Problem sa qvo6.com

1

Problem sa qvo6.com

offline
  • Pridružio: 19 Feb 2009
  • Poruke: 176
  • Gde živiš: Kucevo

Juce sam primetio nesto cudno u ponasanju racunara, hteo sam da skeniram ceo racunar sa AV ali nije reagovao na sekeniranje.
Mozila i IE mi se pokrecu sa ovom pocetnom stranicom: qvo6.com/?utm_source=b&utm_medium=a.....1372360861
Iako su mi podeseni sa se pokrecu drugacije(google).
Deinstalirao sam sve sto je u vezi ovog QVO6.
Hvala unapred!




DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
Run by Mile at 7:07:40 on 2013-06-28
Microsoft Windows 8 Pro 6.2.9200.0.1250.381.1033.18.2046.1160 [GMT 2:00]
.
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Windows\vVX3000.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Yontoo\Y2Desktop.Updater.exe
C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\PROGRA~1\DUMETE~1\DUMeter.exe
C:\Users\Mile\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=SAMSUNGXHD321KJ_S0MQJ1QP418130&ts=1372360861
uDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=SAMSUNGXHD321KJ_S0MQJ1QP418130&ts=1372360861
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=SAMSUNGXHD321KJ_S0MQJ1QP418130&ts=1372360861
mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=SAMSUNGXHD321KJ_S0MQJ1QP418130&ts=1372360861
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - LocalServer32 - <no file>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - LocalServer32 - <no file>
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DU Meter] "c:\program files\du meter\DUMeter.exe" /autostart
uRun: [Facebook Update] "c:\users\mile\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Viber] "c:\users\mile\appdata\local\viber\Viber.exe" StartMinimized
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Yontoo Desktop] "c:\users\mile\appdata\roaming\yontoo\YontooDesktop.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Everything] "c:\program files\everything\Everything.exe" -startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [adm_tray.exe] c:\program files\acronis\drivemonitor\adm_tray.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: disablecad = dword:1
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001021-0002-0021-ABCDEFFEDCBC} - <orphaned>
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
TCP: NameServer = 178.79.22.6 8.8.8.8
TCP: Interfaces\{6F2661E3-6C52-4950-A68E-94EA8D95514B} : DHCPNameServer = 178.79.22.6 8.8.8.8
TCP: Interfaces\{D648EED2-3651-4EA8-BB6A-4A2866D10BA3} : DHCPNameServer = 178.79.22.6 8.8.8.8
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
IFEO: sidebar.exe - c:\program files\windows sidebar\8GadgetPack.exe -run
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\mile\appdata\roaming\mozilla\firefox\profiles\zemk0e69.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - google.rs
FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\users\mile\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\mile\appdata\roaming\mozilla\firefox\profiles\zemk0e69.default\extensions\{7737c0bd-b92a-4f16-b1d7-9ac2bf967f48}\plugins\np-mswmp.dll
FF - plugin: c:\users\mile\appdata\roaming\mozilla\firefox\profiles\zemk0e69.default\extensions\{7d2fb79e-e58c-4db5-a36f-ac1c73967f4d}\plugins\npqbc.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: 2013-05-14 17:24; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
---- FIREFOX POLICIES ----
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
FF - user.js: extentions.y2layers.installId - 78322304-d309-453f-b1e5-df9aeb16982a
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2012-12-21 47568]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2012-12-21 171680]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2012-12-21 46056]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\astra32\astra32.sys [2007-2-22 30864]
R2 DUMeterSvc;DU Meter Service;c:\program files\du meter\DUMeterSvc.exe [2013-3-10 2385304]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2012-12-21 1333424]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-14 769432]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-2-9 383264]
R2 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\yontoo\Y2Desktop.Updater.exe [2013-5-29 23552]
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files\du meter\DUMetr32.sys [2013-3-10 19944]
R3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\drivers\Rt630x86.sys [2012-7-26 495104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-3 162408]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-6-4 84248]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2013-6-19 24944]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files\intel\intel(r) integrated clock controller service\ICCProxy.exe [2013-6-19 160256]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-6-4 181912]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudobex.sys [2013-6-4 181912]
.
=============== Created Last 30 ================
.
2013-06-27 19:21:22 -------- d-----w- c:\programdata\eSafe
2013-06-27 19:21:14 -------- d-----w- c:\users\mile\appdata\roaming\Desk 365
2013-06-27 19:21:14 -------- d-----w- c:\program files\Desk 365
2013-06-27 19:19:45 -------- d-----w- c:\users\mile\appdata\roaming\eIntaller
2013-06-25 11:15:54 -------- d-----w- c:\users\mile\appdata\roaming\Easeware
2013-06-25 11:15:47 -------- d-----w- c:\program files\Easeware
2013-06-25 10:45:24 -------- d-----w- c:\program files\Microsoft LifeCam
2013-06-25 10:41:04 -------- d-----w- c:\windows\system32\appmgmt
2013-06-25 09:48:12 -------- d-----w- c:\users\mile\appdata\roaming\KC Softwares
2013-06-25 09:47:54 -------- d-----w- c:\users\mile\appdata\local\Programs
2013-06-25 06:02:14 -------- d-----w- c:\programdata\AltrixSoft
2013-06-25 06:02:00 -------- d-----w- c:\program files\common files\AltrixSoft
2013-06-21 03:10:00 -------- dc----w- c:\users\mile\appdata\local\MigWiz
2013-06-19 20:09:22 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2013-06-19 20:05:06 -------- d-----w- c:\program files\GIGABYTE
2013-06-19 20:04:59 17488 ----a-w- c:\windows\gdrv.sys
2013-06-19 16:22:00 819648 ----a-w- c:\windows\system32\tadefxapo2.dll
2013-06-19 16:22:00 58264 ----a-w- c:\windows\system32\TepeqAPO.dll
2013-06-19 16:22:00 1725784 ----a-w- c:\windows\system32\WavesGUILib.dll
2013-06-19 16:22:00 1379760 ----a-w- c:\windows\system32\tosade.dll
2013-06-19 16:22:00 134584 ----a-w- c:\windows\system32\tadefxapo.dll
2013-06-13 04:52:47 16642560 ----a-w- c:\program files\common files\microsoft shared\microsoft camera codec pack\MicrosoftRawCodec.dll
2013-06-13 04:51:42 793088 ----a-w- c:\windows\system32\autochk.exe
