MyCity » Ambulanta -> Arhiva Ambulante » ALL YOUR FILES were encrypted - ne otvara slike ni word dokumente

ALL YOUR FILES were encrypted - ne otvara slike ni word dokumente

Napisano na dan: 22.12.2015

Strana:
1
2

ALL YOUR FILES were encrypted - ne otvara slike ni word dokumente

Sledeća strana

Pagination

Zaključano

Strana:
1
2

vakeveki Poslao: 22 Dec 2015 22:49 Idi na vrh
offline vakeveki Novi MyCity građanin Pridružio: 25 Mar 2006 Poruke: 6 Gde živiš: Po šumama i gorama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 22 Dec 2015 22:44 Poštovani članovi foruma i moderatori, Imam problem koji sam večeras uočio, danas se pojavio, naime, ne mogu otvoriti porodične slike na svom računaru, niti word dokumente sačuvane na hardu. Kad sam restartovao računar, pojavio mi se sledeći text u notepad dokumentu: __!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#! NOT YOUR LANGUAGE? USE [Link mogu videti samo ulogovani korisnici] What happened to your files ? All of your files were protected by a strong encryption with RSA-4096. More information about the encryption keys using RSA-4096 can be found here: [Link mogu videti samo ulogovani korisnici](cryptosystem) How did this happen ? !!! Specially for your PC was generated personal RSA-4096 KEY, both public and private. !!! ALL YOUR FILES were encrypted with the public key, which has been transferred to your computer via the Internet. Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server. What do I do ? So, there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BTC NOW, and restore your data easy way. If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment. For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below: 1. [Link mogu videti samo ulogovani korisnici] 2. [Link mogu videti samo ulogovani korisnici] 3. [Link mogu videti samo ulogovani korisnici] 4. [Link mogu videti samo ulogovani korisnici] 5. [Link mogu videti samo ulogovani korisnici] 6. [Link mogu videti samo ulogovani korisnici] If for some reasons the addresses are not available, follow these steps: 1. Download and install tor-browser: [Link mogu videti samo ulogovani korisnici] 2. After a successful installation, run the browser and wait for initialization. 3. Type in the address bar: t7r67vsrpjcm5dfc.onion/E08687FD298AE4D5 4. Follow the instructions on the site. !!! IMPORTANT INFORMATION: !!! Your personal pages: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] !!! Your personal page in TOR Browser: t7r67vsrpjcm5dfc.onion/E08687FD298AE4D5 !!! Your personal identification ID: E08687FD298AE4D5 ========!!!!!========!!!!!========!!!!!========!!!!!========!!!!!========!!!!!========!!!!!========!!!!!========!!!!! Takođe, u svakom folderu, se nalazi po jedan note pad dokumenat sa istim sadržajem Da bih video u čemu je problem i da li ima rešenja, obratim se My Citi forumu, mom omiljenom po nekim drugim temama, i pronađen ranije postove sa sličnim problemom: [Link mogu videti samo ulogovani korisnici] Šta mi je dalje činiti? Molim Vas za pomoć, jer su mi u računaru pohranjene dragocene slike moje porodice, dece i svih radosnih zajedničkih trenutaka. Unapred zahvalan Dopuna: 22 Dec 2015 22:49 Sledeći uputstva sa predhodnog linka, kačim izveštaje iz FRST programa [Link mogu videti samo ulogovani korisnici] Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-12-2015 Ran by User (administrator) on USER-PC (22-12-2015 22:47:57) Running from C:\Users\User\Desktop Loaded Profiles: User (Available Profiles: User) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\Installer\{85E2A685-7A05-6208-3ABC-13EE1A9AE49F}\syshost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-22] (AVAST Software) HKU\S-1-5-21-1158747222-224089977-954906842-1000\...\Run: [meryHmas] => C:\Users\User\AppData\Roaming\cpyuqskhf2.exe [330240 2015-12-22] () HKU\S-1-5-21-1158747222-224089977-954906842-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1158747222-224089977-954906842-1000\...\MountPoints2: {8740f3b2-c859-11e3-8d9d-90e6ba8bcd41} - F:\setup.exe HKU\S-1-5-21-1158747222-224089977-954906842-1000\...\MountPoints2: {c4dd3acb-9270-11e3-8e0a-90e6ba8bcd41} - F:\Autorun.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-15] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-22] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+ffv.html [2015-12-22] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+ffv.txt [2015-12-22] () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+ffv.html [2015-12-22] () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+ffv.txt [2015-12-22] () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+fvs.html [2015-12-22] () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+fvs.txt [2015-12-22] () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+fwy.html [2015-12-22] () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+fwy.txt [2015-12-22] () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2012-07-25] ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{FA45E630-7846-4CA2-BFA3-05AD35AFF9AD}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-1158747222-224089977-954906842-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-21-1158747222-224089977-954906842-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = [Link mogu videti samo ulogovani korisnici] URLSearchHook: HKU\S-1-5-21-1158747222-224089977-954906842-1000 - YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File SearchScopes: HKU\S-1-5-21-1158747222-224089977-954906842-1000 -> DefaultScope {a8177b71-ee19-4e0f-b2f9-02d533eb946D} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&cid=5071 SearchScopes: HKU\S-1-5-21-1158747222-224089977-954906842-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKU\S-1-5-21-1158747222-224089977-954906842-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&affID=116780&tt=071012_cur_4112_2&babsrc=SP_ss&mntrId=b059f53300000000000090e6ba8bcd41 SearchScopes: HKU\S-1-5-21-1158747222-224089977-954906842-1000 -> {8EAF21FA-B6F2-4C93-A946-761A749F134B} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms} SearchScopes: HKU\S-1-5-21-1158747222-224089977-954906842-1000 -> {9098c48c-e011-46e6-bc77-f2bd7f1d02eb} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&cid=5071 SearchScopes: HKU\S-1-5-21-1158747222-224089977-954906842-1000 -> {a8177b71-ee19-4e0f-b2f9-02d533eb946D} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&cid=5071 BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-22] (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation) BHO: YouTube Downloader Toolbar -> {F3FEE66E-E034-436a-86E4-9690573BEE8A} -> No File Toolbar: HKLM - YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File DPF: {233C1507-6A77-46A4-9443-F871F945D258} [Link mogu videti samo ulogovani korisnici] DPF: {73848533-39E1-49F1-9363-28054268C094} [Link mogu videti samo ulogovani korisnici] DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} [Link mogu videti samo ulogovani korisnici] DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici] Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( ) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1158747222-224089977-954906842-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-02] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011-10-26] (Nullsoft, Inc.) FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822\searchplugins\how_recover+ffv.html [2015-12-22] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822\searchplugins\how_recover+ffv.txt [2015-12-22] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822\searchplugins\how_recover+fvs.html [2015-12-22] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822\searchplugins\how_recover+fvs.txt [2015-12-22] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822\searchplugins\how_recover+fwy.html [2015-12-22] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822\searchplugins\how_recover+fwy.txt [2015-12-22] FF Extension: YouTube mp3 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822\Extensions\info@youtube-mp3.org.xpi [2015-05-28] FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cjoxvsz9.default-1424837675822\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-12-19] [not signed] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-12-19] [not signed] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-12-19] [not signed] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-22] Chrome: ======= CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici] CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR NewTab: Default -> "chrome-extension://eeojlpepoljdpaoiplnlhcfkoigijimc/stubby.html" CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&st=kwd&ptb=7889F4EB-C232-46AB-BB37-A0EA8B771574&n=780b619e&ind=2014011806&p2=^Z7^xdm032^YYA^rs&si=CLWEwfWeiLwCFQld3godz00AqQ CHR DefaultSearchKeyword: Default -> askws CHR DefaultSuggestURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&li=ff&sstype=prefix CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\pdf.dll => No File CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll => No File CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll => No File CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File CHR Plugin: (Java(TM) Platform SE 7 U55) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll => No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll => No File CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-22] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-22] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-22] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22] CHR Extension: (GamingWonderland) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeojlpepoljdpaoiplnlhcfkoigijimc [2015-12-22] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-22] CHR Extension: (DropinSavings) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2015-12-22] [UpdateUrl: [Link mogu videti samo ulogovani korisnici] <==== ATTENTION CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-22] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-22] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-22] CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_1.0.crx [2012-02-22] CHR HKLM\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - <no Path\update_url> CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - <no Path\update_url> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) "db2a99f8358b65f1" => service could not be unlocked. <===== ATTENTION S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-22] (AVAST Software) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18186896 2014-12-13] (NVIDIA Corporation) R2 syshost32; C:\Windows\Installer\{85E2A685-7A05-6208-3ABC-13EE1A9AE49F}\syshost.exe [200704 2015-12-22] () [File not signed] U3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-22] (AVAST Software) S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-22] (AVAST Software) S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-12-22] (AVAST Software) S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-22] (AVAST Software) S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-22] (AVAST Software) S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-22] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2015-12-22] (AVAST Software) S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-22] (AVAST Software) R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Atheros Communications, Inc.) R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] () [File not signed] R3 mouclass; C:\Windows\system32\drivers\mouclass.sys [41552 2009-07-14] () [File not signed] R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] () [File not signed] R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [78208 2010-11-20] () [File not signed] S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation) S3 mpio; C:\Windows\system32\drivers\mpio.sys [130432 2010-11-20] () [File not signed] R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-14] () [File not signed] S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] () [File not signed] R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] () [File not signed] R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] () [File not signed] R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] () [File not signed] S3 msahci; C:\Windows\system32\drivers\msahci.sys [28032 2010-11-20] () [File not signed] S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [116096 2010-11-20] () [File not signed] R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-14] () S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] () [File not signed] R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [13888 2009-07-14] () [File not signed] S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-14] () [File not signed] S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-14] () [File not signed] S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-14] () [File not signed] S3 MsRPC; C:\Windows\system32\Drivers\MsRPC.sys [162896 2009-07-14] () [File not signed] R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [28240 2009-07-14] () [File not signed] S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-14] () [File not signed] S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-14] () [File not signed] R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () [File not signed] R0 Mup; C:\Windows\System32\Drivers\mup.sys [49728 2009-07-14] () [File not signed] S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-14] () [File not signed] R0 NDIS; C:\Windows\System32\drivers\ndis.sys [712048 2012-08-22] () [File not signed] S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] () [File not signed] R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-14] () [File not signed] S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] () [File not signed] R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] () [File not signed] R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] () [File not signed] R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-14] () [File not signed] R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] () [File not signed] S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [44624 2009-07-14] () [File not signed] S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18560 2013-01-23] () [File not signed] S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2013-01-23] () [File not signed] S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2013-01-23] () [File not signed] S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2013-01-23] () [File not signed] R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-14] () [File not signed] R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-14] () [File not signed] R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1212352 2014-01-24] () R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-14] () [File not signed] R3 NVHDA; C:\Windows\System32\drivers\nvhda32v.sys [162592 2014-05-20] () [File not signed] R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [10702664 2015-02-04] () [File not signed] S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [117120 2011-03-11] () [File not signed] S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [143744 2011-03-11] () [File not signed] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2014-12-13] () [File not signed] R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] () [File not signed] S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [105024 2009-07-14] () [File not signed] S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] () [File not signed] R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-14] () [File not signed] R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [56176 2012-03-17] () [File not signed] R2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-14] () [File not signed] S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] () [File not signed] R0 pci; C:\Windows\System32\drivers\pci.sys [153984 2010-11-20] () [File not signed] R0 pciide; C:\Windows\System32\drivers\pciide.sys [12368 2009-07-14] () [File not signed] S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [180288 2009-07-14] () [File not signed] R0 pcw; C:\Windows\System32\drivers\pcw.sys [43088 2009-07-14] () [File not signed] R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] () [File not signed] R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-14] () [File not signed] S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-14] () [File not signed] R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-14] () [File not signed] S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1383488 2009-07-14] () [File not signed] S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [106064 2009-07-14] () [File not signed] S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] () [File not signed] S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-14] () [File not signed] R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-14] () [File not signed] R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-14] () [File not signed] R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-14] () [File not signed] R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-14] () [File not signed] R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] () [File not signed] R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-14] () [File not signed] R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] () [File not signed] S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133632 2010-11-20] () [File not signed] R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] () [File not signed] R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] () [File not signed] S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [15872 2010-11-20] () [File not signed] S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [183808 2012-04-28] () [File not signed] R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [173440 2010-11-20] () [File not signed] R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] () [File not signed] S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [5632 2010-11-20] () [File not signed] S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [85376 2010-11-20] () [File not signed] S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] () [File not signed] R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] () [File not signed] R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-14] () [File not signed] R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-14] () [File not signed] S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-14] () [File not signed] S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] () [File not signed] S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] () [File not signed] S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] () [File not signed] S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-14] () [File not signed] S3 sisagp; C:\Windows\system32\drivers\sisagp.sys [52304 2009-07-14] () [File not signed] S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [40016 2009-07-14] () [File not signed] S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [77888 2009-07-14] () [File not signed] S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-14] () [File