:10 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-02-21 08:10 - 2011-07-09 03:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-02-21 08:10 - 2011-05-24 11:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-02-21 08:10 - 2011-04-27 03:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-02-21 08:10 - 2011-04-27 03:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-02-21 08:09 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-21 08:09 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-02-21 08:09 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-21 08:09 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-02-21 08:09 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-02-21 08:09 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-02-21 08:09 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-02-21 08:09 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-02-21 08:09 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-02-21 08:09 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-02-21 08:09 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-02-21 08:09 - 2013-02-15 05:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-21 08:09 - 2013-02-15 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-02-21 08:09 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-21 08:09 - 2012-11-01 05:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-02-21 08:09 - 2011-08-27 05:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-02-21 08:09 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-02-21 08:09 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-02-21 08:08 - 2014-02-21 08:10 - 00004065 _____ () C:\Users\Vlada\Desktop\Addition.txt
2014-02-21 08:08 - 2012-10-03 17:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-02-21 08:08 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-02-21 08:08 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-02-21 08:08 - 2012-10-03 17:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-02-21 08:08 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-02-21 08:08 - 2012-10-03 17:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-02-21 08:08 - 2012-10-03 16:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-02-21 08:08 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-02-21 08:08 - 2012-05-05 08:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-02-21 08:08 - 2011-11-19 15:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-02-21 08:08 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-02-21 08:08 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-02-21 08:08 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-02-21 08:08 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-02-21 08:08 - 2011-02-12 06:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-02-21 08:07 - 2014-02-21 18:18 - 00002323 _____ () C:\Users\Vlada\Desktop\FRST.txt
2014-02-21 08:07 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-21 08:07 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-21 08:07 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-02-21 08:07 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-02-21 08:07 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-02-21 08:07 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-02-21 08:07 - 2013-07-04 10:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-02-21 08:07 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-02-21 08:07 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-02-21 08:07 - 2012-08-11 00:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-02-21 08:07 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-02-21 08:07 - 2012-07-04 22:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-02-21 08:07 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-02-21 08:07 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-02-21 08:07 - 2011-10-26 05:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-02-21 08:07 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-02-21 08:07 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-02-21 08:07 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-02-21 08:07 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-02-21 08:06 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-21 08:06 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-02-21 08:06 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-02-21 08:06 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-02-21 08:06 - 2012-05-01 05:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-02-21 08:06 - 2012-04-26 05:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-02-21 08:06 - 2012-04-26 05:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-02-21 08:06 - 2012-04-26 05:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-02-21 08:06 - 2012-04-07 12:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-02-21 08:06 - 2012-03-17 08:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-02-21 08:06 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-02-21 08:06 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-02-21 08:04 - 2013-08-05 02:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-02-21 08:04 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-21 08:04 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-02-21 08:03 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-02-21 08:03 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-02-21 08:03 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-02-21 08:03 - 2012-05-14 05:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-02-21 08:02 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-02-21 08:02 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-02-21 08:02 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-02-21 08:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-02-21 08:01 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-02-21 08:01 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-02-21 08:01 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-02-21 07:59 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-02-21 07:59 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-02-21 07:58 - 2011-02-23 05:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-02-21 07:57 - 2013-08-02 02:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-02-21 07:57 - 2013-08-02 02:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-02-21 07:57 - 2013-08-02 02:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 01:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-02-21 07:57 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-02-21 07:57 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-02-21 07:57 - 2012-11-28 23:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-02-21 07:57 - 2012-11-28 23:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-02-21 07:57 - 2012-11-28 23:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-02-21 07:57 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-02-21 07:56 - 2011-04-22 20:14 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-02-21 07:55 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-21 07:54 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-21 07:54 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-21 07:54 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-21 07:54 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-21 07:54 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-21 07:54 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-21 07:54 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-21 07:54 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-21 07:54 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-21 07:54 - 2013-06-15 04:40 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-02-21 07:54 - 2013-06-15 04:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-02-21 07:50 - 2014-02-21 18:18 - 00000000 ____D () C:\FRST
2014-02-21 07:50 - 2013-02-27 06:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-02-21 07:50 - 2013-02-27 05:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-02-21 07:48 - 2014-02-21 07:49 - 01142784 _____ (Farbar) C:\Users\Vlada\Desktop\FRST.exe
2014-02-21 00:59 - 2014-02-21 14:14 - 01971499 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 00:58 - 2014-02-21 00:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-02-21 00:56 - 2014-02-21 00:59 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-02-21 00:53 - 2014-02-20 18:45 - 00000000 ____D () C:\Windows\Panther
2014-02-21 00:44 - 2014-02-21 00:53 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-21 00:44 - 2010-11-20 22:29 - 00383786 __RSH () C:\bootmgr
2014-02-20 21:25 - 2014-02-20 21:25 - 00005007 _____ () C:\Users\Vlada\Desktop\dds.txt
2014-02-20 21:25 - 2014-02-20 21:25 - 00001009 _____ () C:\Users\Vlada\Desktop\attach.txt
2014-02-20 21:24 - 2014-02-20 21:24 - 00688992 ____R (Swearware) C:\Users\Vlada\Desktop\dds.scr
2014-02-20 19:29 - 2013-12-18 06:13 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-02-20 19:22 - 2014-02-20 20:40 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Skype
2014-02-20 19:22 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Local\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ___RD () C:\Program Files\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-20 19:20 - 2014-02-20 19:20 - 00000000 ____D () C:\Windows\system32\x64
2014-02-20 19:20 - 2009-09-23 19:30 - 01002008 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe
2014-02-20 19:19 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-02-20 19:19 - 2012-02-17 05:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-02-20 19:09 - 2014-02-20 19:09 - 00436175 __RSH () C:\ULTBK
2014-02-20 19:08 - 2014-02-20 19:08 - 00057560 _____ () C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 19:08 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-02-20 19:08 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-02-20 19:08 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-02-20 19:08 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-02-20 19:08 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-02-20 19:08 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-20 19:00 - 2006-07-03 17:11 - 00217600 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sis163u.sys
2014-02-20 19:00 - 2006-05-25 15:02 - 00045056 _____ () C:\Windows\system32\unwlsdrv.exe
2014-02-20 18:46 - 2014-02-20 18:46 - 00001413 _____ () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-20 18:45 - 2014-02-20 18:46 - 00000000 ____D () C:\Users\Vlada
2014-02-20 18:45 - 2014-02-20 18:45 - 00000020 ___SH () C:\Users\Vlada\ntuser.ini
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 __SHD () C:\Recovery
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada\AppData\Local\VirtualStore
2014-02-20 18:45 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-20 18:45 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

