MyCity » Ambulanta -> Arhiva Ambulante » Prozori prijavljuju grešku

Prozori prijavljuju grešku

Napisano na dan: 12.5.2013
2

Prozori prijavljuju grešku
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 12 Maj 2013 19:25
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

Napisano: 12 Maj 2013 19:12

Ne znam ništa o Bitdefenderu! Nemam ga instaliranog.

Dopuna: 12 Maj 2013 19:14

Imam Comodo, i njega sam deaktivirala.

Dopuna: 12 Maj 2013 19:25

Imala sam Bitdefender instalaciju, ali nikad nije bila pokrenuta. Posle je izbrisana. (izgleda da nije sasvim uklonjena, ali po[to je nigde ne vidim, ne mogu ni da je uklonim).

Poslao: 12 Maj 2013 20:25
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Vera, da ne cekas dok kolega dodje, preuzmi BitDefender Uninstall Tool i deinstaliraj ostatke tog Antivirusa, imas na linku download i uputstvo.
Zatim pokreni Combofix.

http://www.bitdefender.com/support/How-to-uninstall-Bitdefender-333.html



Ukoliko ponovo dobijes obavestenje da je BitDefender prisutan, ignorisi upozorenje i nastavi dalje.

Pozdrav.

Poslao: 12 Maj 2013 20:46
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

Da li smem da nastavim sa Combofixom jer mi opet daje isto upozorenje, a Bitdefender je uklonjen na ovaj način?


Da li ovo znaci da je sasvim uklonjen?

Poslao: 12 Maj 2013 20:48
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Nastavi sa Combofixom.

Poslao: 12 Maj 2013 21:35
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

Ne ide, nikako. Pokrenula sam Combofix, stigao je do "stage 50", napravio razmak i odjednom sve obrisao, restartovao se, pojavio se plavi ekran. Kad se ponovo podigao sistem, opet sam pokrenula Combofix i desilo se isto kad je stigao do "stage 50". Sad

Poslao: 12 Maj 2013 21:43
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Obriši staru ikonicu ComboFix-a i preuzmi novu sa sledeće adrese na Desktop

ComboFix

Zatim klikni na Start --> Run , a zatim kopiraj pažljivo sledeći tekst

"%userprofile%\Desktop\ComboFix.exe" /KillAll /StepDel /NoMBR

Pritisni OK i ComboFix će započeti sa skeniranjem.

Poslao: 12 Maj 2013 22:20
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

Ne vredi, dešava se isto, tj. prekida skeniranje. A i dalje mi prijavljuje taj Bitdefender kao da je aktivan (ovo možda nije važno).

Poslao: 12 Maj 2013 22:47
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pa vazno je, imas dva Antivirusa na sistemu, Bitdefender nije dobro deinstaliran a instaliran je CIS preko njega.

Taj prozor koji se pojavljuje je legitiman program MCShield koji je iz nekog razloga zabagovao. Pronadji ga i deinstaliraj.




Preuzmi program OTL sa donjeg linka na Desktop:
Download link1
Download link2




Dvoklikom pokreni OTL.

Štikliraj opciju Scan All Users.
U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeći tekst:


netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.exe
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
CREATERESTOREPOINT



Klikni RunScan i pričekaj da se skeniranje završi.
Iskopiraj sadržaj OTL.txt izveštaja u temu na forumu.

Poslao: 13 Maj 2013 00:12
Idi na vrh
offline
  • Pridružio: 28 Okt 2008
  • Poruke: 312

OTL logfile created on: 5/13/2013 12:05:17 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Novi korisnik\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.42 Mb Total Physical Memory | 43.28 Mb Available Physical Memory | 4.23% Memory free
2.40 Gb Paging File | 1.25 Gb Available in Paging File | 51.99% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 15.70 Gb Free Space | 20.09% Space Free | Partition Type: NTFS
Drive D: | 154.75 Gb Total Space | 154.04 Gb Free Space | 99.54% Space Free | Partition Type: NTFS

