Virus koji ki se stalno pojavljuje.

1

Virus koji ki se stalno pojavljuje.

offline
  • Pridružio: 24 Nov 2009
  • Poruke: 112

Molim Vas da pomoć!
Uporno mi se pojavlkjuje jedan te isti virus (slika dolje)

Koristim antivirusni program Avast i još imam instaliran Malwarebytes Anti-Malware.

Obrišem taj virus sa Avastom restartam komp, sve OK. Slijedeći puta kada probam upaliti komp nikako da se windowsi dignu nego moram ubaciti dvd sa win7 i onda moram napraviti System restore i tako iz dana u dan.

Nešto sam vidi da vam moram poslati nekakve logove ali to baš i nisam skužio što točno trebam napraviti




[edit by magna86: slika postavljena na nase servere]

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Pozdrav Smile


Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih c´e raditi na tvom sistemu, to c´e biti prava verzija.


dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor;
pričekati koji trenutak dok alat proverava postoji li novija verzija;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 24 Nov 2009
  • Poruke: 112

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

To je jedan izvestaj, nedostaje ti drugi.

offline
  • Pridružio: 24 Nov 2009
  • Poruke: 112

Evo sada sam ponovo skenirao kom i opet mi izbacio istu stvar



Sorry mislio sam da moram okačiti samo jedan fajl.

Evo oba dva sada.




Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014
Ran by Boris (administrator) on BORIS-PC on 11-05-2014 14:25:47
Running from C:\Users\Boris\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-11] (AVAST Software)
HKU\S-1-5-21-4088947802-3367904888-2036956695-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKU\S-1-5-21-4088947802-3367904888-2036956695-1000\...\MountPoints2: {734ef13f-beda-11e3-899a-e0ca94fb1aa5} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com/ie
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=582FE0CA94FB1AA5&affID=128403&tsp=5193
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={sear
BHO: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\y4xszsu6.default
FF user.js: detected! => C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\y4xszsu6.default\user.js
FF Homepage: google.hr
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Boris\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Boris\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Boris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\y4xszsu6.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eudict.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-09]
FF HKCU\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-11] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-11] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-11] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-11] ()
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-03-25] (StdLib)
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-11 14:25 - 2014-05-11 14:26 - 00014518 _____ () C:\Users\Boris\Downloads\FRST.txt
2014-05-11 14:25 - 2014-05-11 14:25 - 00000000 ____D () C:\FRST
2014-05-11 14:24 - 2014-05-11 14:25 - 02066432 _____ (Farbar) C:\Users\Boris\Downloads\FRST64.exe
2014-05-11 14:02 - 2014-05-11 14:02 - 00370813 _____ () C:\Users\Boris\Desktop\bookmarks-2014-05-11.json
2014-05-11 14:02 - 2014-05-11 14:02 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-11 14:02 - 2014-05-11 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-11 14:01 - 2014-05-11 14:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-11 14:01 - 2014-05-11 14:01 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-11 14:01 - 2014-05-11 14:01 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-11 14:01 - 2014-05-11 14:01 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-09 07:12 - 2014-05-09 07:12 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\AVAST Software
2014-05-09 07:10 - 2014-05-09 07:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-09 07:10 - 2014-05-09 07:10 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-09 06:57 - 2014-05-09 07:00 - 88882192 _____ (AVAST Software) C:\Users\Boris\Downloads\avast_free_antivirus_setup.exe
2014-05-08 19:25 - 2014-05-08 22:54 - 00042496 _____ () C:\Users\Boris\Desktop\putni_nalog_LUA 2-2014.xls
2014-05-07 08:35 - 2014-05-07 08:44 - 104857600 _____ () C:\Users\Boris\Downloads\WalkingWithDinosaurs.part03.rar
2014-05-07 08:05 - 2014-05-07 08:14 - 104857600 _____ () C:\Users\Boris\Downloads\WalkingWithDinosaurs.part02.rar
2014-05-07 07:35 - 2014-05-07 07:44 - 104857600 _____ () C:\Users\Boris\Downloads\WalkingWithDinosaurs.part01.rar
2014-05-07 07:26 - 2014-05-09 13:02 - 00000000 ____D () C:\Users\Boris\Desktop\Dokumenti
2014-05-07 07:24 - 2014-05-07 07:24 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-07 07:24 - 2014-05-07 07:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-06 22:45 - 2014-05-06 22:45 - 00000000 ____D () C:\Users\Boris\Desktop\ZRS
2014-05-06 22:28 - 2014-05-07 00:06 - 734853120 _____ () C:\Users\Boris\Downloads\Juraj.I.Hrabri.Vitezovi.HRSink-dvdrip avi.avi
2014-05-06 17:55 - 2014-05-06 18:09 - 00000000 ____D () C:\Users\Boris\Desktop\luk
2014-05-06 12:04 - 2014-05-06 12:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 11:53 - 2014-05-06 11:53 - 00000132 _____ () C:\Users\Boris\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-05-06 09:20 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 09:20 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-05 09:01 - 2014-05-05 09:01 - 02022633 _____ () C:\Users\Boris\Downloads\winrar-x64-501cro.exe
2014-05-05 08:48 - 2014-05-05 14:27 - 00000000 ____D () C:\Users\Boris\Downloads\GTA IV eEvlution 2014
2014-05-05 08:05 - 2014-05-05 08:05 - 00000851 _____ () C:\Users\Boris\Desktop\µTorrent.lnk
2014-05-04 21:57 - 2014-05-04 22:02 - 00000000 ____D () C:\Users\Boris\Downloads\Gta IV
2014-05-04 19:30 - 2014-05-04 19:30 - 00001464 _____ () C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2014-05-04 19:30 - 2014-05-04 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-05-04 19:30 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2014-05-04 19:30 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\SysWOW64\WSCM32.dll
2014-05-04 19:29 - 2014-05-04 19:29 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-05-04 19:08 - 2014-05-04 19:10 - 00000000 ____D () C:\Users\Boris\Downloads\Wondershare Video Converter Ultimate v7.1.0.2 with (zabranjeno) - [MUMBAI-TPB]
2014-05-04 19:02 - 2014-05-04 19:21 - 00000000 ____D () C:\ProgramData\xml_param
2014-05-04 18:43 - 2014-05-04 18:43 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\dvdcss
2014-05-04 18:42 - 2014-05-07 07:25 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\vlc
2014-05-04 18:42 - 2014-05-04 18:42 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-04 18:42 - 2014-05-04 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-04 18:42 - 2014-05-04 18:42 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-05-04 18:15 - 2014-05-04 18:16 - 24677393 _____ () C:\Users\Boris\Downloads\vlc-2.1.3-skidajmo.com.exe
2014-05-04 17:53 - 2014-05-07 08:59 - 724445956 _____ () C:\Users\Boris\Downloads\Prica_o_mišu_zvanom_Despero.avi.part
2014-05-04 17:27 - 2014-05-04 17:27 - 00000000 __SHD () C:\Users\Boris\AppData\Local\EmieUserList
2014-05-04 17:27 - 2014-05-04 17:27 - 00000000 __SHD () C:\Users\Boris\AppData\Local\EmieSiteList
2014-05-04 17:12 - 2014-05-04 17:47 - 00000000 ____D () C:\Users\Boris\Desktop\gta
2014-05-04 15:46 - 2014-05-04 15:48 - 00000000 ____D () C:\Users\Boris\Documents\Battlefield 4
2014-05-04 15:45 - 2014-05-11 23:53 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-04 15:31 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-05-04 15:31 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-05-04 15:31 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-05-04 15:31 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-05-04 15:31 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-05-04 15:31 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-05-04 15:31 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-05-04 15:31 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-05-04 15:31 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-05-04 15:31 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-05-04 15:31 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-05-04 15:31 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-05-04 15:31 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-05-04 15:31 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-05-04 15:31 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-05-04 15:31 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-05-04 15:31 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-05-04 15:31 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-05-04 15:31 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-05-04 15:31 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-05-04 15:31 