MyCity » Ambulanta -> Arhiva Ambulante » provera racunara

provera racunara

Napisano na dan: 7.3.2014

provera racunara

Sledeća strana

Pagination

Odgovori

rasothegamer Poslao: 07 Mar 2014 19:05 Idi na vrh
offline rasothegamer Ugledni građanin Pridružio: 02 Sep 2013 Poruke: 496	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U poslednje vrijeme racunar mi je dosta usporen,pa ako moze provjera

Profil

TwinHeadedEagle Poslao: 07 Mar 2014 19:06 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

rasothegamer Poslao: 07 Mar 2014 19:08 Idi na vrh
offline rasothegamer Ugledni građanin Pridružio: 02 Sep 2013 Poruke: 496	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 07 Mar 2014 19:07 DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 7.0.6000.16674 BrowserJavaVersion: 10.51.2 Run by PC-user at 10:05:45 on 2014-03-07 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.57 [GMT 1:00] . AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes ================ . D:\Program Files\AVAST Software\Avast\AvastSvc.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe D:\Program Files\Java\jre7\bin\jqs.exe D:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe D:\WINDOWS\system32\nvsvc32.exe D:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe D:\Program Files\Analog Devices\Core\smax4pnp.exe D:\Program Files\Analog Devices\SoundMAX\Smax4.exe D:\WINDOWS\system32\RUNDLL32.EXE D:\Program Files\AVAST Software\Avast\AvastUI.exe D:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE D:\WINDOWS\System32\alg.exe D:\WINDOWS\system32\wscntfy.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Mozilla Firefox\plugin-container.exe D:\WINDOWS\system32\wbem\wmiprvse.exe D:\WINDOWS\System32\svchost.exe -k netsvcs D:\WINDOWS\system32\svchost.exe -k NetworkService D:\WINDOWS\system32\svchost.exe -k LocalService D:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN26756706331010930&UM=2&ctid=CT3282698&SSPV=&UP=SP4B40CECC-4EAA-40B7-9EBE-2CD94B7C89C0 BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - d:\program files\microsoft office\office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - d:\program files\java\jre7\bin\ssv.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - d:\program files\microsoft office\office14\URLREDIR.DLL BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - d:\program files\free download manager\iefdm2.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - d:\program files\java\jre7\bin\jp2ssv.dll uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "d:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [uTorrent] "d:\documents and settings\pc-user\application data\utorrent\uTorrent.exe" /MINIMIZED mRun: [SoundMAXPnP] d:\program files\analog devices\core\smax4pnp.exe mRun: [SoundMAX] "d:\program files\analog devices\soundmax\Smax4.exe" /tray mRun: [NvCplDaemon] RUNDLL32.EXE d:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE d:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [AvastUI.exe] "d:\program files\avast software\avast\AvastUI.exe" /nogui mRun: [MTel_ontenegro Imola ModemListener] d:\program files\hspa usb modem\backgroundservice\ModemListener.exe start mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe" mRun: [GB_UPDATE] "g:\razer game booster\AutoUpdate.exe" /AUTORUN mRun: [ApnTBMon] "d:\program files\askpartnernetwork\toolbar\updater\TBNotifier.exe" dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "d:\windows\system32\config\systemprofile\application data\SearchProtect" mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: &Download All using 4shared Desktop - d:\program files\4shared desktop\Desktop.32/D_ALL_LINK IE: &Download using 4shared Desktop - d:\program files\4shared desktop\Desktop.32/D_ONE_LINK IE: Download all with Free Download Manager - d:\program files\free download manager\dlall.htm IE: Download selected with Free Download Manager - d:\program files\free download manager\dlselected.htm IE: Download video with Free Download Manager - d:\program files\free download manager\dlfvideo.htm IE: Download with Free Download Manager - d:\program files\free download manager\dllink.htm IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - d:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - d:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{A31B8C91-041F-4643-84A3-51C84D32890C} : DHCPNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - d:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - d:\program files\microsoft office\office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "d:\program files\google\chrome\application\33.0.1750.146\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Hosts: 5.79.87.21 valve-master-server.com Hosts: 5.79.87.21 ms.cs-servera.net Hosts: 5.79.87.21 ms.turbo-boost.ru Hosts: 5.79.87.21 ms.cs-monitor.ru Hosts: 5.79.87.21 css.setti.info . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - d:\documents and settings\pc-user\application data\mozilla\firefox\profiles\abm6f2zi.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&CUI=UN19951341707159289&UM=2&SearchSource=3&q={searchTerms}&sspv=S41B FF - prefs.js: browser.startup.homepage - google.com FF - plugin: d:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: d:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: d:\program files\common files\oberon media\ncadapter\1.0.0.8\npapicomadapter.dll FF - plugin: d:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll FF - plugin: d:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: d:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: d:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;d:\windows\system32\drivers\aswRvrt.sys [2013-12-25 49944] R0 aswVmm;avast! VM Monitor;d:\windows\system32\drivers\aswVmm.sys [2013-12-25 180248] R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [2013-12-25 775952] R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [2013-12-25 410528] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [2013-12-25 243128] R2 APNMCP;Ask Update Service;d:\program files\askpartnernetwork\toolbar\apnmcp.exe [2014-2-13 166352] R2 aswMonFlt;aswMonFlt;d:\windows\system32\drivers\aswMonFlt.sys [2013-12-25 67824] R2 avast! Antivirus;avast! Antivirus;d:\program files\avast software\avast\AvastSvc.exe [2013-12-25 50344] R2 MTel_ontenegro Imola Modem Device Helper;MTel_ontenegro Imola Modem Device Helper;d:\program files\hspa usb modem\backgroundservice\servicemanager.exe -start --> d:\program files\hspa usb modem\backgroundservice\ServiceManager.exe -start [?] R2 TeamViewer9;TeamViewer 9;d:\program files\teamviewer\version9\TeamViewer_Service.exe [2014-2-10 4915040] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 epmntdrv;epmntdrv;d:\windows\system32\epmntdrv.sys [2014-1-21 13896] S3 EuGdiDrv;EuGdiDrv;d:\windows\system32\EuGdiDrv.sys [2014-1-21 9160] S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;d:\windows\system32\drivers\jrdusbser.sys [2013-12-29 106112] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;d:\windows\system32\drivers\VBoxNetAdp.sys [2013-12-18 114960] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;d:\windows\system32\drivers\vboxnetflt.sys --> d:\windows\system32\drivers\VBoxNetFlt.sys [?] S3 WinRing0_1_2_0;WinRing0_1_2_0;g:\razer game booster\driver\WinRing0.sys [2014-1-12 14416] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2014-03-01 11:34:11 581632 ----a-w- d:\windows\system32\vp8vfw.dll 2014-02-25 13:38:09 -------- d-----w- d:\documents and settings\pc-user\local settings\application data\Apple Computer 2014-02-25 13:37:34 -------- d-----w- d:\documents and settings\pc-user\local settings\application data\Apple 2014-02-25 13:37:21 -------- d-----w- d:\program files\AskPartnerNetwork 2014-02-25 13:37:21 -------- d-----w- d:\documents and settings\all users.windows\application data\AskPartnerNetwork 2014-02-25 13:34:26 -------- d-----w- d:\documents and settings\all users.windows\application data\APN 2014-02-25 13:33:15 -------- d-----w- d:\documents and settings\pc-user\application data\4shared Desktop 2014-02-25 13:33:10 -------- d-----w- d:\documents and settings\all users.windows\application data\4shared Desktop 2014-02-25 13:33:00 -------- d-----w- d:\program files\4shared Desktop 2014-02-25 12:54:05 -------- d-----w- d:\documents and settings\pc-user\local settings\application data\kaneandlynch 2014-02-25 12:45:49 -------- d-----w- d:\program files\OpenAL 2014-02-25 12:44:02 -------- d-----w- d:\windows\system32\xlive 2014-02-24 14:15:15 -------- d-----w- D:\Web 2014-02-24 14:15:15 -------- d-----w- D:\Resources 2014-02-24 12:42:32 -------- d-----w- d:\documents and settings\pc-user\local settings\application data\Configure 2014-02-24 12:42:25 -------- d-----w- d:\documents and settings\pc-user\local settings\application data\Maker3D 2014-02-24 12:15:45 -------- d--h--w- d:\windows\system32\GroupPolicy 2014-02-23 08:24:09 -------- d-----w- d:\documents and settings\pc-user\local settings\application data\WMTools Downloaded Files 2014-02-22 08:14:39 -------- d-----w- d:\program files\EA GAMES 2014-02-22 08:14:38 442368 ----a-r- d:\windows\system32\vp6vfw.dll 2014-02-22 03:08:49 413696 ----a-w- d:\windows\system32\wrap_oal.dll 2014-02-22 03:08:49 110592 ----a-w- d:\windows\system32\OpenAL32.dll 2014-02-21 09:18:26 -------- d-----w- d:\windows\system32\NtmsData 2014-02-19 17:09:55 -------- d-----w- d:\documents and settings\pc-user\application data\ViStart 2014-02-19 17:04:22 -------- d-----w- d:\documents and settings\pc-user\application data\ViGlance 2014-02-19 17:04:17 218624 ----a-w- d:\windows\system32\uxtheme.dll.backup 2014-02-19 16:59:55 -------- d-----w- d:\windows\system32\VITrans 2014-02-19 16:59:52 94208 ----a-w- d:\windows\system32\pskill.exe 2014-02-19 16:59:52 8636 ----a-w- d:\windows\system32\modifype.exe 2014-02-19 16:59:52 69632 ----a-w- d:\windows\system32\moveex.exe 2014-02-19 16:59:52 517120 ----a-w- d:\windows\system32\CLWCP.exe 2014-02-19 16:59:52 111104 ----a-w- d:\windows\system32\Uharc.exe 2014-02-19 16:59:52 -------- d-----w- D:\VTPFiles 2014-02-19 16:59:13 -------- d-----w- d:\documents and settings\pc-user\application data\SimilarSites 2014-02-15 18:30:16 -------- d-----w- d:\documents and settings\pc-user\application data\Licenses_ 2014-02-15 18:30:03 -------- d-----w- d:\program files\WOW&WOO 2014-02-15 09:22:08 83200 ----a-r- d:\windows\system32\drivers\Rtenicxp.sys 2014-02-15 09:21:58 -------- d-----w- d:\windows\OPTIONS 2014-02-15 09:21:58 -------- d-----w- d:\program files\Realtek 2014-02-15 09:21:48 753664 ----a-w- d:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll 2014-02-15 09:21:48 69714 ----a-w- d:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll 2014-02-15 09:21:48 5632 ----a-w- d:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe 2014-02-15 09:21:48 274432 ----a-w- d:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll 2014-02-15 09:21:48 184320 ----a-w- d:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll 2014-02-15 09:21:47 200836 ----a-w- d:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll 2014-02-15 09:21:46 331908 ----a-w- d:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll 2014-02-11 17:33:26 -------- d-----w- d:\program files\common files\Oberon Media 2014-02-11 17:22:14 -------- d-----w- d:\program files\Oberon Media 2014-02-11 17:08:55 -------- d-----w- d:\program files\Zuma Deluxe 2014-02-11 17:04:50 -------- d-----w- d:\documents and settings\all users.windows\application data\Big Fish 2014-02-11 17:04:49 -------- d-----w- d:\program files\bfgclient 2014-02-10 18:21:20 -------- d-----w- d:\documents and settings\pc-user\application data\TeamViewer 2014-02-10 18:21:10 -------- d-----w- d:\program files\TeamViewer 2014-02-08 21:41:07 -------- d-----w- d:\program files\Chicken Invaders . ==================== Find3M ==================== . 2014-02-19 17:04:17 218624 ----a-w- d:\windows\system32\uxtheme.dll 2014-01-26 08:20:37 94632 ----a-w- d:\windows\system32\WindowsAccessBridge.dll 2014-01-26 08:20:35 145408 ----a-w- d:\windows\system32\javacpl.cpl 2014-01-23 14:11:19 2285056 ----a-w- d:\windows\system32\TUKernel.exe 2014-01-22 14:43:21 71048 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl 2014-01-22 14:43:21 692616 ----a-w- d:\windows\system32\FlashPlayerApp.exe 2014-01-09 22:24:50 43520 ----a-w- d:\windows\system32\CmdLineExt03.dll 2013-12-25 14:15:10 775952 ----a-w- d:\windows\system32\drivers\aswSnx.sys 2013-12-25 14:15:10 67824 ----a-w- d:\windows\system32\drivers\aswMonFlt.sys 2013-12-25 14:15:10 49944 ----a-w- d:\windows\system32\drivers\aswRvrt.sys 2013-12-25 14:15:10 180248 ----a-w- d:\windows\system32\drivers\aswVmm.sys 2013-12-25 14:15:09 43152 ----a-w- d:\windows\avastSS.scr 2013-12-25 12:39:52 243128 ----a-w- d:\windows\system32\drivers\dtsoftbus01.sys 2013-12-18 16:39:52 203024 ----a-w- d:\windows\system32\drivers\VBoxDrv.sys 2013-12-18 16:38:48 114960 ----a-w- d:\windows\system32\drivers\VBoxNetAdp.sys 2013-12-18 16:38:48 103696 ----a-w- d:\windows\system32\drivers\VBoxUSBMon.sys . ============= FINISH: 10:06:23,37 =============== Dopuna: 07 Mar 2014 19:08 polako nijesam masina Dopuna: 07 Mar 2014 19:08 https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 07 Mar 2014 21:14 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `standardsearch;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