Computer Name: KORISNIK-E8450A | User Name: Novi korisnik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/13 00:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Novi korisnik\desktop\OTL.com
PRC - [2013/05/02 04:07:10 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013/04/26 18:31:59 | 001,815,248 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
PRC - [2013/04/25 02:30:15 | 004,443,912 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2013/04/25 02:29:48 | 009,478,352 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cis.exe
PRC - [2013/04/15 19:38:17 | 003,012,816 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
PRC - [2013/04/15 19:38:17 | 002,048,208 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdupd.exe
PRC - [2013/04/12 16:23:17 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/11 20:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2010/01/21 18:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
PRC - [2010/01/16 10:54:08 | 000,717,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2009/05/07 14:06:32 | 000,602,792 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeecoms.exe
PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/12 16:23:16 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/03/30 13:18:29 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeedrpp.dll
MOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2001/10/28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


========== Services (SafeList) ==========

SRV - [2013/04/25 02:30:15 | 004,443,912 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2013/04/15 19:38:18 | 000,127,184 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV - [2013/04/12 16:23:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/25 17:27:47 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)
SRV - [2013/03/22 19:19:21 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/11 20:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/01/21 18:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/05/07 14:06:32 | 000,602,792 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxeecoms.exe -- (lxee_device)
SRV - [2009/05/07 14:06:26 | 000,098,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeeserv.exe -- (lxeeCATSCustConnectService)
SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\NOVIKO~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV - [2013/04/25 12:05:20 | 000,099,392 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2013/04/15 19:38:59 | 000,032,816 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2013/04/15 19:38:58 | 000,592,384 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2013/04/15 19:38:58 | 000,018,528 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2013/02/05 19:34:43 | 000,039,048 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/12/02 15:19:06 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/12/02 00:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/10/16 15:00:30 | 000,115,840 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/07/24 19:02:44 | 004,749,824 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/07/02 21:38:14 | 000,089,600 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/30 10:49:14 | 000,093,824 | ---- | M] (USB video camera) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cam1210.sys -- (CAM1210)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-261478967-725345543-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.3
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130116
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/11/27 12:25:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/12 16:23:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/12 16:23:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/02/14 13:05:54 | 000,000,000 | ---D | M]