2014-02-21 18:18 - 2014-02-21 08:07 - 00002323 _____ () C:\Users\Vlada\Desktop\FRST.txt
2014-02-21 18:18 - 2014-02-21 07:50 - 00000000 ____D () C:\FRST
2014-02-21 18:11 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-21 18:10 - 2014-02-21 18:10 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Adobe
2014-02-21 18:10 - 2014-02-21 00:59 - 01971499 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 14:19 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-21 14:15 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-21 14:15 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-21 14:12 - 2010-11-20 22:01 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 14:08 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-21 14:08 - 2009-07-14 05:39 - 00026806 _____ () C:\Windows\setupact.log
2014-02-21 14:05 - 2009-07-14 05:33 - 00268128 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-21 14:02 - 2010-11-21 01:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-02-21 14:02 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-21 10:10 - 2014-02-21 10:08 - 00003604 _____ () C:\Windows\IE9_main.log
2014-02-21 09:52 - 2014-02-21 09:44 - 00013878 _____ () C:\Windows\IE11_main.log
2014-02-21 09:49 - 2014-02-21 09:49 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-21 09:49 - 2014-02-21 09:49 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-21 09:49 - 2014-02-21 09:49 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-21 09:49 - 2014-02-21 09:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-21 09:49 - 2014-02-21 09:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-21 09:49 - 2014-02-21 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-21 09:48 - 2014-02-21 09:48 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-21 09:48 - 2014-02-21 09:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-02-21 09:48 - 2014-02-21 09:48 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-02-21 09:48 - 2014-02-21 09:48 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-02-21 09:48 - 2014-02-21 09:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-02-21 09:46 - 2014-02-21 09:46 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-21 09:44 - 2014-02-21 09:44 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-02-21 08:10 - 2014-02-21 08:10 - 00017615 _____ () C:\Users\Vlada\Desktop\Shortcut.txt
2014-02-21 08:10 - 2014-02-21 08:08 - 00004065 _____ () C:\Users\Vlada\Desktop\Addition.txt
2014-02-21 07:49 - 2014-02-21 07:48 - 01142784 _____ (Farbar) C:\Users\Vlada\Desktop\FRST.exe
2014-02-21 00:59 - 2014-02-21 00:56 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-02-21 00:58 - 2014-02-21 00:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-02-21 00:56 - 2010-11-21 01:46 - 00000000 ____D () C:\Windows\CSC
2014-02-21 00:56 - 2009-07-14 05:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-02-21 00:53 - 2014-02-21 00:44 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-21 00:53 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-02-21 00:53 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-02-20 21:25 - 2014-02-20 21:25 - 00005007 _____ () C:\Users\Vlada\Desktop\dds.txt
2014-02-20 21:25 - 2014-02-20 21:25 - 00001009 _____ () C:\Users\Vlada\Desktop\attach.txt
2014-02-20 21:24 - 2014-02-20 21:24 - 00688992 ____R (Swearware) C:\Users\Vlada\Desktop\dds.scr
2014-02-20 20:40 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Skype
2014-02-20 19:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-20 19:22 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Local\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ___RD () C:\Program Files\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-20 19:20 - 2014-02-20 19:20 - 00000000 ____D () C:\Windows\system32\x64
2014-02-20 19:09 - 2014-02-20 19:09 - 00436175 __RSH () C:\ULTBK
2014-02-20 19:08 - 2014-02-20 19:08 - 00057560 _____ () C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 19:08 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-20 19:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-20 18:46 - 2014-02-20 18:46 - 00001413 _____ () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-20 18:46 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada
2014-02-20 18:45 - 2014-02-21 00:53 - 00000000 ____D () C:\Windows\Panther
2014-02-20 18:45 - 2014-02-20 18:45 - 00000020 ___SH () C:\Users\Vlada\ntuser.ini
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 __SHD () C:\Recovery
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada\AppData\Local\VirtualStore
2014-02-20 18:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Recovery