rasothegamer Poslao: 08 Mar 2014 10:35 Idi na vrh
offline rasothegamer Ugledni građanin Pridružio: 02 Sep 2013 Poruke: 496	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 08 Mar 2014 10:29 evo: https://www.mycity.rs/must-login.png Dopuna: 08 Mar 2014 10:35 Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by PC-user on sub 08.03.2014 at 1:29:52,00. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: D:\Documents and Settings\PC-user\My Documents\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 8.3.2014 1:31:07 Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\Program Files\AVAST Software\Avast\AvastSvc.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Java\jre7\bin\jqs.exe D:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe D:\WINDOWS\system32\nvsvc32.exe D:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe D:\Program Files\Analog Devices\Core\smax4pnp.exe D:\Program Files\Analog Devices\SoundMAX\Smax4.exe D:\WINDOWS\system32\RUNDLL32.EXE D:\Program Files\AVAST Software\Avast\AvastUI.exe D:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\WINDOWS\system32\ctfmon.exe D:\WINDOWS\System32\alg.exe D:\WINDOWS\system32\wscntfy.exe D:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE D:\WINDOWS\system32\wuauclt.exe D:\Documents and Settings\PC-user\My Documents\Downloads\zoek.exe D:\WINDOWS\system32\wbem\wmiprvse.exe D:\WINDOWS\system32\wbem\wmiprvse.exe D:\WINDOWS\System32\svchost.exe -k netsvcs D:\WINDOWS\system32\svchost.exe -k NetworkService D:\WINDOWS\system32\svchost.exe -k LocalService D:\WINDOWS\System32\svchost.exe -k HTTPFilter ==== System Specs ====================== Windows: Windows XP Professional Service Pack 3 (Build 2600) Memory (RAM): 512 MB CPU Info: Intel(R) Pentium(R) 4 CPU 3.00GHz CPU Speed: 2942,8 MHz Sound Card: SoundMAX HD Audio O \| Display Adapters: NVIDIA GeForce 7300 SE \| NetMeeting driver \| RDPDD Chained DD Monitors: 1x; Plug and Play Monitor \| Screen Resolution: 1280 X 960 - 32 bit Network: Network Present Network Adapters: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Packet Scheduler Miniport CD / DVD Drives: 2x (E: \| F: \| ) E: DTSOFT BDROM \| F: Optiarc DVD RW AD-7170A Ports: COM1 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 9,8GB \| D: 29,3GB \| G: 68,4GB \| W: 29,3GB Hard Disks - Free: C: 5,3GB \| D: 807,1MB \| G: 13,2GB \| W: 17,6GB Manufacturer : American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE \| 05/15/07 \| A_M_I_ - 5000715 Time Zone: Central Europe Standard Time Motherboard : ASUSTeK Computer INC. P5PL2-E Country: Serbia and Montenegro Language: SRL ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Updated) Default Browser: Firefox 27.0.1 Internet Explorer version: 7.0.5730.13 Mozilla Firefox version: 26.0 (x86 en-US) Google Chrome version: 33.0.1750.146 Adobe Reader version: 6.0.0.2003051900 Sun Java version: 1.7.0_51 (32-bit) Flash Player version: 12.0.0.43 ==== Files Recently Created / Modified ====================== ====== D:\WINDOWS ==== 2014-02-19 17:04:32 3552EE28EB134923593792403625F39F 6912054 ----a-w- D:\WINDOWS\clwcp.bmp 2014-02-19 16:59:55 54363BD771321BD3662F7BD8FC286CA2 78942 ----a-w- D:\WINDOWS\Icon_1.ico 2014-02-11 17:13:32 54FBA2F150563137D221503C3DB15266 10 ----a-w- D:\WINDOWS\popcinfo.dat ====== D:\DOCUME~1\PC-user\LOCALS~1\Temp ==== 2014-03-01 11:34:37 EC248F3A4D3F3D571C060397FA659906 190976 ----a-w- D:\Documents and Settings\PC-user\Local Settings\Temp\Rar$EXa0.106\KeyGen\Keygen.exe 2014-02-22 08:14:38 4D6F38D3CDA2D0BA502BC1C499A622CF 442368 ----a-r- D:\Documents and Settings\PC-user\Local Settings\Temp\VP6VFW.dll 2014-02-22 08:14:38 1410ADCB69C267916EE702E2A443E93F 23040 ----a-r- D:\Documents and Settings\PC-user\Local Settings\Temp\VP6Install.exe 2014-02-22 08:14:37 55EC017E01B61B4184BAF782C10C38FD 90112 ----a-w- D:\Documents and Settings\PC-user\Local Settings\Temp\EReg2HWDetect.dll 2014-02-22 08:08:06 9415CDA4FABEB3CDFB55E91E207C09C8 651264 ----a-w- D:\Documents and Settings\PC-user\Local Settings\Temp\AutoRunGUI.dll 2014-02-22 08:08:03 93F86FFEC130F5343A0537AFEA53357D 700416 ----a-w- D:\Documents and Settings\PC-user\Local Settings\Temp\AutoRun.exe ====== Java Cache ===== ====== D:\WINDOWS\system32 ===== 2014-03-01 11:34:11 E49FAFCCE32D2C7E6F5818416FBA9809 581632 ----a-w- D:\WINDOWS\System32\vp8vfw.dll 2014-02-25 13:38:59 95633C451AD0080F4BD59392606D1F68 65520 ---ha-w- D:\WINDOWS\System32\mlfcache.dat 2014-02-22 08:14:38 4D6F38D3CDA2D0BA502BC1C499A622CF 442368 ----a-r- D:\WINDOWS\System32\vp6vfw.dll 2014-02-22 03:08:49 CE0CDC5459EAA1D574AF781DDB8F2685 110592 ----a-w- D:\WINDOWS\System32\OpenAL32.dll 2014-02-22 03:08:49 9C24ED831DDFA8319382B2BFD9691AA9 413696 ----a-w- D:\WINDOWS\System32\wrap_oal.dll ====== D:\WINDOWS\system32\drivers ===== 2014-02-15 09:22:08 25BE98C05808C57E4D8D26477DC12D39 83200 ----a-r- D:\WINDOWS\System32\drivers\Rtenicxp.sys ====== D:\WINDOWS\Tasks ====== ====== D:\WINDOWS\Temp ====== ======= D:\Program Files ===== 2014-02-25 13:37:49 -------- d-----w- D:\Program Files\Safari 2014-02-25 13:37:30 -------- d-----w- D:\Program Files\Apple Software Update 2014-02-25 13:33:00 -------- d-----w- D:\Program Files\4shared Desktop 2014-02-25 12:45:49 -------- d-----w- D:\Program Files\OpenAL 2014-02-22 08:14:39 -------- d-----w- D:\Program Files\EA GAMES 2014-02-15 18:30:03 -------- d-----w- D:\Program Files\WOW&WOO 2014-02-15 09:21:58 -------- d-----w- D:\Program Files\Realtek 2014-02-11 17:33:26 -------- d-----w- D:\Program Files\Common Files\Oberon Media 2014-02-11 17:22:14 -------- d-----w- D:\Program Files\Oberon Media 2014-02-11 17:08:55 -------- d-----w- D:\Program Files\Zuma Deluxe 2014-02-11 17:04:49 -------- d-----w- D:\Program Files\bfgclient 2014-02-10 18:21:10 -------- d-----w- D:\Program Files\TeamViewer 2014-02-08 21:41:07 -------- d-----w- D:\Program Files\Chicken Invaders ======= D: ===== ====== D:\Documents and Settings\PC-user\Application Data ====== 2014-03-07 09:05:45 -------- d-----r- D:\Documents and Settings\PC-user\Start Menu\Programs\Administrative Tools 2014-02-25 13:38:09 -------- d-----w- D:\Documents and Settings\PC-user\Local Settings\Application Data\Apple Computer 2014-02-25 13:38:09 -------- d-----w- D:\Documents and Settings\PC-user\Application Data\Apple Computer 2014-02-25 13:37:34 -------- d-----w- D:\Documents and Settings\PC-user\Local Settings\Application Data\Apple 2014-02-25 13:33:15 -------- d-----w- D:\Documents and Settings\PC-user\Application Data\4shared Desktop 2014-02-25 12:54:05 -------- d-----w- D:\Documents and Settings\PC-user\Local Settings\Application Data\kaneandlynch 2014-02-24 12:42:32 -------- d-----w- D:\Documents and Settings\PC-user\Local Settings\Application Data\Configure 2014-02-24 12:42:25 -------- d-----w- D:\Documents and Settings\PC-user\Local Settings\Application Data\Maker3D 2014-02-23 08:24:09 -------- d-----w- D:\Documents and Settings\PC-user\Local Settings\Application Data\WMTools Downloaded Files 2014-02-22 01:11:33 442A922AD9CB3A6146D0C55E1FF57E0F 87304 ----a-w- D:\Documents and Settings\PC-user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-02-19 17:09:55 -------- d-----w- D:\Documents and Settings\PC-user\Application Data\ViStart 2014-02-19 17:04:22 -------- d-----w- D:\Documents and Settings\PC-user\Application Data\ViGlance 2014-02-15 18:30:16 -------- d-----w- D:\Documents and