[2013/03/15 17:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Extensions
[2013/05/12 15:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\mmzu09h3.default-1359031359843\extensions
[2013/04/03 10:52:09 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\mmzu09h3.default-1359031359843\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/05/06 05:05:53 | 000,534,214 | ---- | M] () (No name found) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\mmzu09h3.default-1359031359843\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/05/11 00:23:00 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Novi korisnik\Application Data\Mozilla\Firefox\Profiles\mmzu09h3.default-1359031359843\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/12 16:23:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/12 16:23:04 | 000,000,000 | ---D | M] (Zaštita od reklamnih poruka) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
[2013/04/12 16:23:05 | 000,000,000 | ---D | M] (Kaspersky URL саветник) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2013/04/12 16:23:17 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/08/09 10:42:41 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2013/04/12 16:23:13 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/04/12 16:23:13 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Shockwave (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google \u043f\u0440\u0435\u0442\u0440\u0430\u0433\u0430 = C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\offlaklpbgccmeobfnimdjapgolbfhad\6.0.8.437\
CHR - Extension: Gmail = C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/05/11 09:50:08 | 000,447,701 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15376 more lines...
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-583907252-261478967-725345543-1013\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (COMODO)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKU\S-1-5-21-583907252-261478967-725345543-1013..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-583907252-261478967-725345543-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Novi korisnik\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Novi korisnik\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65766D64-DA15-44B6-8306-2B1EADD0DA3B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\crypt32chain: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\cryptnet: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\cscdll: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\Schedule: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\sclgntfy: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\SensLogn: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\termsrv: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O20 - Winlogon\Notify\wlballoon: DllName - (Reg Error: Key error.) - Reg Error: Key error. File not found
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/27 15:05:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/05/13 00:03:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Novi korisnik\Desktop\OTL.com
[2013/05/12 22:11:22 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/05/12 22:08:49 | 005,069,265 | R--- | C] (Swearware) -- C:\Documents and Settings\Novi korisnik\Desktop\ComboFix.exe
[2013/05/12 21:01:30 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/05/12 20:58:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/05/12 20:58:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/05/12 20:58:15 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/05/12 20:58:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/05/12 18:36:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/12 18:35:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/05/12 16:49:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\Desktop\RootRepeal
[2013/05/12 16:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2013/05/12 16:00:36 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Novi korisnik\Desktop\dds.scr
[2013/05/12 15:07:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Novi korisnik\Recent
[2013/05/12 14:32:49 | 000,000,000 | ---D | C] -- C:\Stinger_Quarantine
[2013/05/12 14:32:36 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2013/05/11 18:12:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Novi korisnik\My Documents\Sticky Passwords
[2013/05/11 18:08:06 | 000,000,000 | ---D | C] -- C:\Program Files\VITSOFT
[2013/05/11 18:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\Start Menu\Programs\VITSOFT
[2013/05/01 13:38:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/05/01 13:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\My Documents\DbgLogs
[2013/05/01 13:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\My Documents\PassMark
[2013/05/01 13:30:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PassMark
[2013/04/30 00:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Novi korisnik\Desktop\Sve sa Desktopa
[2013/04/17 21:19:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2013/04/17 21:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/13 00:08:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/13 00:05:46 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
[2013/05/13 00:04:26 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
[2013/05/13 00:04:26 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
[2013/05/13 00:04:26 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
[2013/05/13 00:03:03 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2013/05/13 00:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Novi korisnik\Desktop\OTL.com
[2013/05/12 23:29:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-261478967-725345543-1013UA.job
[2013/05/12 23:29:00 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-261478967-725345543-1003UA.job
[2013/05/12 23:12:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/12 22:39:56 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/05/12 22:13:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/12 22:13:11 | 133,816,320 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013/05/12 22:09:39 | 005,069,265 | R--- | M] (Swearware) -- C:\Documents and Settings\Novi korisnik\Desktop\ComboFix.exe
[2013/05/12 21:01:36 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/05/12 20:41:53 | 000,180,609 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\BD.JPG
[2013/05/12 20:31:03 | 002,935,344 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\BD_Free_Uninstall_Tool.exe
[2013/05/12 18:37:55 | 000,184,775 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\screenshot.JPG
[2013/05/12 16:48:14 | 000,464,491 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\RootRepeal.zip
[2013/05/12 16:38:58 | 000,377,856 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\mvttrzrf.exe
[2013/05/12 16:00:38 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Novi korisnik\Desktop\dds.scr
[2013/05/12 15:13:06 | 000,172,008 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\greska.JPG
[2013/05/12 13:18:14 | 000,120,623 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\img_1372.jpg
[2013/05/12 06:29:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-261478967-725345543-1003Core.job
[2013/05/12 05:29:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-261478967-725345543-1013Core.job
[2013/05/12 04:12:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/11 09:50:08 | 000,447,701 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/05/10 21:32:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/06 13:00:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2013/05/04 13:55:45 | 000,447,637 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130511-095008.backup
[2013/05/02 10:44:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2013/04/30 17:29:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-261478967-725345543-1003.job