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-05-04 15:31 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-05-04 15:31 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-05-04 15:31 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-05-04 15:31 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-05-04 15:31 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-05-04 15:31 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-05-04 15:31 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-05-04 15:31 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-05-04 15:31 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-05-04 15:31 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-05-04 15:31 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-05-04 15:31 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-05-04 15:31 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-05-04 15:31 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-05-04 15:31 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-05-04 15:31 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-05-04 15:31 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-05-04 15:31 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-05-04 15:31 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-05-04 15:31 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-05-04 15:31 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-05-04 15:31 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-05-04 15:31 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-05-04 15:31 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-05-04 15:31 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-05-04 15:31 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-05-04 15:31 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-05-04 15:31 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-05-04 15:31 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-05-04 15:31 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-05-04 15:31 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-05-04 15:31 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-05-04 15:31 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-05-04 15:31 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-05-04 15:31 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-05-04 15:31 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-05-04 15:31 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-05-04 15:31 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-05-04 15:31 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-05-04 15:31 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-05-04 15:31 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-05-04 15:31 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-05-04 15:31 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-05-04 15:31 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-05-04 15:31 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-05-04 15:31 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-05-04 15:31 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-05-04 15:31 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-05-04 15:31 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-05-04 15:31 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-05-04 15:31 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-05-04 15:31 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-05-04 15:31 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-05-04 15:31 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-05-04 15:31 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-05-04 15:31 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-05-04 15:31 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-05-04 15:31 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-05-04 15:31 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-05-04 15:31 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-05-04 15:31 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-05-04 15:31 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-05-04 15:31 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-05-04 15:31 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-05-04 15:31 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-05-04 15:31 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-05-04 15:31 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-05-04 15:31 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-05-04 15:31 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-05-04 15:31 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-05-04 15:31 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-05-04 15:31 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-05-04 15:31 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-05-04 15:31 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-05-04 15:31 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-05-04 15:31 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-05-04 15:31 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-05-04 15:31 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-05-04 15:31 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-05-04 15:31 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-05-04 15:31 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-05-04 15:31 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-05-04 15:31 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-05-04 15:31 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-05-04 15:31 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-05-04 15:31 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-05-04 15:31 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-05-04 15:31 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-05-04 15:31 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-05-04 15:31 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-05-04 15:31 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-05-04 15:31 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-05-04 15:31 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-05-04 15:31 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-05-04 15:31 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-05-04 15:31 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-05-04 15:31 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-05-04 15:31 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-05-04 15:31 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-05-04 15:31 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-05-04 15:31 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-05-04 15:31 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-05-04 15:31 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-05-04 15:31 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-05-04 15:31 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-05-04 15:31 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-05-04 15:31 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-05-04 15:31 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-05-04 15:31 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-05-04 15:31 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-05-04 15:31 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-05-04 15:31 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-05-04 15:31 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-05-04 15:31 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-05-04 15:31 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-05-04 