Settings\PC-user\Application Data\Licenses_ 2014-02-11 17:33:25 -------- d-----w- D:\Documents and Settings\PC-user\Start Menu\Programs\IrfanView\I-play Games\Zuma Deluxe 2014-02-11 17:33:25 -------- d-----w- D:\Documents and Settings\PC-user\Start Menu\Programs\IrfanView\I-play Games 2014-02-10 18:21:20 -------- d-----w- D:\Documents and Settings\PC-user\Application Data\TeamViewer ====== D:\Documents and Settings\PC-user ====== 2014-02-25 13:32:55 363A4A68A86441777924DF8219AEB72C 489392 ----a-w- D:\Documents and Settings\PC-user\My Documents\APNSetup1.exe ====== D: exe-files == 2014-03-08 00:22:01 A845789676F7D2A542E708EB5CAC12C9 1244192 ----a-w- D:\Documents and Settings\PC-user\My Documents\Downloads\adwcleaner.exe 2014-03-04 08:34:36 99EDAB82414D23D14947415E5C502FE1 786136 ----a-w- D:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.146\33.0.1750.146_33.0.1750.117_chrome_updater.exe 2014-03-02 09:44:37 CEDE02D7AF62449A2C38C49ABECC0CD3 4995416 ----a-w- D:\Documents and Settings\PC-user\My Documents\Downloads\vcredist_x86.exe 2014-03-01 11:34:37 EC248F3A4D3F3D571C060397FA659906 190976 ----a-w- D:\Documents and Settings\PC-user\Local Settings\Temp\Rar$EXa0.106\KeyGen\Keygen.exe === D: other files == 2014-03-06 13:41:22 54AD272481C35FE3810B4CEE504655D0 4026320 ----a-w- D:\Documents and Settings\PC-user\My Documents\Forum_wml_html_20.zip 2014-03-05 08:57:03 4CA2FA630F1F8A58334F7CA23504DDAA 19783 ----a-w- D:\Documents and Settings\PC-user\My Documents\Downloads\metro-engine-alpha.zip 2014-03-01 17:48:13 7E1C072961BE0D108C81AB91BD89D687 957290 ----a-w- D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1343024091-412668190-1644491937-500\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" "DAEMON Tools Lite"="D:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "uTorrent"="D:\Documents and Settings\PC-user\Application Data\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="D:\Program Files\Analog Devices\Core\smax4pnp.exe" "SoundMAX"="D:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray" "NvCplDaemon"="RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" "AvastUI.exe"="D:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "MTel_ontenegro Imola ModemListener"="D:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe start" "SunJavaUpdateSched"="D:\Program Files\Common Files\Java\Java Update\jusched.exe" "GB_UPDATE"="G:\Razer Game Booster\AutoUpdate.exe /AUTORUN" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" "DAEMON Tools Lite"="D:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "uTorrent"="D:\Documents and Settings\PC-user\Application Data\uTorrent\uTorrent.exe /MINIMIZED" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DTLite" "hkey"="HKCU" "command"="\"D:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iLivid" "hkey"="HKCU" "command"="\"D:\\Documents and Settings\\PC-user\\Local Settings\\Application Data\\iLivid\\iLivid.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"D:\\Documents and Settings\\PC-user\\Application Data\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "EaseUS EPM tray"="G:\\EaseUS Partition Master 9.3.0\\bin\\EpmNews.exe" "SunJavaUpdateSched"="\"D:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "GB_UPDATE"="\"G:\\Razer Game Booster\\AutoUpdate.exe\" /AUTORUN" ==== Task Scheduler Jobs ====================== D:\WINDOWS\tasks\avast\Undetermined Task.exe [] D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ D:\Program Files\Google\Update\GoogleUpdate.exe [25.12.2013 15:15] D:\WINDOWS\tasks\Hybrid.job --a------ [Undetermined Task] D:\WINDOWS\tasks\IORRT.job --a------ [Undetermined Task] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="D:\Program Files\AVAST Software\Avast\WebRep\FF" [25.12.2013 15:15] ==== Firefox Extensions ====================== ProfilePath: D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default - Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org - 4shared Desktop Plugin - %ProfilePath%\extensions\4sharedCopyLinks.xpi - Ask Toolbar - %ProfilePath%\extensions\toolbar_SHD-V7@apn.ask.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: D:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default A9C86900D2A61728C8326FE7147617C5 - D:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update A9191AE22A8F1287B5E2DF33E3A57253 - D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51 9B10927CFD0F7AD39E40C0E34005B1AD - D:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 2557FBC582910A71CDEB0F22886D118D - D:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash 55998FDEDA3849F9AE6660C8B8F32305 - D:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll - Oberon com adapter 28000D7EEB2FD95A36E1A7539F599C3B - D:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - D:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - D:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM A2EA5C73896AC06D2811A2AC157350BF - D:\Program Files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll - Adobe Acrobat ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25.12.2013 15:15] jljheddigenhleadfofeccneimcmlefp - D:\Documents and Settings\PC-user\Application Data\speedtest4354\speedtest4354.crx[19.12.2013 22:52] Speed Test 127 - PC-user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp Google Wallet - PC-user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}" {720213a6-9c98-4831-b8b8-0fe22b070670} SweetTunes Search Url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3309767&CUI=UN11379035163226023&UM=2" ==== HijackThis Entries ====================== O1 - Hosts: 5.79.87.21 valve-master-server.com O1 - Hosts: 5.79.87.21 ms.cs-servera.net O1 - Hosts: 5.79.87.21 ms.turbo-boost.ru O1 - Hosts: 5.79.87.21 ms.cs-monitor.ru O1 - Hosts: 5.79.87.21 css.setti.info O1 - Hosts: 5.79.87.21 ms1.msboost.ru O1 - Hosts: 5.79.87.21 ms2.msboost.ru O1 - Hosts: 5.79.87.21 ms.strikes.ru O1 - Hosts: 5.79.87.21 ms2.strikes.ru O1 - Hosts: 5.79.87.21 ms1.cs-exes.ru O1 - Hosts: 5.79.87.21 ms2.cs-exes.ru O1 - Hosts: 5.79.87.21 ms.a114.ru O1 - Hosts: 5.79.87.21 1.masterserver.su O1 - Hosts: 5.79.87.21 ms.megafrag.ru O1 - Hosts: 5.79.87.21 balkan.masterserver.me O1 - Hosts: 5.79.87.21 ms2.amxboost.ru:27010 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AvastUI.exe] "D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [MTel_ontenegro Imola ModemListener] D:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe start O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [GB_UPDATE] "G:\Razer Game Booster\AutoUpdate.exe" /AUTORUN O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [uTorrent] "D:\Documents and Settings\PC-user\Application Data\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O8 - Extra context menu item: &Download All using 4shared Desktop - res://D:\Program Files\4shared Desktop\Desktop.32/D_ALL_LINK O8 - Extra context menu item: &Download using 4shared Desktop - res://D:\Program Files\4shared Desktop\Desktop.32/D_ONE_LINK O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: MTel_ontenegro Imola Modem Device Helper - Unknown owner - D:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - D:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe ==== D:\zoek_backup content ====================== D:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on sub 08.03.2014 at 1:33:18,48 ======================

