MyCity » Ambulanta -> Arhiva Ambulante » Prozori prijavljuju grešku

Prozori prijavljuju grešku

Napisano na dan: 12.5.2013
2

Prozori prijavljuju grešku
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 12 Maj 2013 19:25
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

Napisano: 12 Maj 2013 19:12

Ne znam ništa o Bitdefenderu! Nemam ga instaliranog.

Dopuna: 12 Maj 2013 19:14

Imam Comodo, i njega sam deaktivirala.

Dopuna: 12 Maj 2013 19:25

Imala sam Bitdefender instalaciju, ali nikad nije bila pokrenuta. Posle je izbrisana. (izgleda da nije sasvim uklonjena, ali po[to je nigde ne vidim, ne mogu ni da je uklonim).



Poslao: 12 Maj 2013 20:25
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Vera, da ne cekas dok kolega dodje, preuzmi BitDefender Uninstall Tool i deinstaliraj ostatke tog Antivirusa, imas na linku download i uputstvo.
Zatim pokreni Combofix.

[Link mogu videti samo ulogovani korisnici]



Ukoliko ponovo dobijes obavestenje da je BitDefender prisutan, ignorisi upozorenje i nastavi dalje.

Pozdrav.



Poslao: 12 Maj 2013 20:46
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

Da li smem da nastavim sa Combofixom jer mi opet daje isto upozorenje, a Bitdefender je uklonjen na ovaj način?


Da li ovo znaci da je sasvim uklonjen?

Poslao: 12 Maj 2013 20:48
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Nastavi sa Combofixom.

Poslao: 12 Maj 2013 21:35
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

Ne ide, nikako. Pokrenula sam Combofix, stigao je do "stage 50", napravio razmak i odjednom sve obrisao, restartovao se, pojavio se plavi ekran. Kad se ponovo podigao sistem, opet sam pokrenula Combofix i desilo se isto kad je stigao do "stage 50". Sad

Poslao: 12 Maj 2013 21:43
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Obriši staru ikonicu ComboFix-a i preuzmi novu sa sledeće adrese na Desktop

ComboFix

Zatim klikni na Start --> Run , a zatim kopiraj pažljivo sledeći tekst

"%userprofile%\Desktop\ComboFix.exe" /KillAll /StepDel /NoMBR

Pritisni OK i ComboFix će započeti sa skeniranjem.

Poslao: 12 Maj 2013 22:20
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

Ne vredi, dešava se isto, tj. prekida skeniranje. A i dalje mi prijavljuje taj Bitdefender kao da je aktivan (ovo možda nije važno).

Poslao: 12 Maj 2013 22:47
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pa vazno je, imas dva Antivirusa na sistemu, Bitdefender nije dobro deinstaliran a instaliran je CIS preko njega.

Taj prozor koji se pojavljuje je legitiman program MCShield koji je iz nekog razloga zabagovao. Pronadji ga i deinstaliraj.




Preuzmi program OTL sa donjeg linka na Desktop:
Download link1
Download link2




Dvoklikom pokreni OTL.

Štikliraj opciju Scan All Users.
U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeći tekst:


netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.exe
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
CREATERESTOREPOINT



Klikni RunScan i pričekaj da se skeniranje završi.
Iskopiraj sadržaj OTL.txt izveštaja u temu na forumu.

Poslao: 13 Maj 2013 00:12
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

OTL logfile created on: 5/13/2013 12:05:17 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Novi korisnik\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.42 Mb Total Physical Memory | 43.28 Mb Available Physical Memory | 4.23% Memory free
2.40 Gb Paging File | 1.25 Gb Available in Paging File | 51.99% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 15.70 Gb Free Space | 20.09% Space Free | Partition Type: NTFS
Drive D: | 154.75 Gb Total Space | 154.04 Gb Free Space | 99.54% Space Free | Partition Type: NTFS