2013-06-13 04:51:42 482816 ----a-w- c:\windows\system32\untfs.dll
2013-06-13 04:51:27 1801472 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-13 04:51:25 503808 ----a-w- c:\windows\system32\win32spl.dll
2013-06-09 08:10:21 -------- d-----w- c:\users\mile\appdata\roaming\TMInc
2013-06-04 13:09:38 2769624 ----a-w- c:\windows\system32\Hard Drive Inspector 4.15 Build 168.exe
2013-06-04 07:15:02 84248 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-06-04 07:15:02 181912 ----a-w- c:\windows\system32\drivers\ssudobex.sys
2013-06-04 07:15:02 181912 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-06-04 07:15:02 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-06-04 07:15:00 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2013-06-03 14:16:44 -------- d-----w- c:\users\mile\appdata\local\Adobe
.
==================== Find3M ====================
.
2013-06-04 22:09:22 78200 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-04 22:09:22 693112 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-23 23:27:25 1075200 ----a-w- c:\windows\system32\gdi32.dll
2013-05-15 22:37:03 44032 ----a-w- c:\windows\system32\UXInit.dll
2013-05-14 09:23:31 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-04 05:54:28 103176 ----a-w- c:\windows\system32\AuthHost.exe
2013-05-04 05:45:09 5575424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-04 05:20:57 362240 ----a-w- c:\windows\system32\drivers\USBHUB3.SYS
2013-05-04 05:20:54 238336 ----a-w- c:\windows\system32\drivers\spaceport.sys
2013-05-04 05:20:54 180488 ----a-w- c:\windows\system32\drivers\UCX01000.SYS
2013-05-04 04:58:34 34304 ----a-w- c:\windows\system32\wuapp.exe
2013-05-04 04:58:31 1150976 ----a-w- c:\windows\system32\VSSVC.exe
2013-05-04 04:58:14 758784 ----a-w- c:\windows\system32\Magnify.exe
2013-05-04 04:58:02 83968 ----a-w- c:\windows\system32\wudriver.dll
2013-05-04 04:58:02 215040 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2013-05-04 04:58:02 1555456 ----a-w- c:\windows\system32\wucltux.dll
2013-05-04 04:58:02 125952 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-04 04:57:49 10788864 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2013-05-04 04:57:39 8857088 ----a-w- c:\windows\system32\twinui.dll
2013-05-04 04:57:39 247296 ----a-w- c:\windows\system32\ubpm.dll
2013-05-04 04:57:36 1049600 ----a-w- c:\windows\system32\sysmain.dll
2013-05-04 04:57:35 303616 ----a-w- c:\windows\system32\stobject.dll
2013-05-04 04:57:35 146944 ----a-w- c:\windows\system32\storewuauth.dll
2013-05-04 04:57:23 73728 ----a-w- c:\windows\system32\psmsrv.dll
2013-05-04 04:57:16 18432 ----a-w- c:\windows\system32\npmproxy.dll
2013-05-04 04:57:04 371200 ----a-w- c:\windows\system32\netprofmsvc.dll
2013-05-04 04:57:04 151040 ----a-w- c:\windows\system32\netplwiz.dll
2013-05-04 04:57:04 115712 ----a-w- c:\windows\system32\netprofm.dll
2013-05-04 04:57:02 14336 ----a-w- c:\windows\system32\muifontsetup.dll
2013-05-04 04:56:48 411136 ----a-w- c:\windows\system32\mfmp4srcsnk.dll
2013-05-04 04:56:35 582144 ----a-w- c:\windows\system32\gpprefcl.dll
2013-05-04 04:56:14 449536 ----a-w- c:\windows\system32\DevicePairing.dll
2013-05-04 04:56:06 92160 ----a-w- c:\windows\system32\biwinrt.dll
2013-05-04 04:56:05 309760 ----a-w- c:\windows\system32\BCP47Langs.dll
2013-05-04 04:56:05 2035712 ----a-w- c:\windows\system32\authui.dll
2013-05-04 04:56:05 143360 ----a-w- c:\windows\system32\bisrv.dll
2013-05-04 04:56:02 975360 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2013-05-04 04:56:02 554496 ----a-w- c:\windows\system32\AppXDeploymentExtensions.dll
2013-05-04 04:55:58 389632 ----a-w- c:\windows\system32\intl.cpl
2013-05-04 04:10:47 14848 ----a-w- c:\windows\system32\rars.rs
2013-05-04 04:08:17 61440 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-05-04 04:08:13 19456 ----a-w- c:\windows\system32\drivers\hidusb.sys
2013-05-04 04:06:43 320512 ----a-w- c:\windows\system32\drivers\rdbss.sys
2013-04-28 22:30:55 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-04-28 22:30:12 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-04-23 23:13:53 1013248 ----a-w- c:\windows\system32\certutil.exe
2013-04-23 23:12:44 51712 ----a-w- c:\windows\system32\cryptsvc.dll
2013-04-23 23:12:44 1569792 ----a-w- c:\windows\system32\crypt32.dll
2013-04-23 23:12:44 109056 ----a-w- c:\windows\system32\cryptnet.dll
2013-04-16 01:15:34 1229576 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 05:56:35 444416 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-11 17:31:58 524288000 ----a-w- C:\TESTFILE.TMP
2013-04-08 23:44:25 123880 ----a-w- c:\windows\system32\wscapi.dll
2013-04-08 23:39:14 1476024 ----a-w- c:\windows\system32\ntdll.dll
2013-04-08 23:38:27 248576 ----a-w- c:\windows\system32\kd_02_10ec.dll
2013-04-08 23:37:29 426024 ----a-w- c:\windows\system32\AudioEng.dll
2013-04-08 23:37:29 324368 ----a-w- c:\windows\system32\AudioSes.dll
2013-04-08 23:37:29 207576 ----a-w- c:\windows\system32\audiodg.exe
2013-04-08 21:52:16 670208 ----a-w- c:\windows\system32\SearchIndexer.exe
2013-04-08 21:52:16 614912 ----a-w- c:\windows\system32\RecoveryDrive.exe
2013-04-08 21:52:16 302592 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2013-04-08 21:52:16 171008 ----a-w- c:\windows\system32\SearchFilterHost.exe
2013-04-08 21:52:16 106496 ----a-w- c:\windows\system32\Robocopy.exe
2013-04-08 21:52:09 300032 ----a-w- c:\windows\system32\conhost.exe
2013-04-08 21:52:06 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-04-08 21:52:03 77312 ----a-w- c:\windows\system32\wscsvc.dll
2013-04-08 21:52:03 393216 ----a-w- c:\windows\system32\wpncore.dll
2013-04-08 21:40:13 3390464 ----a-w- c:\windows\system32\win32k.sys
2013-04-06 04:59:15 81920 ----a-w- c:\windows\system32\drivers\hidbth.sys
2013-04-06 04:58:12 48640 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-04-06 04:57:11 494592 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-04-06 04:56:49 709632 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2013-04-06 04:55:42 196096 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-04-06 04:55:28 70656 ----a-w- c:\windows\system32\drivers\wanarp.sys
2013-04-04 22:07:40 457624 ----a-w- c:\windows\system32\ci.dll
2013-04-04 03:35:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-02 23:37:46 25088 ----a-w- c:\windows\system32\cryptdlg.dll
2013-03-30 18:13:17 1166720 ----a-w- c:\windows\system32\winload.efi
2013-03-30 18:13:17 1063936 ----a-w- c:\windows\system32\winload.exe
.
============= FINISH: 7:08:25,30 ===============

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15874
  • Gde živiš: Beograd

Pozdrav,



Korak 1.


Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Pokreni ga, a zatim klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Korak 2.


Preuzmi program GMER sa donjeg linka na Desktop:


GMER download
Klikni dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Dvoklikom pokrenite GMER.
Sačekaj da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, klikni No;

klikni Scan i sačekaj da skeniranje bude završeno;

klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer1);

klikni desnim tasterom u prozor programa Gmer i odaberi Options > 3rd party - klikni Scan;

po završetku skeniranja klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer2);

klikni taster >>> i odaberi Autostart karticu;

po završetku kratkotrajnog skeniranja, klikni Copy;

otvori Notepad i u njega postavi kopirani tekst - izveštaj sačuvaj na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priloži sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 19 Feb 2009
  • Poruke: 176
  • Gde živiš: Kucevo

Evo logova, izvinjavam sto niam odma odgovorio.
mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15874
  • Gde živiš: Beograd

Arrow Kakvo je sada stanje, ima li problema?

offline
  • Pridružio: 19 Feb 2009
  • Poruke: 176
  • Gde živiš: Kucevo

Pozdrav.
Sto se tice sad pretrazivaci pocinju normalno i nem vise one pocetne stranice.
Ali AV nece da skenira apsolutno nista, ne prijavljuje nista ali nece nista da skenira, koliko god ga pokretao da skenira on pokazije samo zadnje skeniranje jos od marta i nista vise.
E sad ne bi znao sta jos da kazem, ne primecujem nista sem ovog sa AV.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15874
  • Gde živiš: Beograd

Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.
Tvoj Windows je 32bitna verzija.


Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

offline
  • Pridružio: 19 Feb 2009
  • Poruke: 176
  • Gde živiš: Kucevo

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-06-2013
Ran by Mile (administrator) on 28-06-2013 19:37:14
Running from C:\Users\Mile\Desktop
Microsoft Windows 8 Pro (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Hagel Technologies Ltd.) C:\Program Files\DU Meter\DUMeterSvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acronis) C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hagel Technologies Ltd.) C:\PROGRA~1\DUMETE~1\DUMeter.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VX3000] C:\Windows\vVX3000.exe [762736 2010-05-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup [602624 2009-03-13] ()
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [adm_tray.exe] C:\Program Files\Acronis\DriveMonitor\adm_tray.exe [466768 2011-02-24] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [365632 2011-02-12] (Acronis)
HKLM\...\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [119152 2010-05-20] (Microsoft Corporation)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1144832 2012-05-19] (Microsoft Corporation)
HKCU\...\Run: [DU Meter] "C:\Program Files\DU Meter\DUMeter.exe" /autostart [4245400 2013-03-10] (Hagel Technologies Ltd.)
HKCU\...\Run: [Facebook Update] "C:\Users\Mile\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2013-05-07] (Facebook Inc.)
HKCU\...\Run: [Viber] "C:\Users\Mile\AppData\Local\Viber\Viber.exe" StartMinimized [906240 2013-05-08] ()
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
MountPoints2: {bd0f8198-da9c-11e2-b0e6-806e6f6e6963} - "D:\setup.exe"
HKU\UpdatusUser\...\Run: [DU Meter] "C:\Program Files\DU Meter\DUMeter.exe" /autostart [ 2013-03-10] (Hagel Technologies Ltd.)
HKU\UpdatusUser\...\Run: [Facebook Update] "C:\Users\Mile\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [ 2013-05-07] (Facebook Inc.)
HKU\UpdatusUser\...\Run: [Viber] "C:\Users\Mile\AppData\Local\Viber\Viber.exe" StartMinimized [ 2013-05-08] ()
HKU\UpdatusUser\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [ 2013-06-03] (Skype Technologies S.A.)
HKU\UpdatusUser\...\Run: [Yontoo Desktop] "C:\Users\Mile\AppData\Roaming\Yontoo\YontooDesktop.exe" [x]
IMEO\sidebar.exe: [Debugger] C:\Program Files\Windows Sidebar\8GadgetPack.exe -run

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 178.79.22.6 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default
FF Homepage: google.rs
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\foxmarks@kei.com
FF Extension: Qualys BrowserCheck - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
FF Extension: Noia 2.0 (eXtreme) - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
FF Extension: Password Exporter - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
FF Extension: DownloadHelper - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Download Statusbar - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF Extension: jid1-F9UJ2thwoAm5gQ - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
FF Extension: NoiaFoxoption - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi
FF Extension: personas - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\Mile\AppData\Roaming\Mozilla\Firefox\Profiles\zemk0e69.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM\...\Mozilla Firefox 22.0\Extensions: [Components] C:\Program Files\Mozilla Firefox\components
FF HKLM\...\Mozilla Firefox 22.0\Extensions: [Plugins] C:\Program Files\Mozilla Firefox\plugins
FF Extension: No Name - C:\Program Files\Mozilla Firefox\plugins
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