Profil

TwinHeadedEagle Poslao: 08 Mar 2014 10:45 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni zoek ; zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; U beli okvir prozora iskopiraj sledeći tekst: `D:\Documents and Settings\PC-user\My Documents\APNSetup1.exe;f [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid];r D:\\Documents and Settings\\PC-user\\Local Settings\\Application Data\\iLivid;fs toolbar_SHD-V7@apn.ask.com.xpi;ff jljheddigenhleadfofeccneimcmlefp;chr autoclean; emptyclsid; emptyalltemp;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku. Zatim Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl Zatim Preuzmi aswMBR i sacuvaj ga na Desktop. Dvoklikom pokreni aswMBR. Ukoliko dobijes sledecu poruku: Would you like to download latest Avast! virus definitions? Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi. Proveri da je pod AV Scan: izabrana opcija QuickScan Klikni na Scan. Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log. Sacuvaj aswMBR log na Desktop. Sadrzaj tog loga iskopiraj u temi.

Profil

rasothegamer Poslao: 08 Mar 2014 12:34 Idi na vrh
offline rasothegamer Ugledni građanin Pridružio: 02 Sep 2013 Poruke: 496	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 08 Mar 2014 11:11 evo zoek,a za ostalo cu malo kasnije Dopuna: 08 Mar 2014 11:11 Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by PC-user on sub 08.03.2014 at 1:53:03,51. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: D:\Documents and Settings\PC-user\My Documents\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== D:\zoek-results2014-03-08-003318.log 23192 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1343024091-412668190-1644491937-500\Software\Microsoft\Internet Explorer\SearchScopes\{720213a6-9c98-4831-b8b8-0fe22b070670} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default user.js not found ---- Lines toolbar_SHD-V7@apn.ask.com.xpi modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"D:\\\\Program Files\\\\AVAST So ---- FireFox user.js and prefs.js backups ---- prefs_08.03.2014_0202_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid] ==== Deleting Files \ Folders ====================== D:\\Documents and Settings\\PC-user\\Local Settings\\Application Data\\iLivid not found D:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted D:\Program Files\Free Download Manager deleted D:\Documents and Settings\PC-user\Application Data\UserFlag.ini deleted D:\Documents and Settings\PC-user\Application Data\freegames111 deleted D:\Documents and Settings\PC-user\Application Data\speedtest4354 deleted D:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Setting.dat deleted D:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Free Download Manager deleted D:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\SearchProtect deleted D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Free Download Manager deleted "D:\Documents and Settings\PC-user\My Documents\APNSetup1.exe" deleted "D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default\extensions\toolbar_SHD-V7@apn.ask.com.xpi" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="D:\Program Files\AVAST Software\Avast\WebRep\FF" [25.12.2013 15:15] ==== Firefox Extensions ====================== ProfilePath: D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default - Undetermined - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org - 4shared Desktop Plugin - %ProfilePath%\extensions\4sharedCopyLinks.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: D:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default A9C86900D2A61728C8326FE7147617C5 - D:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update A9191AE22A8F1287B5E2DF33E3A57253 - D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51 9B10927CFD0F7AD39E40C0E34005B1AD - D:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 2557FBC582910A71CDEB0F22886D118D - D:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash 55998FDEDA3849F9AE6660C8B8F32305 - D:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll - Oberon com adapter 28000D7EEB2FD95A36E1A7539F599C3B - D:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - D:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - D:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM A2EA5C73896AC06D2811A2AC157350BF - D:\Program Files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll - Adobe Acrobat ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25.12.2013 15:15] jljheddigenhleadfofeccneimcmlefp - D:\Documents and Settings\PC-user\Application Data\speedtest4354\speedtest4354.crx[] Speed Test 127 - PC-user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp Google Wallet - PC-user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== D:\Documents and Settings\PC-user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1343024091-412668190-1644491937-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully HKEY_CLASSES_ROOT\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jljheddigenhleadfofeccneimcmlefp deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Free Download Manager_is1 deleted successfully ==== Empty IE Cache ====================== D:\Documents and Settings\Default User.WINDOWS\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully D:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot D:\Documents and Settings\PC-user\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== D:\Documents and Settings\PC-user\Local Settings\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default\Cache emptied successfully ==== Empty Chrome Cache ====================== D:\Documents and Settings\PC-user\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== D:\zoek_backup content ====================== D:\zoek_backup (files=218 folders=31 30255616 bytes) ==== Empty Temp Folders ====================== D:\Documents and Settings\Default User.WINDOWS\Local Settings\Temp emptied successfully D:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully D:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully D:\Documents and Settings\PC-user\Local Settings\Temp will be emptied at reboot D:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== D:\WINDOWS\Temp successfully emptied D:\DOCUME~1\PC-user\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== D:\$RECYCLE.BIN successfully emptied D:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "D:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "D:\Documents and Settings\PC-user\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on sub 08.03.2014 at 2:09:01,98 ====================== Dopuna: 08 Mar 2014 12:22 Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2014 Ran by PC-user (administrator) on RASO-STYLE on 08-03-2014 03:20:11 Running from D:\Documents and Settings\PC-user\My Documents\Downloads Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 7 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe (Oracle Corporation) D:\Program Files\Java\jre7\bin\jqs.exe () D:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe (NVIDIA Corporation) D:\WINDOWS\system32\nvsvc32.exe (TeamViewer GmbH) D:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) D:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) D:\WINDOWS\system32\wscntfy.exe (Analog Devices, Inc.) D:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) D:\Program Files\Analog Devices\SoundMAX\Smax4.exe (AVAST Software) D:\Program Files\AVAST Software\Avast\AvastUI.exe () D:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe (Oracle Corporation) D:\Program Files\Common Files\Java\Java Update\jusched.exe (Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) D:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SoundMAXPnP] - D:\Program Files\Analog Devices\Core\smax4pnp.exe [925696 2005-05-18] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] - D:\Program Files\Analog Devices\SoundMAX\Smax4.exe [716800 2005-07-26] (Analog Devices, Inc.) HKLM\...\Run: [NvCplDaemon] - D:\WINDOWS\system32\NvCpl.dll [7630848 2006-08-11] (NVIDIA Corporation) HKLM\...\Run: [nwiz] - nwiz.exe /install HKLM\...\Run: [NvMediaCenter] - D:\WINDOWS\system32\NvMcTray.dll [86016 2006-08-11] (NVIDIA Corporation) HKLM\...\Run: [AvastUI.exe] - D:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-25] (AVAST Software) HKLM\...\Run: [MTel_ontenegro Imola ModemListener] - D:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe [125504 2012-05-14] () HKLM\...\Run: [SunJavaUpdateSched] - D:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [GB_UPDATE] - G:\Razer Game Booster\AutoUpdate.exe [2051688 2013-06-05] () HKU\.DEFAULT\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32 HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "D:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect" HKU\S-1-5-19\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32 HKU\S-1-5-21-1343024091-412668190-1644491937-500\...\Run: [DAEMON Tools Lite] - D:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-1343024091-412668190-1644491937-500\...\Run: [uTorrent] - D:\Documents and Settings\PC-user\Application Data\uTorrent\uTorrent.exe [905296 2014-01-23] (BitTorrent Inc.) HKU\S-1-5-21-1343024091-412668190-1644491937-500\...