Usporen kompjuter

Usporen kompjuter

offline
  • Pridružio: 12 Jun 2009
  • Poruke: 34

Poslednjih nekoliko nedelja kompjuter mi je prilično usporen, posebno se vidi u Chrome-u (zakucava kada krenem da skrolujem po stranici, YouTube je usporen i prekida se itd.), ali npr. i jako sporo otvara fotografije, filmovi u VLC-ju stalno koče... Skenirao sam pre nekoliko dana Avastom, ali nije ništa pronašao.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Filip (administrator) on FILIP-PC on 16-09-2014 13:46:22
Running from C:\Users\Filip\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1143575183-1409231400-4212582508-1000\...\Run: [Google Update] => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-06] (Google Inc.)
HKU\S-1-5-21-1143575183-1409231400-4212582508-1000\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-1143575183-1409231400-4212582508-1000\...\MountPoints2: {5e8bb816-ceee-11e3-9cf8-047d7b738e37} - I:\Autorun.exe
HKU\S-1-5-21-1143575183-1409231400-4212582508-1000\...\MountPoints2: {5e8bb824-ceee-11e3-9cf8-047d7b738e37} - I:\Autorun.exe
HKU\S-1-5-21-1143575183-1409231400-4212582508-1000\...\MountPoints2: {dc040e5d-f9ef-11e3-b0b8-047d7b738e37} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Filip\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Filip\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Filip\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Filip\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.rs/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.rs__
CHR DefaultSearchURL: Default -> google.rs/#hl=sr&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=86ce359f9c0ebd85
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-04-24]
CHR Extension: (Google Docs) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-24]
CHR Extension: (Google Drive) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-24]
CHR Extension: (TV) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-04-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (Web Developer) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-04-24]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-24]
CHR Extension: (Planeto Quiz) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\caekfgjhgmkgdhbiaikgdbpldepnkchg [2014-04-24]
CHR Extension: (Google Search) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-24]
CHR Extension: (Learn Italian - Molto Bene) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dadgddaepklpemjojmnhgdjmmkmefihe [2014-04-24]
CHR Extension: (iVocab: GRE, TOEFL and SAT) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddbfkngjokojcmmadaaipmjiacnnmgbl [2014-04-24]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2014-04-24]
CHR Extension: (Google News) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-04-24]
CHR Extension: (Hangman) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekpfaaakmnhcembbiennfjiaodandmhg [2014-04-24]
CHR Extension: (Full Screen Flash) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejijbmhbanhbllpkhfojmimfolkjgdl [2014-04-24]
CHR Extension: (Planetarium) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2014-04-24]
CHR Extension: (AdBlock) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-24]
CHR Extension: (DownFlickr - Flickr Downloader) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\idiemcijhbenngdhkdiipmpkafnkbkeg [2014-04-24]
CHR Extension: (World of Solitaire) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn [2014-04-24]
CHR Extension: (Qbox - Wisdom of the Ages) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikfnimbehfhlelledoaemompbeihbhfb [2014-04-24]
CHR Extension: (Typing Test - KeyHero) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2014-04-24]
CHR Extension: (BBC Good Food) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkffnoliaheoidfeejcmnidkkgilkja [2014-04-24]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-04-25]
CHR Extension: (Google Play Books) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2014-04-24]
CHR Extension: (Google Wallet) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2014-04-24]
CHR Extension: (Thesaurus) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkakehngcem [2014-04-24]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-24] (AVAST Software)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [135168 2012-06-29] (Nalpeiron Ltd.) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-06-29] (Nalpeiron Ltd.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-24] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-24] (Disc Soft Ltd)
S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2013-02-26] (Windows (R) Win 7 DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-26] (Windows (R) Win 7 DDK provider)
S3 onda_cdc_acm; C:\Windows\System32\DRIVERS\onda_cdc_acm.sys [79872 2012-02-20] (ONDA)
