MyCity » Ambulanta -> Arhiva Ambulante » Ostadoh Bez RAM Memorije

Ostadoh Bez RAM Memorije

Napisano na dan: 7.1.2015
1

Ostadoh Bez RAM Memorije
Sledeća strana Pagination

Idi na vrh

Poslao: 07 Jan 2015 02:21
Idi na vrh
offline
  • Miljan Ilic
  • Pridružio: 18 Jun 2014
  • Poruke: 178

Pozdrav svima,
Evo pre neki dan radio sam nesto, skidao neke programe itf i napunio racunar neidentifikovanim stvarima koje vuku 100% RAM Memorije tako da kada otkucam neku recenicu pojavi se tek posle 1/2 minuta. Isto tako kada hocu nesto da obrisem ona kartica za delete ostaje 2-3 minuta nakon brisanja fajla. Kada ukljucim browser (msm. on se ukljuci sam 2-3 min nakon pokretanja racunara zbog neke stranice na ruskom) ukljucuju se neke reklame SavePass i Clkmoon i Clkoffers itd. Molim Vas da ukoliko na bilo koji nacin mozete da pomognete da pomognete jer ovako sa !GB RAM memorije necu jos dugo izdrzati. P.S. Zbog tih stvarcici gubim i internet konekciju pa mi upload brzina ok 25-60KB/s od mogucih 1024KB/S. uradio sam scan sa ESET Online Scanner i nasao je oko 30 virusa i potencionalno nezeljenih aplikacija koje je obrisao ali se problem nastavio. Sada sam ponovo uzeo Premium AVG licencu koja je bila istekla pa mi je sve bilo nezasticeno. AVG prijavljuje neke viruse ali ih ne moze izbrisati a ja ne mogu da vidim koji su. I u Task Manageru pri paljenju komjutera imam oko 50 procesa, a ranije je bilo oko 30, maks 40-45 na kraju dana posle celodnevnog koriscenja.


mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png







Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-01-2015
Ran by Miljan Ilic (administrator) on MINT on 07-01-2015 02:10:35
Running from C:\Documents and Settings\Miljan Ilic\Desktop
Loaded Profile: Miljan Ilic (Available profiles: Miljan Ilic & UpdatusUser)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Dropbox, Inc.) C:\Documents and Settings\Miljan Ilic\Application Data\Dropbox\bin\Dropbox.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgmfapx.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-01-31] ()
HKLM\...\Run: [Smapp] => C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [143360 2003-05-05] (Analog Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] ()
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [3081752 2015-01-07] ()
HKU\S-1-5-21-507921405-879983540-1417001333-1003\...\Run: [eM Client] => "C:\Program Files\eM Client\MailClient.exe" /startup
HKU\S-1-5-21-507921405-879983540-1417001333-1003\...\Run: [LightShot] => C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-507921405-879983540-1417001333-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-507921405-879983540-1417001333-1003\...\Run: [cpozxbdlvf] => cmd /c start simsimotkroysia.ru/
Startup: C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Miljan Ilic\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = sweet-page.com/web/?type=ds&ts=1417.....ZQY&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = sweet-page.com/web/?type=ds&ts=1417.....ZQY&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-507921405-879983540-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = mail.ru/cnt/10445?gp=blackbear1
HKU\S-1-5-21-507921405-879983540-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = sweet-page.com/web/?type=ds&ts=1417.....ZQY&q={searchTerms}
HKU\S-1-5-21-507921405-879983540-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = sweet-page.com/web/?type=ds&ts=1417.....ZQY&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-507921405-879983540-1417001333-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\windows\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-879983540-1417001333-1003 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={E9ED8FE0-3950-4C9A-B6E2-94D05E849E0D}&mid=4ce2e223a7c447cdbcd9d16e5f53e85f-b602d594afd2b0b327e07a06f36ca6a7e42546d0&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-07 01:30:41&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-507921405-879983540-1417001333-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-879983540-1417001333-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={E9ED8FE0-3950-4C9A-B6E2-94D05E849E0D}&mid=4ce2e223a7c447cdbcd9d16e5f53e85f-b602d594afd2b0b327e07a06f36ca6a7e42546d0&lang=sr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-07 01:30:41&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-507921405-879983540-1417001333-1003 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = go.mail.ru/search?q={SearchTerms}&fr=ntg
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0

FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-06] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-06] (globalUpdate) [File not signed]
S2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S2 vToolbarUpdater18.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [1850392 2015-01-07] (AVG Secure Search)
S2 WindowsMangerProtect; C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AR9271; C:\windows\System32\DRIVERS\athuw.sys [1714176 2010-01-05] (Atheros Communications, Inc.)
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\windows\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\windows\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\windows\System32\DRIVERS\avgidsdriverlx.sys [198936 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [43296 2015-01-07] (AVG Technologies)
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 gameenum; C:\windows\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 SISNIC; C:\windows\System32\DRIVERS\sisnic.sys [32768 2008-04-13] (SiS Corporation)
S3 STAC97; C:\windows\System32\drivers\STAC97.sys [273296 2005-04-14] (SigmaTel, Inc.) [File not signed]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

