MyCity » Ambulanta -> Arhiva Ambulante » provera zarazenosti racunara

provera zarazenosti racunara

Napisano na dan: 19.3.2014

Strana:
1
2

provera zarazenosti racunara

Sledeća strana

Pagination

Odgovori

Strana:
1
2

slavisa71 Poslao: 19 Mar 2014 15:04 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: U poslednje vreme imam utisak da mi je racunar zarazen sto se ocituje mnogo tezim otvaranjem stranica,restartovanjem iz cista mira zatim desava se cesto da na internetu ne mogu uci u neki program a razlog bude netacna godina u datumu,dan i mesec budu tacni a godina netacna odmah posle palenja iako niko nije nista menjao,sat takodje bude tacan.Pre par dana avg antivirus mi je skeniranjem otkrio 20-ak pretnji i virusa a da kazem da je to avg free skinut sa interneta tako da sumnjam da toga ima jos sto avg nije otkrio pDDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.51.2 Run by digital at 14:26:52 on 2014-03-19 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.410 [GMT 1:00] . AV: AVG AntiVirus Free Edition 2014 Enabled/Outdated {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall Disabled . ============== Running Processes ================ . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG2014\avgwdsvc.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\runservice.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG2014\avgemcx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe \??\C:\Program Files\AVG\AVG2014\avgrsx.exe \??\C:\Program Files\AVG\AVG2014\avgcsrvx.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\AVG\AVG2014\avgnsx.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = iexplore mURLSearchHooks: <No Name>: - LocalServer32 - <no file> mURLSearchHooks: SiteFinder: {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - c:\program files\sitefinder\SiteFinder.dll BHO: FastestTube: {3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} - c:\program files\fastesttube\2.1.9\WombatBHO.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: SiteFinder: {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - c:\program files\sitefinder\SiteFinder.dll EB: SiteFinder: {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - c:\program files\sitefinder\SiteFinder.dll uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd mRun: [TWCU] "c:\program files\tp-link\tp-link 54m wireless client utility\TWCU.exe" -nogui mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe" mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - c:\program files\sitefinder\SiteFinder.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - TCP: NameServer = 10.0.0.1 87.250.98.250 87.250.97.250 TCP: Interfaces\{05F2CDEC-E13B-4347-9AC3-5465F5FCC2C3} : DHCPNameServer = 10.0.0.1 87.250.98.250 87.250.97.250 TCP: Interfaces\{FB35BF60-8BCE-4F6A-B41A-862A4CAF1A5D} : NameServer = 91.191.59.118 87.250.98.250 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: AtiExtEvent - Ati2evxx.dll AppInit_DLLs= c:\progra~1\searchprotect\searchprotect\bin\SPVC32Loader.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll LSA: Authentication Packages = msv1_0 nwprovau mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome IFEO: bpsvc.exe - tasklist.exe IFEO: browsersafeguard.exe - tasklist.exe IFEO: protectedsearch.exe - tasklist.exe IFEO: searchprotection.exe - tasklist.exe IFEO: snapdo.exe - tasklist.exe . Note: multiple IFEO entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\digital\application data\mozilla\firefox\profiles\3wogsn23.default-1394194656047\ FF - plugin: c:\documents and settings\digital\local settings\application data\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\games\greenwebplayer\npgreenwebplayer.dll FF - plugin: c:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1205146.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 149272] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 27448] R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-8-1 120600] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 210712] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22808] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 176952] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 193848] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-9-2 37664] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2012/02/09 12:22:29];c:\program files\cyberlink\powerdvd9\000.fcl [2009-5-7 87536] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008] R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2013-12-21 16384] R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2012-2-9 1287296] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-1-22 3788816] S2 PopularScreensavers_7iService;PopularScreensaversService;c:\progra~1\popula~2\bar\2.bin\7ibarsvc.exe --> c:\progra~1\popula~2\bar\2.bin\7ibarsvc.exe [?] . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2014-02-26 01:59:05 13312 ------w- c:\windows\system32\xp_eos.exe 2014-02-24 11:46:36 920064 ----a-w- c:\windows\system32\wininet.dll 2014-02-24 11:45:58 43520 ----a-w- c:\windows\system32\licmgr10.dll 2014-02-24 11:45:57 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2014-02-24 11:45:42 18944 ----a-w- c:\windows\system32\corpol.dll 2014-02-24 10:54:21 385024 ----a-w- c:\windows\system32\html.iec 2014-02-07 02:01:37 1879040 ----a-w- c:\windows\system32\win32k.sys 2014-02-05 08:55:04 562688 ----a-w- c:\windows\system32\qedit.dll 2014-01-29 12:21:32 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-01-29 12:21:29 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-01-24 17:35:59 21840 ----atw- c:\windows\system32\SIntfNT.dll 2014-01-24 17:35:59 17212 ----atw- c:\windows\system32\SIntf32.dll 2014-01-24 17:35:58 12067 ----atw- c:\windows\system32\SIntf16.dll 2014-01-19 20:46:54 22808 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys 2014-01-04 03:13:05 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-12-21 10:39:16 48640 ----a-w- c:\windows\mmfs.dll 2013-12-21 10:39:16 249856 ----a-w- c:\windows\lcmmfu.cpl 2013-12-21 10:39:16 16384 ----a-w- c:\windows\runservice.exe 2013-12-21 09:45:45 418480 ----a-w- c:\windows\system32\wrap_oal.dll 2013-12-21 09:45:45 115432 ----a-w- c:\windows\system32\OpenAL32.dll 16514-03-19 13:01:46 1401 --sha-w- c:\windows\system32\mmf.sys . ============= FINISH: 14:28:02,64 =============== a vas molim da mi to proverite. mycity.rs/must-login.png