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-20 20:29

==================== End Of Log ============================
==== End of Fixlog ====
mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6101

Vlada_Koja ::Zdravo,
lap top sam pozajmio juče, hteo sam da proverim da li će se i na njemu pojaviti ovaj LinkBucks / Ultrafiles pošto znam da nije uključivan bar mesec dana. Kad sam ga uključio i povezao se bežično na moj ruter, počeo da surfujem i pojavio se isti LinkBucks / Ultrafiles.
F:\Laptop je folder na prenosivom hard disku. Sve datoteke sam sačuvao na eksterni hard pre reinstalacije W7. Nakon reinstalacije sam priključio eksterni hard.



Ok, da li si taj externi HDD kacio bar na kratko na taj laptop?

Jasno ti je da i taj laptop mozemo proveriti, otvori zasebnu temu u Ambulanti i neko od nas ce i taj laptop proveriti?

Znaci cisto da ponovom, USB uredjaje (tu spada i taj HDD) cemo proveriti kasnije. Imas nesto sto se zove browser hijacker ali ovo je neka nova i modifikovana verzija.

Reci mi da li je problem prestao nakon izvrsenog FRST fix-a?


Ovako, ovaj fix se sastoji iz tri dela.
- prvi je pokretanje malog alata koji se zove shortcut-cleaner.
- drugi korak je pokretanje zoek preko date scripte.
- treci korak je ponovno pokretanje zoek alata ali preko druge date skripte.






--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---
1. Arrow Shortcut-Cleaner
--- ---




Preuzmi shortcut-cleaner alat na desktop i pokreni ga dvoklikom.
http://www.bleepingcomputer.com/download/shortcut-cleaner/
Posle kratkotrajnog skeniranja bice formiran izvestaj. Iskopiraj sadrzaj tog izvestaja na forum.




--- --- --- --- --- --- --- --- --- ---
2. Arrow Zoek Script
--- ---


Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:

C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT;F
ShortcutFix;
AutoClean;




Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.







--- --- --- --- --- --- --- --- --- ---
3. Arrow Zoek Script
--- ---


Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:

LinkBucks;a
LinkBucks;z
ultrafiles;a
ultrafiles;z




Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.

offline
  • Pridružio: 20 Feb 2014
  • Poruke: 15

Napisano: 21 Feb 2014 20:19

Shortcut Cleaner 1.2.8 by Lawrence Abrams (Grinler)
bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 02/21/2014 08:17:35 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Vlada\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Vlada\Desktop


0 bad shortcuts found.

Program finished at: 02/21/2014 08:17:36 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

Dopuna: 21 Feb 2014 20:35

Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Vlada on pet 21.02.2014 at 20:19:17,22.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vlada\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-21-172951.log 67639 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Users\Vlada\AppData\Local\GDIPFONTCACHEV1.DAT" deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files\WinRAR\WhatsNew.txt
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk - C:\Program Files\DVD Maker\DVDMaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk - C:\Windows\system32\mblctr.exe /open
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk - C:\Windows\system32\NetProj.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk - C:\Windows\system32\SnippingTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk - C:\Program Files\Windows Journal\Journal.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk - C:\Windows\system32\printmanagement.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk - C:\Windows\system32\secpol.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files\WinRAR\WhatsNew.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Vlada\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Vlada\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Vlada\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Vlada\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Vlada\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Vlada\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== Empty IE Cache ======================

C:\Users\Vlada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vlada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=0 57671 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Vlada\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Vlada\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on pet 21.02.2014 at 20:32:59,57 ======================

Dopuna: 21 Feb 2014 20:41

Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Vlada on pet 21.02.2014 at 20:35:17,41.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vlada\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-21-172951.log 67639 bytes
C:\zoek-results2014-02-21-193259.log 8623 bytes

==== Folders Found ======================


==== Files Found ======================


--- C:\Users\Vlada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0KXMIL8\LinkBucks-ultrafiles-net-problem[1].htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 178859
Created time: 2014-02-21 19:33:41
Modified time: 2014-02-21 19:33:42
MD5: AC115A170160F506219C6B76F5C110A2
SHA1: 4A0FBBDF1424B41C503600CE449F3381167CE654


--- C:\FRST\Quarantine\ultrafiles.net.jpg21-02-2014_18-16-47 ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 287125
Created time: 2014-02-20 20:58:44
Modified time: 2014-02-20 20:58:44
MD5: A7B3EB01A4EC1266924AEE8EAA68091F
SHA1: 6696EB93E030D8BC2860E1EB7728E74C34A563C1


--- C:\FRST\Quarantine\ultrafiles.net.lnk21-02-2014_18-16-47 ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 592
Created time: 2014-02-20 20:58:44
Modified time: 2014-02-20 20:58:44
MD5: 256E5DA5A3D25C49B448873F6BE3B7AB
SHA1: 18A4E3E470722A35A9421F2ED54E059DD572EFEF