========================== Drivers MD5 =======================

C:\windows\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\windows\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\windows\System32\drivers\aeaudio.sys 11C04B17ED2ABBB4833694BCD644AC90
C:\windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\windows\System32\drivers\afd.sys 322D0E36693D6E24A2398BEE62A268CD
C:\windows\System32\DRIVERS\athuw.sys 8E2257584B2C52D44B4CB1949947D885
C:\windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\windows\System32\DRIVERS\avgdiskx.sys CB2C2B24BD7E64CFB2B24D401FF5BBC0
C:\windows\System32\DRIVERS\avgfwdx.sys 8BE661C16FBF84A73BCEC84B6B4A9DB5
C:\windows\System32\DRIVERS\avgfwdx.sys 8BE661C16FBF84A73BCEC84B6B4A9DB5
C:\windows\System32\DRIVERS\avgidsdriverlx.sys 0BAF28B3E27E7C3AD5844406CF470420
C:\windows\System32\DRIVERS\avgidshx.sys 6A019432682A6BD98B1548015CA7A4D4
C:\windows\System32\DRIVERS\avgidsshimx.sys 2429F7F025F63532B6B264D97E4ECA49
C:\windows\System32\DRIVERS\avgldx86.sys 9AFD535116E986D49877B811F3665E8E
C:\windows\System32\DRIVERS\avglogx.sys D94378757947E02AE9BC484DF196A44D
C:\windows\System32\DRIVERS\avgmfx86.sys 35DD83C14AA01F4817BA46A4D6B6A520
C:\windows\System32\DRIVERS\avgrkx86.sys F016B95273E0B1961F204F7FD2FFD811
C:\windows\System32\DRIVERS\avgtdix.sys 5A22A7A67BFB67D3223B7A339FC97780
C:\windows\system32\drivers\avgtpx86.sys B63C803D00D231392BE12F317F56F833
C:\windows\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\windows\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\windows\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\windows\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\windows\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\windows\System32\DRIVERS\ssudbus.sys 50D5624BB26AF7EAE92EF95F3C6E3CE7
C:\windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\windows\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\windows\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\windows\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\windows\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\windows\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\windows\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\windows\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\windows\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\windows\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\windows\System32\DRIVERS\gameenum.sys 065639773D8B03F33577F6CDAEA21063
C:\windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\windows\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9
C:\windows\system32\Drivers\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\windows\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\windows\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\windows\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\windows\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\windows\System32\DRIVERS\kbdhid.sys 9EF487A186DEA361AA06913A75B3FA99
C:\windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\windows\system32\Drivers\KSecDD.sys 1705745D900DABF2D89F90EBADDC7517
C:\windows\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\windows\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\windows\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\windows\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\windows\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\windows\System32\DRIVERS\mrxsmb.sys 68755F0FF16070178B54674FE5B847B0
C:\windows\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\windows\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\windows\system32\Drivers\Mup.sys 2F625D11385B1A94360BFC70AAEFDEE1
C:\windows\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\windows\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\windows\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\windows\System32\DRIVERS\ndistapi.sys 1AB3D00C991AB086E69DB84B6C0ED78F
C:\windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\windows\system32\Drivers\NDProxy.sys 6215023940CFD3702B46ABC304E1D45A
C:\windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\windows\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\windows\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\windows\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\windows\System32\DRIVERS\nv4_mini.sys 7C56F3FD65B2BDB315CA3605A5392D7B
C:\windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\windows\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\windows\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\windows\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\windows\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\windows\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\windows\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\windows\system32\Drivers\RDPWD.sys 6728E45B66F93C08F11DE2E316FC70DD
C:\windows\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\windows\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\windows\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\windows\System32\DRIVERS\sisnic.sys 3FBB6EF8B5A71A2FA11F5F461BB73219
C:\windows\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\windows\System32\drivers\smwdm.sys FA3368A7039F5ABAA4B933703AC34763
C:\windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\windows\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\windows\System32\DRIVERS\srv.sys 5252605079810904E31C332E241CD59B
C:\windows\System32\DRIVERS\ssudmdm.sys 9359AB8BEA059222742345ED63147222
C:\windows\System32\drivers\STAC97.sys EE74E3B1B521CEF8E8C9D008E4BDB45C
C:\windows\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\windows\System32\DRIVERS\tcpip.sys 93EA8D04EC73A85DB02EB8805988F733
C:\windows\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\windows\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\windows\System32\DRIVERS\uagp35.sys D85938F272D1BCF3DB3A31FC0A048928
C:\windows\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\windows\System32\drivers\usbaudio.sys E919708DB44ED8543A7C017953148330
C:\windows\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8
C:\windows\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7
C:\windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
C:\windows\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\windows\System32\Drivers\usbvideo.sys 63BBFCA7F390F4C49ED4B96BFB1633E0
C:\windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\windows\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\windows\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 02:10 - 2015-01-07 02:11 - 00023562 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\FRST.txt
2015-01-07 02:10 - 2015-01-07 02:10 - 00000000 ____D () C:\FRST
2015-01-07 01:53 - 2015-01-07 01:53 - 01115136 _____ (Farbar) C:\Documents and Settings\Miljan Ilic\Desktop\FRST.exe
2015-01-07 01:31 - 2015-01-07 01:32 - 00000651 _____ () C:\windows\system32\debug.log
2015-01-07 01:31 - 2015-01-07 01:31 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\AVG Web TuneUp
2015-01-07 01:31 - 2015-01-07 01:31 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\AVG Web TuneUp
2015-01-07 01:31 - 2015-01-07 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2015-01-07 01:30 - 2015-01-07 01:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Secure Search
2015-01-07 01:30 - 2015-01-07 01:28 - 00043296 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2015-01-07 01:29 - 2015-01-07 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Web TuneUp
2015-01-07 01:29 - 2015-01-07 01:30 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2015-01-07 01:29 - 2015-01-07 01:29 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2015-01-07 01:23 - 2015-01-07 01:24 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Avg_Update_1014av
2015-01-07 01:23 - 2015-01-07 01:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_1014av
2015-01-07 00:14 - 2015-01-07 00:14 - 02347384 _____ (ESET) C:\Documents and Settings\Miljan Ilic\Desktop\esetsmartinstaller_enu.exe
2015-01-06 21:32 - 2015-01-06 21:35 - 22559042 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Jingle Bells - Popular Christmas Songs For Kids.wav
2015-01-06 21:03 - 2015-01-06 21:05 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\pawno
2015-01-06 18:14 - 2013-07-09 04:21 - 225587255 ____N () C:\Documents and Settings\Miljan Ilic\Desktop\PDA_S5830i_XXMD1.tar.md5
2015-01-06 18:14 - 2013-07-09 04:21 - 11540537 ____N () C:\Documents and Settings\Miljan Ilic\Desktop\MODEM_S5830i_XXMD1.tar.md5
2015-01-06 18:14 - 2013-07-09 04:21 - 07403576 ____N () C:\Documents and Settings\Miljan Ilic\Desktop\CSC_S5830i_BTUMD1.tar.md5
2015-01-06 18:07 - 2015-01-06 18:14 - 141640427 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\S5830i_XXMD1_BTUMD1_XXMD1_by_SplitFUS2.zip
2015-01-06 17:27 - 2015-01-06 17:27 - 00203676 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Odin3-v1.85.zip
2015-01-06 16:49 - 2015-01-07 01:44 - 00002428 _____ () C:\windows\Tasks\5dd25e49-e804-4391-8f79-f8cbe2583311-5.job
2015-01-06 16:47 - 2015-01-07 01:44 - 00004822 _____ () C:\windows\Tasks\5dd25e49-e804-4391-8f79-f8cbe2583311-11.job
2015-01-06 16:47 - 2015-01-07 01:44 - 00003094 _____ () C:\windows\Tasks\5dd25e49-e804-4391-8f79-f8cbe2583311-1.job
2015-01-06 16:47 - 2015-01-07 01:44 - 00002092 _____ () C:\windows\Tasks\5dd25e49-e804-4391-8f79-f8cbe2583311-2.job
2015-01-06 16:47 - 2015-01-07 01:44 - 00000880 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-06 16:47 - 2015-01-07 01:08 - 00000000 ____D () C:\Program Files\SavePass 1.1
2015-01-06 16:47 - 2015-01-06 22:52 - 00000884 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-06 16:47 - 2015-01-06 16:47 - 00000000 ____D () C:\Program Files\Google
2015-01-06 16:47 - 2015-01-06 16:47 - 00000000 ____D () C:\Program Files\globalUpdate
2015-01-06 16:47 - 2015-01-06 16:47 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\globalUpdate
2015-01-06 16:34 - 2013-12-26 06:41 - 00184248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudmdm.sys
2015-01-06 16:34 - 2013-12-26 06:41 - 00088632 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudbus.sys
2015-01-06 16:27 - 2015-01-06 16:54 - 00091891 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\S5830IXXMC1_S5830IODDLK1_INU.zip
2015-01-06 16:21 - 2015-01-06 16:22 - 15477848 _____ (SAMSUNG Electronics Co., Ltd.) C:\Documents and Settings\Miljan Ilic\Desktop\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.33.0.exe
2015-01-06 12:11 - 2015-01-06 12:13 - 00000000 ____D () C:\Program Files\PhotoZoom Pro 5
2015-01-06 12:11 - 2015-01-06 12:11 - 00000768 _____ () C:\Documents and Settings\All Users\Desktop\PhotoZoom Pro 5.lnk
2015-01-05 23:01 - 2014-04-07 17:16 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\Bosna RolePlay 0.3z
2015-01-05 15:22 - 2015-01-05 15:58 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\Game Hosting Files
2015-01-04 21:53 - 2013-09-28 09:20 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\Anti DDos
2015-01-04 20:00 - 2015-01-04 20:00 - 00172301 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\ts3_clientui-win32-1407159763-2015-01-04 20_00_50.390625.dmp
2015-01-04 11:30 - 2015-01-04 12:35 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\San Diego RolePlay
2015-01-03 21:52 - 2015-01-03 22:05 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\.zenmap
2015-01-03 21:51 - 2015-01-03 21:51 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\Nmap
2015-01-03 21:50 - 2015-01-03 21:51 - 00000000 ____D () C:\Program Files\Nmap
2015-01-03 20:32 - 2015-01-03 20:35 - 00000000 ____D () C:\My Web Sites
2015-01-03 20:32 - 2015-01-03 20:32 - 00000000 ____D () C:\Program Files\WinHTTrack
2015-01-03 20:32 - 2015-01-03 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinHTTrack
2015-01-03 19:52 - 2015-01-03 19:52 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-03 19:52 - 2015-01-03 19:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sun
2015-01-03 19:51 - 2015-01-03 19:51 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Oracle
2015-01-03 19:50 - 2015-01-03 19:50 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Sun
2015-01-03 19:50 - 2015-01-03 19:49 - 00146432 _____ (Oracle Corporation) C:\windows\system32\javacpl.cpl
2015-01-03 19:50 - 2015-01-03 19:49 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-01-03 19:49 - 2015-01-03 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-01-03 19:48 - 2015-01-03 19:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2015-01-03 19:48 - 2015-01-03 19:48 - 00000000 ____D () C:\Program Files\Java
2015-01-03 19:46 - 2015-01-03 19:46 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Sun
2015-01-03 19:43 - 2015-01-03 19:43 - 00000000 ____D () C:\Program Files\DirBuster
2015-01-03 19:43 - 2015-01-03 19:43 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\DirBuster
2015-01-03 12:42 - 2015-01-03 12:42 - 00000104 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Shortcut to Internet.lnk
2015-01-02 23:49 - 2015-01-02 23:49 - 00000832 __RSH () C:\Documents and Settings\All Users\ntuser.pol
2015-01-02 22:31 - 2015-01-03 16:04 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Kometa
2015-01-02 22:27 - 2015-01-02 22:27 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Вoйти в Интeрнет 2inf.net
2015-01-02 22:22 - 2015-01-02 22:22 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\MailRu
2015-01-02 22:21 - 2015-01-02 22:21 - 00000000 ____D () C:\windows\system32\GroupPolicy
2015-01-02 22:20 - 2015-01-02 22:20 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Поиcк в Интeрнете
2015-01-02 22:19 - 2015-01-03 12:40 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\eTranslator
2015-01-02 22:18 - 2015-01-07 01:07 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\SystemDir
2015-01-02 22:16 - 2015-01-03 12:42 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Mail.Ru
2015-01-02 18:03 - 2015-01-02 18:04 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\Pamela
2015-01-02 18:03 - 2015-01-02 18:04 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Pamela
2015-01-02 18:03 - 2015-01-02 18:03 - 00197632 _____ (PamConsult GmbH) C:\windows\system32\RemoteControl.dll
2015-01-02 18:03 - 2015-01-02 18:03 - 00000000 ____D () C:\Program Files\Pamela
2015-01-02 18:03 - 2015-01-02 18:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Pamela
2015-01-02 17:45 - 2015-01-02 17:45 - 01666640 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\ts3_recording_15_01_02_17_44_53.wav
2015-01-02 13:26 - 2015-01-06 21:03 - 00000000 ____D () C:\Program Files\PawnPlus
2015-01-02 13:26 - 2015-01-06 21:03 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\PawnPlus
2015-01-02 13:26 - 2015-01-02 13:26 - 00000682 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\PawnPlus.lnk
2015-01-02 13:26 - 2015-01-02 13:26 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\PawnPlus
2015-01-02 13:26 - 2015-01-02 13:26 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\PawnPlus
2014-12-31 17:57 - 2014-12-31 17:57 - 00000000 ____D () C:\Program Files\AC3Filter
2014-12-31 17:57 - 2014-12-31 17:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AC3Filter
2014-12-31 17:57 - 2013-04-05 21:26 - 01679360 _____ () C:\windows\system32\ac3filter.acm
2014-12-31 17:51 - 2014-12-31 17:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\GRETECH
2014-12-31 17:50 - 2014-12-31 17:50 - 00000856 _____ () C:\Documents and Settings\Miljan Ilic\Start Menu\GOM Player.lnk
2014-12-31 17:50 - 2014-12-31 17:50 - 00000000 ____D () C:\Program Files\GRETECH
2014-12-31 17:50 - 2014-12-31 17:50 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\GRETECH
2014-12-31 17:50 - 2014-12-31 17:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\GOM Player
2014-12-31 15:01 - 2014-12-31 15:02 - 05437423 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\LARP By Teo .rar
2014-12-28 14:23 - 2014-12-28 14:23 - 00000000 ____D () C:\Internet
2014-12-28 14:21 - 2014-12-28 14:21 - 00000000 ____D () C:\Program Files\Offline Downloader
2014-12-28 14:21 - 2014-12-28 14:21 - 00000000 ____D () C:\install
2014-12-28 14:21 - 2014-12-28 14:21 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\Offline Downloader
2014-12-28 14:15 - 2015-01-07 01:08 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\TempImg
2014-12-28 14:15 - 2014-12-28 14:15 - 00000000 ____D () C:\Program Files\Full WebSite Downloader
2014-12-27 22:45 - 2015-01-01 14:23 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\cPanel
2014-12-27 20:54 - 2014-12-27 20:53 - 00090112 _____ () C:\windows\Minidump\Mini122714-01.dmp
2014-12-27 13:36 - 2015-01-04 20:12 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\TS3Client
2014-12-27 13:36 - 2014-12-27 13:36 - 00000837 _____ () C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk
2014-12-27 13:36 - 2014-12-27 13:36 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-12-27 13:36 - 2014-12-27 13:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamSpeak 3 Client
2014-12-26 21:36 - 2014-12-26 22:51 - 00003216 _____ () C:\serverporuke.amx
2014-12-26 18:25 - 2014-12-26 18:25 - 00000000 ___HD () C:\windows\PIF
2014-12-26 17:51 - 2014-12-27 17:56 - 00001456 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Adobe Save for Web 13.0 Prefs
2014-12-26 16:39 - 2014-12-26 17:41 - 00000132 _____ () C:\Documents and Settings\Miljan Ilic\Application Data\Adobe PNG Format CS6 Prefs
2014-12-26 16:06 - 2014-12-26 16:06 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\NVIDIA
2014-12-26 16:02 - 2014-12-26 16:02 - 00000854 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-12-26 16:02 - 2014-12-26 16:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
2014-12-26 16:01 - 2014-12-26 16:01 - 00000816 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-12-26 15:59 - 2014-12-26 16:01 - 00000000 ____D () C:\Program Files\Adobe
2014-12-26 15:59 - 2014-12-26 15:59 - 00001144 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-12-26 15:59 - 2014-12-26 15:59 - 00001000 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-12-25 22:10 - 2014-12-25 22:10 - 00002765 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\recently-used.xbel
2014-12-25 21:36 - 2014-12-25 22:10 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\gtk-2.0
2014-12-25 21:36 - 2014-12-25 21:36 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\.thumbnails
2014-12-25 21:33 - 2014-12-27 20:57 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\.gimp-2.8
2014-12-25 21:33 - 2014-12-25 21:33 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\gegl-0.2
2014-12-25 21:33 - 2014-12-25 21:33 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\fontconfig
2014-12-25 21:32 - 2014-12-25 21:32 - 00000734 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\GIMP 2.lnk
2014-12-25 21:27 - 2014-12-25 21:32 - 00000000 ____D () C:\Program Files\GIMP 2
2014-12-25 19:35 - 2015-01-07 01:24 - 00000000 ____D () C:\Program Files\Smart Saver
2014-12-25 19:35 - 2015-01-03 12:42 - 00000000 ____D () C:\Program Files\YYouttubeAdBLOcke
2014-12-25 19:34 - 2015-01-03 12:42 - 00000000 ____D () C:\Program Files\unisuales
2014-12-25 19:34 - 2014-12-25 19:34 - 00000000 ____D () C:\Program Files\unisalies
2014-12-25 19:34 - 2014-12-25 19:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\1362704075943363357
2014-12-25 18:31 - 2014-12-26 17:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-12-25 18:31 - 2014-12-26 16:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-25 18:31 - 2014-12-25 18:31 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Macromedia
2014-12-25 18:30 - 2014-12-26 17:51 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Adobe
2014-12-24 23:19 - 2014-12-24 23:19 - 00000000 ____D () C:\New folder
2014-12-24 22:40 - 2015-01-07 01:35 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Skype
2014-12-24 22:40 - 2015-01-06 18:22 - 00002267 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-12-24 22:40 - 2014-12-24 22:40 - 00000000 ___RD () C:\Program Files\Skype
2014-12-24 22:40 - 2014-12-24 22:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-12-24 22:40 - 2014-12-24 22:40 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Skype
2014-12-24 22:40 - 2014-12-24 22:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-12-24 22:39 - 2014-12-24 22:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-12-24 22:34 - 2008-04-14 00:16 - 00010880 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ndisip.sys
2014-12-24 22:34 - 2008-04-14 00:16 - 00010880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NdisIP.sys
2014-12-24 22:34 - 2008-04-14 00:09 - 00005504 ____C (Microsoft Corporation) C:\windows\system32\dllcache\mstee.sys
2014-12-24 22:34 - 2008-04-14 00:09 - 00005504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\MSTEE.sys
2014-12-24 22:33 - 2008-04-14 05:42 - 00091136 ____C (Microsoft Corporation) C:\windows\system32\dllcache\kswdmcap.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\kswdmcap.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00061952 ____C (Microsoft Corporation) C:\windows\system32\dllcache\kstvtune.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\kstvtune.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00053760 ____C (Microsoft Corporation) C:\windows\system32\dllcache\vfwwdm32.dll
2014-12-24 22:33 - 2008-04-14 05:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\vfwwdm32.dll
2014-12-24 22:33 - 2008-04-14 05:42 - 00043008 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ksxbar.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\ksxbar.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00028672 ____C (Microsoft Corporation) C:\windows\system32\dllcache\vidcap.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\vidcap.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00020992 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dshowext.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\dshowext.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00016384 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ipsink.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ipsink.ax
2014-12-24 22:33 - 2008-04-14 00:16 - 00121984 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbvideo.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00121984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00085248 ____C (Microsoft Corporation) C:\windows\system32\dllcache\nabtsfec.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00085248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NABTSFEC.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00019200 ____C (Microsoft Corporation) C:\windows\system32\dllcache\wstcodec.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00019200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WSTCODEC.SYS
2014-12-24 22:33 - 2008-04-14 00:16 - 00017024 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ccdecode.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00017024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CCDECODE.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00015232 ____C (Microsoft Corporation) C:\windows\system32\dllcache\streamip.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00015232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\StreamIP.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00011136 ____C (Microsoft Corporation) C:\windows\system32\dllcache\slip.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00011136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\SLIP.sys
2014-12-24 22:33 - 2008-04-14 00:15 - 00060032 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbaudio.sys
2014-12-24 22:33 - 2008-04-14 00:15 - 00060032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2014-12-24 16:16 - 2014-12-24 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Lightshot
2014-12-24 14:54 - 2015-01-03 22:05 - 00000000 ____D () C:\Program Files\Steam
2014-12-24 14:54 - 2014-12-24 14:54 - 00000638 _____ () C:\Documents and Settings\All Users\Desktop\Steam.lnk
2014-12-24 14:54 - 2014-12-24 14:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Steam
2014-12-21 16:27 - 2014-12-21 16:38 - 00000600 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\PUTTY.RND
2014-12-19 15:57 - 2014-12-19 15:58 - 00617731 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\GtaTheme.zip
2014-12-18 20:51 - 2015-01-04 18:27 - 00000000 ____D () C:\Program Files\Counter-Strike v42
2014-12-17 20:57 - 2015-01-06 23:18 - 00000000 ____D () C:\Program Files\TeamViewer
2014-12-17 20:57 - 2014-12-21 11:38 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\TeamViewer
2014-12-17 20:57 - 2014-12-17 20:57 - 00000706 _____ () C:\Documents and Settings\All Users\Desktop\TeamViewer 10.lnk
2014-12-17 20:57 - 2014-12-17 20:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 10
2014-12-14 20:47 - 2014-12-14 20:47 - 03212404 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zp_resources (1).zip
2014-12-14 20:47 - 2014-12-14 20:47 - 00168189 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zp_plugin_43 (1).zip
2014-12-14 20:44 - 2014-12-14 20:44 - 00168189 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zp_plugin_43.zip
2014-12-14 20:44 - 2014-12-14 20:44 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\zp_plugin_43
2014-12-14 20:34 - 2014-12-14 20:34 - 03212404 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zp_resources.zip
2014-12-14 19:36 - 2014-12-17 19:35 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\Zombie Plague Mod
2014-12-13 13:14 - 2014-12-13 13:14 - 07192245 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (13).php
2014-12-13 13:12 - 2015-01-07 01:48 - 00000000 ___RD () C:\Documents and Settings\Miljan Ilic\My Documents\Dropbox
2014-12-13 13:10 - 2014-12-13 13:10 - 00000000 ____D () C:\Program Files\Dropbox
2014-12-13 13:10 - 2014-12-13 13:10 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\Dropbox
2014-12-13 13:06 - 2014-12-13 13:08 - 46882168 _____ (Dropbox, Inc.) C:\Documents and Settings\Miljan Ilic\My Documents\Dropbox 3.0.3.exe
2014-12-13 13:05 - 2015-01-07 01:48 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Dropbox
2014-12-13 13:05 - 2014-12-13 13:05 - 00324224 _____ (Dropbox, Inc.) C:\Documents and Settings\Miljan Ilic\My Documents\DropboxInstaller.exe
2014-12-13 11:06 - 2014-12-13 11:06 - 00224630 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\grenade_2.7z
2014-12-13 09:46 - 2014-12-13 09:46 - 04176782 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (12).php
2014-12-13 09:45 - 2014-12-13 09:45 - 04184320 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (11).php
2014-12-12 22:38 - 2014-12-12 22:38 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\de_dust2_xmas
2014-12-12 22:28 - 2014-12-12 22:28 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\cs_go_huntsman (1)
2014-12-12 22:27 - 2014-12-12 22:27 - 01715816 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\cs_go_huntsman (1).rar
2014-12-12 21:52 - 2014-12-12 21:55 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\models
2014-12-12 21:52 - 2013-03-01 00:53 - 00000211 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\motd.txt
2014-12-12 21:52 - 2012-06-07 10:27 - 00000372 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\Atenç▌o!.txt
2014-12-12 21:50 - 2014-12-12 21:51 - 03820253 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\Gold Pack [CsLoVersPrO.Blogspot.Com].zip
2014-12-12 21:44 - 2012-08-21 21:23 - 00022180 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\p_deagle.mdl
2014-12-12 21:44 - 2012-08-21 21:22 - 00020572 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\w_deagle.mdl
2014-12-12 21:44 - 2012-08-21 21:19 - 00238528 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\v_deagle.mdl
2014-12-12 21:44 - 2012-08-20 13:07 - 00023332 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\p_m4a1.mdl
2014-12-12 21:44 - 2012-08-20 13:07 - 00021780 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\w_m4a1.mdl
2014-12-12 21:44 - 2012-08-20 13:05 - 00377212 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\v_m4a1.mdl
2014-12-12 21:44 - 2012-08-17 21:10 - 00039204 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\p_ak47.mdl
2014-12-12 21:44 - 2012-08-17 21:10 - 00037596 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\w_ak47.mdl
2014-12-12 21:44 - 2012-08-17 21:08 - 00295128 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\v_ak47.mdl
2014-12-12 21:12 - 2014-12-12 21:12 - 01847103 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zlote_bronie.rar
2014-12-12 21:12 - 2014-12-12 21:12 - 01847103 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zlote_bronie (1).rar
2014-12-12 19:13 - 2014-12-12 19:13 - 00438510 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\underground_retex_gol_desert_eagle.rar
2014-12-12 19:09 - 2014-12-12 19:09 - 01715816 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\cs_go_huntsman.rar
2014-12-12 18:56 - 2014-12-12 18:56 - 00002289 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\SantaHat.amxx
2014-12-12 18:55 - 2014-12-12 18:55 - 00061615 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\santa_hat (1).zip
2014-12-12 18:43 - 2014-12-12 18:43 - 00140886 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\v_ak47_75.rar
2014-12-12 18:24 - 2014-12-12 18:25 - 00000000 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\new_weapons.ini
2014-12-12 18:22 - 2014-12-12 18:22 - 00011052 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\GHW_Weapon_Replacement.amxx
2014-12-12 18:16 - 2014-12-12 18:16 - 00007798 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\players_models.amxx
2014-12-12 17:53 - 2014-12-12 17:53 - 01704099 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\real_c4.rar
2014-12-12 17:26 - 2014-12-12 17:27 - 16626808 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\cs-restart-darkshinestudio.rar
2014-12-11 20:14 - 2014-12-11 20:14 - 00061615 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\santa_hat.zip
2014-12-11 20:14 - 2007-10-14 11:15 - 00106912 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\santa_hat.mdl
2014-12-11 20:03 - 2014-12-11 20:04 - 06106089 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\ctpackzandarmerija.rar
2014-12-11 18:57 - 2014-12-11 18:58 - 00900022 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\de_dust2_2x2_winter.zip
2014-12-11 18:55 - 2014-12-11 18:55 - 01491231 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\cs-2666-de_dust2_snow.zip
2014-12-11 18:33 - 2014-12-11 18:33 - 00610189 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\net2ftp-1418319180.zip
2014-12-11 18:32 - 2014-12-11 18:32 - 00610189 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\net2ftp-1418319111.zip
2014-12-11 16:48 - 2014-12-11 16:48 - 00000040 _____ () C:\Autoconfig.ini
2014-12-11 16:47 - 2013-06-01 06:13 - 01571160 ____N () C:\windows\TotalUninstaller.exe
2014-12-11 16:47 - 2013-05-10 10:48 - 00162136 _____ () C:\windows\system32\spe__ci.exe
2014-12-11 16:47 - 2012-11-17 09:29 - 00000363 _____ () C:\windows\system32\spe__l.smt
2014-12-11 16:47 - 2011-04-11 06:26 - 00024064 _____ () C:\windows\system32\spe__l.dll
2014-12-11 16:47 - 2010-10-20 09:49 - 00065536 _____ (SS) C:\windows\system32\spe__ci.dll
2014-12-11 16:44 - 2014-12-11 16:44 - 21335600 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\SamsungUniversalPrintDriver2.exe
2014-12-11 16:40 - 2008-04-14 00:17 - 00025856 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbprint.sys
2014-12-11 16:40 - 2008-04-14 00:17 - 00025856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2014-12-11 16:38 - 2015-01-06 16:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Samsung
2014-12-11 16:37 - 2014-12-11 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Samsung Printers
2014-12-11 16:37 - 2014-12-11 16:37 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Samsung
2014-12-11 16:35 - 2014-12-11 16:35 - 00000000 ____D () C:\Program Files\Common Files\Common Desktop Agent
2014-12-11 16:33 - 2015-01-06 16:29 - 00000000 ____D () C:\Program Files\Samsung
2014-12-11 16:30 - 2014-12-11 16:31 - 41655568 _____ (Samsung Electronics Co., Ltd.) C:\Documents and Settings\Miljan Ilic\My Documents\EPM_V1.05.58.01.exe
2014-12-11 16:10 - 2014-12-11 16:10 - 00003813 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\Admin Connect v2.rar
2014-12-11 16:10 - 2012-09-10 14:29 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\Admin Connect v2
2014-12-11 15:22 - 2014-12-11 15:24 - 00003585 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\webbans.html
2014-12-11 15:22 - 2014-12-11 15:22 - 00001085 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\webbans.rar
2014-12-11 15:15 - 2014-12-11 15:15 - 00029163 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\mdb_ban_system.amxx
2014-12-11 14:09 - 2014-12-11 14:09 - 01567036 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\bgp_r0-devel-beta8.zip
2014-12-11 14:09 - 2014-12-11 14:09 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\bgp_r0-devel-beta8
2014-12-11 13:45 - 2014-12-11 13:45 - 00067258 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\monsta_ftp_v1.4.7_install (1).zip
2014-12-11 13:45 - 2014-12-11 13:45 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\monsta_ftp_v1.4.7_install
2014-12-10 13:47 - 2014-12-10 13:47 - 00291457 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (10).php
2014-12-10 00:15 - 2014-12-10 00:15 - 00001064 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (8).php
2014-12-10 00:15 - 2014-12-10 00:15 - 00000335 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (9).php
2014-12-10 00:14 - 2014-12-10 00:14 - 00001072 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (7).php
2014-12-10 00:11 - 2014-12-10 00:11 - 00000957 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (6).php
2014-12-09 23:49 - 2014-12-09 23:49 - 00001187 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (5).php
2014-12-08 21:30 - 2014-12-08 21:30 - 00056665 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (4).php
2014-12-08 21:28 - 2014-12-08 21:28 - 00032854 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (3).php
2014-12-08 21:25 - 2015-01-04 19:50 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\images
2014-12-08 21:25 - 2014-12-11 13:45 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\skins
2014-12-08 21:25 - 2014-12-11 13:45 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\languages
2014-12-08 21:25 - 2014-12-08 21:25 - 00067258 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\monsta_ftp_v1.4.7_install.zip
2014-12-08 21:25 - 2014-10-24 11:12 - 00043698 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\ajax.js
2014-12-08 21:25 - 2014-10-24 11:12 - 00006323 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\style.css
2014-12-08 21:25 - 2014-10-24 11:12 - 00000430 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\README.txt
2014-12-08 21:14 - 2014-12-08 21:14 - 00056665 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (2).php
2014-12-08 20:31 - 2014-12-08 20:31 - 00056665 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (1).php
2014-12-08 18:50 - 2014-12-08 18:50 - 00000000 ____D () C:\Program Files\Mobi Biz Card Sites
2014-12-08 18:50 - 2014-12-08 18:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mobi BizCard Site Builder
2014-12-08 18:48 - 2014-12-08 18:49 - 03099751 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\Mobi-Builder-Installer.zip
2014-12-08 17:32 - 2014-12-08 17:32 - 00098304 _____ () C:\windows\Minidump\Mini120814-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 02:11 - 2014-11-21 21:01 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Temp
2015-01-07 01:59 - 2014-12-01 20:30 - 00000388 _____ () C:\windows\Tasks\update-sys.job
2015-01-07 01:53 - 2014-11-21 21:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2015-01-07 01:51 - 2014-11-21 20:53 - 00288043 _____ () C:\windows\WindowsUpdate.log
2015-01-07 01:49 - 2014-11-21 22:18 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-01-07 01:45 - 2014-11-21 21:38 - 00000159 _____ () C:\windows\wiadebug.log
2015-01-07 01:44 - 2014-11-23 12:31 - 00000386 _____ () C:\windows\Tasks\Opera scheduled Autoupdate 1416742248.job
2015-01-07 01:44 - 2014-11-23 12:30 - 00000000 ____D () C:\Program Files\Opera
2015-01-07 01:44 - 2014-11-21 21:38 - 00000048 _____ () C:\windows\wiaservc.log
2015-01-07 01:44 - 2014-11-21 20:59 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-07 01:26 - 2014-11-23 12:23 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-07 01:08 - 2014-12-02 15:39 - 00000000 ____D () C:\Program Files\Power Sound Editor Free
2015-01-07 00:27 - 2014-12-01 20:30 - 00000388 _____ () C:\windows\Tasks\update-S-1-5-21-507921405-879983540-1417001333-1003.job
2015-01-07 00:11 - 2014-11-23 14:11 - 00000600 _____ () C:\Documents and Settings\Miljan Ilic\Application Data\winscp.rnd
2015-01-06 21:50 - 2014-12-02 15:39 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Power Sound Editor Free
2015-01-06 20:12 - 2014-11-21 21:34 - 00429617 _____ () C:\windows\setupapi.log
2015-01-06 16:48 - 2014-11-21 20:59 - 00032288 _____ () C:\windows\SchedLgU.Txt
2015-01-06 14:41 - 2014-11-28 14:57 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\uTorrent
2015-01-06 12:11 - 2014-11-21 20:47 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2015-01-06 02:44 - 2014-11-21 21:01 - 00000178 ___SH () C:\Documents and Settings\Miljan Ilic\ntuser.ini
2015-01-04 19:50 - 2014-12-07 18:15 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\docs
2015-01-04 19:50 - 2014-11-28 18:18 - 00191488 ___SH () C:\Documents and Settings\Miljan Ilic\My Documents\Thumbs.db
2015-01-03 21:52 - 2014-11-21 21:01 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic
2015-01-03 17:08 - 2014-11-25 18:39 - 00000754 _____ () C:\windows\WORDPAD.INI
2015-01-02 20:13 - 2014-11-23 16:17 - 00000000 ____D () C:\windows\Microsoft.NET
2015-01-02 18:06 - 2014-11-21 21:35 - 00539546 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-31 09:16 - 2008-04-14 13:00 - 00002206 _____ () C:\windows\system32\wpa.dbl
2014-12-27 20:54 - 2014-12-04 04:33 - 00000000 ____D () C:\windows\Minidump
2014-12-27 19:40 - 2014-11-21 21:34 - 03617088 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-27 16:23 - 2014-11-21 21:45 - 00069648 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-12-27 15:18 - 2014-11-22 13:32 - 00000000 ____D () C:\Program Files\WinSCP
2014-12-26 18:00 - 2014-11-23 12:22 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Adobe
2014-12-24 16:16 - 2014-12-01 20:30 - 00000413 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\UserProducts.xml
2014-12-24 16:15 - 2014-12-01 20:29 - 00000000 ____D () C:\Program Files\Skillbrains
2014-12-18 21:34 - 2014-11-21 20:50 - 00025787 _____ () C:\windows\wmsetup.log
2014-12-12 14:22 - 2014-11-21 21:34 - 00174372 _____ () C:\windows\setupact.log
2014-12-09 21:12 - 2014-11-22 15:09 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\KompoZer