Profil

magna86 Poslao: 19 Mar 2014 15:30 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav slavisa71, Pre nego sto nastavimo, voleo bih da obavimo temeljnu proveru racunara na aktivan RootKit. Ova vrsta malware je u vecini slucajeva teska za detekciju te iz tog razloga koristimo i poseban ARK (antirootkit) alat za detekciju. Napomena: DDS izvestaj prikazuje aktivan AppInit_DLLs kljuc i fajl. MBAR rutinski proverava ovu vrednost kljuca te imaj na umu da ce te MBAR upitati za 'AppInit_DLLs' unos. Na prozor/upit koji dobijes, odgovori potvrdno (Yes/Ok). Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

slavisa71 Poslao: 19 Mar 2014 18:00 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Malwarebytes Anti-Rootkit BETA 1.07.0.1009 malwarebytes.org Database version: v2014.03.19.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 :: DIGITAL-1765423 [administrator] 19.3.2014 16:09:30 mbar-log-2014-03-19 (16-09-30).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 212101 Time elapsed: 1 hour(s), 3 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Documents and Settings\digital\My Documents\Downloads\BestCodecsPackSetup.exe (Adware.InstallBrain) -> Delete on reboot. Physical Sectors Detected: 0 (No malicious items detected) (end) mycity.rs/must-login.png

Profil

magna86 Poslao: 19 Mar 2014 18:10 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Zadovoljan sam sa MBAR izvestajima. DDS izvestaji govore na je AVG aktivan na sistemu, ali nije azuriran (tj. ne poseduje zadnju bazu definicija). Postaraj se da je AVG 'updated'. AV: AVG AntiVirus Free Edition 2014 Enabled/Outdated {17DDD097-36FF-435F-9E1B-52D74245D6BF} Sada idemo dalje... Napomena: Potrebno je iskljuciti AVG 'real-time' stitove dok alat Zoek obavlja operacije: Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: QuickScan; Uninstall-List; c:\program files\sitefinder;fs c:\progra~1\searchprotect;fs c:\progra~1\popula~2\bar\2.bin\7ibarsvc.exe;f {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D};c [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe];r [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe];r [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe];r [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe];r [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe];r [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe];r [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe];r [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows];r "AppInit_DLLs"="";r PopularScreensavers_7iService;s Reboot; Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