15:31 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-05-04 15:31 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-05-04 15:31 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-05-04 15:31 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-05-04 15:31 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-05-04 15:31 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-05-04 15:31 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-05-04 15:31 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-05-04 15:31 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-05-04 15:31 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-05-04 15:31 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-05-04 15:31 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-05-04 15:31 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-05-04 15:31 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-05-04 15:31 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-05-04 15:31 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-05-04 15:31 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-05-04 15:31 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-05-04 15:31 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-05-04 15:31 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-05-04 15:31 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-05-04 15:31 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-05-04 15:31 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-05-04 15:31 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-05-04 15:31 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-05-04 15:31 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-05-04 15:31 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-05-04 15:29 - 2014-05-11 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-05-04 15:29 - 2014-05-04 15:29 - 00000974 _____ () C:\Users\Boris\Desktop\Battlefield 4.lnk
2014-05-04 15:11 - 2014-05-11 23:53 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-05-04 14:16 - 2014-05-04 14:16 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\PowerISO
2014-05-04 14:15 - 2014-05-04 14:15 - 00001011 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-05-04 14:15 - 2014-05-04 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-05-04 14:15 - 2014-05-04 14:15 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-05-04 14:15 - 2013-04-15 11:50 - 00127384 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2014-05-04 14:14 - 2014-05-04 23:21 - 00000000 ____D () C:\Users\Boris\Downloads\Power ISO 5.6 FINAL keys+keyG[Lz0 CORE] by Senzati
2014-05-04 14:09 - 2014-05-04 14:14 - 00000000 ____D () C:\Users\Boris\Downloads\Grand Theft Auto (GTA) San Andreas + (zabranjeno) NoCD - (Perfect DVD Version) - MultiLanguage
2014-05-04 11:55 - 2014-05-11 23:54 - 00000000 ____D () C:\Users\Boris\Desktop\Battlerfiled
2014-05-03 07:39 - 2014-05-10 07:56 - 00010802 _____ () C:\Users\Boris\Desktop\Tlak.xlsx
2014-05-03 07:30 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 07:30 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 07:30 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 07:29 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-30 15:19 - 2014-05-04 17:15 - 00000000 ____D () C:\Users\Boris\Desktop\ograde
2014-04-29 15:16 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-29 15:16 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-29 15:16 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-29 15:16 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-29 15:16 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-29 15:16 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-29 15:16 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-29 15:16 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-29 15:16 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-29 15:16 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-29 15:16 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-29 15:16 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-29 15:16 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-29 15:16 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-29 15:16 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-29 15:16 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-29 15:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-29 15:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-29 15:16 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-29 15:16 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-29 15:16 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-29 15:16 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-29 15:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-29 15:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-29 15:16 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-29 15:16 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-29 15:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-29 15:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-29 15:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-29 15:16 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-29 15:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 15:16 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-29 15:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-29 15:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-29 15:16 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-29 15:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-29 15:16 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-29 15:16 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-29 15:16 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-29 15:16 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-29 15:16 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-29 15:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-29 15:16 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-29 15:16 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-28 21:28 - 2014-04-28 21:28 - 00002250 _____ () C:\Users\Boris\Desktop\LEGOMOVIEGAME - prečac.lnk
2014-04-28 21:26 - 2014-04-28 21:26 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\ttales
2014-04-28 21:26 - 2014-04-28 21:26 - 00000000 ____D () C:\ProgramData\Steam
2014-04-28 21:25 - 2011-01-31 11:37 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-27 22:23 - 2014-04-27 22:52 - 00000000 ____D () C:\Users\Boris\Downloads\Deer Hunter Tournament
2014-04-27 12:49 - 2014-05-01 19:10 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\.minecraft
2014-04-27 12:49 - 2014-04-27 12:49 - 00001198 _____ () C:\Users\Boris\Desktop\Minecraft.lnk
2014-04-27 12:49 - 2014-04-27 12:49 - 00000000 ____D () C:\Program Files (x86)\TeamExtreme
2014-04-27 12:39 - 2014-04-27 12:39 - 00000000 ____D () C:\Users\Boris\Downloads\mc179
2014-04-25 21:09 - 2014-05-04 23:21 - 00000000 ____D () C:\Users\Boris\Desktop\Fran
2014-04-25 11:47 - 2014-05-09 12:40 - 00004096 ____H () C:\Users\Boris\AppData\Local\keyfile3.drm
2014-04-12 08:32 - 2014-04-12 08:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ssadadb_01005.Wdf
2014-04-12 07:15 - 2014-04-12 07:24 - 55003752 _____ (Free Time) C:\Users\Boris\Downloads\FFSetup3.3.4.0.exe
2014-04-11 22:46 - 2014-05-04 19:03 - 00000000 ____D () C:\Users\Boris\Documents\FFOutput
2014-04-11 22:46 - 2014-04-11 22:46 - 00001202 _____ () C:\Users\Boris\Desktop\Format Factory.lnk
2014-04-11 22:46 - 2014-04-11 22:46 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-04-11 22:46 - 2014-04-11 22:46 - 00000000 ____D () C:\Program Files (x86)\FreeTime