Some content of TEMP:
====================
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\BVXA8Ee1AwKV.exe
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgwh4rb.dll
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\jlVwsLHp1lUr.exe
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\k6r5DAoFyDJL.exe
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\LCmJaS6sKRJF.exe
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\LIsGSKSbFyyv.exe
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\MailRuUpdater.exe
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\ose00000.exe
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\SlvZfjjdLWQN.exe
C:\Documents and Settings\Miljan Ilic\Local Settings\Temp\WebsiteInsight-trial-win-en-editor.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Poslao: 07 Jan 2015 11:38
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Poslao: 07 Jan 2015 16:03
Idi na vrh
offline
  • Miljan Ilic
  • Pridružio: 18 Jun 2014
  • Poruke: 178

Vaistinu voskrese,
Evo rezultati ComboFix-a, i da napomenam da onaj Old Chrome Remover nije pomogao jer ja ne koristim Chrome vec Operu. Pozz

ComboFix.txt:

ComboFix 15-01-07.01 - Miljan Ilic 07.01.2015 13:21:36.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1024.468 [GMT 1:00]
Running from: c:\documents and settings\Miljan Ilic\Desktop\ComboFix.exe
AV: AVG Internet Security 2015 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2015 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GLOBALUPDATE
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Files Created from 2014-12-07 to 2015-01-07 )))))))))))))))))))))))))))))))
.
.
2015-01-07 09:17 . 2006-10-08 20:51 23856 ----a-w- c:\windows\system32\spupdsvc.exe
2015-01-07 01:10 . 2015-01-07 01:14 -------- d-----w- C:\FRST
2015-01-07 00:31 . 2015-01-07 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2015-01-07 00:29 . 2015-01-07 10:55 -------- d-----w- c:\program files\AVG Web TuneUp
2015-01-07 00:23 . 2015-01-07 00:24 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Avg_Update_1014av
2015-01-07 00:23 . 2015-01-07 00:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg_Update_1014av
2015-01-06 15:47 . 2015-01-06 15:47 -------- d-----w- c:\program files\Google
2015-01-06 15:47 . 2015-01-06 15:47 -------- d-----w- c:\program files\globalUpdate
2015-01-06 15:47 . 2015-01-06 15:47 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\globalUpdate
2015-01-06 15:47 . 2015-01-07 00:08 -------- d-----w- c:\program files\SavePass 1.1
2015-01-06 15:34 . 2013-12-26 05:41 184248 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2015-01-06 15:34 . 2013-12-26 05:41 88632 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2015-01-06 15:30 . 2013-12-26 05:41 130248 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2015-01-06 15:30 . 2013-12-26 05:41 17864 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2015-01-06 15:30 . 2013-12-26 05:41 15560 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2015-01-06 15:30 . 2013-12-26 05:41 15560 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2015-01-06 15:30 . 2013-12-26 05:41 153672 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2015-01-06 15:30 . 2013-12-26 05:41 32064 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2015-01-06 15:30 . 2013-12-26 05:41 1418432 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2015-01-06 15:30 . 2013-12-26 05:41 1418432 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2015-01-06 15:30 . 2013-12-26 05:41 15304 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2015-01-06 15:30 . 2013-12-26 05:41 15304 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2015-01-06 15:30 . 2013-12-26 05:41 136904 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2015-01-06 11:11 . 2015-01-06 11:13 -------- d-----w- c:\program files\PhotoZoom Pro 5
2015-01-03 20:52 . 2015-01-03 21:05 -------- d-----w- c:\documents and settings\Miljan Ilic\.zenmap
2015-01-03 20:50 . 2015-01-03 20:51 -------- d-----w- c:\program files\Nmap
2015-01-03 19:32 . 2015-01-03 19:35 -------- d-----w- C:\My Web Sites
2015-01-03 19:32 . 2015-01-03 19:32 -------- d-----w- c:\program files\WinHTTrack
2015-01-03 18:52 . 2015-01-03 18:52 -------- d-----w- c:\program files\Common Files\Java
2015-01-03 18:51 . 2015-01-03 18:51 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Oracle
2015-01-03 18:50 . 2015-01-03 18:50 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Sun
2015-01-03 18:50 . 2015-01-03 18:49 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-01-03 18:50 . 2015-01-03 18:49 146432 ----a-w- c:\windows\system32\javacpl.cpl
2015-01-03 18:48 . 2015-01-03 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Oracle
2015-01-03 18:48 . 2015-01-03 18:48 -------- d-----w- c:\program files\Java
2015-01-03 18:43 . 2015-01-03 18:43 -------- d-----w- c:\program files\DirBuster
2015-01-02 21:31 . 2015-01-03 15:04 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Kometa
2015-01-02 21:27 . 2015-01-02 21:27 -------- d-----w-2inf.net c:\docume~1\MILJAN~1\LOCALS~1\APPLIC~1\OE2INF~1.NET
2015-01-02 21:22 . 2015-01-02 21:22 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\MailRu
2015-01-02 21:21 . 2015-01-02 21:21 -------- d-----w- c:\windows\system32\GroupPolicy
2015-01-02 21:20 . 2015-01-02 21:20 -------- d-----w- c:\docume~1\MILJAN~1\LOCALS~1\APPLIC~1\CEEC38~1
2015-01-02 21:19 . 2015-01-03 11:40 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\eTranslator
2015-01-02 21:18 . 2015-01-07 00:07 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\SystemDir
2015-01-02 21:16 . 2015-01-03 11:42 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Mail.Ru
2015-01-02 17:03 . 2015-01-02 17:04 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Pamela
2015-01-02 17:03 . 2015-01-02 17:03 197632 ----a-w- c:\windows\system32\RemoteControl.dll
2015-01-02 17:03 . 2015-01-02 17:03 -------- d-----w- c:\program files\Pamela
2015-01-02 12:26 . 2015-01-02 12:26 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\PawnPlus
2015-01-02 12:26 . 2015-01-07 09:22 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\PawnPlus
2015-01-02 12:26 . 2015-01-07 09:22 -------- d-----w- c:\program files\PawnPlus
2014-12-31 16:57 . 2013-04-05 20:26 1679360 ----a-w- c:\windows\system32\ac3filter.acm
2014-12-31 16:57 . 2014-12-31 16:57 -------- d-----w- c:\program files\AC3Filter
2014-12-31 16:51 . 2014-12-31 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\GRETECH
2014-12-31 16:50 . 2014-12-31 16:50 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\GRETECH
2014-12-31 16:50 . 2014-12-31 16:50 -------- d-----w- c:\program files\GRETECH
2014-12-28 13:23 . 2014-12-28 13:23 -------- d-----w- C:\Internet
2014-12-28 13:21 . 2014-12-28 13:21 -------- d-----w- C:\install
2014-12-28 13:21 . 2014-12-28 13:21 -------- d-----w- c:\program files\Offline Downloader
2014-12-28 13:15 . 2014-12-28 13:15 -------- d-----w- c:\program files\Full WebSite Downloader
2014-12-27 12:36 . 2015-01-04 19:12 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\TS3Client
2014-12-27 12:36 . 2014-12-27 12:36 -------- d-----w- c:\program files\TeamSpeak 3 Client
2014-12-26 17:25 . 2014-12-26 17:25 -------- d--h--w- c:\windows\PIF
2014-12-26 15:06 . 2014-12-26 15:06 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\NVIDIA
2014-12-26 15:02 . 2014-12-26 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe
2014-12-25 20:36 . 2014-12-25 21:10 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\gtk-2.0
2014-12-25 20:36 . 2014-12-25 20:36 -------- d-----w- c:\documents and settings\Miljan Ilic\.thumbnails
2014-12-25 20:33 . 2014-12-25 20:33 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\fontconfig
2014-12-25 20:33 . 2014-12-27 19:57 -------- d-----w- c:\documents and settings\Miljan Ilic\.gimp-2.8
2014-12-25 20:33 . 2014-12-25 20:33 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\gegl-0.2
2014-12-25 20:27 . 2014-12-25 20:32 -------- d-----w- c:\program files\GIMP 2
2014-12-25 18:35 . 2015-01-07 00:24 -------- d-----w- c:\program files\Smart Saver
2014-12-25 18:35 . 2015-01-03 11:42 -------- d-----w- c:\program files\YYouttubeAdBLOcke
2014-12-25 18:34 . 2015-01-03 11:42 -------- d-----w- c:\program files\unisuales
2014-12-25 18:34 . 2014-12-25 18:34 -------- d-----w- c:\program files\unisalies
2014-12-25 17:31 . 2014-12-26 15:00 -------- d-----w- c:\program files\Common Files\Adobe
2014-12-24 22:19 . 2014-12-24 22:19 -------- d-----w- C:\New folder
2014-12-24 21:40 . 2014-12-24 21:40 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Skype
2014-12-24 21:40 . 2015-01-07 11:46 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Skype
2014-12-24 21:40 . 2014-12-24 21:40 -------- d-----w- c:\program files\Common Files\Skype
2014-12-24 21:40 . 2014-12-24 21:40 -------- d-----r- c:\program files\Skype
2014-12-24 21:39 . 2014-12-24 21:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2014-12-24 21:34 . 2008-04-13 23:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2014-12-24 21:34 . 2008-04-13 23:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2014-12-24 21:34 . 2008-04-13 23:16 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2014-12-24 21:34 . 2008-04-13 23:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2014-12-24 13:54 . 2015-01-03 21:05 -------- d-----w- c:\program files\Steam
2014-12-18 19:51 . 2015-01-04 17:27 -------- d-----w- c:\program files\Counter-Strike v42
2014-12-17 19:57 . 2014-12-21 10:38 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\TeamViewer
2014-12-17 19:57 . 2015-01-06 22:18 -------- d-----w- c:\program files\TeamViewer
2014-12-13 12:10 . 2014-12-13 12:10 -------- d-----w- c:\program files\Dropbox
2014-12-13 12:05 . 2015-01-07 11:51 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox
2014-12-11 15:47 . 2013-06-19 04:23 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\spe__pc.dll
2014-12-11 15:47 . 2011-04-11 05:26 24064 ----a-w- c:\windows\system32\spe__l.dll
2014-12-11 15:47 . 2010-10-20 08:49 65536 ----a-w- c:\windows\system32\spe__ci.dll
2014-12-11 15:47 . 2013-05-10 09:48 162136 ----a-w- c:\windows\system32\spe__ci.exe
2014-12-11 15:47 . 2013-06-01 05:13 1571160 ------w- c:\windows\TotalUninstaller.exe
2014-12-11 15:40 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2014-12-11 15:40 . 2008-04-13 23:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2014-12-11 15:38 . 2015-01-06 15:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Samsung
2014-12-11 15:37 . 2014-12-11 15:37 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Samsung
2014-12-11 15:35 . 2014-12-11 15:35 -------- d-----w- c:\program files\Common Files\Common Desktop Agent
2014-12-11 15:33 . 2015-01-06 15:29 -------- d-----w- c:\program files\Samsung
2014-12-08 17:50 . 2014-12-08 17:50 -------- d-----w- c:\program files\Mobi Biz Card Sites
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-06 21:28 . 2014-11-23 11:23 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-06 21:28 . 2014-11-23 11:23 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-29 20:35 . 2014-10-29 20:35 198936 ----a-w- c:\windows\system32\drivers\avgidsdriverlx.sys
2014-10-10 13:13 . 2014-10-10 13:13 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-05-10 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2014-11-09 3653136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-01-31 15517472]
"NvMediaCenter"="NvMCTray.dll" [2013-01-31 108832]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-01-31 1982312]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2014-09-08 351968]
"Lightshot"="c:\program files\Skillbrains\lightshot\Lightshot.exe" [2014-11-18 226560]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
c:\documents and settings\Miljan Ilic\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-9 39207112]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2015\avgrsx.exe /sync /restart
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgemcx.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Documents and Settings\\Miljan Ilic\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\uninstall.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\ScanProcess.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\Scan2PCNotify.exe"=
"c:\\Program Files\\Samsung\\Samsung Universal Print Driver 2\\PrinterSelector\\SUPDApp.exe"=
"c:\\Documents and Settings\\Miljan Ilic\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer_Service.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\bin\\steamwebhelper.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [6/18/2014 8:16 PM 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [7/18/2014 2:55 PM 230680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [6/18/2014 8:03 PM 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [6/18/2014 8:03 PM 121624]
R1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\drivers\avgidsdriverlx.sys [10/29/2014 9:35 PM 198936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [6/18/2014 8:03 PM 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8/28/2014 8:43 PM 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [10/10/2014 2:13 PM 200984]
R2 avgfws;AVG zaštitni zid;c:\program files\AVG\AVG2015\avgfws.exe [11/9/2014 9:56 PM 1486664]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [11/9/2014 9:57 PM 3488784]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [11/9/2014 9:49 PM 298080]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [1/5/2010 7:31 PM 1714176]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [1/12/2012 7:52 PM 30944]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [12/11/2014 10:30 AM 315496]
S2 WindowsMangerProtect;WindowsMangerProtect Service;c:\documents and settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe -service --> c:\documents and settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe -service [?]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [1/6/2015 4:30 PM 32064]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [1/12/2012 7:52 PM 30944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [1/6/2015 4:34 PM 88632]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files\globalUpdate\Update\GoogleUpdate.exe [1/6/2015 4:47 PM 68608]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [1/6/2015 4:30 PM 136904]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [1/6/2015 4:30 PM 17864]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [1/6/2015 4:30 PM 153672]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [1/6/2015 4:30 PM 130248]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [1/6/2015 4:34 PM 184248]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
.
Contents of the 'Scheduled Tasks' folder
.
2015-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-23 21:28]
.
2015-01-07 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files\globalUpdate\Update\GoogleUpdate.exe [2015-01-06 15:47]
.
2015-01-07 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files\globalUpdate\Update\GoogleUpdate.exe [2015-01-06 15:47]
.
2015-01-07 c:\windows\Tasks\Opera scheduled Autoupdate 1416742248.job
- c:\program files\Opera\launcher.exe [2014-11-23 08:50]
.
2015-01-06 c:\windows\Tasks\update-S-1-5-21-507921405-879983540-1417001333-1003.job
- c:\program files\Skillbrains\Updater\Updater.exe [2014-12-01 17:44]
.
2015-01-07 c:\windows\Tasks\update-sys.job
- c:\program files\Skillbrains\Updater\Updater.exe [2014-12-01 17:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://mail.ru/cnt/10445?gp=blackbear1
uDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1417530891&from=cor&uid=ST3160215ACE_5RX92ZQYXXXX5RX92ZQY&q={searchTerms}
mStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
HKCU-Run-eM Client - c:\program files\eM Client\MailClient.exe
HKCU-Run-LightShot - c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Skillbrains\lightshot\Lightshot.exe
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-cpozxbdlvf - start simsimotkroysia.ru/
AddRemove-Disketch - c:\program files\NCH Software\Disketch\disketch.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2015-01-07 13:32
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(204)
c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
c:\windows\system32\xpsp3res.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\TeamViewer\TeamViewer_Service.exe
c:\program files\TeamViewer\TeamViewer.exe
c:\program files\TeamViewer\tv_w32.exe
c:\windows\system32\RunDLL32.exe
c:\program files\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\Dropbox.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
c:\program files\Opera\26.0.1656.60\opera.exe
.
**************************************************************************
.
Completion time: 2015-01-07 13:49:38 - machine was rebooted
ComboFix-quarantined-files.txt 2015-01-07 12:46
.
Pre-Run: 30.020.866.048 bytes free
Post-Run: 29.901.664.256 bytes free
.
- - End Of File - - D45FDE74D2F77720EE639ED4C8B9C3EC
8F558EB6672622401DA993E1E865C861



mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 07 Jan 2015 19:14
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Ovaj ComboFix log nije onaj originalni koji sam trazio, vec je ovo onaj koji je formiran po drugom pokretanju.

Molim iskopiraj sadrzaj origianlnog ComboFix.txt loga koji se sada nalazi na C:\Qoobox\ComboFix2.txt

Poslao: 07 Jan 2015 19:25
Idi na vrh
offline
  • Miljan Ilic
  • Pridružio: 18 Jun 2014
  • Poruke: 178

Nema niceg takvog nema u tom folderu niti van njega. Pozz

Poslao: 07 Jan 2015 19:26
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Nema veze...idemo dalje.


Arrow Otvoriti Notepad i iskopirati sledeci tekst:

FileLook::
c:\windows\system32\Spool\prtprocs\w32x86\spe__pc.dll
c:\windows\system32\spe__ci.exe

KillAll::

File::
c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job

Driver::
WindowsMangerProtect
globalUpdatem

Folder::
c:\documents and settings\All Users\Application Data\AVG Security Toolbar
c:\program files\Google
c:\program files\globalUpdate
c:\documents and settings\Miljan Ilic\Local Settings\Application Data\globalUpdate
c:\program files\SavePass 1.1    
c:\windows\system32\GroupPolicy
c:\program files\Smart Saver
c:\program files\YYouttubeAdBLOcke
c:\program files\unisuales
c:\program files\unisalies
c:\documents and settings\All Users\Application Data\WindowsMangerProtect
c:\program files\globalUpdate

ClearJavaCache::

DDS::
uStart Page = hxxp://mail.ru/cnt/10445?gp=blackbear1
uDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1417530891&from=cor&uid=ST3160215ACE_5RX92ZQYXXXX5RX92ZQY&q={searchTerms}
mStart Page = about:blank


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.





----- ----- ----- ----- -----




Arrow Ponovo pokreni FRST, klik na Scan dugme i postavi mi sveze formiran FRST.txt izvestaj.