slavisa71 Poslao: 19 Mar 2014 20:05 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by digital on sre 19.03.2014 at 19:09:18,64. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\digital\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 19.3.2014 19:16:19 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1757981266-562591055-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} deleted successfully HKEY_USERS\S-1-5-21-1757981266-562591055-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} deleted successfully HKEY_CLASSES_ROOT\CLSID\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PopularScreensavers_7iService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PopularScreensavers_7iService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\PopularScreensavers_7iService deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe] [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe] [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe] [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe] [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe] [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe] [-HKEY_LOCAL_MACHINE\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"="" ==== Deleting Files \ Folders ====================== c:\progra~1\searchprotect not found "c:\progra~1\popula~2\bar\2.bin\7ibarsvc.exe" not found c:\program files\sitefinder deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-03-11 23:34:51 57B83564A98F1298B5338C6D5F90519B 1374 ----a-w- C:\WINDOWS\imsins.BAK ====== C:\DOCUME~1\digital\LOCALS~1\Temp ==== 28507-02-07 04:09:31 B9BF0B4248DC7D74079DF7AB8071C637 720896 ----a-w- C:\Documents and Settings\digital\Local Settings\Temp\EAInstall.dll ====== Java Cache ===== 2014-03-09 10:30:33 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Documents and Settings\digital\Local Settings\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-4d4f022a ====== C:\WINDOWS\system32 ===== 2014-03-08 15:07:43 C94EC0201AD94C0A25461F1073F60493 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl 2014-03-08 15:07:43 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\WINDOWS\System32\javaws.exe 2014-03-08 15:07:12 FD80D0AE205EC54D1A204DDBD6B766DA 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2014-03-08 15:07:10 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\WINDOWS\System32\javaw.exe 2014-03-08 15:07:08 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\WINDOWS\System32\java.exe ====== C:\WINDOWS\system32\drivers ===== 2014-03-19 15:09:15 024ACCA2F972EE094EB0F4289F2FA893 107224 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys 2014-03-19 15:06:39 6F0D0617310A677360B7EB6D2D59086E 52312 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-03-07 13:14:45 -------- d-----w- C:\Program Files\Mozilla Maintenance Service ======= C: ===== ====== C:\Documents and Settings\digital\Application Data ====== 2014-03-19 17:52:51 -------- d-----w- C:\Documents and Settings\digital\Start Menu\Programs\CyberLink PowerDVD 9 2014-03-01 15:42:54 -------- d-----w- C:\Documents and Settings\digital\Application Data\skypePM ====== C:\Documents and Settings\digital ====== 2014-03-06 15:09:55 -------- d--h--r- C:\Documents and Settings\digital\Recent ====== C: exe-files == 2014-03-19 15:06:12 BA63FE28CD27A9B3501883689EBE4D5C 821560 ----a-w- C:\Documents and Settings\digital\Desktop\mbar\Plugins\fixdamage.exe 2014-03-19 15:06:12 7C3400A4EAE86C697F74756F783B9DA3 1180472 ----a-w- C:\Documents and Settings\digital\Desktop\mbar\mbar.exe 2014-03-19 15:03:22 99D69C3E87FE1556B76886F778480E2D 12589848 ----a-w- C:\Documents and Settings\digital\My Documents\Downloads\mbar-1.07.0.1009.exe 2014-03-17 17:22:34 C7A9C24B681124159AC8F9EC053404E7 644431 ----a-w- C:\Documents and Settings\digital\Local Settings\Application Data\Unity\WebPlayer\Uninstall.exe 2014-03-17 17:21:05 9994F539B965C6ADDB2EC871FC9D650B 1070496 ----a-w- C:\Documents and Settings\digital\My Documents\Preuzimanja\UnityWebPlayer(7).exe 2014-03-14 17:56:18 9994F539B965C6ADDB2EC871FC9D650B 1070496 ----a-w- C:\Documents and Settings\digital\My Documents\Preuzimanja\UnityWebPlayer(8).exe 2014-03-13 17:45:15 9994F539B965C6ADDB2EC871FC9D650B 1070496 ----a-w- C:\Documents and Settings\digital\My Documents\Preuzimanja\UnityWebPlayer(6).exe 2014-03-13 17:42:22 9994F539B965C6ADDB2EC871FC9D650B 1070496 ----a-w- C:\Documents and Settings\digital\My Documents\Preuzimanja\UnityWebPlayer(5).exe 2014-03-13 17:39:22 9994F539B965C6ADDB2EC871FC9D650B 1070496 ----a-w- C:\Documents and Settings\digital\My Documents\Preuzimanja\UnityWebPlayer(4).exe 2014-03-13 17:37:36 9994F539B965C6ADDB2EC871FC9D650B 1070496 ----a-w- C:\Documents and Settings\digital\My Documents\Preuzimanja\UnityWebPlayer(3).exe === C: other files == 2014-03-19 18:05:41 DCF741DF9F654F5A2C1BEC789F53AEB3 1414742 ----a-w- C:\RECYCLER\S-1-5-21-1757981266-562591055-1177238915-1003\Dc3.com 2014-03-19 15:09:15 024ACCA2F972EE094EB0F4289F2FA893 107224 ----a-w- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 2014-03-19 15:06:39 6F0D0617310A677360B7EB6D2D59086E 52312 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2014-03-19 13:25:44 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Documents and Settings\digital\My Documents\Downloads\dds.com ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1757981266-562591055-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TWCU"="C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe -nogui" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "RemoteControl9"="C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" "PDVD9LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" "BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe" "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\\\Phone\\Skype.exe\" /nosplash /minimized" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [29.01.2014 13:21] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [24.06.2013 13:06] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [24.06.2013 13:06] C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job --a------ C:\WINDOWS\system32\xp_eos.exe [26.02.2014 02:59] C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job --a------ [Undetermined Task] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [19.04.2013 12:35] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\digital\Application Data\Mozilla\Firefox\Profiles\3wogsn23.default-1394194656047 A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51 9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 65C1D9F74004E775F9A8598476ABE5EE - C:\Documents and Settings\digital\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update 2557FBC582910A71CDEB0F22886D118D - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash C2321043FA2CA4C32FF449DE6116B5D9 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll - Shockwave for Director / Shockwave for Director B50F45C9DCE776FCA64A3A8BD3D6A6F7 - C:\Games\GreenWebPlayer\npgreenwebplayer.dll - GreenWebPlayer AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM ==== Chrome Look ====================== Value apps - digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon Google Wallet - digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Docs - NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Uninstall List x86 ====================== 'Steel Fury - Kharkov 1942' [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\STLFR_eng_is1] 7-Zip 9.15 beta [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\7-Zip] Adobe Flash Player 12 Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Flash Player ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Shockwave Player 12.