==================== One Month Modified Files and Folders =======

2014-05-11 23:54 - 2014-05-04 11:55 - 00000000 ____D () C:\Users\Boris\Desktop\Battlerfiled
2014-05-11 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-11 23:53 - 2014-05-04 15:45 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-11 23:53 - 2014-05-04 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-05-11 23:53 - 2014-05-04 15:11 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-05-11 23:53 - 2014-03-26 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-11 23:53 - 2014-03-21 10:27 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\Malwarebytes
2014-05-11 23:53 - 2014-03-20 13:32 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel
2014-05-11 23:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-11 14:26 - 2014-05-11 14:25 - 00014518 _____ () C:\Users\Boris\Downloads\FRST.txt
2014-05-11 14:25 - 2014-05-11 14:25 - 00000000 ____D () C:\FRST
2014-05-11 14:25 - 2014-05-11 14:24 - 02066432 _____ (Farbar) C:\Users\Boris\Downloads\FRST64.exe
2014-05-11 14:20 - 2014-04-02 12:09 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-11 14:13 - 2014-03-18 08:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-11 14:06 - 2014-03-18 08:29 - 00000000 ____D () C:\Users\Boris\AppData\Local\Adobe
2014-05-11 14:03 - 2014-05-11 14:01 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-11 14:03 - 2009-07-14 06:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-11 14:03 - 2009-07-14 06:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-11 14:02 - 2014-05-11 14:02 - 00370813 _____ () C:\Users\Boris\Desktop\bookmarks-2014-05-11.json
2014-05-11 14:02 - 2014-05-11 14:02 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-11 14:02 - 2014-05-11 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-11 14:01 - 2014-05-11 14:01 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-11 14:01 - 2014-05-11 14:01 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-11 14:01 - 2014-05-11 14:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-11 14:01 - 2014-05-11 14:01 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-11 14:00 - 2014-03-18 02:32 - 01107841 _____ () C:\Windows\WindowsUpdate.log
2014-05-11 13:59 - 2014-03-18 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-11 13:59 - 2014-03-18 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-11 13:55 - 2014-04-02 12:09 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-11 13:55 - 2014-03-18 08:24 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-05-11 13:55 - 2014-03-18 02:32 - 00000000 ____D () C:\Users\Boris
2014-05-11 13:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-11 13:55 - 2009-07-14 06:51 - 00039120 _____ () C:\Windows\setupact.log
2014-05-10 07:56 - 2014-05-03 07:39 - 00010802 _____ () C:\Users\Boris\Desktop\Tlak.xlsx
2014-05-10 07:19 - 2014-03-24 21:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-10 07:19 - 2014-03-18 10:05 - 00000000 ____D () C:\Users\Boris\AppData\Local\Microsoft Help
2014-05-09 13:02 - 2014-05-07 07:26 - 00000000 ____D () C:\Users\Boris\Desktop\Dokumenti
2014-05-09 12:40 - 2014-04-25 11:47 - 00004096 ____H () C:\Users\Boris\AppData\Local\keyfile3.drm
2014-05-09 10:42 - 2014-03-26 17:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-09 07:12 - 2014-05-09 07:12 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\AVAST Software
2014-05-09 07:10 - 2014-05-09 07:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-09 07:10 - 2014-05-09 07:10 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-09 07:02 - 2014-03-18 08:28 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-05-09 07:00 - 2014-05-09 06:57 - 88882192 _____ (AVAST Software) C:\Users\Boris\Downloads\avast_free_antivirus_setup.exe
2014-05-09 06:54 - 2014-03-26 16:35 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088947802-3367904888-2036956695-1000UA.job
2014-05-08 22:54 - 2014-05-08 19:25 - 00042496 _____ () C:\Users\Boris\Desktop\putni_nalog_LUA 2-2014.xls
2014-05-08 19:59 - 2014-03-18 08:24 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-05-08 19:08 - 2014-03-18 11:32 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\Skype