not signed] R0 spldr; C:\Windows\system32\Drivers\spldr.sys [17472 2009-07-14] () [File not signed] R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] () [File not signed] R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] () [File not signed] R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] () [File not signed] S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [21072 2009-07-14] () [File not signed] R0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [40704 2010-11-20] () [File not signed] S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [28032 2010-11-20] () [File not signed] R3 swenum; C:\Windows\system32\drivers\swenum.sys [12240 2009-07-14] () [File not signed] R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1294272 2013-09-08] () [File not signed] S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1294272 2013-09-08] () [File not signed] R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] () [File not signed] S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] () [File not signed] S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] () [File not signed] R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] () [File not signed] R1 TermDD; C:\Windows\system32\drivers\termdd.sys [53120 2010-11-20] () [File not signed] S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2013-06-15] () [File not signed] S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [52224 2010-11-20] () [File not signed] R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] () [File not signed] S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [55888 2009-07-14] () [File not signed] R4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] () [File not signed] S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [57424 2009-07-14] () [File not signed] R3 umbus; C:\Windows\system32\drivers\umbus.sys [39936 2010-11-20] () [File not signed] S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-14] () [File not signed] S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2013-01-23] () [File not signed] S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] () [File not signed] S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] () [File not signed] R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43520 2013-11-27] () [File not signed] R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] () [File not signed] S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-27] () [File not signed] S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [19968 2009-07-14] () [File not signed] S3 usbser; C:\Windows\System32\DRIVERS\usbser.sys [28160 2013-08-29] () [File not signed] S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2013-01-23] () [File not signed] S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] () [File not signed] R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2013-11-27] () [File not signed] R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [32832 2009-07-14] () [File not signed] S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] () [File not signed] R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] () [File not signed] S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [160128 2010-11-20] () [File not signed] S3 viaagp; C:\Windows\system32\drivers\viaagp.sys [53328 2009-07-14] () [File not signed] S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-14] () [File not signed] S3 viaide; C:\Windows\system32\drivers\viaide.sys [16976 2009-07-14] () [File not signed] R0 vmbus; C:\Windows\System32\drivers\vmbus.sys [175360 2010-11-20] () [File not signed] S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] () [File not signed] R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [53120 2010-11-20] () [File not signed] R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-14] () [File not signed] R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [245632 2010-11-20] () [File not signed] S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [141904 2009-07-14] () [File not signed] S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [19968 2009-07-14] () [File not signed] S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-14] () [File not signed] S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] () [File not signed] R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] () [File not signed] S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [19024 2009-07-14] () [File not signed] R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [527064 2013-06-25] () [File not signed] R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] () [File not signed] S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [19008 2009-07-14] () [File not signed] S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] () [File not signed] S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] () [File not signed] S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] () [File not signed] S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] () [File not signed] S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] () [File not signed] U5 db2a99f8358b65f1; C:\Windows\System32\Drivers\db2a99f8358b65f1.sys [86912 2015-12-22] () <===== ATTENTION Necurs Rootkit? S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-22 22:16 - 2015-12-22 22:16 - 00000000 ____D C:\Users\User\Desktop\ShadowExplorerPortable-0.9 2015-12-22 22:05 - 2015-12-22 22:05 - 00137737 _____ C:\Users\User\Desktop\ShadowExplorer-0.9-portable.zip 2015-12-22 22:05 - 2015-12-22 22:05 - 00000000 ____D C:\Users\User\Desktop\ShadowExplorer-0.9-portable 2015-12-22 22:03 - 2015-12-22 22:03 - 00000000 ____D C:\Users\User\AppData\Roaming\www.shadowexplorer.com 2015-12-22 21:53 - 2015-12-22 21:53 - 03452054 _____ C:\Users\User\Desktop\Howto_Restore_FILES.BMP 2015-12-22 21:53 - 2015-12-22 21:53 - 00010654 _____ C:\Users\User\Desktop\Howto_Restore_FILES.HTM 2015-12-22 21:53 - 2015-12-22 21:53 - 00002411 _____ C:\Users\User\Desktop\Howto_Restore_FILES.TXT 2015-12-22 21:44 - 2015-12-22 21:44 - 00020667 _____ C:\Users\User\Desktop\Addition.txt 2015-12-22 21:42 - 2015-12-22 22:47 - 00034228 _____ C:\Users\User\Desktop\FRST.txt 2015-12-22 21:42 - 2015-12-22 21:42 - 01721344 _____ (Farbar) C:\Users\User\Desktop\FRST.exe 2015-12-22 21:38 - 2015-12-22 21:39 - 00020668 _____ C:\Users\User\Downloads\Addition.txt 2015-12-22 21:36 - 2015-12-22 21:39 - 00082618 _____ C:\Users\User\Downloads\FRST.txt 2015-12-22 21:35 - 2015-12-22 22:47 - 00000000 ____D C:\FRST 2015-12-22 21:35 - 2015-12-22 21:35 - 01721344 _____ (Farbar) C:\Users\User\Downloads\FRST.exe 2015-12-22 21:27 - 2015-12-22 21:27 - 00010654 _____ C:\Users\User\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 00010654 _____ C:\Users\User\Downloads\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 00010654 _____ C:\Users\User\Documents\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 00010654 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 00010654 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 00010654 _____ C:\Users\User\AppData\Roaming\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 00010654 _____ C:\Users\User\AppData\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 00002411 _____ C:\Users\User\how_recover+fwy.txt 2015-12-22 21:27 - 2015-12-22 21:27 - 00002411 _____ C:\Users\User\Downloads\how_recover+fwy.txt 2015-12-22 21:27 - 2015-12-22 21:27 - 00002411 _____ C:\Users\User\Documents\how_recover+fwy.txt 2015-12-22 21:27 - 2015-12-22 21:27 - 00002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+fwy.txt 2015-12-22 21:27 - 2015-12-22 21:27 - 00002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+fwy.txt 2015-12-22 21:27 - 2015-12-22 21:27 - 00002411 _____ C:\Users\User\AppData\Roaming\how_recover+fwy.txt 2015-12-22 21:27 - 2015-12-22 21:27 - 00002411 _____ C:\Users\User\AppData\how_recover+fwy.txt 2015-12-22 21:26 - 2015-12-22 21:26 - 00010654 _____ C:\Users\User\AppData\LocalLow\how_recover+fwy.html 2015-12-22 21:26 - 2015-12-22 21:26 - 00002411 _____ C:\Users\User\AppData\LocalLow\how_recover+fwy.txt 2015-12-22 21:24 - 2015-12-22 21:27 - 00010654 _____ C:\Users\User\AppData\Local\how_recover+fwy.html 2015-12-22 21:24 - 2015-12-22 21:27 - 00002411 _____ C:\Users\User\AppData\Local\how_recover+fwy.txt 2015-12-22 21:24 - 2015-12-22 21:24 - 00010654 _____ C:\Users\User\AppData\Local\Apps\how_recover+fwy.html 2015-12-22 21:24 - 2015-12-22 21:24 - 00010654 _____ C:\Users\Public\how_recover+fwy.html 2015-12-22 21:24 - 2015-12-22 21:24 - 00010654 _____ C:\Users\Public\Downloads\how_recover+fwy.html 2015-12-22 21:24 - 2015-12-22 21:24 - 00010654 _____ C:\Users\Public\Documents\how_recover+fwy.html 2015-12-22 21:24 - 2015-12-22 21:24 - 00010654 _____ C:\ProgramData\how_recover+fwy.html 2015-12-22 21:24 - 2015-12-22 21:24 - 00002411 _____ C:\Users\User\AppData\Local\Apps\how_recover+fwy.txt 2015-12-22 21:24 - 2015-12-22 21:24 - 00002411 _____ C:\Users\Public\how_recover+fwy.txt 2015-12-22 21:24 - 2015-12-22 21:24 - 00002411 _____ C:\Users\Public\Downloads\how_recover+fwy.txt 2015-12-22 21:24 - 2015-12-22 21:24 - 00002411 _____ C:\Users\Public\Documents\how_recover+fwy.txt 2015-12-22 21:24 - 2015-12-22 21:24 - 00002411 _____ C:\ProgramData\how_recover+fwy.txt 2015-12-22 21:24 - 2015-12-22 21:24 - 00000254 _____ C:\Users\User\Documents\recover_file_ncbqqughj.txt 2015-12-22 21:23 - 2015-12-22 21:23 - 00412008 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-22 21:16 - 2015-12-22 21:27 - 00000000 ____D C:\Users\User\AppData\Roaming\AVAST Software 2015-12-22 21:15 - 2015-12-22 21:15 - 00002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-12-22 21:15 - 2015-12-22 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-12-22 