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player] Advertising Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}] AGEIA PhysX v6.10.05 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] AIMP2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AIMP2] ATI Display Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ATI Display Driver] AVG 2014 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7378875-1EF9-46BB-9316-BFB615CB45DA}] AVG 2014 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B26B07BA-A768-4420-844E-771E05F0D965}] AVG 2014 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG] BitLord 2.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitLord] BS.Player FREE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerf] C-Media High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\C-Media Audio Driver] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Cool Smiley Bar for Facebook [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Cool Smiley Bar for Facebook] Counter Strike 1.6 Reloaded [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Counter Strike 1.6 Reloaded] CyberLink PowerDVD 9 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}] CyberLink PowerDVD 9 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}] DolbyFiles [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}] FastestTube-1.3.7.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6FE96CE-99C3-42DE-AD9B-E0A63BD7805D}_is1] FastestTube [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FastestTube] ffdshow v1.2.4422 [2012-04-09] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ffdshow_is1] GameSpy Arcade [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade] Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] GreenWebPlayer [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\gwp-DEFAULT] GreyGray 2013.11.07.204235 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\GreyGray] Haali Media Splitter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HaaliMkx] ImgBurn [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ImgBurn] iVIDI Plugin 1.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iVIDI Plugin] Java 7 Update 51 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051FF}] Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] K-Lite Codec Pack 6.1.0 (Full) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] Malwarebytes Anti-Malware 1.46 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] Microsoft .NET Framework 2.0 Service Pack 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}] Microsoft .NET Framework 3.0 Service Pack 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}] Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}] Microsoft Compression Client Pack 1.0 for Windows XP [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1] Microsoft User-Mode Driver Framework Feature Pack 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] More 1 CD-ROM [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7D48E2F5-CE8E-4A55-88F9-205E889E7265}] More 2 CD-ROM [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7B4CE235-A1D4-48BA-86E4-3E3CE120166D}] MotoGP2 Demo [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MotoGP2 Demo_is1] Mozilla Firefox 27.0.1 (x86 hr) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 27.0.1 (x86 hr)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] Nero 9 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8b21818e-8510-4ae4-beeb-38260f3c1ef5}] Nero ControlCenter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}] Nero InfoTool [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FBCDFD61-7DCF-4E71-9226-873BA0053139}] Nero Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E8A80433-302B-4FF1-815D-FCC8EAC482FF}] NeroBurningROM [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D025A639-B9C9-417D-8531-208859000AF8}] NeroExpress [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{595A3116-40BB-4E0F-A2E8-D7951DA56270}] Ogg Codecs 0.80.15039 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ogg Codecs] OpenAL [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenAL] PhotoScape [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PhotoScape] SiteFinder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SiteFinder] Skype™ 4.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D103C4BA-F905-437A-8049-DB24763BBE36}] swMSM [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] TP-LINK Wireless Client Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0036B17C-2B0C-4D49-B50B-712F4B38B510}] TuneUp Utilities 2014 (en-US) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{14C8CE46-C68C-461B-BCA9-E276A85851C6}] Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer] Vauddix [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{681002C6-5019-81A2-7871-A43754F71E56}] Visual Studio 2012 x86 Redistributables [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}] WebFldrs XP [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}] Windows Internet Explorer 8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ie8] Windows Media Format 11 runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime] Windows Media Format 11 runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11] Windows Media Player 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player] Windows Media Player 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wmp11] WinRAR 5.01 beta 1 (32-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] YTD Video Downloader 3.9.6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}] ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3547 folders=561 282148965 bytes) ==== After Reboot ====================== ==== EOF on sre 19.03.2014 at 19:51:28,06 ======================