========================== Services (Whitelisted) =================

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [660576 2011-02-12] (Acronis)
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [2385304 2013-03-10] (Hagel Technologies Ltd.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1333424 2012-12-21] (ESET)
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-14] (Nero AG)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-05-14] (Skype Technologies S.A.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13344 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 ASTRA32; C:\Program Files\ASTRA32\ASTRA32.sys [30864 2007-02-22] (Licensed for Sysinfo Lab)
R3 DUMeterDrv; C:\Program Files\DU Meter\DUMETR32.SYS [19944 2013-03-01] (Hagel Technologies Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2012-12-21] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [122240 2012-12-21] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [150080 2012-12-21] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [46056 2012-12-21] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47568 2012-12-21] (ESET)
S3 gdrv; C:\Windows\gdrv.sys [17488 2013-06-19] (Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2013-06-19] ()
S3 ivusb; C:\Windows\System32\drivers\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [181912 2013-06-04] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)
R3 fxldypow; C:\fxldypow.sys [103680 2013-06-28] (GMER)
S3 ALSysIO; \??\C:\Users\Mile\AppData\Local\Temp\ALSysIO.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-28 19:36 - 2013-06-28 19:36 - 00000000 ____D C:\FRST
2013-06-28 19:35 - 2013-06-28 19:35 - 01371463 ____A (Farbar) C:\Users\Mile\Desktop\FRST.exe
2013-06-28 19:08 - 2013-06-28 19:08 - 00007160 ____A C:\Users\Mile\Desktop\Gmer3.txt
2013-06-28 19:07 - 2013-06-28 19:07 - 00323421 ____A C:\Users\Mile\Desktop\Gmer2.log
2013-06-28 18:54 - 2013-06-28 18:54 - 00002688 ____A C:\Users\Mile\Desktop\Gmer1.log
2013-06-28 18:18 - 2013-06-28 18:18 - 00377856 ____A C:\Users\Mile\Desktop\nzu0sf25.exe
2013-06-28 18:18 - 2013-06-28 18:18 - 00103680 ____A (GMER) C:\fxldypow.sys
2013-06-28 18:17 - 2013-06-28 18:16 - 00377856 ____A C:\Users\Mile\Desktop\rizxu372.exe
2013-06-28 18:16 - 2013-06-28 18:16 - 00377856 ____A C:\Users\Mile\Downloads\rizxu372.exe
2013-06-28 18:11 - 2013-06-28 18:11 - 00041211 ____A C:\AdwCleaner[S1].txt
2013-06-28 18:10 - 2013-06-28 18:10 - 00648201 ____A C:\Users\Mile\Downloads\adwcleaner.exe
2013-06-28 07:08 - 2013-06-28 07:08 - 00019057 ____A C:\Users\Mile\Desktop\dds.txt
2013-06-28 07:08 - 2013-06-28 07:08 - 00005851 ____A C:\Users\Mile\Desktop\attach.txt
2013-06-28 07:03 - 2013-06-28 07:03 - 00688992 ____R (Swearware) C:\Users\Mile\Desktop\dds.scr
2013-06-28 06:46 - 2013-06-28 06:46 - 00000530 ____A C:\Windows\PFRO.log
2013-06-28 06:15 - 2013-06-28 06:27 - 00022673 ____A C:\Windows\WindowsUpdate.log
2013-06-27 21:26 - 2013-06-27 21:26 - 00157728 ____A (Amonetize ltd.) C:\Users\Mile\Downloads\All Antivirus Daily Updated Key Maker 2013 v1.5__2827_il687324.exe
2013-06-25 13:19 - 2013-06-25 13:19 - 00000000 ____D C:\Users\Mile\Documents\DriverEasy
2013-06-25 13:15 - 2013-06-28 06:14 - 00000416 ____A C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2013-06-25 13:15 - 2013-06-25 13:15 - 03025616 ____A (Easeware ) C:\Users\Mile\Downloads\DriverEasy_Setup.exe
2013-06-25 13:15 - 2013-06-25 13:15 - 00001124 ____A C:\Users\Public\Desktop\DriverEasy.lnk
2013-06-25 13:15 - 2013-06-25 13:15 - 00000000 ____D C:\Users\Mile\AppData\Roaming\Easeware
2013-06-25 13:15 - 2013-06-25 13:15 - 00000000 ____D C:\Program Files\Easeware
2013-06-25 12:45 - 2013-06-25 12:45 - 00001999 ____A C:\Users\Public\Desktop\Microsoft LifeCam.lnk
2013-06-25 12:45 - 2013-06-25 12:45 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2013-06-25 12:41 - 2013-06-25 12:41 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-25 11:48 - 2013-06-25 11:48 - 00000000 ____D C:\Users\Mile\AppData\Roaming\KC Softwares
2013-06-25 10:54 - 2013-06-25 10:56 - 11488684 ____A C:\Users\Mile\Downloads\AudioGrail71.zip
2013-06-25 08:02 - 2013-06-25 08:07 - 00000000 ____D C:\Program Files\Common Files\AltrixSoft
2013-06-25 08:02 - 2013-06-25 08:02 - 00000000 ____D C:\ProgramData\AltrixSoft
2013-06-25 06:35 - 2013-06-25 06:36 - 12860530 ____A C:\Users\Mile\Downloads\SSD Life PRO 2.2.42.rar
2013-06-24 08:10 - 2013-06-24 08:12 - 29546352 ____A (Microsoft Corporation) C:\Users\Mile\Downloads\LifeCam3.22.exe
2013-06-24 00:52 - 2013-06-24 00:52 - 00002299 ____A C:\Users\Public\Desktop\Tipard Total Media Converter.lnk
2013-06-23 19:26 - 2013-06-23 19:32 - 33167787 ____A C:\Users\Mile\Downloads\TipardTotalMediaConverterStandard6156.zip
2013-06-22 12:49 - 2013-06-22 14:15 - 00002189 ____A C:\Windows\diagwrn.xml
2013-06-22 12:49 - 2013-06-22 14:15 - 00001890 ____A C:\Windows\diagerr.xml
2013-06-22 05:29 - 2013-06-22 07:26 - 1535019008 ____A C:\Users\Mile\Downloads\Led.2013.SrpskaForum.com.avi
2013-06-21 21:02 - 2013-06-21 21:02 - 00001799 ____A C:\Users\Public\Desktop\Recuva.lnk
2013-06-21 21:02 - 2013-06-21 21:02 - 00000000 ____D C:\Program Files\Recuva
2013-06-21 21:01 - 2013-06-21 21:02 - 03723592 ____A (Piriform Ltd) C:\Users\Mile\Downloads\rcsetup147.exe
2013-06-19 22:09 - 2013-06-19 22:09 - 00024944 ____A C:\Windows\System32\Drivers\GVTDrv.sys
2013-06-19 22:09 - 2013-06-19 22:09 - 00000004 ____A C:\Windows\System32\GVTunner.ref
2013-06-19 22:05 - 2013-06-19 22:05 - 00000000 ____D C:\Program Files\Intel
2013-06-19 22:05 - 2013-06-19 22:05 - 00000000 ____D C:\Program Files\GIGABYTE
2013-06-19 22:04 - 2013-06-19 22:09 - 00017488 ____A (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys
2013-06-19 22:04 - 2013-06-19 22:04 - 00000000 ____D C:\Users\Mile\Downloads\Easytune6
2013-06-19 21:50 - 2013-06-19 21:56 - 55126841 ____A C:\Users\Mile\Downloads\motherboard_utility_gbttools_gbt_et6.exe
2013-06-19 19:01 - 2013-06-19 19:02 - 10540165 ____A C:\Users\Mile\Downloads\mb_driver_audio_realtek_azalia(2).exe.part
2013-06-19 18:36 - 2013-06-19 18:39 - 00000000 ____D C:\Users\Mile\Desktop\New folder
2013-06-19 18:22 - 2012-02-21 13:45 - 01725784 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib.dll
2013-06-19 18:22 - 2012-01-30 05:42 - 00819648 ____A (TOSHIBA Corporation) C:\Windows\System32\tadefxapo2.dll
2013-06-19 18:22 - 2012-01-10 04:20 - 00058264 ____A (TOSHIBA CORPORATION.) C:\Windows\System32\TepeqAPO.dll
2013-06-19 18:22 - 2011-03-17 06:16 - 01379760 ____A (TOSHIBA Corporation) C:\Windows\System32\tosade.dll
2013-06-19 18:22 - 2011-03-07 11:03 - 00134584 ____A (TOSHIBA Corporation) C:\Windows\System32\tadefxapo.dll
2013-06-19 18:21 - 2013-06-19 22:05 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-19 18:21 - 2012-06-19 10:54 - 03240400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHDA.sys
2013-06-19 18:21 - 2012-06-19 07:30 - 00293889 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-06-19 18:21 - 2012-06-14 07:43 - 05096448 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes.dat
2013-06-19 18:21 - 2012-06-08 10:18 - 03173008 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll
2013-06-19 18:21 - 2012-06-06 04:44 - 00645776 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApoApi.dll
2013-06-19 18:21 - 2012-06-01 03:37 - 02417808 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkPgExt.dll
2013-06-19 18:21 - 2012-05-31 12:08 - 00087696 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoInstII.dll
2013-06-19 18:21 - 2012-05-25 12:06 - 01706640 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-06-19 18:21 - 2012-05-17 05:29 - 07161696 ____A (Dolby Laboratories) C:\Windows\System32\R4EEP32A.dll
2013-06-19 18:21 - 2012-05-17 05:29 - 00351072 ____A (Dolby Laboratories) C:\Windows\System32\R4EED32A.dll
2013-06-19 18:21 - 2012-05-17 05:29 - 00105824 ____A (Dolby Laboratories) C:\Windows\System32\R4EEL32A.dll
2013-06-19 18:21 - 2012-05-17 05:29 - 00091488 ____A (Dolby Laboratories) C:\Windows\System32\R4EEA32A.dll
2013-06-19 18:21 - 2012-05-17 05:29 - 00061792 ____A (Dolby Laboratories) C:\Windows\System32\R4EEG32A.dll
2013-06-19 18:21 - 2012-04-10 08:40 - 02193472 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO.dll
2013-06-19 18:21 - 2012-04-03 12:41 - 01185112 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek2.dll
2013-06-19 18:21 - 2012-04-03 12:41 - 00709976 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPOShell.dll
2013-06-19 18:21 - 2012-03-08 05:47 - 00176736 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTACap.dll
2013-06-19 18:21 - 2012-03-08 05:47 - 00095840 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTARen.dll
2013-06-19 18:21 - 2012-02-17 09:54 - 00350552 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxVolumeSDAPO.dll
2013-06-19 18:21 - 2012-02-13 16:36 - 07783768 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek.dll
2013-06-19 18:21 - 2012-01-23 16:28 - 00421744 ____A (DTS) C:\Windows\System32\DTSU2PLFX32.dll
2013-06-19 18:21 - 2012-01-23 16:28 - 00398192 ____A (DTS) C:\Windows\System32\DTSU2PGFX32.dll