2014-05-07 08:59 - 2014-05-04 17:53 - 724445956 _____ () C:\Users\Boris\Downloads\Prica_o_mišu_zvanom_Despero.avi.part
2014-05-07 08:44 - 2014-05-07 08:35 - 104857600 _____ () C:\Users\Boris\Downloads\WalkingWithDinosaurs.part03.rar
2014-05-07 08:14 - 2014-05-07 08:05 - 104857600 _____ () C:\Users\Boris\Downloads\WalkingWithDinosaurs.part02.rar
2014-05-07 07:44 - 2014-05-07 07:35 - 104857600 _____ () C:\Users\Boris\Downloads\WalkingWithDinosaurs.part01.rar
2014-05-07 07:25 - 2014-05-04 18:42 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\vlc
2014-05-07 07:24 - 2014-05-07 07:24 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-07 07:24 - 2014-05-07 07:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-07 07:24 - 2014-04-02 12:10 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-05-07 07:24 - 2014-04-02 12:10 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-05-07 07:24 - 2014-04-02 12:10 - 00002030 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-05-07 07:24 - 2014-04-02 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-07 00:06 - 2014-05-06 22:28 - 734853120 _____ () C:\Users\Boris\Downloads\Juraj.I.Hrabri.Vitezovi.HRSink-dvdrip avi.avi
2014-05-06 22:48 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 22:45 - 2014-05-06 22:45 - 00000000 ____D () C:\Users\Boris\Desktop\ZRS
2014-05-06 22:42 - 2014-04-02 12:11 - 00000000 ___RD () C:\Users\Boris\Google disk
2014-05-06 21:15 - 2014-04-02 12:09 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-06 21:15 - 2014-04-02 12:09 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 18:09 - 2014-05-06 17:55 - 00000000 ____D () C:\Users\Boris\Desktop\luk
2014-05-06 12:04 - 2014-05-06 12:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 11:53 - 2014-05-06 11:53 - 00000132 _____ () C:\Users\Boris\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-05-05 14:38 - 2014-03-21 11:24 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\uTorrent
2014-05-05 14:27 - 2014-05-05 08:48 - 00000000 ____D () C:\Users\Boris\Downloads\GTA IV eEvlution 2014
2014-05-05 09:12 - 2014-03-18 11:24 - 00000000 ____D () C:\Program Files\WinRAR
2014-05-05 09:02 - 2014-03-18 11:24 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-05 09:02 - 2014-03-18 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-05 09:01 - 2014-05-05 09:01 - 02022633 _____ () C:\Users\Boris\Downloads\winrar-x64-501cro.exe
2014-05-05 08:55 - 2010-11-21 05:47 - 00038226 _____ () C:\Windows\PFRO.log
2014-05-05 08:54 - 2014-03-26 16:35 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088947802-3367904888-2036956695-1000Core.job
2014-05-05 08:05 - 2014-05-05 08:05 - 00000851 _____ () C:\Users\Boris\Desktop\µTorrent.lnk
2014-05-04 23:21 - 2014-05-04 14:14 - 00000000 ____D () C:\Users\Boris\Downloads\Power ISO 5.6 FINAL keys+keyG[Lz0 CORE] by Senzati
2014-05-04 23:21 - 2014-04-25 21:09 - 00000000 ____D () C:\Users\Boris\Desktop\Fran
2014-05-04 22:02 - 2014-05-04 21:57 - 00000000 ____D () C:\Users\Boris\Downloads\Gta IV
2014-05-04 21:57 - 2014-03-18 11:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-04 19:31 - 2014-03-18 11:28 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-05-04 19:30 - 2014-05-04 19:30 - 00001464 _____ () C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2014-05-04 19:30 - 2014-05-04 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-05-04 19:29 - 2014-05-04 19:29 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-05-04 19:21 - 2014-05-04 19:02 - 00000000 ____D () C:\ProgramData\xml_param
2014-05-04 19:10 - 2014-05-04 19:08 - 00000000 ____D () C:\Users\Boris\Downloads\Wondershare Video Converter Ultimate v7.1.0.2 with (zabranjeno) - [MUMBAI-TPB]
2014-05-04 19:03 - 2014-04-11 22:46 - 00000000 ____D () C:\Users\Boris\Documents\FFOutput
2014-05-04 18:43 - 2014-05-04 18:43 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\dvdcss
2014-05-04 18:42 - 2014-05-04 18:42 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-04 18:42 - 2014-05-04 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-04 18:42 - 2014-05-04 18:42 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-05-04 18:16 - 2014-05-04 18:15 - 24677393 _____ () C:\Users\Boris\Downloads\vlc-2.1.3-skidajmo.com.exe