[2013/04/30 15:18:13 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/04/29 21:16:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-261478967-725345543-1013.job
[2013/04/29 13:18:52 | 011,534,336 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\NTUSER.bak
[2013/04/25 18:57:20 | 000,447,209 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130504-135545.backup
[2013/04/25 12:05:20 | 000,099,392 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2013/04/23 16:04:10 | 000,348,048 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2013/04/19 23:11:17 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Desktop\Microsoft Word 2010.lnk
[2013/04/19 15:01:59 | 000,447,150 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130425-185720.backup
[2013/04/18 08:01:49 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
[2013/04/17 21:18:45 | 000,001,721 | ---- | M] () -- C:\Documents and Settings\Novi korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013/04/17 21:18:45 | 000,001,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2013/04/15 19:38:59 | 000,032,816 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2013/04/15 19:38:58 | 000,592,384 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2013/04/15 19:38:58 | 000,018,528 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2013/04/15 19:38:37 | 000,035,488 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2013/04/15 19:38:25 | 000,276,688 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdvrt32.dll
[2013/04/15 19:38:24 | 000,040,656 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdkbd32.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/12 21:01:36 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/05/12 21:01:34 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/05/12 20:58:15 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/05/12 20:58:15 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/05/12 20:58:15 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/05/12 20:58:15 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/05/12 20:58:15 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/05/12 20:41:52 | 000,180,609 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\BD.JPG
[2013/05/12 20:30:51 | 002,935,344 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\BD_Free_Uninstall_Tool.exe
[2013/05/12 18:37:55 | 000,184,775 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\screenshot.JPG
[2013/05/12 16:48:13 | 000,464,491 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\RootRepeal.zip
[2013/05/12 16:38:58 | 000,377,856 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\mvttrzrf.exe
[2013/05/12 15:13:06 | 000,172,008 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\greska.JPG
[2013/05/12 13:17:18 | 000,120,623 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Desktop\img_1372.jpg
[2013/05/10 23:48:26 | 133,816,320 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2013/04/29 13:18:46 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2013/04/17 21:18:45 | 000,001,721 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013/04/17 21:18:45 | 000,001,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2013/02/25 02:03:47 | 000,478,216 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/02/14 19:49:37 | 000,000,252 | ---- | C] () -- C:\WINDOWS\KillSwitch.INI
[2013/02/12 00:53:19 | 000,017,308 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360623193.bdinstall.bin
[2013/02/12 00:51:57 | 000,017,308 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360623107.bdinstall.bin
[2013/02/12 00:50:38 | 000,043,522 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360622972.bdinstall.bin
[2013/02/12 00:49:31 | 000,022,566 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360622968.bdinstall.bin
[2013/02/12 00:06:32 | 000,182,930 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360620177.bdinstall.bin
[2013/02/11 23:57:51 | 000,030,063 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360619833.bdinstall.bin
[2013/02/11 23:56:56 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2013/02/11 23:55:17 | 000,029,866 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360619706.bdinstall.bin
[2013/02/11 23:50:02 | 000,029,937 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360619390.bdinstall.bin
[2013/02/11 23:47:41 | 000,030,260 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360618700.bdinstall.bin
[2013/02/11 22:51:20 | 000,030,060 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360615854.bdinstall.bin
[2013/02/11 22:49:18 | 000,030,265 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1360615694.bdinstall.bin
[2012/08/26 18:55:45 | 000,009,845 | ---- | C] () -- C:\WINDOWS\System32\mswinnoke.dll
[2012/08/22 14:32:59 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2012/08/22 14:32:59 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012/08/22 14:32:45 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Application Data\$_hpcst$.hpc
[2012/08/14 20:11:47 | 000,004,756 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\.recently-used.xbel
[2012/06/10 02:44:01 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\nyxiv.dat
[2012/04/20 18:28:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxeevs.dll
[2012/04/20 18:28:23 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecoin.dll
[2012/04/20 18:28:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxeegcfg.dll
[2012/04/20 18:28:14 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeecui.dll
[2012/04/20 18:28:14 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeecuir.dll
[2012/04/20 18:27:07 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxeerwrd.ini
[2012/04/20 18:26:55 | 000,446,464 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEEhcp.dll
[2012/04/20 18:26:55 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\LXEEinst.dll
[2012/04/20 18:26:54 | 001,052,672 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeserv.dll
[2012/04/20 18:26:54 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeusb1.dll
[2012/04/20 18:26:54 | 000,651,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeepmui.dll
[2012/04/20 18:26:54 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeinpa.dll
[2012/04/20 18:26:54 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeiesc.dll
[2012/04/20 18:26:53 | 000,581,632 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeelmpm.dll
[2012/04/20 18:26:53 | 000,328,360 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeeih.exe
[2012/04/20 18:26:53 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxeeins.dll
[2012/04/20 18:26:53 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxeeinsb.dll
[2012/04/20 18:26:53 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxeeinsr.dll
[2012/04/20 18:26:53 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxeejswr.dll
[2012/04/20 18:26:52 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeehbn3.dll
[2012/04/20 18:26:52 | 000,602,792 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecoms.exe
[2012/04/20 18:26:52 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecomm.dll
[2012/04/20 18:26:52 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeecu.dll
[2012/04/20 18:26:52 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxeegrd.dll
[2012/04/20 18:26:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeecub.dll
[2012/04/20 18:26:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeecur.dll
[2012/04/20 18:26:51 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecomc.dll
[2012/04/20 18:26:51 | 000,369,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeecfg.exe
[2012/01/25 15:20:44 | 000,002,394 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/09/20 15:45:04 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011/07/14 11:56:59 | 000,172,032 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/14 04:22:04 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\Application Data\MPUI.ini
[2011/07/14 04:11:22 | 011,534,336 | ---- | C] () -- C:\Documents and Settings\Novi korisnik\NTUSER.bak