Profil

magna86 Poslao: 19 Mar 2014 20:50 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Zoek je radio radio citavih ~ 40+ minuta? Mnogo vremena ... trebao je relativno brzo da izvrsi fix al' moramo opet jos jednom. Posle ovoga bi i sistem trebao bolje da radi. Ponovo pokreni zoek ; zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; U beli okvir prozora iskopiraj sledeći tekst: `EmptyFoldersCheck;Delete EmptyCLSID; AutoClean;` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

slavisa71 Poslao: 19 Mar 2014 21:34 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by digital on sre 19.03.2014 at 20:59:31,50. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\digital\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-19-185128.log 22631 bytes ==== Empty Folders Check ====================== C:\Program Files\GRETECH deleted successfully C:\Program Files\Logs deleted successfully C:\Program Files\Playlogic deleted successfully C:\Documents and Settings\All Users\Start Menu\Programs\GameHouse deleted successfully C:\Documents and Settings\All Users\Start Menu\Programs\Sega deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts deleted successfully C:\Documents and Settings\digital\Application Data\Media Player Classic deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Downloaded Installations deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\WMTools Downloaded Files deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [19.04.2013 12:35] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\digital\Application Data\Mozilla\Firefox\Profiles\3wogsn23.default-1394194656047 A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51 9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 65C1D9F74004E775F9A8598476ABE5EE - C:\Documents and Settings\digital\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update 2557FBC582910A71CDEB0F22886D118D - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash C2321043FA2CA4C32FF449DE6116B5D9 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll - Shockwave for Director / Shockwave for Director B50F45C9DCE776FCA64A3A8BD3D6A6F7 - C:\Games\GreenWebPlayer\npgreenwebplayer.dll - GreenWebPlayer AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM ==== Chrome Look ====================== Value apps - digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon Docs - NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake ==== Chrome Fix ====================== C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage-journal deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lcnnhcneegeeojhgpfijnlnocjdmlaon_0.localstorage deleted successfully C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lcnnhcneegeeojhgpfijnlnocjdmlaon_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\digital\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\digital\Local Settings\Application Data\Mozilla\Firefox\Profiles\3wogsn23.default-1394194656047\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3554 folders=561 282248041 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\digital\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\digital\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\digital\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on sre 19.03.2014 at 21:30:03,76 ======================

