offline
- Springfield
- Moderator foruma
- 100%Milanista
- Information Technology
- Pridružio: 23 Avg 2008
- Poruke: 2634
- Gde živiš: Milan, Italy
|
Pozdrav,
Na jedom laptopu imam XP jos odavno je taj system na njega. I sad je pun virusa i ko zna jos ceka unistalirao sam brdo nepotrebnih stvari i instalirao avast i mcshield. Hocu da se otarasim gamadi i da ga koliko toliko osposobim za normalan rad. Evo log...
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Ivan (administrator) on IVAN-34C8DC74EF on 28-03-2015 14:18:03
Running from C:\Documents and Settings\Ivan\Desktop
Loaded Profiles: Ivan (Available profiles: Ivan)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Bandoo Media Inc.) C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe
(Bandoo Media Inc.) C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe
(Bandoo Media Inc.) C:\Program Files\Movies App\Datamngr\DatamngrUI.exe
() C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
() C:\Documents and Settings\All Users\Application Data\Internet Manager\OnlineUpdate\ouc.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(SigmaTel, Inc.) C:\WINDOWS\system32\stacsv.exe
(Graphisoft SE) C:\Program Files\GRAPHISOFT\BIM Server\Server Modules\1600\TeamworkServer\TeamworkServerMonitorService.exe
() C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe
() C:\Program Files\Join Air\AssistantServices.exe
(Creative Technology Ltd.) C:\WINDOWS\OEM02Mon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [OEM02Mon.exe] => C:\WINDOWS\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM\...\Run: [Regedit32] => C:\WINDOWS\system32\regedit.exe
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-28] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-19\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\Run: [sucgapsiwiba] => C:\Documents and Settings\Ivan\sucgapsiwiba.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {1bb3bb16-91e1-11e2-85f0-001644ea98f7} - G:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {1bb3bb19-91e1-11e2-85f0-001644ea98f7} - G:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {1bb3bb1c-91e1-11e2-85f0-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {21617ace-9664-11e2-85f4-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {21617ad1-9664-11e2-85f4-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {294e2c80-673a-11e3-873c-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {2c8c80cf-cc1b-11e2-865f-001644ea98f7} - F:\Windows\Install.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {2c8c80d3-cc1b-11e2-865f-001644ea98f7} - F:\Windows\Install.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {2c8c80d7-cc1b-11e2-865f-001644ea98f7} - F:\Windows\Install.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {3bef09e2-0ac6-11e4-87df-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {3bef09e5-0ac6-11e4-87df-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {85ef0f9f-2e44-11e3-86fc-001644ea98f7} - F:\iLinker.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {8a08bd28-cc67-11e2-8660-001644ea98f7} - G:\Windows\Install.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {a9ce0896-59c3-11e3-872c-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {a9ce089b-59c3-11e3-872c-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {ba78af40-ceb2-11e3-87b2-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {ba78af43-ceb2-11e3-87b2-001644ea98f7} - F:\AutoRun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {e977f8f8-c3d7-11e2-8650-001644ea98f7} - F:\autorun.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {f3307811-cc0c-11e2-865e-001644ea98f7} - F:\Windows\Install.exe
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\...\MountPoints2: {f3307816-cc0c-11e2-865e-001644ea98f7} - F:\Windows\Install.exe
HKU\S-1-5-18\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Lsa: [Authentication Packages] msv1_0 nwprovau
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies app\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies App\Datamngr\apcrtldr.dll [488448 2014-08-06] () <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A&gct=hp&.....83&t=4
HKU\S-1-5-21-583907252-1004336348-1417001333-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-583907252-1004336348-1417001333-1003 -> DefaultScope Software\Microsoft\Internet Explorer\SearchScopes URL =
SearchScopes: HKU\S-1-5-21-583907252-1004336348-1417001333-1003 -> {6D64DA1C-F88B-4230-8713-6BCF209E2A22} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071813&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-583907252-1004336348-1417001333-1003 -> {93C7EBCC-70B4-41EA-878B-DBD7AD11BDCF} URL = http://search.yahoo.com/search?ei=utf-8&fr=chr.....=12&p={searchTerms}
SearchScopes: HKU\S-1-5-21-583907252-1004336348-1417001333-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG6&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-28] (Avast Software s.r.o.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Help the General-Search Project -> {CA4520F3-AE13-4FB1-A513-58E23991C86D} -> C:\Documents and Settings\Ivan\Application Data\Media Finder\Extensions\gencrawler_gc.dll [2012-08-25] ()
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1281&v=a13653-183&t=4