2013-06-19 18:21 - 2012-01-23 16:28 - 00335216 ____A (DTS) C:\Windows\System32\DTSU2PREC32.dll
2013-06-19 18:21 - 2011-12-19 23:43 - 00192104 ____A (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2013-06-19 18:21 - 2011-12-18 11:57 - 01836376 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ.dll
2013-06-19 18:21 - 2011-12-13 10:58 - 01497704 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSndMgr.cpl
2013-06-19 18:21 - 2011-11-22 10:28 - 00013416 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR.dll
2013-06-19 18:21 - 2011-09-02 08:21 - 00214368 ____A (Synopsys, Inc.) C:\Windows\System32\SFNHK.dll
2013-06-19 18:21 - 2011-09-02 08:21 - 00074080 ____A (Synopsys, Inc.) C:\Windows\System32\SFCOM.dll
2013-06-19 18:21 - 2011-09-02 08:21 - 00068960 ____A (Synopsys, Inc.) C:\Windows\System32\SFAPO.dll
2013-06-19 18:21 - 2011-08-23 11:00 - 00357712 ____A (Knowles Acoustics ) C:\Windows\System32\KAAPORT.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 01509480 ____A (DTS) C:\Windows\System32\DTSS2SpeakerDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 01292904 ____A (DTS) C:\Windows\System32\DTSS2HeadphoneDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 01220200 ____A (DTS) C:\Windows\System32\DTSBoostDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00654952 ____A (DTS) C:\Windows\System32\DTSBassEnhancementDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00631400 ____A (DTS) C:\Windows\System32\DTSSymmetryDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00601704 ____A (DTS) C:\Windows\System32\DTSVoiceClarityDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00458344 ____A (DTS) C:\Windows\System32\DTSNeoPCDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00389736 ____A (DTS) C:\Windows\System32\DTSGainCompensatorDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00375400 ____A (DTS) C:\Windows\System32\DTSLimiterDLL.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00218728 ____A (DTS) C:\Windows\System32\DTSGFXAPONS.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00218728 ____A (DTS) C:\Windows\System32\DTSGFXAPO.dll
2013-06-19 18:21 - 2011-05-31 03:42 - 00218216 ____A (DTS) C:\Windows\System32\DTSLFXAPO.dll
2013-06-19 18:21 - 2010-11-08 01:31 - 00359768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP32A.dll
2013-06-19 18:21 - 2010-11-08 01:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT32.dll
2013-06-19 18:21 - 2010-11-08 01:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA32.dll
2013-06-19 18:21 - 2010-11-08 01:31 - 00170840 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED32A.dll
2013-06-19 18:21 - 2010-11-08 01:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL32A.dll
2013-06-19 18:21 - 2010-11-08 01:31 - 00064856 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG32A.dll
2013-06-19 18:21 - 2010-10-03 07:45 - 00259928 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO30.dll
2013-06-19 18:21 - 2010-09-27 03:34 - 00232792 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2013-06-19 18:14 - 2013-06-19 18:19 - 59658505 ____A C:\Users\Mile\Downloads\mb_driver_audio_realtek_azalia(1).exe.part
2013-06-19 18:14 - 2013-06-19 18:14 - 00000000 ____A C:\Users\Mile\Downloads\mb_driver_audio_realtek_azalia(1).exe
2013-06-19 17:53 - 2013-06-19 17:53 - 00002007 ____A C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-06-19 17:48 - 2013-06-19 19:46 - 00000000 ____D C:\Users\Mile\Desktop\HD_Audio
2013-06-19 17:46 - 2013-06-19 17:47 - 00000000 ____D C:\Users\Mile\Downloads\HD_Audio
2013-06-19 17:29 - 2013-06-19 17:32 - 02756965 ____A C:\Users\Mile\Downloads\mb_driver_audio_realtek_azalia.exe
2013-06-19 17:12 - 2013-06-19 17:15 - 03020224 ____A C:\Users\Mile\Downloads\installer_gigabyte_ga-ma770-ud3_rev__2_x_realtek_audio_driver_2_41_English.exe
2013-06-14 20:38 - 2013-06-14 20:38 - 00280992 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-13 06:52 - 2013-05-31 01:20 - 01011712 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-13 06:52 - 2013-05-24 01:27 - 01075200 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-13 06:52 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-13 06:52 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 06:52 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 06:52 - 2013-05-04 07:54 - 00103176 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-13 06:52 - 2013-05-04 07:45 - 05575424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-13 06:52 - 2013-05-04 07:37 - 00052056 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-13 06:52 - 2013-05-04 07:20 - 00362240 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-13 06:52 - 2013-05-04 07:20 - 00238336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-13 06:52 - 2013-05-04 07:20 - 00180488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-13 06:52 - 2013-05-04 06:58 - 02561536 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-13 06:52 - 2013-05-04 06:58 - 01555456 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-13 06:52 - 2013-05-04 06:58 - 01150976 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-13 06:52 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-13 06:52 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-13 06:52 - 2013-05-04 06:58 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-13 06:52 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-13 06:52 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-13 06:52 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-13 06:52 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 01049600 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00371200 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\npmproxy.dll
2013-06-13 06:52 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 00975360 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 00582144 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 00554496 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 00143360 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-13 06:52 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-13 06:52 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-13 06:52 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-13 06:52 - 2013-05-04 06:08 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-13 06:52 - 2013-05-04 06:08 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-13 06:52 - 2013-05-04 06:06 - 00320512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-13 06:52 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-13 06:52 - 2013-04-29 00:31 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 06:52 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 06:52 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 06:52 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 06:52 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 06:52 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 06:52 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 06:52 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 06:52 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 06:52 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 06:52 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 06:52 - 2013-04-24 01:12 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 06:52 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-13 06:51 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-13 06:51 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-13 06:51 - 2013-05-04 07:14 - 01801472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 06:51 - 2013-04-27 05:21 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-09 16:45 - 2013-06-09 16:45 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-06-09 16:35 - 2010-11-16 14:40 - 01103464 ____A (Nokia) C:\Users\Mile\Desktop\SetupOviPlayer.exe
2013-06-09 10:10 - 2013-06-09 10:10 - 00000000 ____D C:\Users\Mile\AppData\Roaming\TMInc
2013-06-08 22:06 - 2013-06-08 22:24 - 119580435 ____A C:\Users\Mile\Downloads\TreasureMasters.zip
2013-06-07 05:18 - 2013-06-07 05:19 - 01491560 ____A (Skype Technologies S.A.) C:\Users\Mile\Downloads\SkypeSetup(1).exe
2013-06-04 15:09 - 2013-06-04 15:09 - 02769624 ____A (AltrixSoft) C:\Windows\System32\Hard Drive Inspector 4.15 Build 168.exe
2013-06-04 09:15 - 2013-06-04 09:15 - 01112288 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01007.dll
2013-06-04 09:15 - 2013-06-04 09:15 - 00581192 ____A (Microsoft Corporation) C:\Windows\System32\WinUSBCoInstaller.dll
2013-06-04 09:15 - 2013-06-04 09:15 - 00181912 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudobex.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00181912 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00084248 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2013-06-03 16:16 - 2013-06-03 16:41 - 00000000 ____D C:\Users\Mile\AppData\Local\Adobe
2013-05-29 05:07 - 2013-05-29 05:07 - 00554616 ____A (Sterkly LLC) C:\Users\Mile\Downloads\BestVideoDownloader.exe