Poslao: 07 Jan 2015 20:14
Idi na vrh
offline
  • Miljan Ilic
  • Pridružio: 18 Jun 2014
  • Poruke: 178

Napisano: 07 Jan 2015 20:05

Novi ComboFix.txt:

ComboFix 15-01-07.01 - Miljan Ilic 07.01.2015 19:35:59.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1024.360 [GMT 1:00]
Running from: c:\documents and settings\Miljan Ilic\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Miljan Ilic\Desktop\CFScript.txt
AV: AVG Internet Security 2015 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2015 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
FILE ::
"c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job"
"c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\AVG Security Toolbar
c:\documents and settings\All Users\Application Data\AVG Security Toolbar\TBCampaignINSP.txt
c:\documents and settings\All Users\Application Data\WindowsMangerProtect
c:\documents and settings\All Users\Application Data\WindowsMangerProtect\update\conf
c:\documents and settings\Miljan Ilic\Local Settings\Application Data\globalUpdate
c:\program files\globalUpdate
c:\program files\globalUpdate\CrashReports\Update2-last.dmp
c:\program files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe
c:\program files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe
c:\program files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe
c:\program files\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi
c:\program files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe
c:\program files\globalUpdate\Update\1.3.25.0\goopdate.dll
c:\program files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll
c:\program files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
c:\program files\globalUpdate\Update\1.3.25.0\psmachine.dll
c:\program files\globalUpdate\Update\1.3.25.0\psuser.dll
c:\program files\globalUpdate\Update\GoogleUpdate.exe
c:\program files\Google
c:\program files\SavePass 1.1
c:\program files\SavePass 1.1\5dd25e49-e804-4391-8f79-f8cbe2583311.crx
c:\program files\SavePass 1.1\background.html
c:\program files\SavePass 1.1\SavePass 1.1.ico
c:\program files\Smart Saver
c:\program files\unisalies
c:\program files\unisalies\unisalies.dat
c:\program files\unisalies\unisalies.exe
c:\program files\unisuales
c:\program files\YYouttubeAdBLOcke
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WINDOWSMANGERPROTECT
-------\Service_globalUpdatem
-------\Service_WindowsMangerProtect
.
.
((((((((((((((((((((((((( Files Created from 2014-12-07 to 2015-01-07 )))))))))))))))))))))))))))))))
.
.
2015-01-07 09:17 . 2006-10-08 20:51 23856 ----a-w- c:\windows\system32\spupdsvc.exe
2015-01-07 01:10 . 2015-01-07 01:14 -------- d-----w- C:\FRST
2015-01-07 00:29 . 2015-01-07 10:55 -------- d-----w- c:\program files\AVG Web TuneUp
2015-01-07 00:23 . 2015-01-07 00:24 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Avg_Update_1014av
2015-01-07 00:23 . 2015-01-07 00:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg_Update_1014av
2015-01-06 15:34 . 2013-12-26 05:41 184248 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2015-01-06 15:34 . 2013-12-26 05:41 88632 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2015-01-06 15:30 . 2013-12-26 05:41 130248 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2015-01-06 15:30 . 2013-12-26 05:41 17864 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2015-01-06 15:30 . 2013-12-26 05:41 15560 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2015-01-06 15:30 . 2013-12-26 05:41 15560 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2015-01-06 15:30 . 2013-12-26 05:41 153672 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2015-01-06 15:30 . 2013-12-26 05:41 32064 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2015-01-06 15:30 . 2013-12-26 05:41 1418432 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2015-01-06 15:30 . 2013-12-26 05:41 1418432 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2015-01-06 15:30 . 2013-12-26 05:41 15304 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2015-01-06 15:30 . 2013-12-26 05:41 15304 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2015-01-06 15:30 . 2013-12-26 05:41 136904 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2015-01-06 11:11 . 2015-01-06 11:13 -------- d-----w- c:\program files\PhotoZoom Pro 5
2015-01-03 20:52 . 2015-01-03 21:05 -------- d-----w- c:\documents and settings\Miljan Ilic\.zenmap
2015-01-03 20:50 . 2015-01-03 20:51 -------- d-----w- c:\program files\Nmap
2015-01-03 19:32 . 2015-01-03 19:35 -------- d-----w- C:\My Web Sites
2015-01-03 19:32 . 2015-01-03 19:32 -------- d-----w- c:\program files\WinHTTrack
2015-01-03 18:52 . 2015-01-03 18:52 -------- d-----w- c:\program files\Common Files\Java
2015-01-03 18:51 . 2015-01-03 18:51 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Oracle
2015-01-03 18:50 . 2015-01-03 18:50 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Sun
2015-01-03 18:50 . 2015-01-03 18:49 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-01-03 18:50 . 2015-01-03 18:49 146432 ----a-w- c:\windows\system32\javacpl.cpl
2015-01-03 18:48 . 2015-01-03 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Oracle
2015-01-03 18:48 . 2015-01-03 18:48 -------- d-----w- c:\program files\Java
2015-01-03 18:43 . 2015-01-03 18:43 -------- d-----w- c:\program files\DirBuster
2015-01-02 21:31 . 2015-01-03 15:04 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Kometa
2015-01-02 21:27 . 2015-01-02 21:27 -------- d-----w-2inf.net c:\docume~1\MILJAN~1\LOCALS~1\APPLIC~1\OE2INF~1.NET
2015-01-02 21:22 . 2015-01-02 21:22 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\MailRu
2015-01-02 21:21 . 2015-01-02 21:21 -------- d-----w- c:\windows\system32\GroupPolicy
2015-01-02 21:20 . 2015-01-02 21:20 -------- d-----w- c:\docume~1\MILJAN~1\LOCALS~1\APPLIC~1\CEEC38~1
2015-01-02 21:19 . 2015-01-03 11:40 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\eTranslator
2015-01-02 21:18 . 2015-01-07 00:07 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\SystemDir
2015-01-02 21:16 . 2015-01-03 11:42 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Mail.Ru
2015-01-02 17:03 . 2015-01-02 17:04 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Pamela
2015-01-02 17:03 . 2015-01-02 17:03 197632 ----a-w- c:\windows\system32\RemoteControl.dll
2015-01-02 17:03 . 2015-01-02 17:03 -------- d-----w- c:\program files\Pamela
2015-01-02 12:26 . 2015-01-02 12:26 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\PawnPlus
2015-01-02 12:26 . 2015-01-07 09:22 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\PawnPlus
2015-01-02 12:26 . 2015-01-07 09:22 -------- d-----w- c:\program files\PawnPlus
2014-12-31 16:57 . 2013-04-05 20:26 1679360 ----a-w- c:\windows\system32\ac3filter.acm
2014-12-31 16:57 . 2014-12-31 16:57 -------- d-----w- c:\program files\AC3Filter
2014-12-31 16:51 . 2014-12-31 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\GRETECH
2014-12-31 16:50 . 2014-12-31 16:50 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\GRETECH
2014-12-31 16:50 . 2014-12-31 16:50 -------- d-----w- c:\program files\GRETECH
2014-12-28 13:23 . 2014-12-28 13:23 -------- d-----w- C:\Internet
2014-12-28 13:21 . 2014-12-28 13:21 -------- d-----w- C:\install
2014-12-28 13:21 . 2014-12-28 13:21 -------- d-----w- c:\program files\Offline Downloader
2014-12-28 13:15 . 2014-12-28 13:15 -------- d-----w- c:\program files\Full WebSite Downloader
2014-12-27 12:36 . 2015-01-04 19:12 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\TS3Client
2014-12-27 12:36 . 2014-12-27 12:36 -------- d-----w- c:\program files\TeamSpeak 3 Client
2014-12-26 17:25 . 2014-12-26 17:25 -------- d--h--w- c:\windows\PIF
2014-12-26 15:06 . 2014-12-26 15:06 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\NVIDIA
2014-12-26 15:02 . 2014-12-26 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe
2014-12-25 20:36 . 2014-12-25 21:10 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\gtk-2.0
2014-12-25 20:36 . 2014-12-25 20:36 -------- d-----w- c:\documents and settings\Miljan Ilic\.thumbnails
2014-12-25 20:33 . 2014-12-25 20:33 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\fontconfig
2014-12-25 20:33 . 2014-12-27 19:57 -------- d-----w- c:\documents and settings\Miljan Ilic\.gimp-2.8
2014-12-25 20:33 . 2014-12-25 20:33 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\gegl-0.2
2014-12-25 20:27 . 2014-12-25 20:32 -------- d-----w- c:\program files\GIMP 2
2014-12-25 17:31 . 2014-12-26 15:00 -------- d-----w- c:\program files\Common Files\Adobe
2014-12-24 22:19 . 2014-12-24 22:19 -------- d-----w- C:\New folder
2014-12-24 21:40 . 2014-12-24 21:40 -------- d-----w- c:\documents and settings\Miljan Ilic\Local Settings\Application Data\Skype
2014-12-24 21:40 . 2015-01-07 18:35 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Skype
2014-12-24 21:40 . 2014-12-24 21:40 -------- d-----w- c:\program files\Common Files\Skype
2014-12-24 21:40 . 2014-12-24 21:40 -------- d-----r- c:\program files\Skype
2014-12-24 21:39 . 2014-12-24 21:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2014-12-24 21:34 . 2008-04-13 23:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2014-12-24 21:34 . 2008-04-13 23:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2014-12-24 21:34 . 2008-04-13 23:16 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2014-12-24 21:34 . 2008-04-13 23:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2014-12-24 13:54 . 2015-01-03 21:05 -------- d-----w- c:\program files\Steam
2014-12-18 19:51 . 2015-01-04 17:27 -------- d-----w- c:\program files\Counter-Strike v42
2014-12-17 19:57 . 2014-12-21 10:38 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\TeamViewer
2014-12-17 19:57 . 2015-01-06 22:18 -------- d-----w- c:\program files\TeamViewer
2014-12-13 12:10 . 2014-12-13 12:10 -------- d-----w- c:\program files\Dropbox
2014-12-13 12:05 . 2015-01-07 14:19 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox
2014-12-11 15:47 . 2013-06-19 04:23 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\spe__pc.dll
2014-12-11 15:47 . 2011-04-11 05:26 24064 ----a-w- c:\windows\system32\spe__l.dll
2014-12-11 15:47 . 2010-10-20 08:49 65536 ----a-w- c:\windows\system32\spe__ci.dll
2014-12-11 15:47 . 2013-05-10 09:48 162136 ----a-w- c:\windows\system32\spe__ci.exe
2014-12-11 15:47 . 2013-06-01 05:13 1571160 ------w- c:\windows\TotalUninstaller.exe
2014-12-11 15:40 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2014-12-11 15:40 . 2008-04-13 23:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2014-12-11 15:38 . 2015-01-06 15:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Samsung
2014-12-11 15:37 . 2014-12-11 15:37 -------- d-----w- c:\documents and settings\Miljan Ilic\Application Data\Samsung
2014-12-11 15:35 . 2014-12-11 15:35 -------- d-----w- c:\program files\Common Files\Common Desktop Agent
2014-12-11 15:33 . 2015-01-06 15:29 -------- d-----w- c:\program files\Samsung
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-06 21:28 . 2014-11-23 11:23 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-06 21:28 . 2014-11-23 11:23 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-29 20:35 . 2014-10-29 20:35 198936 ----a-w- c:\windows\system32\drivers\avgidsdriverlx.sys
2014-10-10 13:13 . 2014-10-10 13:13 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
--- c:\windows\system32\spe__ci.exe ---
Company:
File Description: UPD Co-Installer
File Version: 3, 0, 0, 1
Product Name: UPD
Copyright:
Original Filename: UPDCoInst.exe
File size: 162136
Created time: 2014-12-11 15:47
Modified time: 2013-05-10 09:48
MD5: C3114F43CEBEF9A32105C8F803A6117A
SHA1: E26AB8DB57F8C6901AC1FA102992BE52E1BAAC40
.
.
--- c:\windows\system32\Spool\prtprocs\w32x86\spe__pc.dll ---
Company: Windows (R) Codename Longhorn DDK provider
File Description: Windows?Server 2003 Driver Development Kit Print DLL
File Version: 6.0.6001.18000
Product Name: Windows (R) Codename Longhorn DDK driver
Copyright: ? Microsoft Corporation. All rights reserved.
Original Filename: genprint.dll
File size: 28672
Created time: 2014-12-11 15:47
Modified time: 2013-06-19 04:23
MD5: 23593FB3458A291CA7EEFFB46974A4E7
SHA1: 473AE1BD347478B43BA17B89D5D0E660FDEC36B1
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-05-10 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-18 17:22 131480 ----a-w- c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2014-11-09 3653136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-01-31 15517472]
"NvMediaCenter"="NvMCTray.dll" [2013-01-31 108832]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-01-31 1982312]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2014-09-08 351968]
"Lightshot"="c:\program files\Skillbrains\lightshot\Lightshot.exe" [2014-11-18 226560]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
c:\documents and settings\Miljan Ilic\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-9 39207112]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2015\avgrsx.exe /sync /restart
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgemcx.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Documents and Settings\\Miljan Ilic\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\uninstall.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\ScanProcess.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\Scan2PCNotify.exe"=
"c:\\Program Files\\Samsung\\Samsung Universal Print Driver 2\\PrinterSelector\\SUPDApp.exe"=
"c:\\Documents and Settings\\Miljan Ilic\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer_Service.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\bin\\steamwebhelper.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [6/18/2014 8:16 PM 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [7/18/2014 2:55 PM 230680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [6/18/2014 8:03 PM 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [6/18/2014 8:03 PM 121624]
R1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\drivers\avgidsdriverlx.sys [10/29/2014 9:35 PM 198936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [6/18/2014 8:03 PM 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8/28/2014 8:43 PM 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [10/10/2014 2:13 PM 200984]
R2 avgfws;AVG zaštitni zid;c:\program files\AVG\AVG2015\avgfws.exe [11/9/2014 9:56 PM 1486664]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [11/9/2014 9:57 PM 3488784]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [11/9/2014 9:49 PM 298080]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [1/5/2010 7:31 PM 1714176]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [1/12/2012 7:52 PM 30944]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [12/11/2014 10:30 AM 315496]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [1/6/2015 4:30 PM 32064]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [1/12/2012 7:52 PM 30944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [1/6/2015 4:34 PM 88632]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [1/6/2015 4:30 PM 136904]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [1/6/2015 4:30 PM 17864]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [1/6/2015 4:30 PM 153672]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [1/6/2015 4:30 PM 130248]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [1/6/2015 4:34 PM 184248]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
.
Contents of the 'Scheduled Tasks' folder
.
2015-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-23 21:28]
.
2015-01-07 c:\windows\Tasks\Opera scheduled Autoupdate 1416742248.job
- c:\program files\Opera\launcher.exe [2014-11-23 08:50]
.
2015-01-07 c:\windows\Tasks\update-S-1-5-21-507921405-879983540-1417001333-1003.job
- c:\program files\Skillbrains\Updater\Updater.exe [2014-12-01 17:44]
.
2015-01-07 c:\windows\Tasks\update-sys.job
- c:\program files\Skillbrains\Updater\Updater.exe [2014-12-01 17:44]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2015-01-07 19:51
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3952)
c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\DropboxExt.24.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\TeamViewer\TeamViewer_Service.exe
c:\program files\TeamViewer\TeamViewer.exe
c:\program files\TeamViewer\tv_w32.exe
c:\windows\system32\RunDLL32.exe
c:\program files\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
c:\documents and settings\Miljan Ilic\Application Data\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Completion time: 2015-01-07 19:59:16 - machine was rebooted
ComboFix-quarantined-files.txt 2015-01-07 18:59
.
Pre-Run: 29.846.245.376 bytes free
Post-Run: 29.835.247.616 bytes free
.
- - End Of File - - 18149F15D7421D50FE278F1A09F78157
8F558EB6672622401DA993E1E865C861