Profil

magna86 Poslao: 19 Mar 2014 23:02 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo sada izgleda mnogo bolje. Da li ti se stranice sada malo brze otvaraju? Da li komp sada bolje radi? Iako ovo izgleda dobro, ja bih zeleo da odradimo jos jednu proveru koristeci FRST alat i njegovu dijagnostiku. Ti odradi ovo veceras il' kad' stignes i postavi ovde trazene izvestaje. Ja cu ih sutra pregledati i reci kako stoje stvari. Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor; pričekati koji trenutak dok alat proverava postoji li novija verzija; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

slavisa71 Poslao: 20 Mar 2014 20:50 Idi na vrh
offline slavisa71 Građanin Pridružio: 27 Sep 2013 Poruke: 94	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nesto bze otvara a evo i izvestaja: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 Ran by digital (administrator) on DIGITAL-1765423 on 08-03-2014 20:27:48 Running from C:\Documents and Settings\digital\My Documents\Downloads Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe (Atheros) C:\WINDOWS\system32\acs.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe () C:\WINDOWS\runservice.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe (TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe (CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (cyberlink) C:\Program Files\Cyberlink\Shared Files\brs.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Cmaudio] - RunDll32 cmicnfg.cpl,CMICtrlWnd HKLM\...\Run: [TWCU] - C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe [479412 2008-03-26] (TP-LINK TECHNOLOGIES CO., LTD.) HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [RemoteControl9] - C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-04-27] (CyberLink Corp.) HKLM\...\Run: [PDVD9LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2009-04-27] (CyberLink Corp.) HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-05-07] (cyberlink) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [176128 2006-06-02] (Alps Electric Co., Ltd.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-1757981266-562591055-1177238915-1003\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1757981266-562591055-1177238915-1003\...\MountPoints2: {4aa55184-8635-11e1-ac5b-0013d390875e} - ReCyClER\sEtUp.exe HKU\S-1-5-21-1757981266-562591055-1177238915-1003\...\MountPoints2: {e239b2c8-ca14-11e2-af1a-54e6fcdab77c} - E:\PcOptions.exe Lsa: [Authentication Packages] msv1_0 nwprovau ==================== Internet (Whitelisted) ==================== URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: FastestTube - {3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} - C:\Program Files\FastestTube\2.1.9\WombatBHO.dll (Kwizzu) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{FB35BF60-8BCE-4F6A-B41A-862A4CAF1A5D}: [NameServer]91.191.59.118 87.250.98.250 FireFox: ======== FF ProfilePath: C:\Documents and Settings\digital\Application Data\Mozilla\Firefox\Profiles\3wogsn23.default-1394194656047 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @popularscreensavers.com/Plugin - C:\Program Files\PopularScreensavers\NPp5Stub.dll No File FF Plugin: @PopularScreensavers_7i.com/Plugin - C:\Program Files\PopularScreensavers_7i\bar\2.bin\NP7iStub.dll No File FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @greentube.com/GreenWebPlayer - C:\Games\GreenWebPlayer\npgreenwebplayer.dll (Greentube Internet Entertainment Solutions GmbH) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\digital\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npffividiplg.dll (iVIDI.org) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPp5Stub.dll (popularscreensavers.com) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eudict.xml FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR DefaultSearchKeyword: conduit.search CHR DefaultSearchProvider: Conduit Search CHR DefaultSearchURL: search.conduit.com/Results.aspx?ctid=CT3319.....731&q={searchTerms}&SSPV= CHR DefaultNewTabURL: CHR Extension: (Google Novčanik) - C:\Documents and Settings\digital\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] ========================== Services (Whitelisted) ================= R2 ACS; C:\WINDOWS\system32\acs.exe [364629 2007-02-12] (Atheros) S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-03-22] () R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-03-08] (Oracle Corporation) R2 LicCtrlService; C:\WINDOWS\runservice.exe [16384 2013-12-21] () R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation) R2 NwSapAgent; C:\WINDOWS\System32\ipxsap.dll [66560 2008-04-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.) R3 atinevxx; C:\WINDOWS\System32\DRIVERS\atinevxx.sys [166400 2006-10-29] (ATI Technologies Inc.) R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2012-02-10] () R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-09-04] (AVG Technologies) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 cmudax; C:\WINDOWS\System32\drivers\cmudax.sys [1287296 2006-08-15] (C-Media Inc.) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2012-02-10] () R3 MVDCODEC; C:\WINDOWS\System32\DRIVERS\atinmdxx.sys [15360 2006-10-29] (ATI Technologies Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation) R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2008-04-14] (Microsoft Corporation) R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2008-04-14] (Microsoft Corporation) R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-14] (Microsoft Corporation) R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [55840 2006-11-15] (Atheros Communications, Inc.) R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-05-07] (CyberLink Corp.) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-19 21:24 - 2014-03-19 20:58 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe 2014-03-19 21:00 - 2014-03-19 19:51 - 00022631 _____ () C:\zoek-results2014-03-19-185128.log 2014-03-19 19:15 - 2014-03-19 21:30 - 00009107 _____ () C:\zoek-results.log 2014-03-19 19:05 - 2014-03-08 11:24 - 01285120 _____ () C:\Documents and Settings\digital\Desktop\zoek.exe 2014-03-19 16:09 - 2014-03-19 16:09 - 00107224 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-03-19 16:06 - 2014-03-19 17:56 - 00000000 ____D () C:\Documents and Settings\digital\Desktop\mbar 2014-03-19 16:06 - 2014-03-19 16:06 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-03-19 14:28 - 2014-03-19 14:28 - 00008854 _____ () C:\Documents and Settings\digital\Desktop\dds.txt 2014-03-19 14:28 - 2014-03-19 14:28 - 00008854 _____ () C:\Documents and Settings\digital\Desktop\attach.txt 2014-03-15 13:44 - 2014-03-15 18:23 - 00003072 ____H () C:\Documents and Settings\digital\Desktop\photothumb.db 2014-03-14 21:52 - 2014-03-15 21:03 - 00000806 _____ () C:\WINDOWS\wmsetup.log 2014-03-13 20:59 - 2014-03-13 20:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2014-03-12 00:35 - 2014-03-12 00:36 - 00012146 _____ () C:\WINDOWS\KB2925418-IE8.log 2014-03-12 00:35 - 2014-03-12 00:36 - 00002731 _____ () C:\WINDOWS\updspapi.log 2014-03-12 00:35 - 2014-03-12 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-03-12 00:34 - 2014-03-12 00:36 - 00019898 _____ () C:\WINDOWS\iis6.