2014-05-04 18:11 - 2014-03-21 11:40 - 00000212 _____ () C:\Users\Boris\AppData\default.pls
2014-05-04 17:47 - 2014-05-04 17:12 - 00000000 ____D () C:\Users\Boris\Desktop\gta
2014-05-04 17:27 - 2014-05-04 17:27 - 00000000 __SHD () C:\Users\Boris\AppData\Local\EmieUserList
2014-05-04 17:27 - 2014-05-04 17:27 - 00000000 __SHD () C:\Users\Boris\AppData\Local\EmieSiteList
2014-05-04 17:27 - 2014-03-18 02:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-04 17:15 - 2014-04-30 15:19 - 00000000 ____D () C:\Users\Boris\Desktop\ograde
2014-05-04 15:48 - 2014-05-04 15:46 - 00000000 ____D () C:\Users\Boris\Documents\Battlefield 4
2014-05-04 15:43 - 2014-03-18 08:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-04 15:31 - 2014-03-18 14:51 - 00037013 _____ () C:\Windows\DirectX.log
2014-05-04 15:29 - 2014-05-04 15:29 - 00000974 _____ () C:\Users\Boris\Desktop\Battlefield 4.lnk
2014-05-04 14:16 - 2014-05-04 14:16 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\PowerISO
2014-05-04 14:15 - 2014-05-04 14:15 - 00001011 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-05-04 14:15 - 2014-05-04 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-05-04 14:15 - 2014-05-04 14:15 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-05-04 14:14 - 2014-05-04 14:09 - 00000000 ____D () C:\Users\Boris\Downloads\Grand Theft Auto (GTA) San Andreas + (zabranjeno) NoCD - (Perfect DVD Version) - MultiLanguage
2014-05-04 09:47 - 2014-03-24 21:06 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-01 19:10 - 2014-04-27 12:49 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\.minecraft
2014-04-30 18:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-30 11:01 - 2014-03-18 11:06 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-04-29 16:01 - 2014-05-03 07:30 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-04-29 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-04-29 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-29 15:40 - 2014-05-03 07:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-03 07:30 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-03 07:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 22:13 - 2014-03-18 08:30 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 22:13 - 2014-03-18 08:30 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 22:13 - 2014-03-18 08:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 21:28 - 2014-04-28 21:28 - 00002250 _____ () C:\Users\Boris\Desktop\LEGOMOVIEGAME - prečac.lnk
2014-04-28 21:26 - 2014-04-28 21:26 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\ttales
2014-04-28 21:26 - 2014-04-28 21:26 - 00000000 ____D () C:\ProgramData\Steam
2014-04-28 21:24 - 2014-04-04 21:09 - 00000000 ____D () C:\Users\Boris\Downloads\LEGO Movie Videogame PC game + DLC ^^nosTEAM^^
2014-04-27 22:52 - 2014-04-27 22:23 - 00000000 ____D () C:\Users\Boris\Downloads\Deer Hunter Tournament
2014-04-27 22:12 - 2014-04-05 09:21 - 00000000 ____D () C:\Games
2014-04-27 12:49 - 2014-04-27 12:49 - 00001198 _____ () C:\Users\Boris\Desktop\Minecraft.lnk
2014-04-27 12:49 - 2014-04-27 12:49 - 00000000 ____D () C:\Program Files (x86)\TeamExtreme
2014-04-27 12:39 - 2014-04-27 12:39 - 00000000 ____D () C:\Users\Boris\Downloads\mc179
2014-04-24 20:11 - 2014-03-18 10:36 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\TeamViewer
2014-04-14 04:24 - 2014-05-06 09:20 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 09:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-12 08:32 - 2014-04-12 08:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ssadadb_01005.Wdf
2014-04-12 07:24 - 2014-04-12 07:15 - 55003752 _____ (Free Time) C:\Users\Boris\Downloads\FFSetup3.3.4.0.exe
2014-04-11 23:12 - 2014-04-06 17:46 - 00000000 ____D () C:\Users\Boris\Desktop\Tele 2
2014-04-11 22:46 - 2014-04-11 22:46 - 00001202 _____ () C:\Users\Boris\Desktop\Format Factory.lnk
2014-04-11 22:46 - 2014-04-11 22:46 - 00000000 ____D () C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-04-11 22:46 - 2014-04-11 22:46 - 00000000 ____D () C:\Program Files (x86)\FreeTime