Dopuna: 07 Jan 2015 20:14

Novi FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Miljan Ilic (administrator) on MINT on 07-01-2015 20:04:03
Running from C:\Documents and Settings\Miljan Ilic\Desktop
Loaded Profiles: Miljan Ilic & UpdatusUser (Available profiles: Miljan Ilic & UpdatusUser)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Documents and Settings\Miljan Ilic\Application Data\Dropbox\bin\Dropbox.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
() C:\Program Files\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.60\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-01-31] ()
HKLM\...\Run: [Smapp] => C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [143360 2003-05-05] (Analog Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] ()
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Startup: C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Miljan Ilic\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-507921405-879983540-1417001333-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-507921405-879983540-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-507921405-879983540-1417001333-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\windows\system32\shdocvw.dll (Microsoft Corporation)
URLSearchHook: [S-1-5-21-507921405-879983540-1417001333-1004] ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-879983540-1417001333-1003 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = go.mail.ru/search?q={SearchTerms}&fr=ntg
SearchScopes: HKU\S-1-5-21-507921405-879983540-1417001333-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-879983540-1417001333-1003 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = go.mail.ru/search?q={SearchTerms}&fr=ntg
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AR9271; C:\windows\System32\DRIVERS\athuw.sys [1714176 2010-01-05] (Atheros Communications, Inc.)
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\windows\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\windows\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\windows\System32\DRIVERS\avgidsdriverlx.sys [198936 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 gameenum; C:\windows\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 SISNIC; C:\windows\System32\DRIVERS\sisnic.sys [32768 2008-04-13] (SiS Corporation)
S3 STAC97; C:\windows\System32\drivers\STAC97.sys [273296 2005-04-14] (SigmaTel, Inc.) [File not signed]
R3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
U3 mbr; \??\C:\DOCUME~1\MILJAN~1\LOCALS~1\Temp\mbr.sys [X]