Computer Name: KORISNIK-E8450A | User Name: Novi korisnik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/13 00:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Novi korisnik\desktop\OTL.com
PRC - [2013/05/02 04:07:10 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013/04/26 18:31:59 | 001,815,248 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
PRC - [2013/04/25 02:30:15 | 004,443,912 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2013/04/25 02:29:48 | 009,478,352 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cis.exe
PRC - [2013/04/15 19:38:17 | 003,012,816 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
PRC - [2013/04/15 19:38:17 | 002,048,208 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdupd.exe
PRC - [2013/04/12 16:23:17 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/11 20:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2010/01/21 18:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
PRC - [2010/01/16 10:54:08 | 000,717,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2009/05/07 14:06:32 | 000,602,792 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeecoms.exe
PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/12 16:23:16 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/03/30 13:18:29 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeedrpp.dll
MOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2001/10/28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


========== Services (SafeList) ==========

SRV - [2013/04/25 02:30:15 | 004,443,912 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2013/04/15 19:38:18 | 000,127,184 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV - [2013/04/12 16:23:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/25 17:27:47 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)
SRV - [2013/03/22 19:19:21 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/11 20:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/01/21 18:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/05/07 14:06:32 | 000,602,792 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxeecoms.exe -- (lxee_device)
SRV - [2009/05/07 14:06:26 | 000,098,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeeserv.exe -- (lxeeCATSCustConnectService)
SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\NOVIKO~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV - [2013/04/25 12:05:20 | 000,099,392 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2013/04/15 19:38:59 | 000,032,816 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2013/04/15 19:38:58 | 000,592,384 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2013/04/15 19:38:58 | 000,018,528 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2013/02/05 19:34:43 | 000,039,048 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/12/02 15:19:06 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/12/02 00:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/10/16 15:00:30 | 000,115,840 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/07/24 19:02:44 | 004,749,824 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/07/02 21:38:14 | 000,089,600 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/30 10:49:14 | 000,093,824 | ---- | M] (USB video camera) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cam1210.sys -- (CAM1210)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [Link mogu videti samo ulogovani korisnici]{searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.3
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130116
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/11/27 12:25:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/12 16:23:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/12 16:23:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/02/14 13:05:54 | 000,000,000 | ---D | M]