--- C:\Users\Vlada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0KXMIL8\LinkBucks-ultrafiles-net-problem[1].htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 178859
Created time: 2014-02-21 19:33:41
Modified time: 2014-02-21 19:33:42
MD5: AC115A170160F506219C6B76F5C110A2
SHA1: 4A0FBBDF1424B41C503600CE449F3381167CE654


--- C:\Users\Vlada\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\R2KVSNX6\363130_tmb_81937060_ultrafiles.net[1].jpg ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 4560
Created time: 2014-02-21 19:33:43
Modified time: 2014-02-21 19:33:43
MD5: 31D957C07D68792732C72BA878698F84
SHA1: 84A142B002A4B2CFE6CC44FC486C3DC429D81330


--- C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Cookies\vlada@ultrafiles[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 119
Created time: 2014-02-20 18:52:43
Modified time: 2014-02-20 18:52:43
MD5: 08B9093ECBCC3C89AE08596F9AE87493
SHA1: 8BEA5DE310A2EEE835D07F643BF24CBC6CC343C9


==== Registry Search Results for "LinkBucks" ======================

No instances of string "LinkBucks" found.

==== Registry Search Results for "ultrafiles" ======================


[HKEY_USERS\S-1-5-21-676029768-2690018794-971018009-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\\Users\\Vlada\\Desktop\\ultrafiles.net.jpg"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=0 57671 bytes)

==== EOF on pet 21.02.2014 at 20:39:06,23 ======================

Dopuna: 21 Feb 2014 20:47

Posle svega ovoga sam probao malo da surfujem i isti djavo.
Taj drugi lap top koji sam pozajmio da probam, nisam povezivao sa eksternim hard diskom. Na njemu je bio instaliran XP (ako nešto znači). Lap top je vraćen.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6101

Arrow Pokreni sada zoek preko ove skripte, sacekaj da zavrsi rad i dozvoli mu restart.
SRInfo;
ipconfig /all >> %temp%\log.txt;b
nslookup google.com >> %temp%\log.txt;b
nslookup yahoo.com >> %temp%\log.txt;b
ping -n 2 google.com >> %temp%\log.txt;b
ping -n 2 yahoo.com >> %temp%\log.txt;b
route print >> %temp%\log.txt;b
ResetIEproxy;
ipconfig /flushdns >> %temp%\log.txt;b
IEDefaults;
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Cookies\vlada@ultrafiles[1].txt;f
[HKEY_USERS\S-1-5-21-676029768-2690018794-971018009-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List];r
"File1"="";r
EmptyAllTemp;

Po restartu okaci mi uz poruku svez zoek log (ne treba da ih kopiras).



--- --- --- --- --- --- --- ---




Arrow Ponovo pokreni FRST, stikliraj opciju za formiranje Addition.txt i Shortcut.txt loga i klikni na Scan dugme.
FRST.txt => iskopiraj u poruku
Addition.txt i Shortcut.txt => prikaci ih uz poruku



>> Takodje mi reci ima li nekih poboljsanja?
Isto tako, ako mozes da se setis sta si radio/skidao pre nego sto si dobio ovu infekciju. Ili bilo kakav dodatan info koji je mozda bitan ili nebitan..?

offline
  • Pridružio: 20 Feb 2014
  • Poruke: 15

Napisano: 22 Feb 2014 7:51

mycity.rs/must-login.png

Dopuna: 22 Feb 2014 7:53

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014
Ran by Vlada (administrator) on VLADA-PC on 22-02-2014 07:50:48
Running from C:\Users\Vlada\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================


==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8D644A50672ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20