========================== Drivers MD5 =======================

C:\windows\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\windows\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\windows\System32\drivers\aeaudio.sys 11C04B17ED2ABBB4833694BCD644AC90
C:\windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\windows\System32\drivers\afd.sys 322D0E36693D6E24A2398BEE62A268CD
C:\windows\System32\Drivers\ssadadb.sys 2F8616646215EEDB28C2E40994DB8E38
C:\windows\System32\DRIVERS\athuw.sys 8E2257584B2C52D44B4CB1949947D885
C:\windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\windows\System32\DRIVERS\avgdiskx.sys CB2C2B24BD7E64CFB2B24D401FF5BBC0
C:\windows\System32\DRIVERS\avgfwdx.sys 8BE661C16FBF84A73BCEC84B6B4A9DB5
C:\windows\System32\DRIVERS\avgfwdx.sys 8BE661C16FBF84A73BCEC84B6B4A9DB5
C:\windows\System32\DRIVERS\avgidsdriverlx.sys 0BAF28B3E27E7C3AD5844406CF470420
C:\windows\System32\DRIVERS\avgidshx.sys 6A019432682A6BD98B1548015CA7A4D4
C:\windows\System32\DRIVERS\avgidsshimx.sys 2429F7F025F63532B6B264D97E4ECA49
C:\windows\System32\DRIVERS\avgldx86.sys 9AFD535116E986D49877B811F3665E8E
C:\windows\System32\DRIVERS\avglogx.sys D94378757947E02AE9BC484DF196A44D
C:\windows\System32\DRIVERS\avgmfx86.sys 35DD83C14AA01F4817BA46A4D6B6A520
C:\windows\System32\DRIVERS\avgrkx86.sys F016B95273E0B1961F204F7FD2FFD811
C:\windows\System32\DRIVERS\avgtdix.sys 5A22A7A67BFB67D3223B7A339FC97780
C:\windows\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\windows\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\windows\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\windows\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\windows\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\windows\System32\DRIVERS\ssudbus.sys 50D5624BB26AF7EAE92EF95F3C6E3CE7
C:\windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\windows\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\windows\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\windows\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\windows\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\windows\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\windows\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\windows\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\windows\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\windows\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\windows\System32\DRIVERS\gameenum.sys 065639773D8B03F33577F6CDAEA21063
C:\windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\windows\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9
C:\windows\system32\Drivers\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\windows\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\windows\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\windows\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\windows\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\windows\System32\DRIVERS\kbdhid.sys 9EF487A186DEA361AA06913A75B3FA99
C:\windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\windows\system32\Drivers\KSecDD.sys 1705745D900DABF2D89F90EBADDC7517
C:\windows\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\windows\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\windows\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\windows\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\windows\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\windows\System32\DRIVERS\mrxsmb.sys 68755F0FF16070178B54674FE5B847B0
C:\windows\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\windows\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\windows\system32\Drivers\Mup.sys 2F625D11385B1A94360BFC70AAEFDEE1
C:\windows\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\windows\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\windows\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\windows\System32\DRIVERS\ndistapi.sys 1AB3D00C991AB086E69DB84B6C0ED78F
C:\windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\windows\system32\Drivers\NDProxy.sys 6215023940CFD3702B46ABC304E1D45A
C:\windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\windows\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\windows\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\windows\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\windows\System32\DRIVERS\nv4_mini.sys 7C56F3FD65B2BDB315CA3605A5392D7B
C:\windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\windows\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\windows\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\windows\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\windows\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\windows\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\windows\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\windows\system32\Drivers\RDPWD.sys 6728E45B66F93C08F11DE2E316FC70DD
C:\windows\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\windows\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\windows\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\windows\System32\DRIVERS\sisnic.sys 3FBB6EF8B5A71A2FA11F5F461BB73219
C:\windows\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\windows\System32\drivers\smwdm.sys FA3368A7039F5ABAA4B933703AC34763
C:\windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\windows\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\windows\System32\DRIVERS\srv.sys 5252605079810904E31C332E241CD59B
C:\windows\System32\DRIVERS\ssadbus.sys BB6EDB0257860083193CC1581AC7D485
C:\windows\System32\DRIVERS\ssadmdfl.sys 5BCB68F7B62159C07789D3F405750623
C:\windows\System32\DRIVERS\ssadmdm.sys 1588A89F9CD9E68DE9FCC9F60FDB5C08
C:\windows\System32\DRIVERS\ssadserd.sys 9EFD9F42795C9E90206C1E9A9B25E8D3
C:\windows\System32\DRIVERS\ssudmdm.sys 9359AB8BEA059222742345ED63147222
C:\windows\System32\drivers\STAC97.sys EE74E3B1B521CEF8E8C9D008E4BDB45C
C:\windows\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\windows\System32\DRIVERS\tcpip.sys 93EA8D04EC73A85DB02EB8805988F733
C:\windows\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\windows\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\windows\System32\DRIVERS\uagp35.sys D85938F272D1BCF3DB3A31FC0A048928
C:\windows\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\windows\System32\drivers\usbaudio.sys E919708DB44ED8543A7C017953148330
C:\windows\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8
C:\windows\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7
C:\windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
C:\windows\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\windows\System32\Drivers\usbvideo.sys 63BBFCA7F390F4C49ED4B96BFB1633E0
C:\windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\windows\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\windows\System32\DRIVERS\Wdf01000.sys FD47474BD21794508AF449D9D91AF6E6
C:\windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\windows\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\windows\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 20:03 - 2015-01-07 20:03 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\FRST-OlderVersion
2015-01-07 19:59 - 2015-01-07 19:59 - 00024877 _____ () C:\ComboFix.txt
2015-01-07 19:59 - 2015-01-07 19:59 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\temp
2015-01-07 19:59 - 2015-01-07 19:59 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-01-07 19:59 - 2015-01-07 19:59 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-01-07 19:48 - 2015-01-07 20:04 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\temp
2015-01-07 17:07 - 2015-01-07 17:13 - 00297425 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\TD.amx
2015-01-07 17:07 - 2015-01-07 17:13 - 00131858 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\TD.pwn
2015-01-07 17:06 - 2015-01-07 17:06 - 00032865 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\TD.rar
2015-01-07 13:49 - 2015-01-07 13:49 - 00025771 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\ComboFix.txt
2015-01-07 13:46 - 2015-01-07 13:46 - 00002962 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\ComboFix-quarantined-files.txt
2015-01-07 13:40 - 2015-01-07 13:40 - 00002417 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Add-Remove Programs.txt
2015-01-07 13:29 - 2015-01-07 19:49 - 00008192 ____H () C:\windows\system32\config\SECURITY.tmp.LOG
2015-01-07 13:29 - 2015-01-07 13:29 - 00000000 ____H () C:\windows\system32\config\system.tmp.LOG
2015-01-07 13:29 - 2015-01-07 13:29 - 00000000 ____H () C:\windows\system32\config\software.tmp.LOG
2015-01-07 13:29 - 2015-01-07 13:29 - 00000000 ____H () C:\windows\system32\config\SAM.tmp.LOG
2015-01-07 13:29 - 2015-01-07 13:29 - 00000000 ____H () C:\windows\system32\config\default.tmp.LOG
2015-01-07 12:52 - 2015-01-07 19:59 - 00000000 ____D () C:\Qoobox
2015-01-07 12:14 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-07 12:14 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-07 12:14 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-07 12:14 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-07 12:14 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-07 12:14 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2015-01-07 12:14 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-07 12:14 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-07 12:14 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-07 12:13 - 2015-01-07 19:48 - 00000000 ____D () C:\windows\erdnt
2015-01-07 12:12 - 2015-01-07 12:12 - 05609673 ____R (Swearware) C:\Documents and Settings\Miljan Ilic\Desktop\ComboFix.exe
2015-01-07 12:11 - 2015-01-07 12:11 - 00197632 _____ (SingularLabs) C:\Documents and Settings\Miljan Ilic\Desktop\OldChromeRemover-0.5.exe
2015-01-07 11:26 - 2015-01-07 11:26 - 00001279 _____ () C:\Radio.amx
2015-01-07 11:04 - 2015-01-07 16:33 - 00001567 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Radio.amx
2015-01-07 10:58 - 2015-01-07 16:33 - 00001726 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Radio.pwn
2015-01-07 10:17 - 2015-01-07 10:17 - 00000000 __HDC () C:\windows\$NtUninstallWdf01005$
2015-01-07 10:17 - 2015-01-07 10:17 - 00000000 ____H () C:\windows\system32\Drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2015-01-07 10:17 - 2015-01-07 10:17 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_ssadadb_01005.Wdf
2015-01-07 10:17 - 2006-10-08 21:51 - 00023856 _____ (Microsoft Corporation) C:\windows\system32\spupdsvc.exe
2015-01-07 10:17 - 2006-10-08 21:51 - 00014640 ____N (Microsoft Corporation) C:\windows\system32\spmsg.dll
2015-01-07 10:12 - 2015-01-07 10:17 - 00007845 _____ () C:\windows\Wdf01005Inst.log
2015-01-07 02:14 - 2015-01-07 02:14 - 00046974 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Shortcut.txt
2015-01-07 02:12 - 2015-01-07 02:15 - 00023729 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Addition.txt
2015-01-07 02:10 - 2015-01-07 20:04 - 00021846 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\FRST.txt
2015-01-07 02:10 - 2015-01-07 20:04 - 00000000 ____D () C:\FRST
2015-01-07 01:53 - 2015-01-07 20:03 - 01115648 _____ (Farbar) C:\Documents and Settings\Miljan Ilic\Desktop\FRST.exe
2015-01-07 01:29 - 2015-01-07 11:55 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2015-01-07 01:23 - 2015-01-07 01:24 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Avg_Update_1014av
2015-01-07 01:23 - 2015-01-07 01:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_1014av
2015-01-07 00:14 - 2015-01-07 00:14 - 02347384 _____ (ESET) C:\Documents and Settings\Miljan Ilic\Desktop\esetsmartinstaller_enu.exe
2015-01-06 21:32 - 2015-01-06 21:35 - 22559042 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Jingle Bells - Popular Christmas Songs For Kids.wav
2015-01-06 21:03 - 2015-01-06 21:05 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\pawno
2015-01-06 18:14 - 2013-07-09 04:21 - 225587255 ____N () C:\Documents and Settings\Miljan Ilic\Desktop\PDA_S5830i_XXMD1.tar.md5
2015-01-06 18:14 - 2013-07-09 04:21 - 11540537 ____N () C:\Documents and Settings\Miljan Ilic\Desktop\MODEM_S5830i_XXMD1.tar.md5
2015-01-06 18:14 - 2013-07-09 04:21 - 07403576 ____N () C:\Documents and Settings\Miljan Ilic\Desktop\CSC_S5830i_BTUMD1.tar.md5
2015-01-06 18:07 - 2015-01-06 18:14 - 141640427 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\S5830i_XXMD1_BTUMD1_XXMD1_by_SplitFUS2.zip
2015-01-06 17:27 - 2015-01-06 17:27 - 00203676 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Odin3-v1.85.zip
2015-01-06 16:34 - 2013-12-26 06:41 - 00184248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudmdm.sys
2015-01-06 16:34 - 2013-12-26 06:41 - 00088632 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudbus.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 01418432 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01005.dll
2015-01-06 16:30 - 2013-12-26 06:41 - 01418432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfCoInstaller01005.dll
2015-01-06 16:30 - 2013-12-26 06:41 - 00153672 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdm.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 00136904 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadbus.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 00130248 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadserd.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 00032064 _____ (Google Inc) C:\windows\system32\Drivers\ssadadb.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 00017864 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdfl.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 00015560 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadcmnt.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 00015560 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadcm.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 00015304 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadwhnt.sys
2015-01-06 16:30 - 2013-12-26 06:41 - 00015304 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadwh.sys
2015-01-06 16:27 - 2015-01-06 16:54 - 00091891 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\S5830IXXMC1_S5830IODDLK1_INU.zip
2015-01-06 16:21 - 2015-01-06 16:22 - 15477848 _____ (SAMSUNG Electronics Co., Ltd.) C:\Documents and Settings\Miljan Ilic\Desktop\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.33.0.exe
2015-01-06 12:11 - 2015-01-06 12:13 - 00000000 ____D () C:\Program Files\PhotoZoom Pro 5
2015-01-06 12:11 - 2015-01-06 12:11 - 00000768 _____ () C:\Documents and Settings\All Users\Desktop\PhotoZoom Pro 5.lnk
2015-01-05 23:01 - 2014-04-07 17:16 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\Bosna RolePlay 0.3z
2015-01-05 15:22 - 2015-01-05 15:58 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\Game Hosting Files
2015-01-04 21:53 - 2013-09-28 09:20 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\Anti DDos
2015-01-04 20:00 - 2015-01-04 20:00 - 00172301 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\ts3_clientui-win32-1407159763-2015-01-04 20_00_50.390625.dmp
2015-01-04 11:30 - 2015-01-04 12:35 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\San Diego RolePlay
2015-01-03 21:52 - 2015-01-03 22:05 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\.zenmap
2015-01-03 21:51 - 2015-01-03 21:51 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\Nmap
2015-01-03 21:50 - 2015-01-03 21:51 - 00000000 ____D () C:\Program Files\Nmap
2015-01-03 20:32 - 2015-01-03 20:35 - 00000000 ____D () C:\My Web Sites
2015-01-03 20:32 - 2015-01-03 20:32 - 00000000 ____D () C:\Program Files\WinHTTrack
2015-01-03 20:32 - 2015-01-03 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinHTTrack
2015-01-03 19:52 - 2015-01-03 19:52 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-03 19:52 - 2015-01-03 19:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sun
2015-01-03 19:51 - 2015-01-03 19:51 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Oracle
2015-01-03 19:50 - 2015-01-03 19:50 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Sun
2015-01-03 19:50 - 2015-01-03 19:49 - 00146432 _____ (Oracle Corporation) C:\windows\system32\javacpl.cpl
2015-01-03 19:50 - 2015-01-03 19:49 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-01-03 19:49 - 2015-01-03 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-01-03 19:48 - 2015-01-03 19:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2015-01-03 19:48 - 2015-01-03 19:48 - 00000000 ____D () C:\Program Files\Java
2015-01-03 19:46 - 2015-01-03 19:46 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Sun
2015-01-03 19:43 - 2015-01-03 19:43 - 00000000 ____D () C:\Program Files\DirBuster
2015-01-03 19:43 - 2015-01-03 19:43 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\DirBuster
2015-01-03 12:42 - 2015-01-03 12:42 - 00000104 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\Shortcut to Internet.lnk
2015-01-02 22:31 - 2015-01-03 16:04 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Kometa
2015-01-02 22:27 - 2015-01-02 22:27 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Вoйти в Интeрнет 2inf.net
2015-01-02 22:22 - 2015-01-02 22:22 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\MailRu
2015-01-02 22:21 - 2015-01-02 22:21 - 00000000 ____D () C:\windows\system32\GroupPolicy
2015-01-02 22:20 - 2015-01-02 22:20 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Поиcк в Интeрнете
2015-01-02 22:19 - 2015-01-03 12:40 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\eTranslator
2015-01-02 22:18 - 2015-01-07 01:07 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\SystemDir
2015-01-02 22:16 - 2015-01-03 12:42 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Mail.Ru
2015-01-02 18:03 - 2015-01-02 18:04 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\Pamela
2015-01-02 18:03 - 2015-01-02 18:04 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Pamela
2015-01-02 18:03 - 2015-01-02 18:03 - 00197632 _____ (PamConsult GmbH) C:\windows\system32\RemoteControl.dll
2015-01-02 18:03 - 2015-01-02 18:03 - 00000000 ____D () C:\Program Files\Pamela
2015-01-02 18:03 - 2015-01-02 18:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Pamela
2015-01-02 17:45 - 2015-01-02 17:45 - 01666640 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\ts3_recording_15_01_02_17_44_53.wav
2015-01-02 13:26 - 2015-01-07 10:22 - 00000000 ____D () C:\Program Files\PawnPlus
2015-01-02 13:26 - 2015-01-07 10:22 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\PawnPlus
2015-01-02 13:26 - 2015-01-02 13:26 - 00000682 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\PawnPlus.lnk
2015-01-02 13:26 - 2015-01-02 13:26 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\PawnPlus
2015-01-02 13:26 - 2015-01-02 13:26 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\PawnPlus
2014-12-31 17:57 - 2014-12-31 17:57 - 00000000 ____D () C:\Program Files\AC3Filter
2014-12-31 17:57 - 2014-12-31 17:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AC3Filter
2014-12-31 17:57 - 2013-04-05 21:26 - 01679360 _____ () C:\windows\system32\ac3filter.acm
2014-12-31 17:51 - 2014-12-31 17:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\GRETECH
2014-12-31 17:50 - 2014-12-31 17:50 - 00000856 _____ () C:\Documents and Settings\Miljan Ilic\Start Menu\GOM Player.lnk
2014-12-31 17:50 - 2014-12-31 17:50 - 00000000 ____D () C:\Program Files\GRETECH
2014-12-31 17:50 - 2014-12-31 17:50 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\GRETECH
2014-12-31 17:50 - 2014-12-31 17:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\GOM Player
2014-12-31 15:01 - 2014-12-31 15:02 - 05437423 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\LARP By Teo .rar
2014-12-28 14:23 - 2014-12-28 14:23 - 00000000 ____D () C:\Internet
2014-12-28 14:21 - 2014-12-28 14:21 - 00000000 ____D () C:\Program Files\Offline Downloader
2014-12-28 14:21 - 2014-12-28 14:21 - 00000000 ____D () C:\install
2014-12-28 14:21 - 2014-12-28 14:21 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\Offline Downloader
2014-12-28 14:15 - 2015-01-07 01:08 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\TempImg
2014-12-28 14:15 - 2014-12-28 14:15 - 00000000 ____D () C:\Program Files\Full WebSite Downloader
2014-12-27 22:45 - 2015-01-01 14:23 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\cPanel
2014-12-27 20:54 - 2014-12-27 20:53 - 00090112 _____ () C:\windows\Minidump\Mini122714-01.dmp
2014-12-27 13:36 - 2015-01-04 20:12 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\TS3Client
2014-12-27 13:36 - 2014-12-27 13:36 - 00000837 _____ () C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk
2014-12-27 13:36 - 2014-12-27 13:36 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-12-27 13:36 - 2014-12-27 13:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamSpeak 3 Client
2014-12-26 21:36 - 2014-12-26 22:51 - 00003216 _____ () C:\serverporuke.amx
2014-12-26 18:25 - 2014-12-26 18:25 - 00000000 ___HD () C:\windows\PIF
2014-12-26 17:51 - 2014-12-27 17:56 - 00001456 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Adobe Save for Web 13.0 Prefs
2014-12-26 16:39 - 2014-12-26 17:41 - 00000132 _____ () C:\Documents and Settings\Miljan Ilic\Application Data\Adobe PNG Format CS6 Prefs
2014-12-26 16:06 - 2014-12-26 16:06 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\NVIDIA
2014-12-26 16:02 - 2014-12-26 16:02 - 00000854 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-12-26 16:02 - 2014-12-26 16:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
2014-12-26 16:01 - 2014-12-26 16:01 - 00000816 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-12-26 15:59 - 2014-12-26 16:01 - 00000000 ____D () C:\Program Files\Adobe
2014-12-26 15:59 - 2014-12-26 15:59 - 00001144 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-12-26 15:59 - 2014-12-26 15:59 - 00001000 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-12-25 22:10 - 2014-12-25 22:10 - 00002765 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\recently-used.xbel
2014-12-25 21:36 - 2014-12-25 22:10 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\gtk-2.0