S3 onda_cdc_ecm; C:\Windows\System32\DRIVERS\onda_cdc_ecm.sys [60416 2012-02-20] (ONDA)
S3 onda_ecm_enum; C:\Windows\System32\DRIVERS\onda_ecm_enum.sys [56832 2012-02-20] (ONDA)
S3 onda_ecm_enum_filter; C:\Windows\System32\DRIVERS\onda_ecm_enum_filter.sys [56832 2012-02-20] (ONDA)
S3 onda_wcpo; C:\Windows\System32\DRIVERS\onda_wcpo.sys [10752 2012-02-20] (ONDA)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 13:46 - 2014-09-16 13:47 - 00016520 _____ () C:\Users\Filip\Desktop\FRST.txt
2014-09-16 13:45 - 2014-09-16 13:46 - 00000000 ____D () C:\FRST
2014-09-16 13:44 - 2014-09-16 13:45 - 02105856 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2014-09-15 18:31 - 2014-09-15 18:31 - 01678516 _____ () C:\Users\Filip\Downloads\letnjikovac.rar
2014-09-15 18:31 - 2014-09-15 18:31 - 00000000 ____D () C:\Users\Filip\Downloads\letnjikovac
2014-09-14 15:32 - 2014-09-14 15:34 - 00000000 ____D () C:\Users\Filip\Downloads\The Hitchhiker's Guide to the Galaxy (2005)
2014-09-12 20:20 - 2014-09-12 20:35 - 00000000 ____D () C:\Users\Filip\Downloads\The Hobbit The Desolation of Smaug (2013)
2014-09-12 13:28 - 2014-09-12 13:28 - 04528233 _____ () C:\Users\Filip\Downloads\[Igor_A._Mel'cuk]_Dependency_Syntax_Theory_and_Pr(BookZZ.org).epub
2014-09-12 10:59 - 2014-09-12 10:59 - 00000955 _____ () C:\Users\Filip\Desktop\Anki.lnk
2014-09-12 10:58 - 2014-09-12 10:58 - 23224070 _____ () C:\Users\Filip\Downloads\anki-2.0.28.exe
2014-09-11 19:48 - 2014-09-11 19:52 - 00000000 ____D () C:\Users\Filip\Downloads\The Hobbit An Unexpected Journey (2012)
2014-09-10 20:31 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 20:31 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 20:31 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 20:31 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 20:31 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 20:31 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 20:31 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 20:31 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 20:31 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 20:31 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 20:31 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 20:31 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 20:31 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 20:31 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 20:31 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 20:31 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 20:31 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 20:31 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 20:31 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 20:31 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 20:31 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 20:31 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 20:31 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 20:31 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 20:31 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 20:31 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 20:31 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 20:31 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 20:31 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 20:31 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 20:31 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 20:31 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 20:31 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 20:31 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 20:31 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 20:31 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 20:31 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 20:31 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 20:31 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 20:31 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 20:31 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 20:31 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 20:31 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 20:30 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 20:30 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 20:30 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 20:30 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 20:30 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 20:30 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 20:30 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 20:30 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 20:30 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 20:30 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 20:30 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 20:30 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 20:30 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 20:20 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 20:20 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 18:08 - 2014-09-10 18:08 - 00000000 ____D () C:\Users\Filip\Downloads\SDelete