========================== Services (Whitelisted) =================


==================== Drivers (Whitelisted) ====================

R3 SIS163u; C:\Windows\System32\DRIVERS\sis163u.sys [217600 2006-07-03] (Silicon Integrated Systems Corp.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-22 07:45 - 2014-02-22 07:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-22 07:45 - 2014-02-21 20:39 - 00003739 _____ () C:\zoek-results2014-02-21-193906.log
2014-02-22 07:44 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-22 07:44 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-22 07:44 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-22 07:44 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-22 07:44 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-22 07:44 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-22 07:44 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-22 07:44 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-22 07:44 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-22 07:44 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-22 07:44 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-22 07:44 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-22 07:44 - 2014-02-06 10:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-22 07:44 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-22 07:44 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-22 07:44 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-22 07:44 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-22 07:44 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-22 07:44 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-22 07:44 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-22 07:44 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-22 07:43 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-21 20:35 - 2014-02-21 20:32 - 00008623 _____ () C:\zoek-results2014-02-21-193259.log
2014-02-21 20:19 - 2014-02-21 18:29 - 00067639 _____ () C:\zoek-results2014-02-21-172951.log
2014-02-21 20:17 - 2014-02-21 20:17 - 00001788 _____ () C:\sc-cleaner.txt
2014-02-21 20:15 - 2014-02-21 20:15 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Vlada\Desktop\sc-cleaner.exe
2014-02-21 18:28 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-21 18:28 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-21 18:28 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-21 18:28 - 2013-04-17 08:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-02-21 18:28 - 2012-02-11 06:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-02-21 18:28 - 2011-03-11 06:39 - 00148864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-02-21 18:28 - 2011-03-11 06:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-02-21 18:28 - 2011-03-11 06:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-02-21 18:28 - 2011-03-11 06:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-02-21 18:28 - 2011-03-11 06:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-02-21 18:28 - 2011-03-11 06:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-02-21 18:28 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-02-21 18:28 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-02-21 18:28 - 2011-03-11 05:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-02-21 18:28 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-02-21 18:23 - 2014-02-22 07:48 - 00011248 _____ () C:\zoek-results.log
2014-02-21 18:22 - 2014-02-22 07:45 - 00000000 ____D () C:\zoek_backup
2014-02-21 18:22 - 2014-02-21 18:22 - 00000000 ____D () C:\Users\Vlada\Desktop\New folder
2014-02-21 18:20 - 2014-02-21 18:20 - 01284608 _____ () C:\Users\Vlada\Desktop\zoek.exe
2014-02-21 18:10 - 2014-02-21 18:10 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Adobe
2014-02-21 10:12 - 2012-07-26 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-02-21 10:12 - 2012-07-26 04:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-02-21 10:12 - 2012-07-26 04:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-02-21 10:12 - 2012-07-26 04:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-02-21 10:12 - 2012-07-26 04:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-02-21 10:12 - 2012-07-26 03:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-02-21 10:12 - 2012-07-26 03:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-02-21 10:12 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-02-21 10:11 - 2012-03-01 06:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-02-21 10:11 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-02-21 10:08 - 2014-02-21 10:10 - 00003604 _____ () C:\Windows\IE9_main.log
2014-02-21 09:56 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-02-21 09:56 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-21 09:49 - 2014-02-21 09:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-21 09:49 - 2014-02-21 09:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-21 09:49 - 2014-02-21 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-21 09:48 - 2014-02-21 09:48 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-21 09:48 - 2014-02-21 09:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-02-21 09:48 - 2014-02-21 09:48 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-02-21 09:48 - 2014-02-21 09:48 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-02-21 09:48 - 2014-02-21 09:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-02-21 09:46 - 2014-02-21 09:46 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-21 09:44 - 2014-02-21 09:52 - 00013878 _____ () C:\Windows\IE11_main.log
2014-02-21 09:44 - 2014-02-21 09:44 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-02-21 08:13 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-02-21 08:13 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-02-21 08:13 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-02-21 08:13 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-02-21 08:13 - 2013-07-09 05:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-02-21 08:13 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-02-21 08:13 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-21 08:13 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-02-21 08:13 - 2013-04-12 14:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-02-21 08:13 - 2012-11-22 05:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-02-21 08:13 - 2012-08-22 18:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-02-21 08:13 - 2012-07-04 20:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-02-21 08:13 - 2011-04-29 03:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-02-21 08:13 - 2011-04-29 03:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-02-21 08:13 - 2011-04-29 03:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-02-21 08:12 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-02-21 08:12 - 2013-02-12 04:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-02-21 08:12 - 2013-01-24 05:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-02-21 08:12 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-02-21 08:12 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-02-21 08:12 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-02-21 08:11 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-02-21 08:11 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-02-21 08:11 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-02-21 08:11 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-02-21 08:11 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-02-21 08:11 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-02-21 08:11 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-02-21 08:11 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-02-21 08:11 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-02-21 08:11 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-02-21 08:11 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-02-21 08:11 - 2011-03-03 06:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-02-21 08:11 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-02-21 08:10 - 2014-02-21 18:19 - 00017526 _____ () C:\Users\Vlada\Desktop\Shortcut.txt
2014-02-21 08:10 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-21 08:10 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-21 08:10 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-21 08:10 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-02-21 08:10 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-21 08:10 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-21 08:10 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-21 08:10 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-21 08:10 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-21 08:10 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-02-21 08:10 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-02-21 08:10 - 2013-04-10 06:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-02-21 08:10 - 2013-03-19 05:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-02-21 08:10 - 2013-03-19 04:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-02-21 08:10 - 2012-08-21 21:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-02-21 08:10 - 2012-04-28 04:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-02-21 08:10 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-02-21 08:10 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-02-21 08:10 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-02-21 08:10 - 2011-07-09 03:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-02-21 08:10 - 2011-05-24 11:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-02-21 08:10 - 2011-04-27 03:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-02-21 08:10 - 2011-04-27 03:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-02-21 08:09 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-21 08:09 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-02-21 08:09 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-21 08:09 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-02-21 08:09 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-02-21 08:09 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-02-21 08:09 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-02-21 08:09 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-02-21 08:09 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-02-21 08:09 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-02-21 08:09 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-02-21 08:09 - 2013-02-15 05:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-21 08:09 - 2013-02-15 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-02-21 08:09 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-21 08:09 - 2012-11-01 05:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-02-21 08:09 - 2011-08-27 05:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-02-21 08:09 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-02-21 08:09 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-02-21 08:08 - 2014-02-21 08:10 - 00004065 _____ () C:\Users\Vlada\Desktop\Addition.txt