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=1281&systemid=406&v=a13653-183&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3520120051914381&o=APN10645&q=
FF Plugin: @graphisoft.com/GDL Web Plug-in -> C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-06-13] (Graphisoft SE)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-08-17] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-08-17] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-08-17] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-08-17] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll [2014-10-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll [2014-10-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\user.js [2012-08-09]
FF SearchPlugin: C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\searchplugins\Ask.xml [2014-09-29]
FF SearchPlugin: C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\searchplugins\bingp.xml [2013-07-18]
FF SearchPlugin: C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\searchplugins\yahoo_ff.xml [2013-10-01]
FF Extension: No Name - C:\Documents and Settings\Ivan\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediafinder.com [2013-10-14]
FF Extension: General Crawler - C:\Documents and Settings\Ivan\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2013-05-24]
FF Extension: No Name - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\savingsslider@mybrowserbar.com [2014-11-29]
FF Extension: No Name - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\{229ae5b5-5528-4a17-bfb4-1f7b10d4d006} [2015-03-28]
FF Extension: No Name - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2015-03-24]
FF Extension: New tab - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\{3EFE9303-0141-5987-A155-001F9D9C9E98} [2013-10-08]
FF Extension: No Name - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} [2015-03-24]
FF Extension: uTorrentControl_v6 - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-10-17]
FF Extension: No Name - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\{CE36D7E8-11CC-D9A8-3684-BE6E720D22A9} [2014-10-01]
FF Extension: GoPhotoIt - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\gophoto@gophoto.it.xpi [2013-08-08]
FF Extension: Torntv 3 - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\uw3xkohd.default\Extensions\trtv3@trtv.com.xpi [2013-06-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-06-02]
FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
FF Extension: BetterSurf - C:\Program Files\BetterSurf\ff [2013-11-19]
FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-28]
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox 3.6 Beta 3\firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ArchiCAD) - C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Profile: C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-31]
CHR Extension: (Google Drive) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (YouTube) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-31]
CHR Extension: (Google Search) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-31]
CHR Extension: (BetterSurf) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap [2013-11-19]
CHR Extension: (General Crawler) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2013-05-28]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-28]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2013-10-01]
CHR Extension: (Domain Error Assistant) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2013-10-01]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-19]
CHR Extension: (Slick Savings) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2013-10-01]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (No Name) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj [2013-10-15]
CHR Extension: (GoPhoto.it) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2013-10-17]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp [2013-10-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-31]
CHR Extension: (BetterSrf) - C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco [2013-11-26]
CHR HKLM\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files\TornTV.com\torntv10.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files\BetterSurf\ch\Chrome.crx [2013-11-11]
CHR HKLM\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Documents and Settings\Ivan\Application Data\Media Finder\Extensions\gencrawler_gc.crx [2013-05-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-28]
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Documents and Settings\Ivan\Application Data\Media Finder\Extensions\mf_plugin_gc.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Documents and Settings\Ivan\Local Settings\Application Data\Slick Savings\coupons.crx [2013-10-01]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx [2013-08-08]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-23]
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx [2013-11-25]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-28] (Avast Software s.r.o.)
R2 DatamngrCoordinator; C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe [3573248 2014-08-06] (Bandoo Media Inc.)
R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe [276048 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 STacSV; C:\WINDOWS\system32\STacSV.exe [94208 2007-05-10] (SigmaTel, Inc.)