2014-09-10 18:07 - 2014-09-10 18:07 - 00082741 _____ () C:\Users\Filip\Downloads\SDelete.zip
2014-09-10 09:45 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 09:45 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 09:44 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 09:44 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 09:44 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 09:44 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 09:44 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 09:44 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 09:44 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 09:22 - 2014-09-16 10:37 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-07 20:38 - 2014-09-07 20:39 - 06306360 _____ (TeamViewer GmbH) C:\Users\Filip\Downloads\TeamViewer_Setup_sr.exe
2014-09-07 19:47 - 2014-09-07 19:47 - 18758726 _____ () C:\Users\Filip\Desktop\IMG_2507.psd
2014-09-07 12:15 - 2014-09-07 12:16 - 00000000 ____D () C:\Users\Filip\Documents\Outlook Files
2014-09-07 11:12 - 2014-09-07 11:12 - 00009534 _____ () C:\Users\Filip\Desktop\TV kanali.xlsx
2014-09-06 16:30 - 2014-09-06 16:30 - 00000379 _____ () C:\Users\Filip\Downloads\no-sender.php
2014-09-06 14:23 - 2014-09-06 14:32 - 00000000 ____D () C:\Users\Filip\Downloads\Allacciate.Le.Cinture.2014.iTALiAN.BDRip.XviD-TRL
2014-09-06 14:12 - 2014-09-06 14:12 - 00006935 _____ () C:\Users\Filip\Desktop\dz header backup.txt
2014-09-05 17:55 - 2014-09-05 18:01 - 00000000 ____D () C:\Users\Filip\Downloads\The Great Gatsby (2013)
2014-09-05 10:57 - 2014-09-05 10:57 - 00124928 _____ () C:\Users\Filip\Documents\Uni secondo anno.pub
2014-09-05 10:18 - 2014-09-05 10:18 - 01379427 _____ () C:\Users\Filip\Downloads\roboto.zip
2014-09-05 10:18 - 2014-09-05 10:18 - 00000000 ____D () C:\Users\Filip\Downloads\roboto
2014-09-04 12:48 - 2014-09-04 12:48 - 00035451 _____ () C:\Users\Filip\Downloads\mine.vaganti.(2010).ita.2cd.(4019009).zip
2014-09-04 12:48 - 2014-09-04 12:48 - 00000000 ____D () C:\Users\Filip\Downloads\mine.vaganti.(2010).ita.2cd.(4019009)
2014-09-03 19:27 - 2014-09-03 19:28 - 00000000 ____D () C:\Users\Filip\Downloads\Snow White and the Huntsman EXTENDED (2012)
2014-09-03 19:25 - 2014-09-03 19:25 - 00000851 _____ () C:\Users\Filip\Desktop\µTorrent.lnk
2014-09-01 20:01 - 2014-09-08 20:01 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-09-01 20:01 - 2014-09-01 20:01 - 00001258 _____ () C:\Users\Public\Desktop\NCH Suite.lnk
2014-09-01 20:01 - 2014-09-01 20:01 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Scribe Transcription Software.lnk
2014-09-01 20:01 - 2014-09-01 20:01 - 00001146 _____ () C:\Users\Public\Desktop\Express Scribe Transcription Software.lnk
2014-09-01 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\NCH Software
2014-09-01 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-01 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-09-01 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-09-01 20:00 - 2014-09-01 20:01 - 00937560 _____ (NCH Software) C:\Users\Filip\Downloads\essetup.exe
2014-08-28 08:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 08:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 08:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 08:33 - 2014-08-22 08:33 - 00000000 ____D () C:\Users\Filip\Downloads\Skyfall (2012)
2014-08-21 17:35 - 2014-08-21 17:55 - 00000000 ____D () C:\Users\Filip\Desktop\biba i ceca ge za fb
2014-08-21 13:37 - 2014-08-21 13:37 - 00000000 ____D () C:\Users\Filip\Desktop\sandra
2014-08-20 10:39 - 2014-08-20 10:39 - 00001098 _____ () C:\Windows\PFRO.log
2014-08-18 14:35 - 2014-08-18 14:35 - 00000000 ____D () C:\Users\Filip\Desktop\flash backup 18 avg
2014-08-18 13:48 - 2014-08-18 13:48 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ImgBurn
2014-08-18 13:23 - 2014-08-18 13:23 - 00001881 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-08-18 13:23 - 2014-08-18 13:23 - 00001869 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-08-18 13:23 - 2014-08-18 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-08-18 13:23 - 2014-08-18 13:23 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-08-17 19:47 - 2014-09-06 00:10 - 00014070 _____ () C:\Users\Filip\Desktop\Reading.xlsx
2014-08-17 17:17 - 2014-08-17 17:18 - 00000000 ____D () C:\Users\Filip\Downloads\Themen Aktuell
2014-08-17 17:17 - 2014-08-17 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-17 17:17 - 2014-08-17 17:17 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-17 17:10 - 2014-08-17 17:11 - 00000000 ____D () C:\Users\Filip\Downloads\London Grammar - If You Wait [iTunes Deluxe Version][2013 - M4A - VBR][LATEST ALBUM] - [MAHIY]