2014-02-21 08:08 - 2012-10-03 17:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-02-21 08:08 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-02-21 08:08 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-02-21 08:08 - 2012-10-03 17:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-02-21 08:08 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-02-21 08:08 - 2012-10-03 17:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-02-21 08:08 - 2012-10-03 16:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-02-21 08:08 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-02-21 08:08 - 2012-05-05 08:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-02-21 08:08 - 2011-11-19 15:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-02-21 08:08 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-02-21 08:08 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-02-21 08:08 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-02-21 08:08 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-02-21 08:08 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-02-21 08:08 - 2011-02-12 06:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-02-21 08:07 - 2014-02-22 07:50 - 00002420 _____ () C:\Users\Vlada\Desktop\FRST.txt
2014-02-21 08:07 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-21 08:07 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-21 08:07 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-02-21 08:07 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-02-21 08:07 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-02-21 08:07 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-02-21 08:07 - 2013-07-04 10:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-02-21 08:07 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-02-21 08:07 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-02-21 08:07 - 2012-08-11 00:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-02-21 08:07 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-02-21 08:07 - 2012-07-04 22:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-02-21 08:07 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-02-21 08:07 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-02-21 08:07 - 2011-10-26 05:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-02-21 08:07 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-02-21 08:07 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-02-21 08:07 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-02-21 08:07 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-02-21 08:06 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-21 08:06 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-02-21 08:06 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-02-21 08:06 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-02-21 08:06 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-02-21 08:06 - 2012-05-01 05:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-02-21 08:06 - 2012-04-26 05:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-02-21 08:06 - 2012-04-26 05:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-02-21 08:06 - 2012-04-26 05:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-02-21 08:06 - 2012-04-07 12:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-02-21 08:06 - 2012-03-17 08:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-02-21 08:06 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-02-21 08:06 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-02-21 08:06 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-02-21 08:04 - 2013-08-05 02:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-02-21 08:04 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-21 08:04 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-02-21 08:03 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-02-21 08:03 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-02-21 08:03 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-02-21 08:03 - 2012-05-14 05:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-02-21 08:02 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-02-21 08:02 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-02-21 08:02 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-02-21 08:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-02-21 08:01 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-02-21 08:01 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-02-21 08:01 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-02-21 07:59 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-02-21 07:59 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-02-21 07:58 - 2011-02-23 05:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-02-21 07:57 - 2013-08-02 02:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-02-21 07:57 - 2013-08-02 02:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-02-21 07:57 - 2013-08-02 02:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 01:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-02-21 07:57 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-02-21 07:57 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-02-21 07:57 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-02-21 07:57 - 2012-11-28 23:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-02-21 07:57 - 2012-11-28 23:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-02-21 07:57 - 2012-11-28 23:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-02-21 07:57 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-02-21 07:56 - 2011-04-22 20:14 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-02-21 07:55 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-21 07:55 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-21 07:54 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-21 07:54 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-21 07:54 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-21 07:54 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-21 07:54 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-21 07:54 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-21 07:54 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-21 07:54 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-21 07:54 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-21 07:54 - 2013-06-15 04:40 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-02-21 07:54 - 2013-06-15 04:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-02-21 07:50 - 2014-02-22 07:50 - 00000000 ____D () C:\FRST
2014-02-21 07:50 - 2013-02-27 06:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-02-21 07:50 - 2013-02-27 05:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-02-21 07:48 - 2014-02-21 07:49 - 01142784 _____ (Farbar) C:\Users\Vlada\Desktop\FRST.exe
2014-02-21 00:59 - 2014-02-22 07:46 - 01226644 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 00:58 - 2014-02-21 00:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-02-21 00:56 - 2014-02-21 00:59 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-02-21 00:53 - 2014-02-20 18:45 - 00000000 ____D () C:\Windows\Panther
2014-02-21 00:44 - 2014-02-21 00:53 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-21 00:44 - 2010-11-20 22:29 - 00383786 __RSH () C:\bootmgr
2014-02-20 21:25 - 2014-02-20 21:25 - 00005007 _____ () C:\Users\Vlada\Desktop\dds.txt
2014-02-20 21:25 - 2014-02-20 21:25 - 00001009 _____ () C:\Users\Vlada\Desktop\attach.txt
2014-02-20 21:24 - 2014-02-20 21:24 - 00688992 ____R (Swearware) C:\Users\Vlada\Desktop\dds.scr
2014-02-20 19:29 - 2013-12-18 06:13 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-02-20 19:22 - 2014-02-20 20:40 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Skype
2014-02-20 19:22 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Local\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ___RD () C:\Program Files\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-20 19:20 - 2014-02-20 19:20 - 00000000 ____D () C:\Windows\system32\x64
2014-02-20 19:20 - 2009-09-23 19:30 - 01002008 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe
2014-02-20 19:19 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-02-20 19:19 - 2012-02-17 05:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-02-20 19:09 - 2014-02-20 19:09 - 00436175 __RSH () C:\ULTBK
2014-02-20 19:08 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-02-20 19:08 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-02-20 19:08 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-02-20 19:08 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-02-20 19:08 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-02-20 19:08 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-02-20 19:08 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-20 19:00 - 2006-07-03 17:11 - 00217600 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sis163u.sys
2014-02-20 19:00 - 2006-05-25 15:02 - 00045056 _____ () C:\Windows\system32\unwlsdrv.exe
2014-02-20 18:46 - 2014-02-20 18:46 - 00001413 _____ () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-20 18:45 - 2014-02-20 18:46 - 00000000 ____D () C:\Users\Vlada
2014-02-20 18:45 - 2014-02-20 18:45 - 00000020 ___SH () C:\Users\Vlada\ntuser.ini
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 __SHD () C:\Recovery
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada\AppData\Local\VirtualStore
2014-02-20 18:45 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-20 18:45 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