2014-12-25 21:36 - 2014-12-25 21:36 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\.thumbnails
2014-12-25 21:33 - 2014-12-27 20:57 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\.gimp-2.8
2014-12-25 21:33 - 2014-12-25 21:33 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\gegl-0.2
2014-12-25 21:33 - 2014-12-25 21:33 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\fontconfig
2014-12-25 21:32 - 2014-12-25 21:32 - 00000734 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\GIMP 2.lnk
2014-12-25 21:27 - 2014-12-25 21:32 - 00000000 ____D () C:\Program Files\GIMP 2
2014-12-25 18:31 - 2014-12-26 17:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-12-25 18:31 - 2014-12-26 16:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-25 18:31 - 2014-12-25 18:31 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Macromedia
2014-12-25 18:30 - 2014-12-26 17:51 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Adobe
2014-12-24 23:19 - 2014-12-24 23:19 - 00000000 ____D () C:\New folder
2014-12-24 22:40 - 2015-01-07 19:35 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Skype
2014-12-24 22:40 - 2015-01-07 16:24 - 00002267 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-12-24 22:40 - 2014-12-24 22:40 - 00000000 ___RD () C:\Program Files\Skype
2014-12-24 22:40 - 2014-12-24 22:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-12-24 22:40 - 2014-12-24 22:40 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Skype
2014-12-24 22:40 - 2014-12-24 22:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-12-24 22:39 - 2014-12-24 22:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-12-24 22:34 - 2008-04-14 00:16 - 00010880 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ndisip.sys
2014-12-24 22:34 - 2008-04-14 00:16 - 00010880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NdisIP.sys
2014-12-24 22:34 - 2008-04-14 00:09 - 00005504 ____C (Microsoft Corporation) C:\windows\system32\dllcache\mstee.sys
2014-12-24 22:34 - 2008-04-14 00:09 - 00005504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\MSTEE.sys
2014-12-24 22:33 - 2008-04-14 05:42 - 00091136 ____C (Microsoft Corporation) C:\windows\system32\dllcache\kswdmcap.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\kswdmcap.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00061952 ____C (Microsoft Corporation) C:\windows\system32\dllcache\kstvtune.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\kstvtune.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00053760 ____C (Microsoft Corporation) C:\windows\system32\dllcache\vfwwdm32.dll
2014-12-24 22:33 - 2008-04-14 05:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\vfwwdm32.dll
2014-12-24 22:33 - 2008-04-14 05:42 - 00043008 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ksxbar.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\ksxbar.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00028672 ____C (Microsoft Corporation) C:\windows\system32\dllcache\vidcap.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\vidcap.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00020992 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dshowext.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\dshowext.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00016384 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ipsink.ax
2014-12-24 22:33 - 2008-04-14 05:42 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ipsink.ax
2014-12-24 22:33 - 2008-04-14 00:16 - 00121984 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbvideo.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00121984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00085248 ____C (Microsoft Corporation) C:\windows\system32\dllcache\nabtsfec.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00085248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NABTSFEC.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00019200 ____C (Microsoft Corporation) C:\windows\system32\dllcache\wstcodec.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00019200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WSTCODEC.SYS
2014-12-24 22:33 - 2008-04-14 00:16 - 00017024 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ccdecode.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00017024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CCDECODE.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00015232 ____C (Microsoft Corporation) C:\windows\system32\dllcache\streamip.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00015232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\StreamIP.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00011136 ____C (Microsoft Corporation) C:\windows\system32\dllcache\slip.sys
2014-12-24 22:33 - 2008-04-14 00:16 - 00011136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\SLIP.sys
2014-12-24 22:33 - 2008-04-14 00:15 - 00060032 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbaudio.sys
2014-12-24 22:33 - 2008-04-14 00:15 - 00060032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2014-12-24 16:16 - 2014-12-24 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Lightshot
2014-12-24 14:54 - 2015-01-03 22:05 - 00000000 ____D () C:\Program Files\Steam
2014-12-24 14:54 - 2014-12-24 14:54 - 00000638 _____ () C:\Documents and Settings\All Users\Desktop\Steam.lnk
2014-12-24 14:54 - 2014-12-24 14:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Steam
2014-12-21 16:27 - 2014-12-21 16:38 - 00000600 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\PUTTY.RND
2014-12-19 15:57 - 2014-12-19 15:58 - 00617731 _____ () C:\Documents and Settings\Miljan Ilic\Desktop\GtaTheme.zip
2014-12-18 20:51 - 2015-01-04 18:27 - 00000000 ____D () C:\Program Files\Counter-Strike v42
2014-12-17 20:57 - 2015-01-06 23:18 - 00000000 ____D () C:\Program Files\TeamViewer
2014-12-17 20:57 - 2014-12-21 11:38 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\TeamViewer
2014-12-17 20:57 - 2014-12-17 20:57 - 00000706 _____ () C:\Documents and Settings\All Users\Desktop\TeamViewer 10.lnk
2014-12-17 20:57 - 2014-12-17 20:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 10
2014-12-14 20:47 - 2014-12-14 20:47 - 03212404 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zp_resources (1).zip
2014-12-14 20:47 - 2014-12-14 20:47 - 00168189 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zp_plugin_43 (1).zip
2014-12-14 20:44 - 2014-12-14 20:44 - 00168189 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zp_plugin_43.zip
2014-12-14 20:44 - 2014-12-14 20:44 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\zp_plugin_43
2014-12-14 20:34 - 2014-12-14 20:34 - 03212404 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zp_resources.zip
2014-12-14 19:36 - 2014-12-17 19:35 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Desktop\Zombie Plague Mod
2014-12-13 13:14 - 2014-12-13 13:14 - 07192245 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (13).php
2014-12-13 13:12 - 2015-01-07 19:54 - 00000000 ___RD () C:\Documents and Settings\Miljan Ilic\My Documents\Dropbox
2014-12-13 13:10 - 2014-12-13 13:10 - 00000000 ____D () C:\Program Files\Dropbox
2014-12-13 13:10 - 2014-12-13 13:10 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Start Menu\Programs\Dropbox
2014-12-13 13:06 - 2014-12-13 13:08 - 46882168 _____ (Dropbox, Inc.) C:\Documents and Settings\Miljan Ilic\My Documents\Dropbox 3.0.3.exe
2014-12-13 13:05 - 2015-01-07 19:54 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Dropbox
2014-12-13 13:05 - 2014-12-13 13:05 - 00324224 _____ (Dropbox, Inc.) C:\Documents and Settings\Miljan Ilic\My Documents\DropboxInstaller.exe
2014-12-13 11:06 - 2014-12-13 11:06 - 00224630 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\grenade_2.7z
2014-12-13 09:46 - 2014-12-13 09:46 - 04176782 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (12).php
2014-12-13 09:45 - 2014-12-13 09:45 - 04184320 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (11).php
2014-12-12 22:38 - 2014-12-12 22:38 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\de_dust2_xmas
2014-12-12 22:28 - 2014-12-12 22:28 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\cs_go_huntsman (1)
2014-12-12 22:27 - 2014-12-12 22:27 - 01715816 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\cs_go_huntsman (1).rar
2014-12-12 21:52 - 2014-12-12 21:55 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\models
2014-12-12 21:52 - 2013-03-01 00:53 - 00000211 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\motd.txt
2014-12-12 21:52 - 2012-06-07 10:27 - 00000372 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\Atenç▌o!.txt
2014-12-12 21:50 - 2014-12-12 21:51 - 03820253 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\Gold Pack [CsLoVersPrO.Blogspot.Com].zip
2014-12-12 21:44 - 2012-08-21 21:23 - 00022180 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\p_deagle.mdl
2014-12-12 21:44 - 2012-08-21 21:22 - 00020572 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\w_deagle.mdl
2014-12-12 21:44 - 2012-08-21 21:19 - 00238528 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\v_deagle.mdl
2014-12-12 21:44 - 2012-08-20 13:07 - 00023332 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\p_m4a1.mdl
2014-12-12 21:44 - 2012-08-20 13:07 - 00021780 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\w_m4a1.mdl
2014-12-12 21:44 - 2012-08-20 13:05 - 00377212 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\v_m4a1.mdl
2014-12-12 21:44 - 2012-08-17 21:10 - 00039204 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\p_ak47.mdl
2014-12-12 21:44 - 2012-08-17 21:10 - 00037596 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\w_ak47.mdl
2014-12-12 21:44 - 2012-08-17 21:08 - 00295128 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\v_ak47.mdl
2014-12-12 21:12 - 2014-12-12 21:12 - 01847103 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zlote_bronie.rar
2014-12-12 21:12 - 2014-12-12 21:12 - 01847103 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\zlote_bronie (1).rar
2014-12-12 19:13 - 2014-12-12 19:13 - 00438510 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\underground_retex_gol_desert_eagle.rar
2014-12-12 19:09 - 2014-12-12 19:09 - 01715816 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\cs_go_huntsman.rar
2014-12-12 18:56 - 2014-12-12 18:56 - 00002289 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\SantaHat.amxx
2014-12-12 18:55 - 2014-12-12 18:55 - 00061615 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\santa_hat (1).zip
2014-12-12 18:43 - 2014-12-12 18:43 - 00140886 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\v_ak47_75.rar
2014-12-12 18:24 - 2014-12-12 18:25 - 00000000 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\new_weapons.ini
2014-12-12 18:22 - 2014-12-12 18:22 - 00011052 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\GHW_Weapon_Replacement.amxx
2014-12-12 18:16 - 2014-12-12 18:16 - 00007798 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\players_models.amxx
2014-12-12 17:53 - 2014-12-12 17:53 - 01704099 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\real_c4.rar
2014-12-12 17:26 - 2014-12-12 17:27 - 16626808 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\cs-restart-darkshinestudio.rar
2014-12-11 20:14 - 2014-12-11 20:14 - 00061615 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\santa_hat.zip
2014-12-11 20:14 - 2007-10-14 11:15 - 00106912 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\santa_hat.mdl
2014-12-11 20:03 - 2014-12-11 20:04 - 06106089 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\ctpackzandarmerija.rar
2014-12-11 18:57 - 2014-12-11 18:58 - 00900022 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\de_dust2_2x2_winter.zip
2014-12-11 18:55 - 2014-12-11 18:55 - 01491231 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\cs-2666-de_dust2_snow.zip
2014-12-11 18:33 - 2014-12-11 18:33 - 00610189 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\net2ftp-1418319180.zip
2014-12-11 18:32 - 2014-12-11 18:32 - 00610189 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\net2ftp-1418319111.zip
2014-12-11 16:48 - 2014-12-11 16:48 - 00000040 _____ () C:\Autoconfig.ini
2014-12-11 16:47 - 2013-06-01 06:13 - 01571160 ____N () C:\windows\TotalUninstaller.exe
2014-12-11 16:47 - 2013-05-10 10:48 - 00162136 _____ () C:\windows\system32\spe__ci.exe
2014-12-11 16:47 - 2012-11-17 09:29 - 00000363 _____ () C:\windows\system32\spe__l.smt
2014-12-11 16:47 - 2011-04-11 06:26 - 00024064 _____ () C:\windows\system32\spe__l.dll
2014-12-11 16:47 - 2010-10-20 09:49 - 00065536 _____ (SS) C:\windows\system32\spe__ci.dll
2014-12-11 16:44 - 2014-12-11 16:44 - 21335600 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\SamsungUniversalPrintDriver2.exe
2014-12-11 16:40 - 2008-04-14 00:17 - 00025856 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbprint.sys
2014-12-11 16:40 - 2008-04-14 00:17 - 00025856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2014-12-11 16:38 - 2015-01-06 16:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Samsung
2014-12-11 16:37 - 2014-12-11 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Samsung Printers
2014-12-11 16:37 - 2014-12-11 16:37 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Samsung
2014-12-11 16:35 - 2014-12-11 16:35 - 00000000 ____D () C:\Program Files\Common Files\Common Desktop Agent
2014-12-11 16:33 - 2015-01-06 16:29 - 00000000 ____D () C:\Program Files\Samsung
2014-12-11 16:30 - 2014-12-11 16:31 - 41655568 _____ (Samsung Electronics Co., Ltd.) C:\Documents and Settings\Miljan Ilic\My Documents\EPM_V1.05.58.01.exe
2014-12-11 16:10 - 2014-12-11 16:10 - 00003813 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\Admin Connect v2.rar
2014-12-11 16:10 - 2012-09-10 14:29 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\Admin Connect v2
2014-12-11 15:22 - 2014-12-11 15:24 - 00003585 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\webbans.html
2014-12-11 15:22 - 2014-12-11 15:22 - 00001085 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\webbans.rar
2014-12-11 15:15 - 2014-12-11 15:15 - 00029163 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\mdb_ban_system.amxx
2014-12-11 14:09 - 2014-12-11 14:09 - 01567036 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\bgp_r0-devel-beta8.zip
2014-12-11 14:09 - 2014-12-11 14:09 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\bgp_r0-devel-beta8
2014-12-11 13:45 - 2014-12-11 13:45 - 00067258 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\monsta_ftp_v1.4.7_install (1).zip
2014-12-11 13:45 - 2014-12-11 13:45 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\monsta_ftp_v1.4.7_install
2014-12-10 13:47 - 2014-12-10 13:47 - 00291457 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (10).php
2014-12-10 00:15 - 2014-12-10 00:15 - 00001064 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (8).php
2014-12-10 00:15 - 2014-12-10 00:15 - 00000335 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (9).php
2014-12-10 00:14 - 2014-12-10 00:14 - 00001072 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (7).php
2014-12-10 00:11 - 2014-12-10 00:11 - 00000957 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (6).php
2014-12-09 23:49 - 2014-12-09 23:49 - 00001187 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (5).php
2014-12-08 21:30 - 2014-12-08 21:30 - 00056665 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (4).php
2014-12-08 21:28 - 2014-12-08 21:28 - 00032854 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (3).php
2014-12-08 21:25 - 2015-01-04 19:50 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\images
2014-12-08 21:25 - 2014-12-11 13:45 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\skins
2014-12-08 21:25 - 2014-12-11 13:45 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\languages
2014-12-08 21:25 - 2014-12-08 21:25 - 00067258 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\monsta_ftp_v1.4.7_install.zip
2014-12-08 21:25 - 2014-10-24 11:12 - 00043698 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\ajax.js
2014-12-08 21:25 - 2014-10-24 11:12 - 00006323 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\style.css
2014-12-08 21:25 - 2014-10-24 11:12 - 00000430 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\README.txt
2014-12-08 21:14 - 2014-12-08 21:14 - 00056665 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (2).php
2014-12-08 20:31 - 2014-12-08 20:31 - 00056665 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\index (1).php
2014-12-08 18:50 - 2014-12-08 18:50 - 00000000 ____D () C:\Program Files\Mobi Biz Card Sites
2014-12-08 18:50 - 2014-12-08 18:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mobi BizCard Site Builder
2014-12-08 18:48 - 2014-12-08 18:49 - 03099751 _____ () C:\Documents and Settings\Miljan Ilic\My Documents\Mobi-Builder-Installer.zip
2014-12-08 17:32 - 2014-12-08 17:32 - 00098304 _____ () C:\windows\Minidump\Mini120814-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 19:56 - 2014-11-21 20:53 - 00303217 _____ () C:\windows\WindowsUpdate.log
2015-01-07 19:51 - 2008-04-14 13:00 - 00000257 _____ () C:\windows\system.ini
2015-01-07 19:50 - 2014-11-23 12:31 - 00000386 _____ () C:\windows\Tasks\Opera scheduled Autoupdate 1416742248.job
2015-01-07 19:50 - 2014-11-21 21:38 - 00000157 _____ () C:\windows\wiadebug.log
2015-01-07 19:50 - 2014-11-21 21:38 - 00000048 _____ () C:\windows\wiaservc.log
2015-01-07 19:50 - 2014-11-21 20:59 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-07 19:49 - 2014-11-21 21:34 - 00057344 _____ () C:\windows\system32\config\SECURITY.bak
2015-01-07 19:49 - 2014-11-21 21:34 - 00028672 _____ () C:\windows\system32\config\SAM.bak
2015-01-07 19:49 - 2014-11-21 21:33 - 26476544 _____ () C:\windows\system32\config\software.bak
2015-01-07 19:49 - 2014-11-21 21:33 - 04980736 _____ () C:\windows\system32\config\system.bak
2015-01-07 19:49 - 2014-11-21 21:33 - 00397312 _____ () C:\windows\system32\config\default.bak
2015-01-07 19:29 - 2014-11-21 20:59 - 00032578 _____ () C:\windows\SchedLgU.Txt
2015-01-07 19:26 - 2014-11-23 12:23 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-07 19:26 - 2014-11-21 21:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2015-01-07 17:59 - 2014-12-01 20:30 - 00000388 _____ () C:\windows\Tasks\update-sys.job
2015-01-07 16:27 - 2014-12-01 20:30 - 00000388 _____ () C:\windows\Tasks\update-S-1-5-21-507921405-879983540-1417001333-1003.job
2015-01-07 16:18 - 2014-11-21 22:18 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-01-07 15:15 - 2014-11-21 21:01 - 00000178 ___SH () C:\Documents and Settings\Miljan Ilic\ntuser.ini
2015-01-07 13:49 - 2014-11-21 20:59 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-07 12:11 - 2014-11-23 14:11 - 00000600 _____ () C:\Documents and Settings\Miljan Ilic\Application Data\winscp.rnd
2015-01-07 10:18 - 2014-11-21 21:34 - 00470272 _____ () C:\windows\setupapi.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00056533 _____ () C:\windows\iis6.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00018615 _____ () C:\windows\ocgen.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00017954 _____ () C:\windows\comsetup.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00017720 _____ () C:\windows\FaxSetup.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00013623 _____ () C:\windows\tsoc.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00012226 _____ () C:\windows\msmqinst.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00009218 _____ () C:\windows\ntdtcsetup.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00003873 _____ () C:\windows\netfxocm.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00001912 _____ () C:\windows\MedCtrOC.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00001563 _____ () C:\windows\tabletoc.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00001355 _____ () C:\windows\imsins.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00001227 _____ () C:\windows\ocmsn.log
2015-01-07 10:17 - 2014-11-21 21:35 - 00001180 _____ () C:\windows\msgsocm.log
2015-01-07 10:17 - 2014-11-21 21:34 - 00174789 _____ () C:\windows\setupact.log
2015-01-07 01:44 - 2014-11-23 12:30 - 00000000 ____D () C:\Program Files\Opera
2015-01-07 01:08 - 2014-12-02 15:39 - 00000000 ____D () C:\Program Files\Power Sound Editor Free
2015-01-06 21:50 - 2014-12-02 15:39 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\Power Sound Editor Free
2015-01-06 14:41 - 2014-11-28 14:57 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\uTorrent
2015-01-06 12:11 - 2014-11-21 20:47 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2015-01-04 19:50 - 2014-12-07 18:15 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\My Documents\docs
2015-01-04 19:50 - 2014-11-28 18:18 - 00191488 ___SH () C:\Documents and Settings\Miljan Ilic\My Documents\Thumbs.db
2015-01-03 21:52 - 2014-11-21 21:01 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic
2015-01-03 17:08 - 2014-11-25 18:39 - 00000754 _____ () C:\windows\WORDPAD.INI
2015-01-02 20:13 - 2014-11-23 16:17 - 00000000 ____D () C:\windows\Microsoft.NET
2015-01-02 18:06 - 2014-11-21 21:35 - 00539546 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-31 09:16 - 2008-04-14 13:00 - 00002206 _____ () C:\windows\system32\wpa.dbl
2014-12-27 20:54 - 2014-12-04 04:33 - 00000000 ____D () C:\windows\Minidump
2014-12-27 19:40 - 2014-11-21 21:34 - 03617088 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-27 16:23 - 2014-11-21 21:45 - 00069648 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-12-27 15:18 - 2014-11-22 13:32 - 00000000 ____D () C:\Program Files\WinSCP
2014-12-26 18:00 - 2014-11-23 12:22 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\Adobe
2014-12-24 16:16 - 2014-12-01 20:30 - 00000413 _____ () C:\Documents and Settings\Miljan Ilic\Local Settings\Application Data\UserProducts.xml
2014-12-24 16:15 - 2014-12-01 20:29 - 00000000 ____D () C:\Program Files\Skillbrains
2014-12-18 21:34 - 2014-11-21 20:50 - 00025787 _____ () C:\windows\wmsetup.log
2014-12-09 21:12 - 2014-11-22 15:09 - 00000000 ____D () C:\Documents and Settings\Miljan Ilic\Application Data\KompoZer