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 13:47 - 2014-09-16 13:46 - 00016520 _____ () C:\Users\Filip\Desktop\FRST.txt
2014-09-16 13:46 - 2014-09-16 13:45 - 00000000 ____D () C:\FRST
2014-09-16 13:45 - 2014-09-16 13:44 - 02105856 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2014-09-16 13:44 - 2014-04-24 11:22 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-16 13:00 - 2014-07-06 21:55 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143575183-1409231400-4212582508-1000UA.job
2014-09-16 12:36 - 2009-07-14 06:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 12:36 - 2009-07-14 06:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-16 12:34 - 2014-04-24 19:03 - 01872836 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 12:21 - 2014-08-13 00:16 - 00012322 _____ () C:\Windows\setupact.log
2014-09-16 10:59 - 2014-08-12 22:22 - 00004956 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Filip-PC-Filip Filip-PC
2014-09-16 10:43 - 2014-08-13 20:35 - 00000000 ____D () C:\Users\Filip\Documents\Prevodi 2014
2014-09-16 10:37 - 2014-09-10 09:22 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-16 10:36 - 2014-04-24 11:22 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 10:36 - 2014-04-24 10:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-16 10:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-16 09:35 - 2014-04-27 17:14 - 00000000 ____D () C:\Users\Filip\AppData\Local\Adobe
2014-09-15 22:00 - 2014-07-06 21:55 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143575183-1409231400-4212582508-1000Core.job
2014-09-15 18:31 - 2014-09-15 18:31 - 01678516 _____ () C:\Users\Filip\Downloads\letnjikovac.rar
2014-09-15 18:31 - 2014-09-15 18:31 - 00000000 ____D () C:\Users\Filip\Downloads\letnjikovac
2014-09-15 18:20 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 23:38 - 2014-04-24 23:36 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\uTorrent
2014-09-14 17:34 - 2014-06-23 01:58 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\vlc
2014-09-14 15:34 - 2014-09-14 15:32 - 00000000 ____D () C:\Users\Filip\Downloads\The Hitchhiker's Guide to the Galaxy (2005)
2014-09-14 09:49 - 2014-04-24 11:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-12 20:35 - 2014-09-12 20:20 - 00000000 ____D () C:\Users\Filip\Downloads\The Hobbit The Desolation of Smaug (2013)
2014-09-12 16:33 - 2014-04-30 22:35 - 00000000 ____D () C:\Users\Filip\Documents\Anki
2014-09-12 13:28 - 2014-09-12 13:28 - 04528233 _____ () C:\Users\Filip\Downloads\[Igor_A._Mel'cuk]_Dependency_Syntax_Theory_and_Pr(BookZZ.org).epub
2014-09-12 10:59 - 2014-09-12 10:59 - 00000955 _____ () C:\Users\Filip\Desktop\Anki.lnk
2014-09-12 10:59 - 2014-04-30 22:35 - 00000967 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk
2014-09-12 10:58 - 2014-09-12 10:58 - 23224070 _____ () C:\Users\Filip\Downloads\anki-2.0.28.exe
2014-09-11 19:52 - 2014-09-11 19:48 - 00000000 ____D () C:\Users\Filip\Downloads\The Hobbit An Unexpected Journey (2012)
2014-09-11 14:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-10 20:33 - 2014-04-24 12:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-10 20:32 - 2014-04-24 12:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 20:26 - 2014-04-24 19:31 - 00765700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 18:08 - 2014-09-10 18:08 - 00000000 ____D () C:\Users\Filip\Downloads\SDelete
2014-09-10 18:07 - 2014-09-10 18:07 - 00082741 _____ () C:\Users\Filip\Downloads\SDelete.zip
2014-09-08 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-09-07 20:39 - 2014-09-07 20:38 - 06306360 _____ (TeamViewer GmbH) C:\Users\Filip\Downloads\TeamViewer_Setup_sr.exe
2014-09-07 19:47 - 2014-09-07 19:47 - 18758726 _____ () C:\Users\Filip\Desktop\IMG_2507.psd
2014-09-07 12:16 - 2014-09-07 12:15 - 00000000 ____D () C:\Users\Filip\Documents\Outlook Files
2014-09-07 11:12 - 2014-09-07 11:12 - 00009534 _____ () C:\Users\Filip\Desktop\TV kanali.xlsx
2014-09-07 00:51 - 2014-04-28 19:30 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Skype
2014-09-06 16:30 - 2014-09-06 16:30 - 00000379 _____ () C:\Users\Filip\Downloads\no-sender.php
2014-09-06 14:32 - 2014-09-06 14:23 - 00000000 ____D () C:\Users\Filip\Downloads\Allacciate.Le.Cinture.2014.iTALiAN.BDRip.XviD-TRL
2014-09-06 14:12 - 2014-09-06 14:12 - 00006935 _____ () C:\Users\Filip\Desktop\dz header backup.txt
2014-09-06 13:56 - 2014-06-25 21:43 - 00000132 _____ () C:\Users\Filip\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-06 00:10 - 2014-08-17 19:47 - 00014070 _____ () C:\Users\Filip\Desktop\Reading.xlsx
2014-09-05 18:01 - 2014-09-05 17:55 - 00000000 ____D () C:\Users\Filip\Downloads\The Great Gatsby (2013)
2014-09-05 17:54 - 2014-04-24 11:21 - 00121224 _____ () C:\Users\Filip\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-05 12:12 - 2009-07-14 06:45 - 05101848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-05 10:57 - 2014-09-05 10:57 - 00124928 _____ () C:\Users\Filip\Documents\Uni secondo anno.pub
2014-09-05 10:18 - 2014-09-05 10:18 - 01379427 _____ () C:\Users\Filip\Downloads\roboto.zip
2014-09-05 10:18 - 2014-09-05 10:18 - 00000000 ____D () C:\Users\Filip\Downloads\roboto
2014-09-04 12:48 - 2014-09-04 12:48 - 00035451 _____ () C:\Users\Filip\Downloads\mine.vaganti.(2010).ita.2cd.(4019009).zip
2014-09-04 12:48 - 2014-09-04 12:48 - 00000000 ____D () C:\Users\Filip\Downloads\mine.vaganti.(2010).ita.2cd.(4019009)
2014-09-03 19:28 - 2014-09-03 19:27 - 00000000 ____D () C:\Users\Filip\Downloads\Snow White and the Huntsman EXTENDED (2012)
2014-09-03 19:25 - 2014-09-03 19:25 - 00000851 _____ () C:\Users\Filip\Desktop\µTorrent.lnk
2014-09-03 19:25 - 2014-04-24 23:38 - 00000831 _____ () C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-09-01 20:01 - 2014-09-01 20:01 - 00001258 _____ () C:\Users\Public\Desktop\NCH Suite.lnk
2014-09-01 20:01 - 2014-09-01 20:01 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Scribe Transcription Software.lnk