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00018549 _____ () C:\WINDOWS\FaxSetup.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00008868 _____ () C:\WINDOWS\ocgen.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00008463 _____ () C:\WINDOWS\tsoc.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00006177 _____ () C:\WINDOWS\comsetup.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00005634 _____ () C:\WINDOWS\msmqinst.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00003741 _____ () C:\WINDOWS\ntdtcsetup.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00003249 _____ () C:\WINDOWS\netfxocm.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00001275 _____ () C:\WINDOWS\MedCtrOC.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00001026 _____ () C:\WINDOWS\ocmsn.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00000933 _____ () C:\WINDOWS\tabletoc.log 2014-03-12 00:34 - 2014-03-12 00:36 - 00000927 _____ () C:\WINDOWS\msgsocm.log 2014-03-12 00:34 - 2014-03-12 00:35 - 00001374 _____ () C:\WINDOWS\imsins.BAK 2014-03-12 00:34 - 2014-03-12 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-03-12 00:34 - 2014-03-12 00:34 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-03-12 00:34 - 2014-03-12 00:34 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-03-11 18:53 - 2014-03-12 00:35 - 00011813 _____ () C:\WINDOWS\KB2930275.log 2014-03-11 18:53 - 2014-03-12 00:35 - 00010399 _____ () C:\WINDOWS\KB2929961.log 2014-03-08 20:26 - 2014-03-08 20:27 - 00000000 ____D () C:\FRST 2014-03-08 16:07 - 2014-03-08 16:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java 2014-03-08 16:07 - 2014-03-08 16:05 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-03-08 16:07 - 2014-03-08 16:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-03-08 16:07 - 2014-03-08 16:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-03-08 16:07 - 2014-03-08 16:04 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-03-08 16:07 - 2014-03-08 16:04 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-03-07 17:35 - 2014-03-17 19:07 - 00000000 ____D () C:\Documents and Settings\digital\My Documents\Preuzimanja 2014-03-07 14:14 - 2014-03-07 14:14 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk 2014-03-07 14:14 - 2014-03-07 14:14 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk 2014-03-07 14:14 - 2014-03-07 14:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-03-06 15:04 - 2014-03-06 15:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$ 2014-03-06 14:36 - 2014-03-06 14:41 - 00000000 ____D () C:\AdwCleaner 2014-03-01 16:42 - 2014-03-02 00:04 - 00000000 ____D () C:\Documents and Settings\digital\Application Data\skypePM 2014-03-01 16:42 - 2014-03-01 16:42 - 00000048 ____H () C:\WINDOWS\system32\ezsidmv.dat 2014-02-15 16:45 - 2014-03-07 14:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-02-13 21:52 - 2014-02-13 21:52 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-02-13 12:41 - 2014-02-13 12:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kromtech 2014-02-13 01:00 - 2014-02-13 01:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2014-02-12 17:21 - 2014-02-12 17:21 - 00000000 ____D () C:\Documents and Settings\digital\Application Data\SiteFinder 2014-02-11 23:08 - 2014-02-12 16:10 - 00000000 ____D () C:\Documents and Settings\digital\My Documents\GTA Vice City User Files 2014-02-11 20:35 - 2014-02-11 20:35 - 00000000 ____D () C:\Documents and Settings\digital\Local Settings\Application Data\CrashRpt 2014-02-08 15:02 - 2014-02-08 15:12 - 00000000 ____D () C:\Documents and Settings\digital\Start Menu\Programs\Aplikacije sustava Chrome ==================== One Month Modified Files and Folders ======= 2099-08-02 20:44 - 2003-01-07 21:26 - 00000000 ____D () C:\WINDOWS\pchealth 2099-03-19 14:07 - 2003-01-01 00:04 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2014-03-19 22:52 - 2012-02-09 23:01 - 00000178 __SHC () C:\Documents and Settings\digital\ntuser.ini 2014-03-19 22:52 - 2012-02-09 23:00 - 00032074 _____ () C:\WINDOWS\SchedLgU.Txt 2014-03-19 21:30 - 2014-03-19 19:15 - 00009107 _____ () C:\zoek-results.log 2014-03-19 21:18 - 2013-11-29 17:45 - 00000000 ____D () C:\zoek_backup 2014-03-19 20:58 - 2014-03-19 21:24 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe 2014-03-19 19:51 - 2014-03-19 21:00 - 00022631 _____ () C:\zoek-results2014-03-19-185128.log 2014-03-19 17:56 - 2014-03-19 16:06 - 00000000 ____D () C:\Documents and Settings\digital\Desktop\mbar 2014-03-19 17:41 - 2013-09-20 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$ 2014-03-19 16:09 - 2014-03-19 16:09 - 00107224 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-03-19 16:09 - 2013-04-11 14:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes 2014-03-19 16:06 - 2014-03-19 16:06 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-03-19 14:28 - 2014-03-19 14:28 - 00008854 _____ () C:\Documents and Settings\digital\Desktop\dds.txt 2014-03-19 14:28 - 2014-03-19 14:28 - 00008854 _____ () C:\Documents and Settings\digital\Desktop\attach.txt 2014-03-18 23:12 - 2013-08-14 13:17 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-03-18 23:05 - 2013-04-22 15:24 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-03-18 21:19 - 2012-06-07 20:43 - 00000000 ___RD () C:\Documents and Settings\digital\Desktop\slike 2014-03-17 19:07 - 2014-03-07 17:35 - 00000000 ____D () C:\Documents and Settings\digital\My Documents\Preuzimanja 2014-03-15 22:18 - 2013-01-27 21:43 - 00000000 ____D () C:\Documents and Settings\digital\Desktop\narodni mix 2014-03-15 21:03 - 2014-03-14 21:52 - 00000806 _____ () C:\WINDOWS\wmsetup.log 2014-03-15 18:23 - 2014-03-15 13:44 - 00003072 ____H () C:\Documents and Settings\digital\Desktop\photothumb.db 2014-03-15 13:50 - 2014-02-05 18:50 - 00001809 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2014-03-15 13:44 - 2014-01-01 15:46 - 00000000 ____D () C:\Documents and Settings\digital\Desktop\NOVA 2014 2014-03-15 11:34 - 2013-05-28 12:34 - 00264704 ___SH () C:\Documents and Settings\digital\Desktop\Thumbs.db 2014-03-15 11:10 - 2014-02-01 20:17 - 00001968 _____ () C:\Documents and Settings\digital\Desktop\BitLord.lnk 2014-03-13 20:59 - 2014-03-13 20:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2014-03-13 20:59 - 2013-09-05 22:29 - 00000714 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk 2014-03-13 16:58 - 2003-01-01 00:05 - 00023916 _____ () C:\WINDOWS\setupapi.log 2014-03-12 00:36 - 2014-03-12 00:35 - 00012146 _____ () C:\WINDOWS\KB2925418-IE8.log 2014-03-12 00:36 - 2014-03-12 00:35 - 00002731 _____ () C:\WINDOWS\updspapi.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00019898 _____ () C:\WINDOWS\iis6.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00018549 _____ () C:\WINDOWS\FaxSetup.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00008868 _____ () C:\WINDOWS\ocgen.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00008463 _____ () C:\WINDOWS\tsoc.