S3 TeamworkMessagingServer-v16.0; C:\Program Files\GRAPHISOFT\BIM Server\Server Modules\1600\TeamworkMessagingServer\bin\win32\wrapper.exe [204800 2012-06-13] () [File not signed]
S3 TeamworkServerManager-v16.0; C:\Program Files\GRAPHISOFT\BIM Server\Server Modules\1600\TeamworkServer\TeamworkServerManager.exe [1102848 2012-06-13] (Graphisoft SE) [File not signed]
R2 TeamworkServerMonitor-v16.0; C:\Program Files\GRAPHISOFT\BIM Server\Server Modules\1600\TeamworkServer\TeamworkServerMonitorService.exe [177152 2012-06-13] (Graphisoft SE) [File not signed]
R2 Telenor_Montenegro Sepang Modem Device Helper; C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe [49752 2011-06-20] () [File not signed]
R2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [253264 2011-01-30] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-03-28] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73440 2015-03-28] (Avast Software s.r.o.)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-03-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-03-28] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788272 2015-03-28] (Avast Software s.r.o.)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427736 2015-03-28] (Avast Software s.r.o.)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-03-28] (Avast Software s.r.o.)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208024 2015-03-28] ()
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [3360768 2011-02-15] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Movies App\Datamngr\setmgrc2.cfg [34168 2014-08-06] (Bandoo Media Inc.)
S3 filtertdidriver; C:\WINDOWS\System32\drivers\ewfiltertdidriver.sys [7552 2013-08-16] (Huawei Technologies Co., Ltd.) [File not signed]
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209152 2006-11-02] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [989696 2006-11-02] (Conexant Systems, Inc.)
S3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [101248 2013-08-16] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [70528 2013-08-16] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [27776 2013-08-16] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\System32\DRIVERS\ZDDriver.sys [106496 2010-01-14] (ZD Secret Incorporated)
S3 jrdusbser; C:\WINDOWS\System32\DRIVERS\jrdusbser.sys [106112 2011-06-20] (TCT International Mobile Ltd)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2008-04-14] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2008-04-14] (Microsoft Corporation)
R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-14] (Microsoft Corporation)
S3 OEM02Afx; C:\WINDOWS\system32\Drivers\OEM02Afx.sys [141376 2007-06-07] (Creative Technology Ltd.)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [298016 2011-05-26] (Marvell)
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249600 2013-08-16] (Huawei Technologies Co., Ltd.)
S3 ialm; system32\DRIVERS\igxpmp32.sys [X]
S4 IntelIde; No ImagePath
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]
U1 WS2IFSL; No ImagePath
S0 WudfPf; C:\WINDOWS\system32\WudfPf.sys [X]
S3 WudfRd; C:\WINDOWS\system32\wudfrd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 14:18 - 2015-03-28 14:18 - 00031017 _____ () C:\Documents and Settings\Ivan\Desktop\FRST.txt
2015-03-28 14:17 - 2015-03-28 14:18 - 00000000 ____D () C:\FRST
2015-03-28 14:17 - 2015-03-28 14:17 - 01135104 _____ (Farbar) C:\Documents and Settings\Ivan\Desktop\FRST.exe
2015-03-28 14:06 - 2015-03-28 14:06 - 00001689 _____ () C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2015-03-28 14:06 - 2015-03-28 14:06 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2015-03-28 14:06 - 2015-03-28 14:06 - 00000000 ____D () C:\Documents and Settings\Ivan\Application Data\AVAST Software
2015-03-28 14:06 - 2015-03-28 14:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2015-03-28 14:05 - 2015-03-28 14:11 - 00000360 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-28 14:05 - 2015-03-28 14:05 - 00788272 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-03-28 14:05 - 2015-03-28 14:05 - 00427736 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-03-28 14:05 - 2015-03-28 14:05 - 00291312 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-03-28 14:05 - 2015-03-28 14:05 - 00208024 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-03-28 14:05 - 2015-03-28 14:05 - 00073440 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-03-28 14:05 - 2015-03-28 14:05 - 00057888 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-03-28 14:05 - 2015-03-28 14:05 - 00055200 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-03-28 14:05 - 2015-03-28 14:05 - 00049904 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-03-28 14:05 - 2015-03-28 14:05 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-03-28 14:05 - 2015-03-28 14:05 - 00024144 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-03-28 14:05 - 2015-03-28 14:05 - 00000687 _____ () C:\awh2B8.tmp