2014-09-01 20:01 - 2014-09-01 20:01 - 00001146 _____ () C:\Users\Public\Desktop\Express Scribe Transcription Software.lnk
2014-09-01 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\NCH Software
2014-09-01 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-01 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-09-01 20:01 - 2014-09-01 20:01 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-09-01 20:01 - 2014-09-01 20:00 - 00937560 _____ (NCH Software) C:\Users\Filip\Downloads\essetup.exe
2014-08-31 16:12 - 2014-07-14 23:30 - 00000000 ____D () C:\Users\Filip\AppData\Local\Microsoft Games
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 22:46 - 2014-08-12 15:21 - 00000000 ____D () C:\Users\Filip\Desktop\slike aleks
2014-08-23 04:07 - 2014-08-28 08:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 08:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 08:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 08:33 - 2014-08-22 08:33 - 00000000 ____D () C:\Users\Filip\Downloads\Skyfall (2012)
2014-08-21 17:55 - 2014-08-21 17:35 - 00000000 ____D () C:\Users\Filip\Desktop\biba i ceca ge za fb
2014-08-21 16:17 - 2014-07-05 23:10 - 00000000 ____D () C:\Users\Filip\Desktop\ge biba i ceca
2014-08-21 13:37 - 2014-08-21 13:37 - 00000000 ____D () C:\Users\Filip\Desktop\sandra
2014-08-20 10:39 - 2014-08-20 10:39 - 00001098 _____ () C:\Windows\PFRO.log
2014-08-19 20:05 - 2014-09-10 20:31 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-10 20:31 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 01:01 - 2014-09-10 20:31 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-10 20:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-10 20:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-10 20:30 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-10 20:30 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-10 20:30 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-10 20:31 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-10 20:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-10 20:31 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-10 20:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-10 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-10 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:08 - 2014-09-10 20:30 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:05 - 2014-09-10 20:31 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-10 20:31 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-10 20:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-10 20:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-10 20:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-10 20:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-10 20:31 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-10 20:31 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-10 20:31 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-10 20:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-10 20:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-10 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-10 20:30 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-10 20:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-10 20:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-10 20:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-10 20:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-10 20:31 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-10 20:31 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-10 20:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-10 20:31 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-10 20:31 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-10 20:31 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-10 20:31 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-10 20:31 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:23 - 2014-09-10 20:30 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:22 - 2014-09-10 20:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-10 20:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-10 20:31 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-10 20:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-10 20:30 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-10 20:30 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-10 20:30 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-10 20:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-10 20:30 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-10 20:31 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-10 20:30 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-10 20:30 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-10 20:31 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:38 - 2014-09-10 20:30 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:36 - 2014-09-10 20:31 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-18 14:35 - 2014-08-18 14:35 - 00000000 ____D () C:\Users\Filip\Desktop\flash backup 18 avg
2014-08-18 13:48 - 2014-08-18 13:48 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\ImgBurn
2014-08-18 13:23 - 2014-08-18 13:23 - 00001881 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-08-18 13:23 - 2014-08-18 13:23 - 00001869 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-08-18 13:23 - 2014-08-18 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-08-18 13:23 - 2014-08-18 13:23 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-08-17 19:59 - 2014-08-12 19:55 - 00007593 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
2014-08-17 17:18 - 2014-08-17 17:17 - 00000000 ____D () C:\Users\Filip\Downloads\Themen Aktuell
2014-08-17 17:17 - 2014-08-17 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-17 17:17 - 2014-08-17 17:17 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-17 17:11 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Filip\Downloads\London Grammar - If You Wait [iTunes Deluxe Version][2013 - M4A - VBR][LATEST ALBUM] - [MAHIY]