\MountPoints2: {c6ea3ddb-6389-11e3-8f92-fbdf81856b22} - H:\autorun.exe ==================== Internet (Whitelisted) ==================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Hosts: 5.79.87.21 valve-master-server.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer - D:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - D:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @oberon-media.com/ONCAdapter - D:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media ) FF Plugin: @tools.google.com/Google Update;version=3 - D:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - D:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Extension: 4shared Desktop Plugin - D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default\Extensions\4sharedCopyLinks.xpi [2013-03-14] FF Extension: Adblock Plus - D:\Documents and Settings\PC-user\Application Data\Mozilla\Firefox\Profiles\abm6f2zi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-01] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-25] Chrome: ======= CHR Extension: (Google Wallet) - D:\Documents and Settings\PC-user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-31] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-25] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-25] (AVAST Software) R2 JavaQuickStarterService; D:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-26] (Oracle Corporation) R2 MTel_ontenegro Imola Modem Device Helper; D:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] () ==================== Drivers (Whitelisted) ==================== R3 AEAudioService; D:\WINDOWS\System32\drivers\AEAudio.sys [92800 2005-12-19] (Andrea Electronics Corporation) R2 aswMonFlt; D:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2013-12-25] (AVAST Software) R1 aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-12-25] (AVAST Software) R0 aswRvrt; D:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-12-25] () R1 aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [775952 2013-12-25] (AVAST Software) R1 aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [410528 2013-12-25] (AVAST Software) R1 aswTdi; D:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-12-25] (AVAST Software) R0 aswVmm; D:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2013-12-25] () R1 dtsoftbus01; D:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-25] (Disc Soft Ltd) S3 epmntdrv; D:\WINDOWS\system32\epmntdrv.sys [13896 2013-03-07] () S3 EuGdiDrv; D:\WINDOWS\system32\EuGdiDrv.sys [9160 2013-03-07] () S3 jrdusbser; D:\WINDOWS\System32\DRIVERS\jrdusbser.sys [106112 2011-06-20] (TCT International Mobile Ltd) R3 MTsensor; D:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R3 SenFiltService; D:\WINDOWS\System32\drivers\Senfilt.sys [393088 2005-06-07] (Sensaura) S3 WinRing0_1_2_0; G:\Razer Game Booster\Driver\WinRing0.sys [14416 2012-08-01] (OpenLibSys.org) S4 IntelIde; No ImagePath S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-08 03:20 - 2014-03-08 03:20 - 00000000 ____D () D:\FRST 2014-03-08 02:15 - 2014-03-08 02:15 - 00000798 _____ () D:\Documents and Settings\PC-user\Desktop\upload.php 2014-03-08 02:09 - 2014-03-08 02:09 - 00009286 _____ () D:\Documents and Settings\PC-user\Desktop\zoek-results1.txt 2014-03-08 02:07 - 2014-03-08 01:52 - 00024064 _____ () D:\WINDOWS\zoek-delete.exe 2014-03-08 01:53 - 2014-03-08 01:33 - 00023192 _____ () D:\zoek-results2014-03-08-003318.log 2014-03-08 01:33 - 2014-03-08 01:33 - 00023192 _____ () D:\Documents and Settings\PC-user\Desktop\zoek-results.txt 2014-03-08 01:31 - 2014-03-08 02:09 - 00009286 _____ () D:\zoek-results.log 2014-03-08 01:29 - 2014-03-08 02:05 - 00000000 ____D () D:\zoek_backup 2014-03-08 01:27 - 2014-03-08 01:27 - 00007934 _____ () D:\Documents and Settings\PC-user\Desktop\AdwCleaner[S0].txt 2014-03-08 01:22 - 2014-03-08 01:24 - 00000000 ____D () D:\AdwCleaner 2014-03-07 10:06 - 2014-03-07 10:06 - 00015191 _____ () D:\Documents and Settings\PC-user\Desktop\dds.txt 2014-03-07 10:06 - 2014-03-07 10:06 - 00004746 _____ () D:\Documents and Settings\PC-user\Desktop\attach.txt 2014-03-06 14:41 - 2014-03-06 05:42 - 04026320 _____ () D:\Documents and Settings\PC-user\My Documents\Forum_wml_html_20.zip 2014-03-01 12:34 - 2014-03-01 12:34 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Aurora 3D Text & Logo Maker 2014-03-01 12:34 - 2011-09-13 17:58 - 00581632 _____ (Optima SC Inc.) D:\WINDOWS\system32\vp8vfw.dll 2014-02-25 14:49 - 2014-02-25 14:51 - 06696138 _____ () D:\Documents and Settings\PC-user\My Documents\WD0186.wmv 2014-02-25 14:38 - 2014-03-05 09:39 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Apple Computer 2014-02-25 14:38 - 2014-03-05 09:37 - 00002193 _____ () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Safari.lnk 2014-02-25 14:38 - 2014-02-25 14:39 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\Apple Computer 2014-02-25 14:38 - 2014-02-25 14:38 - 00065520 ____H () D:\WINDOWS\system32\mlfcache.dat 2014-02-25 14:37 - 2014-02-25 14:38 - 00000000 ____D () D:\Program Files\Safari 2014-02-25 14:37 - 2014-02-25 14:37 - 00001830 _____ () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Apple Software Update.lnk 2014-02-25 14:37 - 2014-02-25 14:37 - 00000000 ____D () D:\Program Files\Apple Software Update 2014-02-25 14:37 - 2014-02-25 14:37 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Apple 2014-02-25 14:37 - 2014-02-25 14:37 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer 2014-02-25 14:37 - 2014-02-25 14:37 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\Apple 2014-02-25 14:33 - 2014-02-25 14:33 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\4shared Tools 2014-02-25 13:54 - 2014-02-25 14:01 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\kaneandlynch 2014-02-25 13:53 - 2014-02-25 13:53 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Eidos 2014-02-25 13:45 - 2014-02-25 13:45 - 00000000 ____D () D:\Program Files\OpenAL 2014-02-25 13:44 - 2014-02-25 13:46 - 00126043 _____ () D:\WINDOWS\DirectX.log 2014-02-25 13:44 - 2014-02-25 13:45 - 00000350 _____ () D:\WINDOWS\DXError.log 2014-02-25 13:44 - 2014-02-25 13:44 - 00000000 ____D () D:\WINDOWS\system32\xlive 2014-02-24 15:15 - 2014-02-24 15:15 - 00000000 ____D () D:\Web 2014-02-24 15:15 - 2014-02-24 15:15 - 00000000 ____D () D:\Resources 2014-02-24 13:44 - 2014-02-24 13:44 - 00000000 ____D () D:\Documents and Settings\PC-user\My Documents\Aurora3D 2014-02-24 13:42 - 2014-02-24 13:42 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Maker3D 2014-02-24 13:42 - 2014-02-24 13:42 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Configure 2014-02-24 13:17 - 2014-02-24 13:17 - 00000406 __RSH () D:\Documents and Settings\All Users.WINDOWS\ntuser.pol 2014-02-24 13:15 - 2014-02-24 13:15 - 00000000 ___HD () D:\WINDOWS\system32\GroupPolicy 2014-02-23 09:24 - 2014-03-01 15:38 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\WMTools Downloaded Files 2014-02-22 09:14 - 2014-02-22 09:14 - 00000000 ____D () D:\Program Files\EA GAMES 2014-02-22 09:14 - 2007-04-04 23:39 - 00442368 ____R (On2.com) D:\WINDOWS\system32\vp6vfw.dll 2014-02-22 04:08 - 2014-03-01 19:33 - 00000311 _____ () D:\WINDOWS\wiadebug.log 2014-02-22 04:08 - 2014-03-01 18:00 - 00000048 _____ () D:\WINDOWS\wiaservc.log 2014-02-22 04:08 - 2014-02-25 13:45 - 00413696 _____ (Creative Labs) D:\WINDOWS\system32\wrap_oal.dll 2014-02-22 04:08 - 2014-02-25 13:45 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) D:\WINDOWS\system32\OpenAL32.dll 2014-02-22 04:08 - 2014-02-22 04:08 - 00000000 _____ () D:\WINDOWS\Sti_Trace.log 2014-02-22 02:11 - 2014-02-24 14:08 - 00087304 _____ () D:\Documents and Settings\PC-user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-02-21 11:14 - 2014-02-24 14:07 - 00306008 _____ () D:\WINDOWS\system32\FNTCACHE.DAT 2014-02-21 10:45 - 2014-03-08 02:47 - 00131569 _____ () D:\WINDOWS\setupapi.log 2014-02-21 10:18 - 2014-02-21 10:33 - 00000000 ____D () D:\WINDOWS\system32\NtmsData 2014-02-21 08:20 - 2014-02-21 08:20 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA 2014-02-19 19:25 - 2014-02-19 19:25 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Counter-Strike 1.6 2014-02-19 18:09 - 2014-02-19 18:10 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\ViStart 2014-02-19 18:04 - 2014-02-19 18:04 - 06912054 _____ () D:\WINDOWS\clwcp.bmp 2014-02-19 18:04 - 2014-02-19 18:04 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\ViGlance 2014-02-19 18:04 - 2008-04-14 09:00 - 00218624 _____ (Microsoft Corporation) D:\WINDOWS\system32\uxtheme.dll.backup 2014-02-19 17:59 - 2014-02-19 18:20 - 00000000 ____D () D:\WINDOWS\system32\VITrans 2014-02-19 17:59 - 2014-02-19 18:08 - 00000000 ____D () D:\VTPFiles 2014-02-19 17:59 - 2007-11-24 07:00 - 00517120 _____ () D:\WINDOWS\system32\CLWCP.exe 2014-02-19 17:59 - 2006-12-03 17:15 - 00111104 _____ () D:\WINDOWS\system32\Uharc.exe 2014-02-19 17:59 - 2006-12-03 17:15 - 00069632 _____ () D:\WINDOWS\system32\moveex.exe 2014-02-19 17:59 - 2006-12-03 17:14 - 00008636 _____ () D:\WINDOWS\system32\modifype.exe 2014-02-19 17:59 - 2004-11-27 19:00 - 00094208 _____ (Sysinternals - www.sysinternals.com) D:\WINDOWS\system32\pskill.exe 2014-02-19 17:47 - 2014-02-22 10:18 - 00000000 ____D () D:\Documents and Settings\PC-user\Desktop\liki 2014-02-19 17:47 - 2014-02-20 16:57 - 00000000 ____D () D:\Documents and Settings\PC-user\Desktop\naki 2014-02-15 19:30 - 2014-02-15 19:30 - 00000923 _____ () D:\Documents and Settings\PC-user\Start Menu\Programs\Zelite li da postanete MILIONER.lnk 2014-02-15 19:30 - 2014-02-15 19:30 - 00000000 ____D () D:\Program Files\WOW&WOO 2014-02-15 19:30 - 2014-02-15 19:30 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\Licenses_ 2014-02-15 10:22 - 2014-02-15 10:22 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Realtek 2014-02-15 10:22 - 2006-08-13 23:09 - 00083200 ____R (Realtek Semiconductor Corporation ) D:\WINDOWS\system32\Drivers\Rtenicxp.sys 2014-02-15 10:21 - 2014-02-15 10:21 - 00000000 ____D () D:\WINDOWS\OPTIONS 2014-02-15 10:21 - 2014-02-15 10:21 - 00000000 ____D () D:\Program Files\Realtek 2014-02-14 10:27 - 2014-03-07 06:30 - 00000000 ____D () D:\Documents and Settings\PC-user\Desktop\raso-style 2014-02-11 18:33 - 2014-02-11 18:33 - 00000000 ____D () D:\Program Files\Common Files\Oberon Media 2014-02-11 18:22 - 2014-02-11 18:32 - 00000000 ____D () D:\Program Files\Oberon Media 2014-02-11 18:13 - 2014-02-14 07:29 - 00000010 _____ () D:\WINDOWS\popcinfo.dat 2014-02-11 18:08 - 2014-02-11 18:09 - 00000000 ____D () D:\Program Files\Zuma Deluxe 2014-02-11 18:08 - 2014-02-11 18:08 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Zuma Deluxe 2014-02-11 18:08 - 2014-02-11 18:08 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Games 2014-02-11 18:06 - 2014-02-11 18:06 - 00001591 _____ () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Game Manager.lnk 2014-02-11 18:06 - 2014-02-11 18:06 - 00001542 _____ () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\More Great Games.lnk 2014-02-11 18:04 - 2014-02-11 18:06 - 00000000 ____D () D:\Program Files\bfgclient 2014-02-11 18:04 - 2014-02-11 18:04 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\Big Fish 2014-02-10 19:21 - 2014-02-10 19:21 - 00000000 ____D () D:\Program Files\TeamViewer 2014-02-10 19:21 - 2014-02-10 19:21 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\TeamViewer 2014-02-10 19:21 - 2014-02-10 19:21 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\TeamViewer 9 2014-02-08 22:41 - 2014-02-08 22:41 - 00000000 ____D () D:\Program Files\Chicken Invaders 2014-02-08 22:41 - 2014-02-08 22:41 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Chicken Invaders 2014-02-07 17:00 - 2014-02-07 17:00 - 00000000 ____D () D:\Documents and Settings\PC-user\My Documents\Replace 2014-02-07 17:00 - 2014-02-07 17:00 - 00000000 ____D () D:\Documents and Settings\PC-user\My Documents\CSX ==================== One Month Modified Files and Folders ======= 2014-03-08 03:20 - 2014-03-08 03:20 - 00000000 ____D () D:\FRST 2014-03-08 03:15 - 2013-12-21 18:57 - 00000000 ____D () D:\Program Files\Counter-Strike 1.6 2014-03-08 02:47 - 2014-02-21 10:45 - 00131569 _____ () D:\WINDOWS\setupapi.log 2014-03-08 02:33 - 2013-12-25 15:15 - 00000888 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-08 02:15 - 2014-03-08 02:15 - 00000798 _____ () D:\Documents and Settings\PC-user\Desktop\upload.php 2014-03-08 02:15 - 2013-12-13 00:49 - 00419043 _____ () D:\WINDOWS\WindowsUpdate.log 2014-03-08 02:13 - 2013-12-12 16:36 - 00525890 _____ () D:\WINDOWS\system32\PerfStringBackup.INI 2014-03-08 02:11 - 2013-12-14 17:56 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\uTorrent 2014-03-08 02:09 - 2014-03-08 02:09 - 00009286 _____ () D:\Documents and Settings\PC-user\Desktop\zoek-results1.txt 2014-03-08 02:09 - 2014-03-08 01:31 - 00009286 _____ () D:\zoek-results.log 2014-03-08 02:09 - 2013-12-28 22:53 - 00000214 _____ () D:\WINDOWS\Tasks\Hybrid.job 2014-03-08 02:09 - 2013-12-28 22:53 - 00000212 _____ () D:\WINDOWS\Tasks\IORRT.job 2014-03-08 02:09 - 2013-12-25 15:21 - 00000366 ____H () D:\WINDOWS\Tasks\avast! Emergency Update.job 2014-03-08 02:09 - 2013-12-12 18:18 - 00081191 _____ () D:\WINDOWS\system32\nvapps.xml 2014-03-08 02:08 - 2013-12-25 15:15 - 00000884 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-08 02:08 - 2013-12-13 00:56 - 00000006 ____H () D:\WINDOWS\Tasks\SA.DAT 2014-03-08 02:07 - 2013-12-13 00:56 - 00032382 _____ () D:\WINDOWS\SchedLgU.Txt 2014-03-08 02:07 - 2013-12-13 00:56 - 00000178 ___SH () D:\Documents and Settings\PC-user\ntuser.ini 2014-03-08 02:05 - 2014-03-08 01:29 - 00000000 ____D () D:\zoek_backup 2014-03-08 01:52 - 2014-03-08 02:07 - 00024064 _____ () D:\WINDOWS\zoek-delete.exe 2014-03-08 01:33 - 2014-03-08 01:53 - 00023192 _____ () D:\zoek-results2014-03-08-003318.log 2014-03-08 01:33 - 2014-03-08 01:33 - 00023192 _____ () D:\Documents and Settings\PC-user\Desktop\zoek-results.txt 2014-03-08 01:27 - 2014-03-08 01:27 - 00007934 _____ () D:\Documents and Settings\PC-user\Desktop\AdwCleaner[S0].txt 2014-03-08 01:24 - 2014-03-08 01:22 - 00000000 ____D () D:\AdwCleaner 2014-03-07 10:06 - 2014-03-07 10:06 - 00015191 _____ () D:\Documents and Settings\PC-user\Desktop\dds.txt 2014-03-07 10:06 - 2014-03-07 10:06 - 00004746 _____ () D:\Documents and Settings\PC-user\Desktop\attach.txt 2014-03-07 06:30 - 2014-02-14 10:27 - 00000000 ____D () D:\Documents and Settings\PC-user\Desktop\raso-style 2014-03-06 05:42 - 2014-03-06 14:41 - 04026320 _____ () D:\Documents and Settings\PC-user\My Documents\Forum_wml_html_20.zip 2014-03-05 09:39 - 2014-02-25 14:38 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Apple Computer 2014-03-05 09:37 - 2014-02-25 14:38 - 00002193 _____ () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Safari.lnk 2014-03-04 15:23 - 2013-12-28 22:53 - 00000000 ___HD () D:\IORRT 2014-03-04 09:23 - 2013-12-13 16:31 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help 2014-03-01 19:33 - 2014-02-22 04:08 - 00000311 _____ () D:\WINDOWS\wiadebug.log 2014-03-01 19:29 - 2013-12-31 17:09 - 00014848 _____ () D:\Documents and Settings\PC-user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-03-01 18:06 - 2014-01-13 17:26 - 00000132 _____ () D:\Documents and Settings\PC-user\Application Data\Adobe PNG Format CS5 Prefs 2014-03-01 18:00 - 2014-02-22 04:08 - 00000048 _____ () D:\WINDOWS\wiaservc.log 2014-03-01 17:44 - 2013-12-22 16:22 - 00000000 ____D () D:\Documents and Settings\PC-user\My Documents\Camtasia Studio 2014-03-01 15:38 - 2014-02-23 09:24 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\WMTools Downloaded Files 2014-03-01 15:17 - 2013-12-12 18:25 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\Adobe 2014-03-01 12:34 - 2014-03-01 12:34 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Aurora 3D Text & Logo Maker 2014-02-28 15:53 - 2008-04-14 09:00 - 00002206 _____ () D:\WINDOWS\system32\wpa.dbl 2014-02-25 14:51 - 2014-02-25 14:49 - 06696138 _____ () D:\Documents and Settings\PC-user\My Documents\WD0186.wmv 2014-02-25 14:39 - 2014-02-25 14:38 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\Apple Computer 2014-02-25 14:38 - 2014-02-25 14:38 - 00065520 ____H () D:\WINDOWS\system32\mlfcache.dat 2014-02-25 14:38 - 2014-02-25 14:37 - 00000000 ____D () D:\Program Files\Safari 2014-02-25 14:37 - 2014-02-25 14:37 - 00001830 _____ () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Apple Software Update.lnk 2014-02-25 14:37 - 2014-02-25 14:37 - 00000000 ____D () D:\Program Files\Apple Software Update 2014-02-25 14:37 - 2014-02-25 14:37 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Apple 2014-02-25 14:37 - 2014-02-25 14:37 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer 2014-02-25 14:37 - 2014-02-25 14:37 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\Apple 2014-02-25 14:37 - 2013-12-25 14:50 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\Free Download Manager 2014-02-25 14:33 - 2014-02-25 14:33 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\4shared Tools 2014-02-25 14:01 - 2014-02-25 13:54 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\kaneandlynch 2014-02-25 13:53 - 2014-02-25 13:53 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Eidos 2014-02-25 13:46 - 2014-02-25 13:44 - 00126043 _____ () D:\WINDOWS\DirectX.log 2014-02-25 13:46 - 2013-12-13 00:49 - 00000000 ____D () D:\WINDOWS\system32\DirectX 2014-02-25 13:45 - 2014-02-25 13:45 - 00000000 ____D () D:\Program Files\OpenAL 2014-02-25 13:45 - 2014-02-25 13:44 - 00000350 _____ () D:\WINDOWS\DXError.log 2014-02-25 13:45 - 2014-02-22 04:08 - 00413696 _____ (Creative Labs) D:\WINDOWS\system32\wrap_oal.dll 2014-02-25 13:45 - 2014-02-22 04:08 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) D:\WINDOWS\system32\OpenAL32.dll 2014-02-25 13:44 - 2014-02-25 13:44 - 00000000 ____D () D:\WINDOWS\system32\xlive 2014-02-24 15:15 - 2014-02-24 15:15 - 00000000 ____D () D:\Web 2014-02-24 15:15 - 2014-02-24 15:15 - 00000000 ____D () D:\Resources 2014-02-24 15:14 - 2004-06-29 19:14 - 00892696 _____ (Microsoft Corp. ) D:\Documents and Settings\PC-user\My Documents\Royale Theme for Win XP.exe 2014-02-24 14:08 - 2014-02-22 02:11 - 00087304 _____ () D:\Documents and Settings\PC-user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-02-24 