Some content of TEMP:
====================
C:\Users\Boris\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Boris\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Boris\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Boris\AppData\Local\Temp\libcurl-4.dll
C:\Users\Boris\AppData\Local\Temp\nsz2D5D.tmp.exe
C:\Users\Boris\AppData\Local\Temp\ose00000.exe
C:\Users\Boris\AppData\Local\Temp\pthreadGC2.dll
C:\Users\Boris\AppData\Local\Temp\safeguard.exe
C:\Users\Boris\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Boris\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Boris\AppData\Local\Temp\sonarinst.exe
C:\Users\Boris\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\Boris\AppData\Local\Temp\VSUSetup.exe
C:\Users\Boris\AppData\Local\Temp\zlib1.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 08:44

==================== End Of Log ============================




mycity.rs/must-login.png


mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Iskljuci Avast privremeno dok ne uklonimo virus da te ne obavestava stalno.



Arrow Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 24 Nov 2009
  • Poruke: 112

Još uvijek radi i vidim da je pronašao 2 zaražena fajla. Postaviti ću sce samo da završi

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Nemoj da zuris.

offline
  • Pridružio: 24 Nov 2009
  • Poruke: 112

Evo ovo mi je pronašao!


Znači sada moram kliknuti na Cleanup

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Sve pise u uputstvu...

Ko je trenutno na forumu
 

Ukupno su 945 korisnika na forumu :: 24 registrovanih, 1 sakriven i 920 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, Bobrock1, bojank, Dimitrije Paunovic, Djordje29, draganl, dragoljub11987, HrcAk47, ILGromovnik, Karla, kjkszpj, Kriglord, krkalon, Krvava Devetka, LUDI, Nemanja.M, panzerwaffe, raykan, Regrut Boskica, Shilok, slonic_tonic, sovanova95, styg, zlaya011