Some content of TEMP:
====================
C:\Users\Filip\AppData\Local\Temp\w5n4idtt.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 10:08

==================== End Of Log ============================

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Pozdrav, perrin. Wink


Postavljeni FRST izvestaji ne pokazuje znakove aktivne infekcije. No, idemo na dodatnu proveru sa neke druge tacke gledista.



1. Preuzmi sUBs-ov ComboFix () sa ovog linka i sačuvaj alat na Desktop.
• Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
• Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.


------------------------------------------------------------
2. Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray. Oni mogu ometati alat tokom rada.
Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo.

------------------------------------------------------------
3. Dvoklikom na ikonicu pokreni ComboFix. Potom, na disclaimer prozoru klikni dugme I Agree!

• ComboFix će proveriti da li je dostupna nova verzija alata.
Klikni Yes ako je zatrazeno preuzimanje.
• Ukoliko Recovery Console nije instaliran, ComboFix će ponuditi preuzimanje i instalaciju.
Klikni Yes da bi dozvolio alatu da preuzme i instalira Recovery Console
• ComboFix će skenirati računar po fazama (Stage_#) ukupno 50 faza.
Ne kliktati okolo dok ComboFix ispituje sistem.
• Ukoliko je malware detektovan, ComboFix će zapoceti njegovo uklanjanje.
Iz tog razloga, alat će po potrebi restartovati Windows (nekad i više puta);

Napomena: Ako nakon rada alata dobiješ grešku (Illegal operation attempted on a registry key that has been marked for deletion) prilikom startovanja programa, restartovati računar i to ce rešiti problem.