21:15 - 2015-12-22 21:15 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-22 21:14 - 2015-12-22 21:15 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2015-12-22 21:14 - 2015-12-22 21:15 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2015-12-22 21:14 - 2015-12-22 21:14 - 00794952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2015-12-22 21:14 - 2015-12-22 21:14 - 00435976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1450815330146 2015-12-22 21:14 - 2015-12-22 21:14 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-12-22 21:14 - 2015-12-22 21:14 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-12-22 21:14 - 2015-12-22 21:14 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-12-22 21:14 - 2015-12-22 21:14 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-12-22 21:14 - 2015-12-22 21:14 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.1450815330146 2015-12-22 21:14 - 2015-12-22 21:14 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-12-22 21:14 - 2015-12-22 21:14 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-12-22 21:14 - 2015-12-22 21:14 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-12-22 21:13 - 2015-12-22 21:13 - 05066104 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online_cnet2.exe 2015-12-22 21:13 - 2015-12-22 21:13 - 00109280 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-22 21:13 - 2015-12-22 21:13 - 00000000 ____D C:\ProgramData\AVAST Software 2015-12-22 21:13 - 2015-12-22 21:13 - 00000000 ____D C:\Program Files\AVAST Software 2015-12-22 21:00 - 2015-12-22 21:00 - 00010654 _____ C:\Users\User\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 00010654 _____ C:\Users\User\Downloads\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 00010654 _____ C:\Users\User\Documents\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 00010654 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 00010654 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 00010654 _____ C:\Users\User\AppData\Roaming\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 00010654 _____ C:\Users\User\AppData\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 00002411 _____ C:\Users\User\how_recover+fvs.txt 2015-12-22 21:00 - 2015-12-22 21:00 - 00002411 _____ C:\Users\User\Downloads\how_recover+fvs.txt 2015-12-22 21:00 - 2015-12-22 21:00 - 00002411 _____ C:\Users\User\Documents\how_recover+fvs.txt 2015-12-22 21:00 - 2015-12-22 21:00 - 00002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+fvs.txt 2015-12-22 21:00 - 2015-12-22 21:00 - 00002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+fvs.txt 2015-12-22 21:00 - 2015-12-22 21:00 - 00002411 _____ C:\Users\User\AppData\Roaming\how_recover+fvs.txt 2015-12-22 21:00 - 2015-12-22 21:00 - 00002411 _____ C:\Users\User\AppData\how_recover+fvs.txt 2015-12-22 20:59 - 2015-12-22 20:59 - 00010654 _____ C:\Users\User\AppData\LocalLow\how_recover+fvs.html 2015-12-22 20:59 - 2015-12-22 20:59 - 00002411 _____ C:\Users\User\AppData\LocalLow\how_recover+fvs.txt 2015-12-22 20:58 - 2015-12-22 21:00 - 00010654 _____ C:\Users\User\AppData\Local\how_recover+fvs.html 2015-12-22 20:58 - 2015-12-22 21:00 - 00002411 _____ C:\Users\User\AppData\Local\how_recover+fvs.txt 2015-12-22 20:58 - 2015-12-22 20:58 - 00010654 _____ C:\Users\User\AppData\Local\Apps\how_recover+fvs.html 2015-12-22 20:58 - 2015-12-22 20:58 - 00010654 _____ C:\Users\Public\how_recover+fvs.html 2015-12-22 20:58 - 2015-12-22 20:58 - 00010654 _____ C:\Users\Public\Downloads\how_recover+fvs.html 2015-12-22 20:58 - 2015-12-22 20:58 - 00002411 _____ C:\Users\User\AppData\Local\Apps\how_recover+fvs.txt 2015-12-22 20:58 - 2015-12-22 20:58 - 00002411 _____ C:\Users\Public\how_recover+fvs.txt 2015-12-22 20:58 - 2015-12-22 20:58 - 00002411 _____ C:\Users\Public\Downloads\how_recover+fvs.txt 2015-12-22 20:57 - 2015-12-22 20:58 - 00010654 _____ C:\Users\Public\Documents\how_recover+fvs.html 2015-12-22 20:57 - 2015-12-22 20:58 - 00010654 _____ C:\ProgramData\how_recover+fvs.html 2015-12-22 20:57 - 2015-12-22 20:58 - 00002411 _____ C:\Users\Public\Documents\how_recover+fvs.txt 2015-12-22 20:57 - 2015-12-22 20:58 - 00002411 _____ C:\ProgramData\how_recover+fvs.txt 2015-12-22 20:57 - 2015-12-22 20:57 - 00000254 _____ C:\Users\User\Documents\recover_file_uksypesfi.txt 2015-12-22 20:04 - 2015-12-22 20:04 - 00010654 _____ C:\Users\User\how_recover+ffv.html 2015-12-22 20:04 - 2015-12-22 20:04 - 00010654 _____ C:\Users\User\Downloads\how_recover+ffv.html 2015-12-22 20:04 - 2015-12-22 20:04 - 00010654 _____ C:\Users\User\Documents\how_recover+ffv.html 2015-12-22 20:04 - 2015-12-22 20:04 - 00002411 _____ C:\Users\User\how_recover+ffv.txt 2015-12-22 20:04 - 2015-12-22 20:04 - 00002411 _____ C:\Users\User\Downloads\how_recover+ffv.txt 2015-12-22 20:04 - 2015-12-22 20:04 - 00002411 _____ C:\Users\User\Documents\how_recover+ffv.txt 2015-12-22 20:03 - 2015-12-22 20:04 - 00010654 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+ffv.html 2015-12-22 20:03 - 2015-12-22 20:04 - 00002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+ffv.txt 2015-12-22 20:03 - 2015-12-22 20:03 - 00010654 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+ffv.html 2015-12-22 20:03 - 2015-12-22 20:03 - 00010654 _____ C:\Users\User\AppData\Roaming\how_recover+ffv.html 2015-12-22 20:03 - 2015-12-22 20:03 - 00010654 _____ C:\Users\User\AppData\how_recover+ffv.html 2015-12-22 20:03 - 2015-12-22 20:03 - 00002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+ffv.txt 2015-12-22 20:03 - 2015-12-22 20:03 - 00002411 _____ C:\Users\User\AppData\Roaming\how_recover+ffv.txt 2015-12-22 20:03 - 2015-12-22 20:03 - 00002411 _____ C:\Users\User\AppData\how_recover+ffv.txt 2015-12-22 20:02 - 2015-12-22 20:02 - 00010654 _____ C:\Users\User\AppData\LocalLow\how_recover+ffv.html 2015-12-22 20:02 - 2015-12-22 20:02 - 00002411 _____ C:\Users\User\AppData\LocalLow\how_recover+ffv.txt 2015-12-22 20:00 - 2015-12-22 20:00 - 00086912 _____ C:\Windows\system32\Drivers\db2a99f8358b65f1.sys 2015-12-22 19:58 - 2015-12-22 20:04 - 00010654 _____ C:\Users\User\AppData\Local\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 20:04 - 00002411 _____ C:\Users\User\AppData\Local\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\User\AppData\Local\Apps\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Public\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Public\Downloads\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default\Downloads\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default\Documents\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default\AppData\Roaming\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default\AppData\Local\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default\AppData\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default User\Downloads\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default User\Documents\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default User\AppData\Roaming\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default User\AppData\Local\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Default User\AppData\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\User\AppData\Local\Apps\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Public\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Public\Downloads\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default\Downloads\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default\Documents\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default\AppData\Roaming\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default\AppData\Local\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default\AppData\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default User\Downloads\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default User\Documents\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default User\AppData\Roaming\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default User\AppData\Local\how_recover+ffv.txt 2015-12-22 19:58 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Default User\AppData\how_recover+ffv.txt 2015-12-22 19:57 - 2015-12-22 19:58 - 00010654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\how_recover+ffv.html 2015-12-22 19:57 - 2015-12-22 19:58 - 00002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\how_recover+ffv.txt 2015-12-22 19:57 - 2015-12-22 19:57 - 00010654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+ffv.html 2015-12-22 19:57 - 2015-12-22 19:57 - 00002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+ffv.txt 2015-12-22 19:56 - 2015-12-22 20:04 - 00010654 _____ C:\Users\how_recover+ffv.html 2015-12-22 19:56 - 2015-12-22 20:04 - 00002411 _____ C:\Users\how_recover+ffv.txt 2015-12-22 19:56 - 2015-12-22 19:58 - 00010654 _____ C:\Users\Public\Documents\how_recover+ffv.html 2015-12-22 19:56 - 2015-12-22 19:58 - 00010654 _____ C:\ProgramData\how_recover+ffv.html 2015-12-22 19:56 - 2015-12-22 19:58 - 00002411 _____ C:\Users\Public\Documents\how_recover+ffv.txt 2015-12-22 19:56 - 2015-12-22 19:58 - 00002411 _____ C:\ProgramData\how_recover+ffv.txt 2015-12-22 19:56 - 2015-12-22 19:56 - 00000254 _____ C:\Users\User\Documents\recover_file_hepviknat.txt 2015-12-22 19:55 - 2015-12-22 19:54 - 00330240 _____ C:\Users\User\AppData\Roaming\neavmskhf2.exe 2015-12-22 19:55 - 2015-12-22 19:54 - 00330240 _____ C:\Users\User\AppData\Roaming\cpyuqskhf2.exe 2015-12-22 18:50 - 2015-12-22 21:26 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieUserList 2015-12-22 18:50 - 2015-12-22 21:26 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieSiteList 2015-12-22 00:49 - 2015-12-22 20:03 - 00098734 _____ C:\Users\User\Desktop\2015 januari esemenynaptar -szerb-ISPRAVLJENO.doc.vvv 2015-12-21 18:28 - 2015-12-22 20:03 - 00068174 _____ C:\Users\User\Desktop\januar 2016.zip.vvv 2015-12-21 06:27 - 2015-12-22 20:03 - 00011454 _____ C:\Users\User\Desktop\promena u sistematizaciji.docx.vvv 2015-12-19 00:02 - 2015-12-19 17:48 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-12-14 17:52 - 2015-12-22 20:03 - 00011998 _____ C:\Users\User\Desktop\SIME kotlovi.docx.vvv 2015-12-11 23:19 - 2015-12-22 20:04 - 00360334 _____ C:\Users\User\Desktop\vic.docx.vvv 2015-12-10 21:54 - 2015-12-10 21:56 - 251837760 _____ (NVIDIA Corporation) C:\Program Files\359.06-desktop-win8-win7-winvista-32bit-international-whql.exe 2015-12-10 21:05 - 2015-12-22 20:03 - 00020814 _____ C:\Users\User\Desktop\Rvanje senta 2015.docx.vvv 2015-12-05 22:52 - 2015-12-22 20:03 - 00024366 _____ C:\Users\User\Desktop\PALINKAFESZTIVAL 2015.docx.vvv 2015-12-02 21:20 - 2015-12-22 20:03 - 00022862 _____ C:\Users\User\Desktop\Obrada prevoda.docx.vvv 2015-12-02 21:04 - 2015-12-22 20:03 - 00000000 ____D C:\Users\User\Desktop\OTVARANJE DK 2015-12-02 20:58 - 2015-12-22 20:03 - 04909230 _____ C:\Users\User\Desktop\207923942-Obroci-u-Ugostiteljstvu.pdf.vvv 2015-12-02 20:58 - 2015-12-22 20:03 - 00297902 _____ C:\Users\User\Desktop\144722560-Boban-ŠVEDSKI-STO.doc.vvv 2015-12-01 21:21 - 2015-12-22 20:03 - 00000000 ____D C:\Users\User\Desktop\Rakija 2015 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-22 22:47 - 2013-12-26 20:59 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-22 22:47 - 2012-05-09 06:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-22 21:56 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2015-12-22 21:27 - 2015-11-19 22:45 - 00000000 ____D C:\Users\User\AppData\Roaming\speedometer-57d590a0714e79e678ba3b48dbf5e08a 2015-12-22 21:27 - 2015-11-19 22:21 - 00000000 ____D C:\Users\User\AppData\Roaming\blockthepig-69332f0881265d1bad4b167b12e3144f 2015-12-22 21:27 - 2015-08-28 19:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Nokia Suite 2015-12-22 21:27 - 2015-08-24 16:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Sun 2015-12-22 21:27 - 2015-06-13 21:31 - 00000000 ____D C:\Users\User\AppData\Roaming\EurekaLab s.a.s 2015-12-22 21:27 - 2015-05-09 22:35 - 00000000 ____D C:\Users\User\AppData\Roaming\Wise Disk Cleaner 2015-12-22 21:27 - 2015-04-10 16:12 - 00000000 ____D C:\Users\User\AppData\Roaming\.mono 2015-12-22 21:27 - 2015-03-23 18:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pearson 2015-12-22 21:27 - 2015-03-23 17:43 - 00000000 ____D C:\Users\User\AppData\Roaming\SettingsGuard 2015-12-22 21:27 - 2015-03-02 22:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Performersoft 2015-12-22 21:27 - 2015-02-07 14:59 - 00000000 ____D C:\Users\User\AppData\Roaming\java 2015-12-22 21:27 - 2015-01-25 17:33 - 00000000 ____D C:\Users\User\AppData\Roaming\AppClient 2015-12-22 21:27 - 2015-01-25 17:32 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Game Empire 2015-12-22 21:27 - 2015-01-15 21:51 - 00000000 ____D C:\Users\User\Documents\Nokia Suite 2015-12-22 21:27 - 2015-01-15 21:20 - 00000000 ____D C:\Users\User\AppData\Roaming\Nokia 2015-12-22 21:27 - 2015-01-15 21:12 - 00000000 ____D C:\Users\User\AppData\Roaming\PC Suite 2015-12-22 21:27 - 2014-07-06 15:19 - 00000000 ____D C:\Users\User\AppData\Roaming\WiseUpdate 2015-12-22 21:27 - 2014-04-24 22:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Wise Registry Cleaner 2015-12-22 21:27 - 2014-04-20 18:47 - 00000000 ____D C:\Users\User\Downloads\BsPlayer Pro 2.63 keys+keygen[CORE] by Senzati 2015-12-22 21:27 - 2014-04-20 18:47 - 00000000 ____D C:\Users\User\AppData\Roaming\BSplayer PRO 2015-12-22 21:27 - 2014-04-20 18:46 - 00000000 ____D C:\Users\User\Downloads\Sherlock Holmes A Game Of Shadows (2011) 2015-12-22 21:27 - 2014-04-20 18:44 - 00000000 ____D C:\Users\User\Downloads\Sherlock Holmes (2009) 2015-12-22 21:27 - 2014-04-20 18:37 - 00000000 ____D C:\Users\User\Downloads\Panzer.Corps-TiNYiSO 2015-12-22 21:27 - 2014-04-20 18:35 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent 2015-12-22 21:27 - 2014-03-28 05:44 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-12-22 21:27 - 2014-03-28 05:44 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft 2015-12-22 21:27 - 2014-02-10 18:50 - 00000000 ____D C:\Users\User\Documents\NFS Most Wanted 2015-12-22 21:27 - 2014-02-10 17:44 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite 2015-12-22 21:27 - 2014-02-10 17:43 - 00000000 ____D C:\Users\User\Documents\Add-in Express 2015-12-22 21:27 - 2014-02-10 17:42 - 00000000 ____D C:\Users\User\AppData\Roaming\rmi 2015-12-22 21:27 - 2014-02-10 17:42 - 00000000 ____D C:\Users\User\AppData\Roaming\OpenCandy 2015-12-22 21:27 - 2014-01-27 21:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2015-12-22 21:27 - 2014-01-02 12:38 - 00000000 ____D C:\Users\User\AppData\Roaming\NVIDIA 2015-12-22 21:27 - 2013-12-24 07:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Oracle 2015-12-22 21:27 - 2013-11-10 14:00 - 00000000 ____D C:\Users\User\Documents\KONAMI 2015-12-22 21:27 - 2013-06-23 16:29 - 00000000 ____D C:\Users\User\AppData\Roaming\Unity 2015-12-22 21:27 - 2013-02-18 21:13 - 00000000 ____D C:\Users\User\Documents\My Games 2015-12-22 21:27 - 2013-02-18 21:11 - 00000000 ____D C:\Users\User\AppData\Roaming\Rovio 2015-12-22 21:27 - 2012-10-08 21:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Babylon 2015-12-22 21:27 - 2012-08-20 20:19 - 00000000 ____D C:\Users\User\AppData\Roaming\YourFileDownloader 2015-12-22 21:27 - 2012-08-14 12:47 - 00000000 ____D C:\Users\User\Documents\Shrek 2 2015-12-22 21:27 - 2012-08-14 12:47 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-12-22 21:27 - 2012-07-25 20:01 - 00000000 ____D C:\Users\User\Documents\OneNote Notebooks 2015-12-22 21:27 - 2012-04-28 19:54 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Player Classic 2015-12-22 21:27 - 2012-04-28 09:34 - 00000000 ____D C:\Users\User\AppData\Roaming\WinRAR 2015-12-22 21:27 - 2012-04-28 09:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Nero 2015-12-22 21:27 - 2012-04-28 09:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2015-12-22 21:27 - 2012-04-28 09:18 - 00000000 ____D C:\Users\User\AppData\Roaming\GHISLER 2015-12-22 21:27 - 2012-04-28 09:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-12-22 21:27 - 2012-04-28 09:14 - 00000000 ____D C:\Users\User\AppData\Roaming\Winamp 2015-12-22 21:27 - 2012-04-28 09:14 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in 2015-12-22 21:27 - 2012-04-28 09:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia 2015-12-22 21:27 - 2012-04-28 09:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe 2015-12-22 21:27 - 2012-04-28 09:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Mozilla 2015-12-22 21:27 - 2012-04-26 19:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Center Programs 2015-12-22 21:26 - 2015-11-19 22:45 - 00000000 ____D C:\Users\User\AppData\Local\speedometer-57d590a0714e79e678ba3b48dbf5e08a 2015-12-22 21:26 - 2015-08-24 16:06 - 00000000 ____D C:\Users\User\AppData\LocalLow\Oracle 2015-12-22 21:26 - 2015-04-10 16:12 - 00000000 ____D C:\Users\User\AppData\LocalLow\boost_interprocess 2015-12-22 21:26 - 2015-04-10 16:12 - 00000000 ____D C:\Users\User\AppData\Local\UWebKit 2015-12-22 21:26 - 2015-04-10 16:11 - 00000000 ____D C:\Users\User\AppData\LocalLow\ISOTX 2015-12-22 21:26 - 2015-04-10 15:56 - 00000000 ____D C:\Users\User\AppData\Local\Steam 2015-12-22 21:26 - 2015-01-15 21:12 - 00000000 ____D C:\Users\User\AppData\Local\Nokia 2015-12-22 21:26 - 2014-05-26 21:26 - 00000000 ____D C:\Users\User\AppData\Local\NVIDIA Corporation 2015-12-22 21:26 - 2014-04-24 04:16 - 00000000 ____D C:\Users\User\AppData\Local\NVIDIA 2015-12-22 21:26 - 2014-02-10 17:44 - 00000000 ____D C:\Users\User\AppData\Local\Popajar 2015-12-22 21:26 - 2014-01-27 21:30 - 00000000 ____D C:\Users\User\AppData\Local\Skype 2015-12-22 21:26 - 2013-12-26 21:00 - 00000000 ____D C:\Users\User\AppData\LocalLow\Google 2015-12-22 21:26 - 2013-12-01 20:33 - 00000000 ____D C:\Users\User\AppData\LocalLow\Macromedia 2015-12-22 21:26 - 2013-06-22 20:11 - 00000000 ____D C:\Users\User\AppData\LocalLow\Unity 2015-12-22 21:26 - 2013-06-22 20:11 - 00000000 ____D C:\Users\User\AppData\Local\Unity 2015-12-22 21:26 - 2012-10-27 11:23 - 00000000 ____D C:\Users\User\AppData\LocalLow\Temp 2015-12-22 21:26 - 2012-06-19 12:05 - 00000000 ____D C:\Users\User\AppData\LocalLow\wtxpcom 2015-12-22 21:26 - 2012-06-19 09:44 - 00000000 ____D C:\Users\User\AppData\LocalLow\Search Settings 2015-12-22 21:26 - 2012-04-28 09:15 - 00000000 ____D C:\Users\User\AppData\LocalLow\Adobe 2015-12-22 21:26 - 2012-04-28 09:12 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla 2015-12-22 21:26 - 2012-04-26 20:04 - 00000000 ____D C:\Users\User\AppData\LocalLow\Sun 2015-12-22 21:26 - 2012-04-26 19:39 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore 2015-12-22 21:25 - 2012-04-28 19:50 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Games 2015-12-22 21:25 - 2012-04-28 09:20 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help 2015-12-22 21:24 - 2015-11-19 22:21 - 00000000 ____D C:\Users\User\AppData\Local\blockthepig-69332f0881265d1bad4b167b12e3144f 2015-12-22 21:24 - 2015-11-15 21:10 - 00000000 ____D C:\machine.inf_x86_neutral_65848c2d7375a720 2015-12-22 21:24 - 2015-11-15 21:08 - 00000000 ____D C:\ProgramData\PCPitstop 2015-12-22 21:24 - 2015-11-15 20:59 - 00000000 ____D C:\Intel 2015-12-22 21:24 - 2015-11-15 20:56 - 00000000 ____D C:\Users\User\AppData\Local\DriverToolkit 2015-12-22 21:24 - 2015-11-01 21:54 - 00000000 ____D C:\Users\User\AppData\Local\CEF 2015-12-22 21:24 - 2015-08-24 16:06 - 00000000 ____D C:\Users\User\.oracle_jre_usage 2015-12-22 21:24 - 2015-06-11 23:49 - 00000000 ____D C:\Users\User\AppData\Local\MatroskaSplitter 2015-12-22 21:24 - 2015-06-11 23:49 - 00000000 ____D C:\Users\User\AppData\Local\CodecPerformer 2015-12-22 21:24 - 2015-01-25 17:32 - 00000000 ____D C:\Users\User\AppData\Local\Deployment 2015-12-22 21:24 - 2015-01-25 17:32 - 00000000 ____D C:\Users\User\AppData\Local\Apps\2.0 2015-12-22 21:24 - 2015-01-15 21:12 - 00000000 ____D C:\ProgramData\PC Suite 2015-12-22 21:24 - 2015-01-15 21:11 - 00000000 ____D C:\ProgramData\Nokia 2015-12-22 21:24 - 2015-01-15 21:09 - 00000000 ____D C:\ProgramData\NokiaInstallerCache 2015-12-22 21:24 - 2014-07-04 06:05 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2015-12-22 21:24 - 2014-05-31 06:53 - 00000000 ____D C:\NVIDIA Corporation 2015-12-22 21:24 - 2014-04-22 20:39 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList 2015-12-22 21:24 - 2014-04-22 20:39 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList 2015-12-22 21:24 - 2014-02-10 18:25 - 00000000 ____D C:\Users\User\AppData\Local\GHISLER 2015-12-22 21:24 - 2014-02-10 17:43 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-12-22 21:24 - 2014-01-27 21:30 - 00000000 ____D C:\ProgramData\Skype 2015-12-22 21:24 - 2014-01-19 12:45 - 00000000 ____D C:\MATS 2015-12-22 21:24 - 2013-12-26 20:59 - 00000000 ____D C:\Users\User\AppData\Local\Google 2015-12-22 21:24 - 2013-11-18 16:00 - 00000000 ____D C:\ProgramData\Symantec 2015-12-22 21:24 - 2013-11-18 16:00 - 00000000 ____D C:\ProgramData\NortonInstaller 2015-12-22 21:24 - 2013-11-18 16:00 - 00000000 ____D C:\ProgramData\Norton 2015-12-22 21:24 - 2013-10-18 15:08 - 00000000 ____D C:\ProgramData\Oracle 2015-12-22 21:24 - 2012-10-08 21:38 - 00000000 ____D C:\ProgramData\Babylon 2015-12-22 21:24 - 2012-07-25 13:15 - 00000000 ____D C:\ProgramData\McAfee 2015-12-22 21:24 - 2012-06-23 05:44 - 00000000 ____D C:\Users\User\AppData\Local\ESET 2015-12-22 21:24 - 2012-06-10 09:24 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia 2015-12-22 21:24 - 2012-05-16 17:07 - 00000000 ____D C:\ProgramData\YTD YouTube Downloader & Converter 2015-12-22 21:24 - 2012-05-03 14:32 - 00000000 ____D C:\ProgramData\Mozilla 2015-12-22 21:24 - 2012-04-28 09:17 - 00000000 ____D C:\ProgramData\Nero 2015-12-22 21:24 - 2012-04-28 09:10 - 00000000 ____D C:\ProgramData\Adobe 2015-12-22 21:24 - 2012-04-26 21:42 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-22 21:24 - 2012-04-26 20:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-12-22 21:24 - 2009-07-14 08:48 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-12-22 21:24 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-22 21:23 - 2013-12-26 20:59 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-22 21:23 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-22 21:15 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2015-12-22 21:02 - 2012-04-28 09:20 - 00000000 __RHD C:\MSOCache 2015-12-22 20:04 - 2015-11-15 21:25 - 00000000 ____D C:\Users\User\Desktop\slike razne 2015-12-22 20:04 - 2015-04-21 20:28 - 02307662 _____ C:\Users\User\Downloads\2009-03-09_istorijat_struktura_kvalitet_informacija.pdf.vvv 2015-12-22 20:04 - 2015-04-21 20:28 - 01048910 _____ C:\Users\User\Downloads\Racunovodstvo-2011.pdf.vvv 2015-12-22 20:04 - 2015-04-21 20:02 - 03564430 _____ C:\Users\User\Downloads\Upravljacko racunovodstvo-Ivan Mihailovic.pdf.vvv 2015-12-22 20:04 - 2015-04-09 22:29 - 00251454 _____ C:\Users\User\Downloads\96588151-Univerzitet-Singidunum.docx.vvv 2015-12-22 20:04 - 2015-04-07 21:44 - 03823550 _____ C:\Users\User\Downloads\Marketing-SkriptaZaEkonomskiFakultet.pdf.vvv 2015-12-22 20:04 - 2015-04-07 21:42 - 00850510 _____ C:\Users\User\Downloads\Menadzment%20prodaje%20-%20Skripta(1).pdf.vvv 2015-12-22 20:04 - 2015-02-25 23:11 - 07932990 _____ C:\Users\User\Downloads\Azra%20-%20Kao%20i%20jucer-SD.mp4.vvv 2015-12-22 20:04 - 2014-04-08 18:54 - 00052654 _____ C:\Users\User\Downloads\Bankarstvo.doc.vvv 2015-12-22 20:04 - 2014-04-08 18:50 - 00040366 _____ C:\Users\User\Downloads\351-_bankarsko_poslovanje.doc.vvv 2015-12-22 20:04 - 2014-04-08 18:47 - 00177374 _____ C:\Users\User\Downloads\pojam-i-vrste-bankarskih-poslova.pptx.vvv 2015-12-22 20:04 - 2014-04-08 18:46 - 08009422 _____ C:\Users\User\Downloads\US - Praktikum za bankarsko poslovanje.pdf.vvv 2015-12-22 20:04 - 2014-04-08 18:46 - 00031150 _____ C:\Users\User\Downloads\Finansijski_7.doc.vvv 2015-12-22 20:04 - 2013-10-17 21:41 - 00863550 _____ C:\Users\User\Downloads\Kurinalaura.jpg.vvv 2015-12-22 20:04 - 2013-10-13 10:35 - 00823902 _____ C:\Users\User\Downloads\kozsegnap_b2_4_sm.jpg.vvv 2015-12-22 20:04 - 2013-06-16 09:16 - 00053166 _____ C:\Users\User\Downloads\Program, HelyszÃnek.doc.vvv 2015-12-22 20:04 - 2013-04-04 21:00 - 01658014 _____ C:\Users\User\Downloads\15 mart.pdf.vvv 2015-12-22 20:04 - 2013-01-04 21:23 - 03229694 _____ C:\Users\User\Downloads\DSC08411.JPG.vvv 2015-12-22 20:04 - 2012-12-11 20:37 - 00115838 _____ C:\Users\User\Downloads\Attachments_2012_12_11.zip.vvv 2015-12-22 20:04 - 2012-12-08 08:05 - 00016318 _____ C:\Users\User\Documents\megrendeles_edesseg.docx.vvv 2015-12-22 20:04 - 2012-10-18 21:02 - 00033198 _____ C:\Users\User\Downloads\Halaszter szovegem.doc.vvv 2015-12-22 20:04 - 2012-09-06 14:53 - 00015870 _____ C:\Users\User\Documents\INVENTARSKA LISTA SOBE 100.docx.vvv 2015-12-22 20:04 - 2012-08-04 12:39 - 00088990 _____ C:\Users\User\Downloads\Attachments_2012_08_4.zip.vvv 2015-12-22 20:04 - 2012-07-26 11:44 - 00010350 _____ C:\Users\User\Documents\hmk.docx.vvv 2015-12-22 20:04 - 2012-06-29 15:07 - 00011998 _____ C:\Users\User\Documents\Forditasra Evinek.docx.vvv 2015-12-22 20:03 - 2015-09-30 21:05 - 00011470 _____ C:\Users\User\Desktop\rezultata speed test.docx.vvv 2015-12-22 20:03 - 2015-08-28 15:37 - 00000846 _____ C:\Users\User\Desktop\Router Settings.txt.vvv 2015-12-22 20:03 - 2015-04-09 05:04 - 00012526 _____ C:\Users\User\Desktop\OTISLI.docx.vvv 2015-12-22 20:03 - 2014-11-22 17:52 - 00013118 _____ C:\Users\User\Desktop\Muzika je sastavljena iz tišine i zvuka u harmoniskom rasporedu.docx.vvv 2015-12-22 19:58 - 2015-04-10 16:06 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-22 19:58 - 2013-06-14 02:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2015-12-22 19:58 - 2013-06-14 02:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2015-12-22 19:58 - 2012-04-28 08:55 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics 2015-12-22 19:58 - 2009-07-14 08:48 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs 2015-12-22 19:58 - 2009-07-14 08:48 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs 2015-12-22 19:57 - 2015-11-19 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-22 19:57 - 2015-11-15 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Recycler 2015-12-22 19:57 - 2015-06-11 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2015-12-22 19:57 - 2015-06-11 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow 2015-12-22 19:57 - 2015-05-09 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner 2015-12-22 19:57 - 2015-01-15 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia 2015-12-22 19:57 - 2014-05-26 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-12-22 19:57 - 2014-05-04 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-22 19:57 - 2014-04-24 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2015-12-22 19:57 - 2014-04-20 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh 2015-12-22 19:57 - 2013-12-26 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2015-12-22 19:57 - 2013-12-24 06:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-12-22 19:57 - 2013-06-12 06:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-22 19:57 - 2012-08-20 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader 2015-12-22 19:57 - 2012-05-16 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter 2015-12-22 19:57 - 2012-04-28 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-12-22 19:57 - 2012-04-28 09:20 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-22 19:57 - 2012-04-28 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-12-22 19:57 - 2012-04-28 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-12-22 19:57 - 2012-04-28 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-12-22 19:57 - 2012-04-28 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2015-12-22 19:57 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-12-22 19:56 - 2009-07-14 03:37 - 00000000 ____D C:\PerfLogs 2015-12-20 10:05 - 2012-05-03 14:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-12-16 22:49 - 2014-05-04 17:42 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-16 06:40 - 2009-07-14 05:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-16 06:40 - 2009-07-14 05:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-09 04:39 - 2012-04-26 20:30 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-12-09 01:47 - 2012-05-09 06:03 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-12-09 01:47 - 2012-05-09 06:03 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-12-07 22:12 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF 2015-11-29 15:30 - 2014-01-19 21:16 - 00666672 _____ C:\Windows\system32\perfh01D.dat 2015-11-29 15:30 - 2014-01-19 21:16 - 00143426 _____ C:\Windows\system32\perfc01D.dat 2015-11-29 15:30 - 2014-01-19 20:56 - 00431376 _____ C:\Windows\system32\perfh012.dat 2015-11-29 15:30 - 2014-01-19 20:56 - 00121336 _____ C:\Windows\system32\perfc012.dat 2015-11-29 15:30 - 2014-01-19 19:40 - 00386902 _____ C:\Windows\system32\prfh0804.dat 2015-11-29 15:30 - 2014-01-19 19:40 - 00120544 _____ C:\Windows\system32\prfc0804.dat 2015-11-29 15:30 - 2014-01-19 19:10 - 00419730 _____ C:\Windows\system32\perfh011.dat 2015-11-29 15:30 - 2014-01-19 19:10 - 00123052 _____ C:\Windows\system32\perfc011.dat 2015-11-29 15:30 - 2014-01-19 18:53 - 00686706 _____ C:\Windows\system32\perfh00E.dat 2015-11-29 15:30 - 2014-01-19 18:53 - 00172226 _____ C:\Windows\system32\perfc00E.dat 2015-11-29 15:30 - 2014-01-19 18:40 - 00484454 _____ C:\Windows\system32\perfh00B.dat 2015-11-29 15:30 - 2014-01-19 18:40 - 00102472 _____ C:\Windows\system32\perfc00B.dat 2015-11-29 15:30 - 2014-01-19 18:21 - 00395296 _____ C:\Windows\system32\perfh00D.dat 2015-11-29 15:30 - 2014-01-19 18:21 - 00085710 _____ C:\Windows\system32\perfc00D.dat 2015-11-29 15:30 - 2014-01-19 18:08 - 00746450 _____ C:\Windows\system32\perfh013.dat 2015-11-29 15:30 - 2014-01-19 18:08 - 00154054 _____ C:\Windows\system32\perfc013.dat 2015-11-29 15:30 - 2014-01-19 17:56 - 00497466 _____ C:\Windows\system32\perfh014.dat 2015-11-29 15:30 - 2014-01-19 17:56 - 00096356 _____ C:\Windows\system32\perfc014.dat 2015-11-29 15:30 - 2014-01-19 17:35 - 00609940 _____ C:\Windows\system32\perfh008.dat 2015-11-29 15:30 - 2014-01-19 17:35 - 00112080 _____ C:\Windows\system32\perfc008.dat 2015-11-29 15:30 - 2014-01-19 17:14 - 00742998 _____ C:\Windows\system32\perfh010.dat 2015-11-29 15:30 - 2014-01-19 17:14 - 00147798 _____ C:\Windows\system32\perfc010.dat 2015-11-29 15:30 - 2014-01-19 17:03 - 00481966 _____ C:\Windows\system32\perfh001.dat 2015-11-29 15:30 - 2014-01-19 17:03 - 00095724 _____ C:\Windows\system32\perfc001.dat 2015-11-29 15:30 - 2014-01-19 16:52 - 00748668 _____ C:\Windows\system32\perfh00C.dat 2015-11-29 15:30 - 2014-01-19 16:52 - 00150532 _____ C:\Windows\system32\perfc00C.dat 2015-11-29 15:30 - 2014-01-19 16:42 - 00731970 _____ C:\Windows\system32\prfh0816.dat 2015-11-29 15:30 - 2014-01-19 16:42 - 00153858 _____ C:\Windows\system32\prfc0816.dat 2015-11-29 15:30 - 2014-01-19 16:32 - 00512366 _____ C:\Windows\system32\perfh006.dat 2015-11-29 15:30 - 2014-01-19 16:32 - 00099610 _____ C:\Windows\system32\perfc006.dat 2015-11-29 15:30 - 2014-01-19 16:23 - 00748408 _____ C:\Windows\system32\perfh00A.dat 2015-11-29 15:30 - 2014-01-19 16:23 - 00159426 _____ C:\Windows\system32\perfc00A.dat 2015-11-29 15:30 - 2014-01-19 15:46 - 00403974 _____ C:\Windows\system32\prfh0404.dat 2015-11-29 15:30 - 2014-01-19 15:46 - 00116042 _____ C:\Windows\system32\prfc0404.dat 2015-11-29 15:30 - 2014-01-19 15:35 - 00743310 _____ C:\Windows\system32\perfh015.dat 2015-11-29 15:30 - 2014-01-19 15:35 - 00156824 _____ C:\Windows\system32\perfc015.dat 2015-11-29 15:30 - 2014-01-19 15:26 - 00727552 _____ C:\Windows\system32\perfh019.dat 2015-11-29 15:30 - 2014-01-19 15:26 - 00151794 _____ C:\Windows\system32\perfc019.dat 2015-11-29 15:30 - 2014-01-19 15:17 - 00716832 _____ C:\Windows\system32\prfh0416.dat 2015-11-29 15:30 - 2014-01-19 15:17 - 00148608 _____ C:\Windows\system32\prfc0416.dat 2015-11-29 15:30 - 2014-01-19 15:01 - 00700160 _____ C:\Windows\system32\perfh007.dat 2015-11-29 15:30 - 2014-01-19 15:01 - 00150068 _____ C:\Windows\system32\perfc007.dat 2015-11-29 15:30 - 2014-01-19 14:46 - 00659634 _____ C:\Windows\system32\perfh01F.dat 2015-11-29 15:30 - 2014-01-19 14:46 - 00140952 _____ C:\Windows\system32\perfc01F.dat 2015-11-29 15:30 - 2012-04-26 19:43 - 16736296 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-27 15:47 - 2015-11-01 21:46 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Files in the root of some directories ======= 2014-05-26 21:18 - 2014-05-26 21:20 - 226945760 _____ (NVIDIA Corporation) C:\Program Files\337.88-desktop-win8-win7-winvista-32bit-english-whql.exe 2015-12-10 21:54 - 2015-12-10 21:56 - 251837760 _____ (NVIDIA Corporation) C:\Program Files\359.06-desktop-win8-win7-winvista-32bit-international-whql.exe 2013-12-24 06:49 - 2013-12-24 06:49 - 4645232 _____ (Piriform Ltd) C:\Program Files\ccsetup409.exe 2015-11-15 20:50 - 2015-11-15 20:50 - 2780224 _____ (PDE Publications Limited ) C:\Program Files\DriverDownloader.exe 2015-11-15 20:56 - 2015-11-15 20:56 - 2449376 _____ (Megaify Software ) C:\Program Files\DriverToolkitInstaller.exe 2013-12-26 20:58 - 2013-12-26 20:58 - 0819160 _____ (Google Inc.) C:\Program Files\GoogleEarthPluginSetup.exe 2015-11-15 20:59 - 2015-11-15 20:59 - 5345280 _____ () C:\Program Files\INF_allOS_9.4.0.1027.exe 2014-02-02 08:16 - 2014-02-02 08:16 - 1070088 _____ (Solid State Networks) C:\Program Files\install_flashplayer12x32axau_mssd_aaa_aih.exe 2015-11-18 23:54 - 2015-11-18 23:54 - 0584288 _____ (Oracle Corporation) C:\Program Files\jxpiinstall(1).exe 2015-08-24 16:49 - 2015-11-19 00:07 - 0584288 _____ (Oracle Corporation) C:\Program Files\jxpiinstall.exe 2013-11-10 15:55 - 2013-11-10 15:55 - 0347304 _____ (Microsoft Corporation) C:\Program Files\MicrosoftFixit.dvd.RNP.3830752247262894.1.2.Run.exe 2013-11-10 15:58 - 2013-11-10 15:58 - 0347304 _____ (Microsoft Corporation) C:\Program Files\MicrosoftFixit.dvd.RNP.3830752247262894.1.3.Run.exe 2014-01-19 12:39 - 2014-01-19 12:39 - 0347816 _____ (Microsoft Corporation) C:\Program Files\MicrosoftFixit.ProgramInstallUninstall.RNP.3131355876639016.1.1.Run.exe 2015-08-24 16:44 - 2015-08-24 16:55 - 0347816 _____ (Microsoft Corporation) C:\Program Files\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe 2015-07-27 17:38 - 2015-07-27 17:38 - 11588952 _____ (Microsoft Corporation) C:\Program Files\mseinstall.exe 2014-01-19 14:09 - 2014-01-19 14:09 - 3472472 _____ (Microsoft Corporation) C:\Program Files\msxmlsdk.exe 2015-01-15 21:08 - 2015-01-15 21:09 - 106320648 _____ () C:\Program Files\Nokia_Suite_webinstaller_ALL.exe 2015-11-15 21:07 - 2015-11-15 21:07 - 5335056 _____ (PC Pitstop LLC ) C:\Program Files\pcmatic-setup-0010.exe 2015-06-11 23:48 - 2015-06-11 23:48 - 1021448 _____ (Codec Perforer) C:\Program Files\setup.exe 2015-11-15 20:36 - 2015-11-15 20:36 - 0612520 _____ () C:\Program Files\setup_rr-66055979.exe 2015-11-15 20:36 - 2015-11-15 20:36 - 1131272 _____ (Developer Tribe (Pvt) Ltd. ) C:\Program Files\setup_rr.exe 2013-06-12 06:28 - 2013-06-12 06:28 - 6286448 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe 2014-01-27 21:29 - 2014-01-27 21:29 - 35670688 _____ (Skype Technologies S.A.) C:\Program Files\SkypeSetupFull.exe 2014-01-19 13:36 - 2014-01-19 13:36 - 3372453 _____ () C:\Program Files\VideoCardStabilityTestSetup.exe 2015-05-09 22:34 - 2015-05-09 22:34 - 4151784 _____ (WiseCleaner.com ) C:\Program Files\WDCFree.exe 2014-04-24 22:22 - 2014-08-15 05:08 - 2128128 _____ (WiseCleaner.com ) C:\Program Files\WRCFree.exe 2003-04-21 21:49 - 2003-04-21 21:49 - 3433472 _____ () C:\Program Files\xmlsdkdoc.msm 2015-12-22 19:55 - 2015-12-22 19:54 - 0330240 _____ () C:\Users\User\AppData\Roaming\cpyuqskhf2.exe 2015-12-22 20:03 - 2015-12-22 20:03 - 0010654 _____ () C:\Users\User\AppData\Roaming\how_recover+ffv.html 2015-12-22 20:03 - 2015-12-22 20:03 - 0002411 _____ () C:\Users\User\AppData\Roaming\how_recover+ffv.txt 2015-12-22 21:00 - 2015-12-22 21:00 - 0010654 _____ () C:\Users\User\AppData\Roaming\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 0002411 _____ () C:\Users\User\AppData\Roaming\how_recover+fvs.txt 2015-12-22 21:27 - 2015-12-22 21:27 - 0010654 _____ () C:\Users\User\AppData\Roaming\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 0002411 _____ () C:\Users\User\AppData\Roaming\how_recover+fwy.txt 2015-12-22 19:55 - 2015-12-22 19:54 - 0330240 _____ () C:\Users\User\AppData\Roaming\neavmskhf2.exe 2015-12-22 20:03 - 2015-12-22 20:03 - 0010654 _____ () C:\Users\User\AppData\Roaming\Microsoft\how_recover+ffv.html 2015-12-22 20:03 - 2015-12-22 20:03 - 0002411 _____ () C:\Users\User\AppData\Roaming\Microsoft\how_recover+ffv.txt 2015-12-22 21:00 - 2015-12-22 21:00 - 0010654 _____ () C:\Users\User\AppData\Roaming\Microsoft\how_recover+fvs.html 2015-12-22 21:00 - 2015-12-22 21:00 - 0002411 _____ () C:\Users\User\AppData\Roaming\Microsoft\how_recover+fvs.txt 2015-12-22 21:27 - 2015-12-22 21:27 - 0010654 _____ () C:\Users\User\AppData\Roaming\Microsoft\how_recover+fwy.html 2015-12-22 21:27 - 2015-12-22 21:27 - 0002411 _____ () C:\Users\User\AppData\Roaming\Microsoft\how_recover+fwy.txt 2015-12-22 19:58 - 2015-12-22 20:04 - 0010654 _____ () C:\Users\User\AppData\Local\how_recover+ffv.html 2015-12-22 19:58 - 2015-12-22 20:04 - 0002411 _____ () C:\Users\User\AppData\Local\how_recover+ffv.txt 2015-12-22 20:58 - 2015-12-22 21:00 - 0010654 _____ () C:\Users\User\AppData\Local\how_recover+fvs.html 2015-12-22 20:58 - 2015-12-22 21:00 - 0002411 _____ () C:\Users\User\AppData\Local\how_recover+fvs.txt 2015-12-22 21:24 - 2015-12-22 21:27 - 0010654 _____ () C:\Users\User\AppData\Local\how_recover+fwy.html 2015-12-22 21:24 - 2015-12-22 21:27 - 0002411 _____ () C:\Users\User\AppData\Local\how_recover+fwy.txt 2013-01-11 18:29 - 2014-04-18 09:57 - 0007606 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg 2015-12-22 19:56 - 2015-12-22 19:58 - 0010654 _____ () C:\ProgramData\how_recover+ffv.html 2015-12-22 19:56 - 2015-12-22 19:58 - 0002411 _____ () C:\ProgramData\how_recover+ffv.txt 2015-12-22 20:57 - 2015-12-22 20:58 - 0010654 _____ () C:\ProgramData\how_recover+fvs.html 2015-12-22 20:57 - 2015-12-22 20:58 - 0002411 _____ () C:\ProgramData\how_recover+fvs.txt 2015-12-22 21:24 - 2015-12-22 21:24 - 0010654 _____ () C:\ProgramData\how_recover+fwy.html 2015-12-22 21:24 - 2015-12-22 21:24 - 0002411 _____ () C:\ProgramData\how_recover+fwy.txt ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys [2013-05-14 10:18] - [2010-11-20 13:30] - 0245632 ____A () D41D8CD98F00B204E9800998ECF8427E C:\Windows\system32\Drivers\volsnap.sys => no Company Name <===== ATTENTION LastRegBack: 2015-12-21 04:11 ==================== End of FRST.txt ============================ [Link mogu videti samo ulogovani korisnici]