14:07 - 2014-02-21 11:14 - 00306008 _____ () D:\WINDOWS\system32\FNTCACHE.DAT 2014-02-24 13:44 - 2014-02-24 13:44 - 00000000 ____D () D:\Documents and Settings\PC-user\My Documents\Aurora3D 2014-02-24 13:42 - 2014-02-24 13:42 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Maker3D 2014-02-24 13:42 - 2014-02-24 13:42 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Configure 2014-02-24 13:17 - 2014-02-24 13:17 - 00000406 __RSH () D:\Documents and Settings\All Users.WINDOWS\ntuser.pol 2014-02-24 13:17 - 2013-12-12 16:42 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS 2014-02-24 13:15 - 2014-02-24 13:15 - 00000000 ___HD () D:\WINDOWS\system32\GroupPolicy 2014-02-22 10:18 - 2014-02-19 17:47 - 00000000 ____D () D:\Documents and Settings\PC-user\Desktop\liki 2014-02-22 09:14 - 2014-02-22 09:14 - 00000000 ____D () D:\Program Files\EA GAMES 2014-02-22 04:10 - 2013-12-29 20:14 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\Media Player Classic 2014-02-22 04:10 - 2013-12-13 00:56 - 00000178 ___SH () D:\Documents and Settings\LocalService\ntuser.ini 2014-02-22 04:08 - 2014-02-22 04:08 - 00000000 _____ () D:\WINDOWS\Sti_Trace.log 2014-02-22 04:07 - 2013-12-25 13:39 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\DAEMON Tools Lite 2014-02-21 15:40 - 2014-01-23 20:41 - 00000000 ____D () D:\Documents and Settings\PC-user\Start Menu\Programs\IrfanView 2014-02-21 10:33 - 2014-02-21 10:18 - 00000000 ____D () D:\WINDOWS\system32\NtmsData 2014-02-21 10:33 - 2013-12-25 15:24 - 00000000 ____D () D:\WINDOWS\Minidump 2014-02-21 08:20 - 2014-02-21 08:20 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA 2014-02-20 16:57 - 2014-02-19 17:47 - 00000000 ____D () D:\Documents and Settings\PC-user\Desktop\naki 2014-02-20 03:41 - 2013-12-13 16:35 - 00131072 _____ () D:\WINDOWS\system32\config\OAlerts.evt 2014-02-19 19:25 - 2014-02-19 19:25 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Counter-Strike 1.6 2014-02-19 18:20 - 2014-02-19 17:59 - 00000000 ____D () D:\WINDOWS\system32\VITrans 2014-02-19 18:17 - 2013-12-12 16:31 - 00000000 ____D () D:\WINDOWS\Media 2014-02-19 18:17 - 2013-12-12 16:31 - 00000000 ____D () D:\WINDOWS\Cursors 2014-02-19 18:10 - 2014-02-19 18:09 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\ViStart 2014-02-19 18:08 - 2014-02-19 17:59 - 00000000 ____D () D:\VTPFiles 2014-02-19 18:08 - 2013-12-13 00:48 - 00000000 ____D () D:\WINDOWS\system32\Restore 2014-02-19 18:08 - 2013-12-13 00:48 - 00000000 ____D () D:\Program Files\Outlook Express 2014-02-19 18:04 - 2014-02-19 18:04 - 06912054 _____ () D:\WINDOWS\clwcp.bmp 2014-02-19 18:04 - 2014-02-19 18:04 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\ViGlance 2014-02-19 18:04 - 2008-04-14 09:00 - 00218624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\uxtheme.dll 2014-02-19 18:04 - 2008-04-14 09:00 - 00218624 _____ (Microsoft Corporation) D:\WINDOWS\system32\uxtheme.dll 2014-02-19 14:41 - 2014-01-30 16:09 - 00105984 ___SH () D:\Documents and Settings\PC-user\Desktop\Thumbs.db 2014-02-15 19:30 - 2014-02-15 19:30 - 00000923 _____ () D:\Documents and Settings\PC-user\Start Menu\Programs\Zelite li da postanete MILIONER.lnk 2014-02-15 19:30 - 2014-02-15 19:30 - 00000000 ____D () D:\Program Files\WOW&WOO 2014-02-15 19:30 - 2014-02-15 19:30 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\Licenses_ 2014-02-15 10:22 - 2014-02-15 10:22 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Realtek 2014-02-15 10:21 - 2014-02-15 10:21 - 00000000 ____D () D:\WINDOWS\OPTIONS 2014-02-15 10:21 - 2014-02-15 10:21 - 00000000 ____D () D:\Program Files\Realtek 2014-02-15 10:21 - 2013-12-13 01:02 - 00000000 ___HD () D:\Program Files\InstallShield Installation Information 2014-02-15 10:21 - 2013-12-13 01:02 - 00000000 _____ () D:\WINDOWS\AS_Debug.txt 2014-02-15 10:21 - 2013-12-13 01:01 - 00018096 _____ () D:\WINDOWS\Ascd_tmp.ini 2014-02-14 22:01 - 2014-01-25 01:55 - 00000000 ____D () D:\Program Files\Mozilla Firefox 2014-02-14 07:29 - 2014-02-11 18:13 - 00000010 _____ () D:\WINDOWS\popcinfo.dat 2014-02-11 18:33 - 2014-02-11 18:33 - 00000000 ____D () D:\Program Files\Common Files\Oberon Media 2014-02-11 18:32 - 2014-02-11 18:22 - 00000000 ____D () D:\Program Files\Oberon Media 2014-02-11 18:13 - 2014-02-01 21:04 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\BigFishCache 2014-02-11 18:09 - 2014-02-11 18:08 - 00000000 ____D () D:\Program Files\Zuma Deluxe 2014-02-11 18:08 - 2014-02-11 18:08 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Zuma Deluxe 2014-02-11 18:08 - 2014-02-11 18:08 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Games 2014-02-11 18:06 - 2014-02-11 18:06 - 00001591 _____ () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Game Manager.lnk 2014-02-11 18:06 - 2014-02-11 18:06 - 00001542 _____ () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\More Great Games.lnk 2014-02-11 18:06 - 2014-02-11 18:04 - 00000000 ____D () D:\Program Files\bfgclient 2014-02-11 18:06 - 2014-02-01 21:04 - 00000000 ____D () D:\Documents and Settings\PC-user\Local Settings\Application Data\Big Fish 2014-02-11 18:04 - 2014-02-11 18:04 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Application Data\Big Fish 2014-02-10 19:21 - 2014-02-10 19:21 - 00000000 ____D () D:\Program Files\TeamViewer 2014-02-10 19:21 - 2014-02-10 19:21 - 00000000 ____D () D:\Documents and Settings\PC-user\Application Data\TeamViewer 2014-02-10 19:21 - 2014-02-10 19:21 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\TeamViewer 9 2014-02-09 00:23 - 2014-01-23 14:53 - 00065536 _____ () D:\WINDOWS\system32\config\TuneUp.evt 2014-02-08 22:41 - 2014-02-08 22:41 - 00000000 ____D () D:\Program Files\Chicken Invaders 2014-02-08 22:41 - 2014-02-08 22:41 - 00000000 ____D () D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Chicken Invaders 2014-02-07 17:00 - 2014-02-07 17:00 - 00000000 ____D () D:\Documents and Settings\PC-user\My Documents\Replace 2014-02-07 17:00 - 2014-02-07 17:00 - 00000000 ____D () D:\Documents and Settings\PC-user\My Documents\CSX ==================== Bamital & volsnap Check ================= D:\WINDOWS\explorer.exe [2008-04-14 09:00] - [2008-04-14 09:00] - 1432064 ____A (Microsoft Corporation) fe9be8e13d786cbbfcdcbe2780188902 D:\WINDOWS\system32\winlogon.exe => MD5 is legit D:\WINDOWS\system32\svchost.exe => MD5 is legit D:\WINDOWS\system32\services.exe => MD5 is legit D:\WINDOWS\system32\User32.dll => MD5 is legit D:\WINDOWS\system32\userinit.exe => MD5 is legit D:\WINDOWS\system32\rpcss.dll => MD5 is legit D:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ Dopuna: 08 Mar 2014 12:23 evo addition: https://www.mycity.rs/must-login.png Dopuna: 08 Mar 2014 12:33 evo ti ovaj aswMBR log: aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2014-03-08 03:23:34 ----------------------------- 03:23:34.437 OS Version: Windows 5.1.2600 Service Pack 3 03:23:34.437 Number of processors: 2 586 0x40A 03:23:34.437 ComputerName: RASO-STYLE UserName: PC-user 03:23:34.656 Initialize success 03:23:39.156 AVAST engine defs: 14030701 03:23:47.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e 03:23:47.640 Disk 0 Vendor: SAMSUNG_HD160HJ BF100-12 Size: 152627MB BusType: 3 03:23:47.750 Disk 0 MBR read successfully 03:23:47.750 Disk 0 MBR scan 03:23:48.062 Disk 0 Windows 7 default MBR code 03:23:48.078 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 70001 MB offset 63 03:23:48.156 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 29996 MB offset 143364060 03:23:48.171 Disk 0 Partition - 00 0F Extended LBA 29996 MB offset 204796620 03:23:48.187 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 9993 MB offset 266229760 03:23:48.234 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29996 MB offset 204796683 03:23:48.250 Disk 0 scanning sectors +286695990 03:23:48.390 Disk 0 scanning D:\WINDOWS\system32\drivers 03:23:55.046 Service scanning 03:24:08.187 Modules scanning 03:24:15.468 Disk 0 trace - called modules: 03:24:15.484 TUKERNEL.EXE CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS 03:24:15.484 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8232eab8] 03:24:15.484 3 CLASSPNP.SYS[f8576fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x82358d98] 03:24:15.640 AVAST engine scan D:\WINDOWS 03:24:17.703 AVAST engine scan D:\WINDOWS\system32 03:25:26.359 AVAST engine scan D:\WINDOWS\system32\drivers 03:25:32.750 AVAST engine scan D:\Documents and Settings\PC-user 03:29:02.859 File: D:\Documents and Settings\PC-user\My Documents\Downloads\CodecPerformerSetup.exe INFECTED Win32:Malware-gen 03:29:24.140 File: D:\Documents and Settings\PC-user\My Documents\Downloads\zoek.exe INFECTED Win32:Malware-gen 03:29:45.812 AVAST engine scan D:\Documents and Settings\All Users.WINDOWS 03:30:44.046 Scan finished successfully 03:31:44.937 Disk 0 MBR has been saved successfully to "D:\Documents and Settings\PC-user\Desktop\MBR.dat" 03:31:45.000 The log file has been saved successfully to "D:\Documents and Settings\PC-user\Desktop\aswMBR.txt" Dopuna: 08 Mar 2014 12:34 jel moguce da zoek ima virus 03:29:24.140 File: D:\Documents and Settings\PC-user\My Documents\Downloads\zoek.exe INFECTED Win32:Malware-gen