------------------------------------------------------------
4. Kada alat završi, formiraće i otvoriti izveštaj (tipična lokacija: C:\ComboFix.txt)
Iskopiraj sadržaj ComboFix.txt izveštaja u poruku.

ComboFix će takođe formirati i dodatan izveštaj (tipicna lokacija: C:\Qoobox\ComboFix-quarantined-files.txt)
Okači ComboFix-quarantined-files.txt izveštaj uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 12 Jun 2009
  • Poruke: 34

Pozdrav Smile Evo ComboFix logova:

ComboFix 14-09-16.01 - Filip 16.09.2014 16:00:20.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.4078.2921 [GMT 2:00]
Running from: c:\users\Filip\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 0 bytes in 2 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2014-08-16 to 2014-09-16 )))))))))))))))))))))))))))))))
.
.
2014-09-16 14:11 . 2014-09-16 14:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-16 11:45 . 2014-09-16 11:49 -------- d-----w- C:\FRST
2014-09-16 07:31 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BD9DAD5-390A-4B83-B3D7-FE59355D2115}\mpengine.dll
2014-09-10 18:30 . 2014-08-18 22:24 10747904 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2014-09-10 18:20 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 18:20 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 07:45 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-10 07:45 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 07:44 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 07:44 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-10 07:44 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 07:44 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-10 07:44 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 07:44 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-10 07:44 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-01 18:01 . 2014-09-01 18:01 -------- d-----w- c:\programdata\NCH Software
2014-09-01 18:01 . 2014-09-01 18:01 -------- d-----w- c:\program files (x86)\NCH Software
2014-09-01 18:01 . 2014-09-01 18:01 -------- d-----w- c:\users\Filip\AppData\Roaming\NCH Software
2014-08-28 06:00 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-28 06:00 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 06:00 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-18 11:48 . 2014-08-18 11:48 -------- d-----w- c:\users\Filip\AppData\Roaming\ImgBurn
2014-08-18 11:23 . 2014-08-18 11:23 -------- d-----w- c:\program files (x86)\ImgBurn
2014-08-17 15:17 . 2014-08-17 15:17 -------- d-----w- c:\program files\7-Zip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-08-12 23:00 . 2014-08-12 23:00 4575232 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-08-12 17:38 . 2014-08-12 17:38 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-13 05:42 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-13 05:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-13 05:38 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-13 05:38 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-13 05:43 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-13 05:43 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-13 05:43 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-13 05:43 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-13 05:43 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-13 05:43 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-13 05:43 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24 . 2014-08-13 22:13 8856 ----a-w- c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-13 22:13 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-06-25 02:05 . 2014-08-13 05:41 14175744 ----a-w- c:\windows\system32\shell32.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2014-04-24 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2014-04-24 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-08-12 07:58 1729232 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-08-12 07:58 1729232 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-08-12 07:58 1729232 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-07 3890208]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\MobileBrServ\mbbservice.exe;c:\programdata\MobileBrServ\mbbservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 KINONI_Wave;Kinoni Audio Source;c:\windows\system32\drivers\kinonivad.sys;c:\windows\SYSNATIVE\drivers\kinonivad.sys [x]
R3 kinonivd;Kinoni Video Source;c:\windows\system32\DRIVERS\kinonivd.sys;c:\windows\SYSNATIVE\DRIVERS\kinonivd.sys [x]
R3 onda_cdc_acm;ONDA CDC-ACM driver;c:\windows\system32\DRIVERS\onda_cdc_acm.sys;c:\windows\SYSNATIVE\DRIVERS\onda_cdc_acm.sys [x]
R3 onda_cdc_ecm;onda_cdc_ecm;c:\windows\system32\DRIVERS\onda_cdc_ecm.sys;c:\windows\SYSNATIVE\DRIVERS\onda_cdc_ecm.sys [x]
R3 onda_ecm_enum;ONDA ECM Enumerator;c:\windows\system32\DRIVERS\onda_ecm_enum.sys;c:\windows\SYSNATIVE\DRIVERS\onda_ecm_enum.sys [x]
R3 onda_ecm_enum_filter;onda_ecm_enum_filter;c:\windows\system32\DRIVERS\onda_ecm_enum_filter.sys;c:\windows\SYSNATIVE\DRIVERS\onda_ecm_enum_filter.sys [x]
R3 onda_wcpo;ONDA Installation Device (WCPO);c:\windows\system32\DRIVERS\onda_wcpo.sys;c:\windows\SYSNATIVE\DRIVERS\onda_wcpo.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 NalServ;Nalpeiron Control Service;c:\windows\SysWOW64\nalserv.exe;c:\windows\SysWOW64\nalserv.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 07:45 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-24 09:22]
.
2014-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-24 09:22]
.
2014-09-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143575183-1409231400-4212582508-1000Core.job
- c:\users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-06 19:55]
.
2014-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143575183-1409231400-4212582508-1000UA.job
- c:\users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-06 19:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-08-12 07:54 2334416 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-08-12 07:54 2334416 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-08-12 07:54 2334416 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-24 09:25 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 89.216.1.40 89.216.1.50
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-09-16 16:17:13
ComboFix-quarantined-files.txt 2014-09-16 14:17
.
Pre-Run: 111.595.794.432 bytes free
Post-Run: 111.429.226.496 bytes free
.
- - End Of File - - 13F28B0412FAA31B97EE2A45BDFDE70E
A36C5E4F47E84449FF07ED3517B43A31