2015-03-28 14:02 - 2015-03-28 14:02 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-28 14:01 - 2015-03-28 14:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MCShield
2015-03-28 14:01 - 2015-03-28 14:01 - 00000000 ____D () C:\Program Files\MCShield
2015-03-28 14:01 - 2015-03-28 14:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MCShield
2015-03-28 13:59 - 2015-03-28 13:59 - 02856736 _____ (MyCity) C:\Documents and Settings\Ivan\Desktop\MCShield-Setup.exe
2015-03-28 13:59 - 2015-03-28 13:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2015-03-28 13:58 - 2015-03-28 13:58 - 05475064 _____ (Avast Software s.r.o.) C:\Documents and Settings\Ivan\Desktop\avast_free_antivirus_setup_online.exe
2015-03-28 13:09 - 2015-03-28 13:10 - 00000000 ____D () C:\WINDOWS\pss
2015-03-27 10:15 - 2015-03-27 10:32 - 00000000 ____D () C:\Documents and Settings\Ivan\Desktop\budo
2015-03-24 10:17 - 2015-03-27 12:58 - 00000000 ____D () C:\Documents and Settings\Ivan\Desktop\HFME
2015-03-22 15:46 - 2015-03-22 15:54 - 00000000 ____D () C:\Documents and Settings\Ivan\Desktop\fleska
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 14:18 - 2013-03-20 08:53 - 00000000 ____D () C:\Documents and Settings\Ivan\Local Settings\Temp
2015-03-28 14:15 - 2013-03-20 00:31 - 00563558 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-28 14:13 - 2014-09-29 12:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Datamngr
2015-03-28 14:11 - 2013-04-12 17:41 - 00000290 _____ () C:\WINDOWS\Tasks\Express FilesUpdate.job
2015-03-28 14:11 - 2013-03-31 21:50 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-28 14:11 - 2013-03-20 08:52 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-28 14:11 - 2013-03-20 08:42 - 02063052 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-28 14:11 - 2013-03-20 00:34 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-28 14:11 - 2013-03-20 00:34 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-28 14:09 - 2013-03-20 08:53 - 00000178 ___SH () C:\Documents and Settings\Ivan\ntuser.ini
2015-03-28 14:09 - 2013-03-20 08:52 - 00032554 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-28 14:08 - 2013-03-20 08:53 - 00000000 ____D () C:\Documents and Settings\Ivan
2015-03-28 13:53 - 2013-06-11 06:14 - 01104871 _____ () C:\WINDOWS\setupapi.log
2015-03-28 13:50 - 2014-10-15 10:53 - 00000000 ____D () C:\Documents and Settings\Ivan\Application Data\23067
2015-03-28 13:50 - 2013-03-26 04:46 - 00000000 ____D () C:\Program Files\wxRecnik
2015-03-28 13:50 - 2013-03-20 08:38 - 00000000 ____D () C:\Program Files\NeoSmart Technologies
2015-03-28 13:32 - 2013-03-21 05:30 - 00000000 ____D () C:\Program Files\Common Files\Nero
2015-03-28 13:28 - 2013-03-21 05:30 - 00000000 ____D () C:\Program Files\Nero
2015-03-28 13:22 - 2013-03-31 21:50 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-28 13:15 - 2014-10-15 10:55 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-03-28 13:15 - 2014-03-24 16:01 - 00000000 ____D () C:\Program Files\MediaWatchV1
2015-03-28 13:13 - 2013-06-22 11:23 - 00000000 ____D () C:\Documents and Settings\Ivan\Application Data\Skype
2015-03-28 13:10 - 2013-03-20 00:28 - 00000211 ___SH () C:\boot.ini
2015-03-28 13:10 - 2008-04-14 13:00 - 00000633 _____ () C:\WINDOWS\win.ini
2015-03-28 13:10 - 2008-04-14 13:00 - 00000246 _____ () C:\WINDOWS\system.ini
2015-03-28 13:08 - 2013-03-21 06:57 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-03-28 13:08 - 2013-03-21 04:57 - 00000000 ____D () C:\Documents and Settings\Ivan\Application Data\uTorrent
2015-03-28 13:06 - 2008-04-14 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-27 12:07 - 2013-03-26 04:43 - 00000000 ____D () C:\Program Files\The KMPlayer
2015-03-27 12:04 - 2013-03-26 04:36 - 00000000 ____D () C:\Documents and Settings\Ivan\Application Data\vlc
2015-03-27 12:02 - 2013-05-13 17:39 - 00000000 ____D () C:\Documents and Settings\Ivan\Application Data\dvdcss
2015-03-24 15:56 - 2013-03-21 05:01 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2015-03-24 11:56 - 2014-07-23 22:39 - 00000000 ____D () C:\Documents and Settings\Ivan\Desktop\ivovi radovi
2015-03-24 10:26 - 2013-10-15 21:08 - 00000000 ____D () C:\Documents and Settings\Ivan\My Documents\Mobogenie
2015-03-24 10:25 - 2013-10-15 21:08 - 00000000 ____D () C:\Documents and Settings\Ivan\Start Menu\Programs\Mobogenie
2015-03-24 10:25 - 2013-10-15 21:08 - 00000000 ____D () C:\Documents and Settings\Ivan\Local Settings\Application Data\Mobogenie
2015-03-24 10:23 - 2013-06-22 01:15 - 00000000 ____D () C:\Documents and Settings\Ivan\Local Settings\Application Data\Facebook
2015-03-24 10:21 - 2013-03-20 08:44 - 00000000 ____D () C:\WINDOWS\system32\Adobe