Profil

Sass Drake Poslao: 23 Dec 2015 00:17 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	2Ovo se svidja korisnicima: TwinHeadedEagle, Black Code Registruj se da bi pohvalio/la poruku! Imam loše vijesti. Zapatio si najnoviju varijantu ransomwarea TeslaCrypt i vraćanje fajlova je skoro nemoguće. Sam malwre možemo da uklonimo, ali tada ostaješ bez ikakve šanse da vratiš fajlove. Ipak, budi u pripavnosti, a do mog sljedećeg odgovora probaj da sljedeće fajlove: C:\Windows\Installer\{85E2A685-7A05-6208-3ABC-13EE1A9AE49F}\syshost.exe C:\Users\User\AppData\Roaming\cpyuqskhf2.exe na adresu: [Link mogu videti samo ulogovani korisnici]

Profil

vakeveki Poslao: 23 Dec 2015 00:45 Idi na vrh
offline vakeveki Novi MyCity građanin Pridružio: 25 Mar 2006 Poruke: 6 Gde živiš: Po šumama i gorama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 23 Dec 2015 0:34 Sass Drake ::Imam loše vijesti. Zapatio si najnoviju varijantu ransomwarea TeslaCrypt i vraćanje fajlova je skoro nemoguće. Sam malwre možemo da uklonimo, ali tada ostaješ bez ikakve šanse da vratiš fajlove. Ipak, budi u pripavnosti, a do mog sljedećeg odgovora probaj da sljedeće fajlove: C:\Windows\Installer\{85E2A685-7A05-6208-3ABC-13EE1A9AE49F}\syshost.exe C:\Users\User\AppData\Roaming\cpyuqskhf2.exe na adresu: [Link mogu videti samo ulogovani korisnici] Bih rado, ali kad otvorim upload, pa brows, udjem u Windows, ne vidim instaler. U serch opsciji mogu naći, ali ne mogu uploadovati. Možda mi možete pomoći. Zahvalan za pomaganje. Dopuna: 23 Dec 2015 0:45 [Link mogu videti samo ulogovani korisnici]

Profil

Sass Drake Poslao: 23 Dec 2015 01:00 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U polje Filename kopiraj kompletnu putanju fajla koju sam postavio pa probaj onda.

Profil

vakeveki Poslao: 23 Dec 2015 01:06 Idi na vrh
offline vakeveki Novi MyCity građanin Pridružio: 25 Mar 2006 Poruke: 6 Gde živiš: Po šumama i gorama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 23 Dec 2015 1:03 Sass Drake ::U polje Filename kopiraj kompletnu putanju fajla koju sam postavio pa probaj onda. I dalje ne moze. Ne dozvoljava mi. E ala sam baksuz, ne mogu verovati. Dopuna: 23 Dec 2015 1:06 vakeveki ::Sass Drake ::U polje Filename kopiraj kompletnu putanju fajla koju sam postavio pa probaj onda. I dalje ne moze. Ne dozvoljava mi. E ala sam baksuz, ne mogu verovati. Ovaj fajl je uspeo C:\Users\User\AppData\Roaming\cpyuqskhf2.exe

Profil

Sass Drake Poslao: 23 Dec 2015 01:25 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK. Sjećaš li ste šta si uradio prije nego što si izgubio dokumente i slike?

Profil

vakeveki Poslao: 23 Dec 2015 01:28 Idi na vrh
offline vakeveki Novi MyCity građanin Pridružio: 25 Mar 2006 Poruke: 6 Gde živiš: Po šumama i gorama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Klinac je igrao igricu...na netu, kao neki krugovi koji jedu jedan drugog...ne znam kako se zove igrica, ali se krugom kreces po nekom kariranom polju, jede ostale sarene krugove i raste, te psole krugovi jedno drugo prozdiru...zamolio sam ga da mi ustupi mesto za racunarom, i prvo sto sam primetio je da ikone Worda i slika na desk topu nisu odgovarajuce... slike na D particiji jos nisu bile zarazene, ali posle nekoliko minuta, ni njih vide nisam mogao otovriti...

Profil

Sass Drake Poslao: 23 Dec 2015 21:17 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 23 Dec 2015 1:35 Da li si posjetio neki sajt kad si sjeo za računar? Ako jesi poalji mi preko privatne poruke na kojem sajtu si bio. Dopuna: 23 Dec 2015 21:17 Nažalost, povratak šifrovanih fajlova će biti nemoguć. S obzirom da je ovaj ransomware najvjerovatnije ubačen od strane drugog malicioznog programa koji je već bio na sistemu, da li si saglasan da ga sad uklonimo sa sistema?

Profil

vakeveki Poslao: 31 Jan 2016 07:42 Idi na vrh
offline vakeveki Novi MyCity građanin Pridružio: 25 Mar 2006 Poruke: 6 Gde živiš: Po šumama i gorama	2Ovo se svidja korisnicima: TwinHeadedEagle, Killer7 Registruj se da bi pohvalio/la poruku! Napisano: 24 Dec 2015 10:03 Oprosti na mom nejavljanju, ali pokušavam još nešto da uradim...ukratko, pokušaću da otključam jedan fajl... Uglavnom, nešto o tome ima na sledećim stranicama/forumima [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici](zabranjeno) Na šta konkretno misliš, kad kažeš da želiš da ukloniš sa sistema? Predhodni maliciozni program? Dopuna: 24 Dec 2015 21:06 Moram napomenuti da sam do sad vratio 15-17% zakljucaniuh fajlova... Javicu se jos... Dopuna: 31 Jan 2016 7:42 Poštovani, želeo bih samo da Vas obavestim da sam uspeo da spasim podatke blokirane Tesla Encriptom, i da sam u potpunosti vratio sve fajlove u ispravno stanje. Trajalo je dosta, jer su se morali razbiti kodovi kljuceva, i to nekoliko njih.

Profil

milentze Poslao: 02 Feb 2016 08:50 Idi na vrh
offline milentze Novi MyCity građanin Pridružio: 31 Jan 2016 Poruke: 3	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ljudi i ja sam zapatio taj virus stim sto je exstenzija .micro. Koliko vidim jos uvek rade na tome. [Link mogu videti samo ulogovani korisnici] Ako neko sazna nesto novo, neka javlja.

Profil

02 Feb 2016 09:50

TwinHeadedEagle

Zaključavanje topica

Razlog: Odgovoreno je, dalja diskusija nema svrhu

MyCity » Ambulanta -> Arhiva Ambulante » ALL YOUR FILES were encrypted - ne otvara slike ni word dokumente

Ko je trenutno na forumu

Ukupno su 893 korisnika na forumu :: 55 registrovanih, 5 sakrivenih i 833 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 5.56, A.R.Chafee.Jr., Aleksandar Tomić, Apok, awathorn, bato_banjaluka, bigvlada, bojan313, branko7, BWG, Centauro, CraniumWhite, Dimitrije Paunovic, djukapfc, Draganeli, dukajov, eighty-one, esx66, gagidjuric, Ivan001, Jose, jukeboxer, kaskadija, Kubovac, ladro, lucko1, M74AB3, Magistar78, Michellefromrezistance, mile33, Mitogna, nedjabanderas, Nepričavac, niksa517, oganj123, panzerwaffe, Pilence, Prašinar, proka89, raketaš, RD84, repac, Rogan33, ruma, Silvertooth, SlaKoj, stalja, Suhi, Tandrkalo, The Boss, Vlada78, vlahale, voja64, vojnik švejk, vukajlo71

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by