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CloseProcesses:
Replace: c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll c:\windows\system32\user32.dll
Replace: c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll c:\windows\SysWOW64\user32.dll
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.




.




Preuzmi MCShield sa sljedeće adrese:

http://www.mcshield.net/download/MCShield-Setup.exe

Instaliraj MCShield i sačekaj da se završi uvodno skeniranje.

Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani.

Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd.

Startuj program (MCShield Control Center) > Logs > AllScans.txt
Klikni na dugme Save.


MCShield-AllScans.txt ce biti sacuvan na desktop. Prikaci ga uz poruku.

offline
  • Pridružio: 12 Jun 2009
  • Poruke: 34

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Filip at 2014-09-16 16:50:42 Run:1
Running from C:\Users\Filip\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
Replace: c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll c:\windows\system32\user32.dll
Replace: c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll c:\windows\SysWOW64\user32.dll
EmptyTemp:
*****************

Processes closed successfully.
c:\windows\system32\user32.dll => Moved successfully.
c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll copied successfully to c:\windows\system32\user32.dll
c:\windows\SysWOW64\user32.dll => Moved successfully.
c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll copied successfully to c:\windows\SysWOW64\user32.dll
EmptyTemp: => Removed 587.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Reci mi, ima li sada poboljsanja u radu?

offline
  • Pridružio: 12 Jun 2009
  • Poruke: 34

Iskreno, slabo... Doduše, ne bih isključio i neki hardverski problem (svašta je ovaj laptop preživeo), samo sam hteo prvo da proverim da nije neki malware...

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Ono sto sam ja mogao da uradim u Ambulanti, uradio sam. Sada znas da problem nije prouzrokovan infekcijom. Posle ovog mog ciscenja sistem bi morao da radi i da odgovara brze, ali ako ti kazes da i dalje postoji 'kocenje', otvori novu temu u Windows forumu pa izlozi svoj problem.





Sledeća procedura će implementirati završno čišćenje.


Arrow Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.
Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:
ComboFix /Uninstall
Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.








Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 12 Jun 2009
  • Poruke: 34

Ok, u svakom slučaju hvala mnogo na trudu i pomoći Smile

Ko je trenutno na forumu
 

Ukupno su 699 korisnika na forumu :: 35 registrovanih, 5 sakrivenih i 659 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., ArmyBoss, Brankoni, Cobi026, Ctrl x, dankisha, Denaya, gorantrojka, goxin, GreenMan, h8propaganda, Hoegaarden, Insan, kos milorad, krsto2003, kybonacci, lekso, louderick, Lucky_Bastard, madza, Mirage 2000N, Misirac, Pohovani_00, proka89, raketaš, ruma, sakota79, ssekir75, stegonosa, suton, Toni, VanHelsing, VJ, vukdra, zillbg