==================== One Month Modified Files and Folders ========

2013-06-28 19:36 - 2013-06-28 19:36 - 00000000 ____D C:\FRST
2013-06-28 19:35 - 2013-06-28 19:35 - 01371463 ____A (Farbar) C:\Users\Mile\Desktop\FRST.exe
2013-06-28 19:08 - 2013-06-28 19:08 - 00007160 ____A C:\Users\Mile\Desktop\Gmer3.txt
2013-06-28 19:07 - 2013-06-28 19:07 - 00323421 ____A C:\Users\Mile\Desktop\Gmer2.log
2013-06-28 19:00 - 2012-07-26 08:53 - 00000000 ____D C:\Windows\System32\sru
2013-06-28 18:54 - 2013-06-28 18:54 - 00002688 ____A C:\Users\Mile\Desktop\Gmer1.log
2013-06-28 18:18 - 2013-06-28 18:18 - 00377856 ____A C:\Users\Mile\Desktop\nzu0sf25.exe
2013-06-28 18:18 - 2013-06-28 18:18 - 00103680 ____A (GMER) C:\fxldypow.sys
2013-06-28 18:17 - 2013-02-05 23:33 - 00848230 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-28 18:16 - 2013-06-28 18:17 - 00377856 ____A C:\Users\Mile\Desktop\rizxu372.exe
2013-06-28 18:16 - 2013-06-28 18:16 - 00377856 ____A C:\Users\Mile\Downloads\rizxu372.exe
2013-06-28 18:12 - 2013-02-06 00:10 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-28 18:12 - 2012-07-26 08:04 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-28 18:11 - 2013-06-28 18:11 - 00041211 ____A C:\AdwCleaner[S1].txt
2013-06-28 18:10 - 2013-06-28 18:10 - 00648201 ____A C:\Users\Mile\Downloads\adwcleaner.exe
2013-06-28 07:08 - 2013-06-28 07:08 - 00019057 ____A C:\Users\Mile\Desktop\dds.txt
2013-06-28 07:08 - 2013-06-28 07:08 - 00005851 ____A C:\Users\Mile\Desktop\attach.txt
2013-06-28 07:03 - 2013-06-28 07:03 - 00688992 ____R (Swearware) C:\Users\Mile\Desktop\dds.scr
2013-06-28 06:46 - 2013-06-28 06:46 - 00000530 ____A C:\Windows\PFRO.log
2013-06-28 06:45 - 2012-07-26 06:17 - 00786432 __ASH C:\Windows\System32\config\BBI
2013-06-28 06:42 - 2013-02-06 02:19 - 00000000 ____D C:\Program Files\Everything
2013-06-28 06:27 - 2013-06-28 06:15 - 00022673 ____A C:\Windows\WindowsUpdate.log
2013-06-28 06:14 - 2013-06-25 13:15 - 00000416 ____A C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2013-06-28 06:14 - 2013-05-12 18:53 - 00000906 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce4f3138bbfe55.job
2013-06-28 06:14 - 2013-05-07 14:13 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3893990192-3725226574-2333194970-1001UA.job
2013-06-28 06:14 - 2013-05-07 14:13 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3893990192-3725226574-2333194970-1001Core.job
2013-06-28 06:14 - 2013-04-06 12:48 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-28 06:14 - 2013-02-06 01:44 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-27 21:49 - 2013-02-14 22:17 - 00548864 __ASH C:\Users\Mile\Desktop\Thumbs.db
2013-06-27 21:44 - 2013-02-05 17:59 - 00000000 ____D C:\Users\Mile\AppData\Roaming\uTorrent
2013-06-27 21:26 - 2013-06-27 21:26 - 00157728 ____A (Amonetize ltd.) C:\Users\Mile\Downloads\All Antivirus Daily Updated Key Maker 2013 v1.5__2827_il687324.exe
2013-06-27 20:46 - 2013-02-06 02:21 - 00000000 ____D C:\Users\Mile\AppData\Roaming\Skype
2013-06-27 14:15 - 2013-04-11 18:45 - 00000000 ____D C:\Users\Mile\AppData\Roaming\HD Tune Pro
2013-06-27 07:28 - 2012-07-26 08:53 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-27 05:55 - 2013-04-12 20:57 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-27 05:55 - 2013-02-06 00:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-25 13:19 - 2013-06-25 13:19 - 00000000 ____D C:\Users\Mile\Documents\DriverEasy
2013-06-25 13:15 - 2013-06-25 13:15 - 03025616 ____A (Easeware ) C:\Users\Mile\Downloads\DriverEasy_Setup.exe
2013-06-25 13:15 - 2013-06-25 13:15 - 00001124 ____A C:\Users\Public\Desktop\DriverEasy.lnk
2013-06-25 13:15 - 2013-06-25 13:15 - 00000000 ____D C:\Users\Mile\AppData\Roaming\Easeware
2013-06-25 13:15 - 2013-06-25 13:15 - 00000000 ____D C:\Program Files\Easeware
2013-06-25 12:46 - 2012-07-26 08:53 - 00000000 ____D C:\Windows\AUInstallAgent
2013-06-25 12:45 - 2013-06-25 12:45 - 00001999 ____A C:\Users\Public\Desktop\Microsoft LifeCam.lnk
2013-06-25 12:45 - 2013-06-25 12:45 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2013-06-25 12:43 - 2013-02-05 20:22 - 00000000 ____D C:\Users\Mile\AppData\Roaming\Winamp
2013-06-25 12:41 - 2013-06-25 12:41 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-25 11:48 - 2013-06-25 11:48 - 00000000 ____D C:\Users\Mile\AppData\Roaming\KC Softwares
2013-06-25 10:56 - 2013-06-25 10:54 - 11488684 ____A C:\Users\Mile\Downloads\AudioGrail71.zip
2013-06-25 08:07 - 2013-06-25 08:02 - 00000000 ____D C:\Program Files\Common Files\AltrixSoft
2013-06-25 08:02 - 2013-06-25 08:02 - 00000000 ____D C:\ProgramData\AltrixSoft
2013-06-25 07:10 - 2013-05-24 06:37 - 00000000 ____D C:\Users\Mile\Downloads\Eset NOD32 Username And Password Premium v1.0 Final
2013-06-25 07:10 - 2013-05-20 21:13 - 00000000 ____D C:\Users\Mile\Downloads\Eset NOD32 Username And Password Premium v1.0
2013-06-25 06:36 - 2013-06-25 06:35 - 12860530 ____A C:\Users\Mile\Downloads\SSD Life PRO 2.2.42.rar
2013-06-24 15:56 - 2013-04-14 08:47 - 00000000 ____D C:\Users\Mile\Downloads\New folder
2013-06-24 08:12 - 2013-06-24 08:10 - 29546352 ____A (Microsoft Corporation) C:\Users\Mile\Downloads\LifeCam3.22.exe
2013-06-24 00:54 - 2013-02-18 08:18 - 00000000 ____D C:\Users\Mile\Documents\Tipard Studio
2013-06-24 00:52 - 2013-06-24 00:52 - 00002299 ____A C:\Users\Public\Desktop\Tipard Total Media Converter.lnk
2013-06-24 00:52 - 2013-02-18 08:18 - 00000000 ____D C:\Users\Mile\AppData\Local\Tipard Studio
2013-06-24 00:52 - 2013-02-18 08:18 - 00000000 ____D C:\ProgramData\Tipard Studio