[2013/03/15 17:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Extensions
[2013/05/12 15:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\mmzu09h3.default-1359031359843\extensions
[2013/04/03 10:52:09 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\mmzu09h3.default-1359031359843\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/05/06 05:05:53 | 000,534,214 | ---- | M] () (No name found) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\mmzu09h3.default-1359031359843\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/05/11 00:23:00 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\mmzu09h3.default-1359031359843\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/12 16:23:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/12 16:23:04 | 000,000,000 | ---D | M] (Zaštita od reklamnih poruka) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
[2013/04/12 16:23:05 | 000,000,000 | ---D | M] (Kaspersky URL саветник) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2013/04/12 16:23:17 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/08/09 10:42:41 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2013/04/12 16:23:13 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/04/12 16:23:13 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Shockwave (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google \u043f\u0440\u0435\u0442\u0440\u0430\u0433\u0430 = C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\offlaklpbgccmeobfnimdjapgolbfhad\6.0.8.437\
CHR - Extension: Gmail = C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/05/11 09:50:08 | 000,447,701 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15376 more lines...
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (COMODO)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKU\S-1-5-21-583907252-261478967-725345543-1013..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Novi korisnik\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Novi korisnik\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65766D64-DA15-44B6-8306-2B1EADD0DA3B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\crypt32chain: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\cryptnet: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\cscdll: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\Schedule: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\sclgntfy: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\SensLogn: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\termsrv: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\wlballoon: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/27 15:05:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/05/13 00:03:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Novi korisnik\Desktop\OTL.com
[2013/05/12 22:11:22 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/05/12 22:08:49 | 005,069,265 | R--- | C] (Swearware) -- C:\Documents and Settings\Novi korisnik\Desktop\ComboFix.exe
[2013/05/12 21:01:30 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/05/12 20:58:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/05/12 20:58:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/05/12 20:58:15 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/05/12 20:58:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/05/12 18:36:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/12 18:35:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/05/12 16:49:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\Desktop\RootRepeal
[2013/05/12 16:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2013/05/12 16:00:36 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Novi korisnik\Desktop\dds.scr
[2013/05/12 15:07:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Novi korisnik\Recent
[2013/05/12 14:32:49 | 000,000,000 | ---D | C] -- C:\Stinger_Quarantine
[2013/05/12 14:32:36 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2013/05/11 18:12:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Novi korisnik\My Documents\Sticky Passwords
[2013/05/11 18:08:06 | 000,000,000 | ---D | C] -- C:\Program Files\VITSOFT
[2013/05/11 18:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\Start Menu\Programs\VITSOFT
[2013/05/01 13:38:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/05/01 13:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\My Documents\DbgLogs
[2013/05/01 13:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\My Documents\PassMark
[2013/05/01 13:30:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PassMark
[2013/04/30 00:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\Desktop\Sve sa Desktopa
[2013/04/17 21:19:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2013/04/17 21:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/13 00:08:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/13 00:05:46 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
[2013/05/13 00:04:26 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
[2013/05/13 00:04:26 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
[2013/05/13 00:04:26 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
[2013/05/13 00:03:03 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2013/05/13 00:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Novi korisnik\Desktop\OTL.com
[2013/05/12 23:29:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-261478967-725345543-1013UA.job
[2013/05/12 23:29:00 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-261478967-725345543-1003UA.job
[2013/05/12 23:12:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/12 22:39:56 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/05/12 22:13:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/12 22:13:11 | 133,816,320 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013/05/12 22:09:39 | 005,069,265 | R--- | M] (Swearware) -- C:\Documents and Settings\Novi korisnik\Desktop\ComboFix.exe
[2013/05/12 21:01:36 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/05/12 20:41:53 | 000,180,609 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\BD.JPG
[2013/05/12 20:31:03 | 002,935,344 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\BD_Free_Uninstall_Tool.exe
[2013/05/12 18:37:55 | 000,184,775 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\screenshot.JPG
[2013/05/12 16:48:14 | 000,464,491 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\RootRepeal.zip
[2013/05/12 16:38:58 | 000,377,856 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\mvttrzrf.exe
[2013/05/12 16:00:38 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Novi korisnik\Desktop\dds.scr
[2013/05/12 15:13:06 | 000,172,008 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\greska.JPG
[2013/05/12 13:18:14 | 000,120,623 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\img_1372.jpg
[2013/05/12 06:29:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-261478967-725345543-1003Core.job
[2013/05/12 05:29:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-261478967-725345543-1013Core.job
[2013/05/12 04:12:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/11 09:50:08 | 000,447,701 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/05/10 21:32:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/06 13:00:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2013/05/04 13:55:45 | 000,447,637 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130511-095008.backup
[2013/05/02 10:44:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2013/04/30 17:29:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-261478967-725345543-1003.job
[2013/04/30 15:18:13 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/04/29 21:16:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-261478967-725345543-1013.job