========== ZeroAccess Check ==========

[2008/12/27 15:14:18 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 06:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 06:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< >

========== Base Services ==========
SRV - [2008/04/14 06:42:14 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 06:42:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 06:42:04 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/14 06:41:52 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 06:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 06:41:52 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/14 06:41:54 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/04/14 06:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 06:41:54 | 000,033,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/14 06:42:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 06:42:10 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/14 06:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 06:42:24 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 06:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 06:41:54 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 06:42:18 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [Auto | Running] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 06:42:18 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 06:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 06:42:02 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/14 06:42:02 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2008/04/14 06:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2008/04/14 06:42:38 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 06:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 06:42:04 | 000,088,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 06:42:04 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/14 06:42:06 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 06:42:04 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 06:42:06 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 06:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 06:42:12 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/14 06:42:08 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2008/04/14 06:42:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 06:42:08 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 06:42:06 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 06:41:58 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 06:42:08 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 06:42:08 | 000,295,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 06:42:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 06:42:40 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 06:41:52 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 06:41:56 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 06:42:10 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 06:42:30 | 000,078,848 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 06:42:10 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 06:41:50 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/14 06:41:54 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 06:42:12 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/14 06:42:10 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: SERVICES.EXE >
[2008/04/14 06:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2008/04/14 06:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\system32\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 06:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 06:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C43ED645

< End of report >

Poslao: 13 Maj 2013 10:06
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Vera u logovima nisam nasao prisustvo malware-a na tvom sistemu.

Kao sto sam napisao, prozori koji ti iskacu su posledica najverovatnije lose deinstalacije MCShield programa.
Pokusaj sa ponovnom instalacijom programa.
http://www.mcshield.net/downloads.html


Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings

Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

MyCity » Ambulanta -> Arhiva Ambulante » Prozori prijavljuju grešku

Ko je trenutno na forumu
 

Ukupno su 1191 korisnika na forumu :: 37 registrovanih, 11 sakrivenih i 1143 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: amaterSRB, Andrija357, aramis s, Buzdovan, Denaya, Dimitrise93, dragoljub11987, FOX, Georgius, ikan, Istman, ivica976, Karla, kjkszpj, kunktator, kybonacci, ladro, M1los, Milometer, Mixelotti, nemkea71, Pakito93, panzerwaffe, pein, RJ, royst33, sasa76, Shinobi, Sirius, slonic_tonic, solic, Srle993, stegonosa, Tvrtko I, vathra, vukovi, |_MeD_|