2014-02-22 07:51 - 2014-02-21 08:07 - 00002420 _____ () C:\Users\Vlada\Desktop\FRST.txt
2014-02-22 07:50 - 2014-02-21 07:50 - 00000000 ____D () C:\FRST
2014-02-22 07:50 - 2014-02-21 00:59 - 01226644 _____ () C:\Windows\WindowsUpdate.log
2014-02-22 07:48 - 2014-02-21 18:23 - 00011248 _____ () C:\zoek-results.log
2014-02-22 07:47 - 2010-11-20 22:48 - 00006360 _____ () C:\Windows\PFRO.log
2014-02-22 07:47 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-22 07:47 - 2009-07-14 05:39 - 00026918 _____ () C:\Windows\setupact.log
2014-02-22 07:47 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 07:47 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 07:45 - 2014-02-21 18:22 - 00000000 ____D () C:\zoek_backup
2014-02-22 07:44 - 2014-02-22 07:45 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-21 20:39 - 2014-02-22 07:45 - 00003739 _____ () C:\zoek-results2014-02-21-193906.log
2014-02-21 20:38 - 2010-11-20 22:01 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 20:32 - 2014-02-21 20:35 - 00008623 _____ () C:\zoek-results2014-02-21-193259.log
2014-02-21 20:17 - 2014-02-21 20:17 - 00001788 _____ () C:\sc-cleaner.txt
2014-02-21 20:15 - 2014-02-21 20:15 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Vlada\Desktop\sc-cleaner.exe
2014-02-21 18:29 - 2014-02-21 20:19 - 00067639 _____ () C:\zoek-results2014-02-21-172951.log
2014-02-21 18:22 - 2014-02-21 18:22 - 00000000 ____D () C:\Users\Vlada\Desktop\New folder
2014-02-21 18:20 - 2014-02-21 18:20 - 01284608 _____ () C:\Users\Vlada\Desktop\zoek.exe
2014-02-21 18:19 - 2014-02-21 08:10 - 00017526 _____ () C:\Users\Vlada\Desktop\Shortcut.txt
2014-02-21 18:11 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-21 18:10 - 2014-02-21 18:10 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Adobe
2014-02-21 14:19 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-21 14:05 - 2009-07-14 05:33 - 00268128 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-21 14:02 - 2010-11-21 01:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-02-21 14:02 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-02-21 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-21 10:10 - 2014-02-21 10:08 - 00003604 _____ () C:\Windows\IE9_main.log
2014-02-21 09:52 - 2014-02-21 09:44 - 00013878 _____ () C:\Windows\IE11_main.log
2014-02-21 09:49 - 2014-02-21 09:49 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-21 09:49 - 2014-02-21 09:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-21 09:49 - 2014-02-21 09:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-21 09:49 - 2014-02-21 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-21 09:49 - 2014-02-21 09:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-21 09:49 - 2014-02-21 09:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-21 09:48 - 2014-02-21 09:48 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-21 09:48 - 2014-02-21 09:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-02-21 09:48 - 2014-02-21 09:48 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-02-21 09:48 - 2014-02-21 09:48 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-02-21 09:48 - 2014-02-21 09:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-02-21 09:46 - 2014-02-21 09:46 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-21 09:46 - 2014-02-21 09:46 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-21 09:44 - 2014-02-21 09:44 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-02-21 08:10 - 2014-02-21 08:08 - 00004065 _____ () C:\Users\Vlada\Desktop\Addition.txt
2014-02-21 07:49 - 2014-02-21 07:48 - 01142784 _____ (Farbar) C:\Users\Vlada\Desktop\FRST.exe
2014-02-21 00:59 - 2014-02-21 00:56 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-02-21 00:58 - 2014-02-21 00:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-02-21 00:56 - 2010-11-21 01:46 - 00000000 ____D () C:\Windows\CSC
2014-02-21 00:56 - 2009-07-14 05:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-02-21 00:53 - 2014-02-21 00:44 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-21 00:53 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-02-21 00:53 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-02-20 21:25 - 2014-02-20 21:25 - 00005007 _____ () C:\Users\Vlada\Desktop\dds.txt
2014-02-20 21:25 - 2014-02-20 21:25 - 00001009 _____ () C:\Users\Vlada\Desktop\attach.txt
2014-02-20 21:24 - 2014-02-20 21:24 - 00688992 ____R (Swearware) C:\Users\Vlada\Desktop\dds.scr
2014-02-20 20:40 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Skype
2014-02-20 19:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-20 19:22 - 2014-02-20 19:22 - 00000000 ____D () C:\Users\Vlada\AppData\Local\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ___RD () C:\Program Files\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-20 19:21 - 2014-02-20 19:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-20 19:20 - 2014-02-20 19:20 - 00000000 ____D () C:\Windows\system32\x64
2014-02-20 19:09 - 2014-02-20 19:09 - 00436175 __RSH () C:\ULTBK
2014-02-20 19:08 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-20 19:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-20 18:46 - 2014-02-20 18:46 - 00001413 _____ () C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-20 18:46 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada
2014-02-20 18:45 - 2014-02-21 00:53 - 00000000 ____D () C:\Windows\Panther
2014-02-20 18:45 - 2014-02-20 18:45 - 00000020 ___SH () C:\Users\Vlada\ntuser.ini
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 __SHD () C:\Recovery
2014-02-20 18:45 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Vlada\AppData\Local\VirtualStore
2014-02-20 18:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Recovery
2014-02-06 11:38 - 2014-02-22 07:44 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:20 - 2014-02-22 07:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:19 - 2014-02-22 07:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:01 - 2014-02-22 07:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:00 - 2014-02-22 07:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-22 07:44 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 10:52 - 2014-02-22 07:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:52 - 2014-02-22 07:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-22 07:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:47 - 2014-02-22 07:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:47 - 2014-02-22 07:44 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:46 - 2014-02-22 07:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:34 - 2014-02-22 07:44 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:25 - 2014-02-22 07:44 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:25 - 2014-02-22 07:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:13 - 2014-02-22 07:44 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:09 - 2014-02-22 07:44 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:03 - 2014-02-22 07:44 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:41 - 2014-02-22 07:44 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:36 - 2014-02-22 07:44 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:34 - 2014-02-22 07:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-20 20:29