2013-06-24 00:52 - 2013-02-18 08:18 - 00000000 ____D C:\Program Files\Tipard Studio
2013-06-23 19:32 - 2013-06-23 19:26 - 33167787 ____A C:\Users\Mile\Downloads\TipardTotalMediaConverterStandard6156.zip
2013-06-22 14:15 - 2013-06-22 12:49 - 00002189 ____A C:\Windows\diagwrn.xml
2013-06-22 14:15 - 2013-06-22 12:49 - 00001890 ____A C:\Windows\diagerr.xml
2013-06-22 07:26 - 2013-06-22 05:29 - 1535019008 ____A C:\Users\Mile\Downloads\Led.2013.SrpskaForum.com.avi
2013-06-22 06:14 - 2012-07-26 08:53 - 00000000 ____D C:\Windows\rescache
2013-06-21 21:08 - 2013-02-05 23:27 - 00000000 ____D C:\users\Mile
2013-06-21 21:02 - 2013-06-21 21:02 - 00001799 ____A C:\Users\Public\Desktop\Recuva.lnk
2013-06-21 21:02 - 2013-06-21 21:02 - 00000000 ____D C:\Program Files\Recuva
2013-06-21 21:02 - 2013-06-21 21:01 - 03723592 ____A (Piriform Ltd) C:\Users\Mile\Downloads\rcsetup147.exe
2013-06-20 05:24 - 2013-02-10 08:21 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-20 05:23 - 2013-02-10 08:21 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2013-06-19 22:09 - 2013-06-19 22:09 - 00024944 ____A C:\Windows\System32\Drivers\GVTDrv.sys
2013-06-19 22:09 - 2013-06-19 22:09 - 00000004 ____A C:\Windows\System32\GVTunner.ref
2013-06-19 22:09 - 2013-06-19 22:04 - 00017488 ____A (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys
2013-06-19 22:05 - 2013-06-19 22:05 - 00000000 ____D C:\Program Files\Intel
2013-06-19 22:05 - 2013-06-19 22:05 - 00000000 ____D C:\Program Files\GIGABYTE
2013-06-19 22:05 - 2013-06-19 18:21 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-19 22:04 - 2013-06-19 22:04 - 00000000 ____D C:\Users\Mile\Downloads\Easytune6
2013-06-19 22:04 - 2013-02-06 00:07 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-06-19 21:56 - 2013-06-19 21:50 - 55126841 ____A C:\Users\Mile\Downloads\motherboard_utility_gbttools_gbt_et6.exe
2013-06-19 19:46 - 2013-06-19 17:48 - 00000000 ____D C:\Users\Mile\Desktop\HD_Audio
2013-06-19 19:31 - 2013-02-06 00:08 - 00000000 ____D C:\Windows\System32\RTCOM
2013-06-19 19:02 - 2013-06-19 19:01 - 10540165 ____A C:\Users\Mile\Downloads\mb_driver_audio_realtek_azalia(2).exe.part
2013-06-19 18:39 - 2013-06-19 18:36 - 00000000 ____D C:\Users\Mile\Desktop\New folder
2013-06-19 18:22 - 2012-07-26 08:49 - 00000000 ____D C:\Windows\System32\DriverStore
2013-06-19 18:19 - 2013-06-19 18:14 - 59658505 ____A C:\Users\Mile\Downloads\mb_driver_audio_realtek_azalia(1).exe.part
2013-06-19 18:14 - 2013-06-19 18:14 - 00000000 ____A C:\Users\Mile\Downloads\mb_driver_audio_realtek_azalia(1).exe
2013-06-19 17:53 - 2013-06-19 17:53 - 00002007 ____A C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-06-19 17:47 - 2013-06-19 17:46 - 00000000 ____D C:\Users\Mile\Downloads\HD_Audio
2013-06-19 17:32 - 2013-06-19 17:29 - 02756965 ____A C:\Users\Mile\Downloads\mb_driver_audio_realtek_azalia.exe
2013-06-19 17:15 - 2013-06-19 17:12 - 03020224 ____A C:\Users\Mile\Downloads\installer_gigabyte_ga-ma770-ud3_rev__2_x_realtek_audio_driver_2_41_English.exe
2013-06-19 17:02 - 2013-02-06 00:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-06-14 20:38 - 2013-06-14 20:38 - 00280992 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-13 21:40 - 2012-07-26 08:53 - 00000000 ___RD C:\Windows\ToastData
2013-06-13 21:40 - 2012-07-26 08:53 - 00000000 ____D C:\Windows\WinStore
2013-06-13 21:40 - 2012-07-26 08:53 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-13 08:45 - 2013-02-05 18:57 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 18:18 - 2013-02-24 18:33 - 00230424 ____A C:\img2-001.raw
2013-06-09 16:45 - 2013-06-09 16:45 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-06-09 10:10 - 2013-06-09 10:10 - 00000000 ____D C:\Users\Mile\AppData\Roaming\TMInc
2013-06-09 08:46 - 2013-02-14 19:19 - 00000000 ____D C:\Games
2013-06-08 22:24 - 2013-06-08 22:06 - 119580435 ____A C:\Users\Mile\Downloads\TreasureMasters.zip
2013-06-07 05:23 - 2013-02-05 17:25 - 00000000 ___RD C:\Program Files\Skype
2013-06-07 05:23 - 2013-02-05 17:24 - 00000000 ____D C:\ProgramData\Skype
2013-06-07 05:19 - 2013-06-07 05:18 - 01491560 ____A (Skype Technologies S.A.) C:\Users\Mile\Downloads\SkypeSetup(1).exe
2013-06-05 00:09 - 2012-07-26 08:55 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-05 00:09 - 2012-07-26 08:55 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-04 15:09 - 2013-06-04 15:09 - 02769624 ____A (AltrixSoft) C:\Windows\System32\Hard Drive Inspector 4.15 Build 168.exe
2013-06-04 09:15 - 2013-06-04 09:15 - 01112288 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01007.dll
2013-06-04 09:15 - 2013-06-04 09:15 - 00581192 ____A (Microsoft Corporation) C:\Windows\System32\WinUSBCoInstaller.dll
2013-06-04 09:15 - 2013-06-04 09:15 - 00181912 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudobex.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00181912 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00084248 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2013-06-03 16:41 - 2013-06-03 16:16 - 00000000 ____D C:\Users\Mile\AppData\Local\Adobe
2013-06-03 16:18 - 2013-05-14 09:34 - 00000000 ____D C:\Users\Mile\AppData\Roaming\ViberPC
2013-06-03 16:18 - 2013-05-14 09:33 - 00000000 ____D C:\Users\Mile\AppData\Local\Viber
2013-05-31 01:20 - 2013-06-13 06:52 - 01011712 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-29 05:07 - 2013-05-29 05:07 - 00554616 ____A (Sterkly LLC) C:\Users\Mile\Downloads\BestVideoDownloader.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2012-07-26 01:11] - [2012-07-26 05:50] - 2114936 ____A (Microsoft Corporation) 5B6ED1B57DBFF18D405A0260559B571E