Profil

TwinHeadedEagle Poslao: 08 Mar 2014 12:38 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To je pogresna detekcija. Racunar je cist, kakvo je sada stanje? U downloads folderu imas par Adware detekcija, obrisi tamo sve sto ne koristis.

Profil

rasothegamer Poslao: 08 Mar 2014 13:18 Idi na vrh
offline rasothegamer Ugledni građanin Pridružio: 02 Sep 2013 Poruke: 496	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sada je ok,hvala

Profil

TwinHeadedEagle Poslao: 08 Mar 2014 13:26 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, ostaje jos da pocistimo alate: Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Alat ce ukloniti sve koriscene alate u ovoj temi... Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Nije potrebno dostavljati izvestaj.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » provera racunara

Ko je trenutno na forumu

Ukupno su 896 korisnika na forumu :: 38 registrovanih, 8 sakrivenih i 850 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., bigfoot, comi_pfc, Dvojac005, FileFinder, FOX, Frunze, hologram, HrcAk47, kikisp, Krvava Devetka, Kubovac, kybonacci, ladro, Luka1998, mercedesamg, mikrimaus, milenko crazy north, milos.cbr, milutin134, MiroslavD, Mlav, Ne doznajem se u oružje, nebojsag, nemkea71, nenad81, nextyamb, nuke92, panzerwaffe, Smajser, Srle993, stegonosa, Stoilkovic, suton, Trpe Grozni, vathra, Vlad000, vladulns

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by