==================== End Of Log ============================

Dopuna: 22 Feb 2014 7:53

mycity.rs/must-login.png

Dopuna: 22 Feb 2014 7:55

Posle svega ovoga sam ponovo malo surfovao i opet je iskočio j...i linkbucks

Dopuna: 22 Feb 2014 8:20

Ovo je moj lični računar ali ga svuda nosim, pa i na posao. U pravilniku piše da računari koji su poslovni zaobiđu ovaj forum ali mislim da ovo nije taj slučaj. Ako ipak spada u kategoriju poslovnih, bez pogovora ću da platim šta košta.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6101

Pozdrav,

Citat:Ovo je moj lični računar ali ga svuda nosim, pa i na posao. U pravilniku piše da računari koji su poslovni zaobiđu ovaj forum ali mislim da ovo nije taj slučaj.
Jeste da je protiv pravilnika ali mene sada vise interesuje da pokusamo da pronadjemo izvor infekcije.
Stvar je u tome sto meni izvestaji izlaze cisti. U sistemu nema tragova infekcije, a ja nazalost ne mogu da popravim nesto sto ne vidim. U konsultaciji sa kolegama, nama se ovo cini kao menjanje DNS parametara u ruteru. Moze lako biti da je ruter izvor infekcije i redirekcije (DNS resolver)


S'toga, sada idemo ovako:
- Reset modema/rutera
- Skeniranje externog HDD i svih ostalih USB uredjaja koristeci MCShield




--- --- --- --- --- --- --- --- --- --- --- ---
Arrow Reset rutera.
--- ---



> Ugasi svoj racunar (i sve ostale racunare koje imas u svojoj lokalnoj mrezi)

- izvadi DSL (Lan) kabal iz rutera
- na poledjini rutera lociraj jedno malo dugme, tacnije rupica ... obicno pise 'Reset' a rupica je mala i dovoljno velika da olovka ili igla moze da stane u nju. Pritisni to dugme necin i drzi ~ od 10 do 30 sekundi.
// dok drzis to dugme, ruter i dalje treba da je pod naponom ...

- sada moras da sacekas lampice na rutertu a to moze da potraje i ~ 4 minuta.
- ubaci DLS (Lan) kabal nazad u ruter.


> Upali racunar. Sada radimo flush DNS-a preko komandne konzole.

Start > u polje za pretragu ukucaj CMD > otvori Command Prompt.

Kada ti se otvori crni prozor, u taj prozor upisi sledece i pritisni Enter

ipconfig /flushdns

primeti razmak izmedju "g" i "/"

Ponovo restartuj racunar.




--- --- --- --- --- --- --- --- --- --- --- ---
Arrow MCShield Scan
--- ---



Preuzmi MCShield sa sljedeće adrese:
http://www.mcshield.net/download/MCShield-Setup.exe

Instaliraj MCShield i sačekaj da se završi uvodno skeniranje.

Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani.

Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd.

Idi na Logs karticu u MCShield Control Center i pod AllScans.txt sekcijom klikni na dugme Save. Izvestaj pod nazivom AllScans.txt ce biti sacuvan na Desktop.



Iskopiraj sadrzaj tog izvestaja na forum.




--- --- --- --- --- --- --- --- --- --- --- ---



Reci mi ima li kakvih poboljsanja?

Ko je trenutno na forumu
 

Ukupno su 578 korisnika na forumu :: 2 registrovanih, 0 sakrivenih i 576 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Georgius, voja64