[2013/04/29 13:18:52 | 011,534,336 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\NTUSER.bak
[2013/04/25 18:57:20 | 000,447,209 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130504-135545.backup
[2013/04/25 12:05:20 | 000,099,392 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2013/04/23 16:04:10 | 000,348,048 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2013/04/19 23:11:17 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\Microsoft Word 2010.lnk
[2013/04/19 15:01:59 | 000,447,150 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130425-185720.backup
[2013/04/18 08:01:49 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
[2013/04/17 21:18:45 | 000,001,721 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013/04/17 21:18:45 | 000,001,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2013/04/15 19:38:59 | 000,032,816 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2013/04/15 19:38:58 | 000,592,384 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2013/04/15 19:38:58 | 000,018,528 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2013/04/15 19:38:37 | 000,035,488 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2013/04/15 19:38:25 | 000,276,688 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdvrt32.dll
[2013/04/15 19:38:24 | 000,040,656 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdkbd32.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/12 21:01:36 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/05/12 21:01:34 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/05/12 20:58:15 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/05/12 20:58:15 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/05/12 20:58:15 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/05/12 20:58:15 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/05/12 20:58:15 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/05/12 20:41:52 | 000,180,609 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\BD.JPG
[2013/05/12 20:30:51 | 002,935,344 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\BD_Free_Uninstall_Tool.exe
[2013/05/12 18:37:55 | 000,184,775 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\screenshot.JPG
[2013/05/12 16:48:13 | 000,464,491 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\RootRepeal.zip
[2013/05/12 16:38:58 | 000,377,856 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\mvttrzrf.exe
[2013/05/12 15:13:06 | 000,172,008 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\greska.JPG
[2013/05/12 13:17:18 | 000,120,623 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\img_1372.jpg
[2013/05/10 23:48:26 | 133,816,320 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2013/04/29 13:18:46 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2013/04/17 21:18:45 | 000,001,721 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013/04/17 21:18:45 | 000,001,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2013/02/25 02:03:47 | 000,478,216 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/02/14 19:49:37 | 000,000,252 | ---- | C] () -- C:\WINDOWS\KillSwitch.INI
[2013/02/12 00:53:19 | 000,017,308 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360623193.bdinstall.bin
[2013/02/12 00:51:57 | 000,017,308 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360623107.bdinstall.bin
[2013/02/12 00:50:38 | 000,043,522 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360622972.bdinstall.bin
[2013/02/12 00:49:31 | 000,022,566 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360622968.bdinstall.bin
[2013/02/12 00:06:32 | 000,182,930 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360620177.bdinstall.bin
[2013/02/11 23:57:51 | 000,030,063 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360619833.bdinstall.bin
[2013/02/11 23:56:56 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2013/02/11 23:55:17 | 000,029,866 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360619706.bdinstall.bin
[2013/02/11 23:50:02 | 000,029,937 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360619390.bdinstall.bin
[2013/02/11 23:47:41 | 000,030,260 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360618700.bdinstall.bin
[2013/02/11 22:51:20 | 000,030,060 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360615854.bdinstall.bin
[2013/02/11 22:49:18 | 000,030,265 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360615694.bdinstall.bin
[2012/08/26 18:55:45 | 000,009,845 | ---- | C] () -- C:\WINDOWS\System32\mswinnoke.dll
[2012/08/22 14:32:59 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2012/08/22 14:32:59 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012/08/22 14:32:45 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Application Data\$_hpcst$.hpc
[2012/08/14 20:11:47 | 000,004,756 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\.recently-used.xbel
[2012/06/10 02:44:01 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\nyxiv.dat
[2012/04/20 18:28:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxeevs.dll
[2012/04/20 18:28:23 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecoin.dll
[2012/04/20 18:28:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxeegcfg.dll
[2012/04/20 18:28:14 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeecui.dll
[2012/04/20 18:28:14 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeecuir.dll
[2012/04/20 18:27:07 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxeerwrd.ini
[2012/04/20 18:26:55 | 000,446,464 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEEhcp.dll
[2012/04/20 18:26:55 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\LXEEinst.dll
[2012/04/20 18:26:54 | 001,052,672 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeserv.dll
[2012/04/20 18:26:54 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeusb1.dll
[2012/04/20 18:26:54 | 000,651,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeepmui.dll
[2012/04/20 18:26:54 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeinpa.dll
[2012/04/20 18:26:54 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeiesc.dll
[2012/04/20 18:26:53 | 000,581,632 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeelmpm.dll
[2012/04/20 18:26:53 | 000,328,360 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeih.exe
[2012/04/20 18:26:53 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxeeins.dll
[2012/04/20 18:26:53 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxeeinsb.dll
[2012/04/20 18:26:53 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxeeinsr.dll
[2012/04/20 18:26:53 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxeejswr.dll
[2012/04/20 18:26:52 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeehbn3.dll
[2012/04/20 18:26:52 | 000,602,792 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecoms.exe
[2012/04/20 18:26:52 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecomm.dll
[2012/04/20 18:26:52 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeecu.dll
[2012/04/20 18:26:52 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxeegrd.dll
[2012/04/20 18:26:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeecub.dll
[2012/04/20 18:26:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeecur.dll
[2012/04/20 18:26:51 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecomc.dll
[2012/04/20 18:26:51 | 000,369,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecfg.exe
[2012/01/25 15:20:44 | 000,002,394 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/09/20 15:45:04 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011/07/14 11:56:59 | 000,172,032 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/14 04:22:04 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Application Data\MPUI.ini
[2011/07/14 04:11:22 | 011,534,336 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\NTUSER.bak