C:\Windows\System32\winlogon.exe
[2013-02-05 20:36] - [2012-09-20 07:55] - 0411648 ____A (Microsoft Corporation) D75035A24FF8D5A489366C685030DB4C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-22 06:07

==================== End Of Log ============================
mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15874
  • Gde živiš: Beograd

Arrow Malware nije prisutan na sistemu, tako da on ne pravi problem. Ono sto mi pada na pamet jeste da je za Eset istekla licenca, posto je u pitanju komercijalni proizvod?

offline
  • Pridružio: 19 Feb 2009
  • Poruke: 176
  • Gde živiš: Kucevo

Ok. Hvala ha pomoci i izgubljenom vremenu. Probacu neku verziju koja se ne placa vazno da je sve cisto.
Pozdrav i sve najbolje.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15874
  • Gde živiš: Beograd

Ok onda Smile

Da pocistimo alate...

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.

Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt



Obrisi sve Java verzije iz Control Panel-a i sa ove adrese preuzmi najnoviju

http://java.com/en/download/index.jsp



Arrow Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Više o MCShield-u možeš saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html




Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html



Arrow Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html



TwinHeadedEagle (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 602 korisnika na forumu :: 18 registrovanih, 0 sakrivenih i 584 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aleksanikolic1979, Belac91, cikadeda, dane007, draggan, dragoljub11987, dule clio, Iwo Jima, Joja2, kybonacci, Milan A. Nikolic, Nebo_M, spektorsky, Srki94, Stija zmija, Vatreni Zmaj, wizzardone, zoran.ruzicic