2015-03-24 10:19 - 2013-03-20 00:31 - 00935773 _____ () C:\WINDOWS\iis6.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00848093 _____ () C:\WINDOWS\FaxSetup.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00549285 _____ () C:\WINDOWS\ocgen.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00397012 _____ () C:\WINDOWS\tsoc.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00292069 _____ () C:\WINDOWS\comsetup.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00261008 _____ () C:\WINDOWS\msmqinst.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00176056 _____ () C:\WINDOWS\ntdtcsetup.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00150522 _____ () C:\WINDOWS\netfxocm.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00059744 _____ () C:\WINDOWS\MedCtrOC.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00043237 _____ () C:\WINDOWS\tabletoc.log
2015-03-24 10:19 - 2013-03-20 00:31 - 00001917 _____ () C:\WINDOWS\imsins.log
==================== Files in the root of some directories =======
2013-05-17 19:28 - 2009-02-03 01:31 - 78437735 _____ (Igor Pavlov) C:\Program Files\Photoshop_11.exe
2013-04-09 16:20 - 2014-12-04 14:36 - 0025088 _____ () C:\Documents and Settings\Ivan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Files to move or delete:
====================
C:\Program Files\Movies App\Datamngr\apcrtldr.dll
C:\Documents and Settings\Default User\DelB44.bat
C:\Documents and Settings\Ivan\DelB44.bat
Some content of TEMP:
====================
C:\Documents and Settings\Ivan\Local Settings\Temp\1347123126.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1349379132.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1350994680.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1351029495.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1351680821.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1352041890.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1353005512.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1353049436.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1355300352.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1355314554.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1356295944.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1356386823.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1357018526.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1357318100.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1357781908.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1359640567.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1359680962.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1364070607.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1365157657.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1366541603.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1372551929.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1374304349.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1374343256.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1462635949.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\1462641313.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\appinstall.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\Better-Surf.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\BetterSurf.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\BingBarSetup-Partner.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\BundleSweetIMSetup.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\Delta.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\DeltaTB.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\DeviceSetup.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\DriverIdentifier.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\drv44341.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\ExPromo.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\htmlayout.dll
C:\Documents and Settings\Ivan\Local Settings\Temp\install_helper.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\MybabylonTB.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\propsys.dll
C:\Documents and Settings\Ivan\Local Settings\Temp\SimilarBundleGenericDl.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\SpeedTestSetup.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\srv22467.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\toolbar98102718.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\toolbar98103250.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\uninstall501906.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\uninstall509671.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\uninstall509875.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\Upd2A9.tmp.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\upd5051.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\upd90603.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\Updater.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\utt2B2.tmp.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\vlc-1.0.2-win32.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\WSSetup.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\xmlUpdater.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\{D9CCA0E2-18DB-4D76-86E0-A757C5D728EB}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
https://www.mycity.rs/must-login.png
|