Some content of TEMP:
====================
C:\Documents and Settings\Miljan Ilic\Local Settings\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqudur1.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 07 Jan 2015 21:02
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Arrow
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-507921405-879983540-1417001333-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

Hosts:
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: [S-1-5-21-507921405-879983540-1417001333-1004] ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.






------------------------------------------------






Arrow

Arrow Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Poslao: 07 Jan 2015 21:58
Idi na vrh
offline
  • Miljan Ilic
  • Pridružio: 18 Jun 2014
  • Poruke: 178

Evo Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-01-2015
Ran by Miljan Ilic at 2015-01-07 21:06:29 Run:1
Running from C:\Documents and Settings\Miljan Ilic\Desktop
Loaded Profiles: Miljan Ilic & UpdatusUser (Available profiles: Miljan Ilic & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-507921405-879983540-1417001333-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

Hosts:
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: [S-1-5-21-507921405-879983540-1417001333-1004] ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-507921405-879983540-1417001333-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
Error setting Default URLSearchHook.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
EmptyTemp: => Removed 3.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog 21:06:58 ====

Evo MBAR Log:

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
malwarebytes.org

Database version: v2015.01.07.13

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Miljan Ilic :: MINT [administrator]

7.1.2015 21:16:06
mbar-log-2015-01-07 (21-16-06).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 339686
Time elapsed: 31 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\7626913198 (Rogue.Multiple) -> Delete on reboot. [1386d81ce3a65dd90042f92dce36fa06]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

mycity.rs/must-login.png

Poslao: 08 Jan 2015 12:05
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
REG: reg query "HKLM\SOFTWARE\7626913198" /s
End

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

MyCity » Ambulanta -> Arhiva Ambulante » Ostadoh Bez RAM Memorije

Ko je trenutno na forumu
 

Ukupno su 1047 korisnika na forumu :: 49 registrovanih, 6 sakrivenih i 992 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Bokiboks, Boris90, ccoogg123, DPera, DragoslavS, dushan, Džordžino, esx66, hooraay, hyla, janbo, JOntra, Još malo pa deda, Kaplar2, Kibice, kolle.the.kid, Kubovac, ladro, laganini123, laki_bb, laurusri, ljuba, Luka Blažević, maiden6657, marsovac 2, mercedesamg, Mercury, Mi lao shu, milanovic, Miloš Popadić, Misirac, mrvica78, nikoladim, Nobunaga, operniki, ozzy, royst33, Srle993, stegonosa, Tas011, VJ, Vlada1389, Vlada78, zeo, Zerajic, zlaya011, šumar bk2, žeks62