========== ZeroAccess Check ==========

[2008/12/27 15:14:18 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 06:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 06:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< >

========== Base Services ==========
SRV - [2008/04/14 06:42:14 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 06:42:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 06:42:04 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/14 06:41:52 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 06:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 06:41:52 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/14 06:41:54 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/04/14 06:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 06:41:54 | 000,033,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/14 06:42:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 06:42:10 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/14 06:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 06:42:24 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 06:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 06:41:54 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 06:42:18 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [Auto | Running] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 06:42:18 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 06:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 06:42:02 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/14 06:42:02 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2008/04/14 06:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2008/04/14 06:42:38 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 06:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 06:42:04 | 000,088,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 06:42:04 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/14 06:42:06 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 06:42:04 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 06:42:06 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 06:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 06:42:12 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/14 06:42:08 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2008/04/14 06:42:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 06:42:08 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 06:42:06 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 06:41:58 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 06:42:08 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 06:42:08 | 000,295,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 06:42:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 06:42:40 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 06:41:52 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 06:41:56 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 06:42:10 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 06:42:30 | 000,078,848 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 06:42:10 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 06:41:50 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/14 06:41:54 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 06:42:12 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/14 06:42:10 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: SERVICES.EXE >
[2008/04/14 06:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2008/04/14 06:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\system32\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 06:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 06:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C43ED645

< End of report >

Poslao: 13 Maj 2013 10:06
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Vera u logovima nisam nasao prisustvo malware-a na tvom sistemu.

Kao sto sam napisao, prozori koji ti iskacu su posledica najverovatnije lose deinstalacije MCShield programa.
Pokusaj sa ponovnom instalacijom programa.
[Link mogu videti samo ulogovani korisnici]


Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings

Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

MyCity » Ambulanta -> Arhiva Ambulante » Prozori prijavljuju grešku

Ko je trenutno na forumu
 

Ukupno su 1829 korisnika na forumu :: 81 registrovanih, 4 sakrivenih i 1744 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 33 bren, 357magnum, 9191vs, A.R.Chafee.Jr., AleksSE, amonsrb, Apok, Asteker, bankulen, bojankrstc, BrcakRS, bukefal, CioRio, Cirkon, Colt D, Crazzer, cvrle312, Deki Duga Devetka, Dimitrise93, Dioniss, Draganeli, draganl, dukajov, Electron, eulereix, Filip1, Fog of War, gorankuba, goranvas, Hans Gajger, Hardenberg, hatman, hellenic, igorkozar83, ikan, Insan, istina, Jablan, Jomini, kaisarevic1, Kajzer Soze, kolle.the.kid, kori, kunktator, ljuba.b, ljubsz, Lotus, M74AB3, Magistar78, MiroslavD, Mićko, mkukoleca, museum, mxzzz, Natuzzi, nerislav2025, nobutado, Paklenica, Panter, Papadubi, peradetlić, pfc74, ping15, proka89, raketaš, RJ, singa, Sirius, skvara, Soncogor, Stoilkovic, TheBeastOfMG, Uros Cuore Sportivo, vaci, Vanderx, vensla, Volkhov-M, vukan0799, vuksa72, yiyi, Zec