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00006177 _____ () C:\WINDOWS\comsetup.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00005634 _____ () C:\WINDOWS\msmqinst.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00003741 _____ () C:\WINDOWS\ntdtcsetup.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00003249 _____ () C:\WINDOWS\netfxocm.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00001275 _____ () C:\WINDOWS\MedCtrOC.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00001026 _____ () C:\WINDOWS\ocmsn.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00000933 _____ () C:\WINDOWS\tabletoc.log 2014-03-12 00:36 - 2014-03-12 00:34 - 00000927 _____ () C:\WINDOWS\msgsocm.log 2014-03-12 00:35 - 2014-03-12 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-03-12 00:35 - 2014-03-12 00:34 - 00001374 _____ () C:\WINDOWS\imsins.BAK 2014-03-12 00:35 - 2014-03-11 18:53 - 00011813 _____ () C:\WINDOWS\KB2930275.log 2014-03-12 00:35 - 2014-03-11 18:53 - 00010399 _____ () C:\WINDOWS\KB2929961.log 2014-03-12 00:35 - 2013-04-19 12:17 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-03-12 00:34 - 2014-03-12 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-03-12 00:34 - 2014-03-12 00:34 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-03-12 00:34 - 2014-03-12 00:34 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-03-09 15:37 - 2013-02-18 22:11 - 00000000 ____D () C:\Documents and Settings\digital\Desktop\Daca 2014-03-08 20:27 - 2014-03-08 20:26 - 00000000 ____D () C:\FRST 2014-03-08 20:22 - 2012-02-09 22:17 - 00000000 ____D () C:\Documents and Settings\digital\Application Data\AIMP 2014-03-08 20:12 - 2013-06-24 13:06 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-08 19:53 - 2013-04-10 14:14 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-03-08 16:07 - 2014-03-08 16:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java 2014-03-08 16:05 - 2014-03-08 16:07 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-03-08 16:04 - 2014-03-08 16:07 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-03-08 16:04 - 2014-03-08 16:07 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-03-08 16:04 - 2014-03-08 16:07 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-03-08 16:04 - 2014-03-08 16:07 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-03-08 11:24 - 2014-03-19 19:05 - 01285120 _____ () C:\Documents and Settings\digital\Desktop\zoek.exe 2014-03-07 14:14 - 2014-03-07 14:14 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk 2014-03-07 14:14 - 2014-03-07 14:14 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk 2014-03-07 14:14 - 2014-03-07 14:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-03-07 14:14 - 2014-02-15 16:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-06 15:04 - 2014-03-06 15:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$ 2014-03-06 14:58 - 2013-04-11 13:37 - 00000000 ____D () C:\Documents and Settings\digital\My Documents\Преузимања 2014-03-06 14:41 - 2014-03-06 14:36 - 00000000 ____D () C:\AdwCleaner 2014-03-02 18:44 - 2013-09-29 09:55 - 00000000 ___RD () C:\Documents and Settings\digital\Desktop\nikola 2014-03-02 16:26 - 2012-02-09 20:31 - 00000000 ___RD () C:\Documents and Settings\digital\Desktop\SLAVISA 2014-03-02 16:25 - 2012-04-18 15:22 - 00000000 ____D () C:\Program Files\GTI Racing [R-ENG] 2014-03-02 00:50 - 2012-02-09 12:27 - 00000000 ____D () C:\Documents and Settings\digital\Application Data\Skype 2014-03-02 00:04 - 2014-03-01 16:42 - 00000000 ____D () C:\Documents and Settings\digital\Application Data\skypePM 2014-03-01 16:42 - 2014-03-01 16:42 - 00000048 ____H () C:\WINDOWS\system32\ezsidmv.dat 2014-02-26 02:59 - 2003-01-01 00:06 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe 2014-02-26 02:59 - 2003-01-01 00:06 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe 2014-02-24 16:24 - 2008-04-14 13:00 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe 2014-02-24 16:24 - 2008-04-14 13:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-02-24 12:46 - 2013-04-18 10:55 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll 2014-02-24 12:46 - 2012-02-09 22:55 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll 2014-02-24 12:46 - 2008-04-14 13:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-02-24 12:45 - 2013-04-18 10:55 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll 2014-02-24 12:45 - 2013-04-18 10:55 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll 2014-02-24 12:45 - 2013-04-18 10:55 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll 2014-02-24 12:45 - 2013-04-18 10:55 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll 2014-02-24 12:45 - 2013-04-18 10:55 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll 2014-02-24 12:45 - 2013-04-18 10:55 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll 2014-02-24 12:45 - 2013-04-18 10:55 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2014-02-24 12:45 - 2009-03-08 03:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-02-24 12:45 - 2009-03-08 03:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-02-24 12:45 - 2009-03-08 03:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-02-24 12:45 - 2009-03-08 03:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl 2014-02-24 12:45 - 2008-04-14 13:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-24 12:45 - 2008-04-14 13:00 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll 2014-02-24 12:45 - 2008-04-14 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll 2014-02-24 11:54 - 2008-04-14 13:00 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-02-13 21:53 - 2013-12-01 11:49 - 00005443 _____ () C:\DelFix.txt 2014-02-13 21:52 - 2014-02-13 21:52 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-02-13 14:10 - 2013-01-17 22:33 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-02-13 12:41 - 2014-02-13 12:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kromtech 2014-02-13 01:00 - 2014-02-13 01:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2014-02-13 00:56 - 2003-01-07 21:35 - 00488716 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-02-12 17:21 - 2014-02-12 17:21 - 00000000 ____D () C:\Documents and Settings\digital\Application Data\SiteFinder 2014-02-12 16:10 - 2014-02-11 23:08 - 00000000 ____D () C:\Documents and Settings\digital\My Documents\GTA Vice City User Files 2014-02-12 15:04 - 2012-03-22 13:27 - 00024064 _____ () C:\Documents and Settings\digital\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-11 20:35 - 2014-02-11 20:35 - 00000000 ____D () C:\Documents and Settings\digital\Local Settings\Application Data\CrashRpt 2014-02-08 15:12 - 2014-02-08 15:02 - 00000000 ____D () C:\Documents and Settings\digital\Start Menu\Programs\Aplikacije sustava Chrome 2014-02-08 15:09 - 2012-02-09 12:27 - 00000000 ___RD () C:\Program Files\Skype 2014-02-07 03:01 - 2008-04-14 13:00 - 01879040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\win32k.sys 2014-02-07 03:01 - 2008-04-14 13:00 - 01879040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe => MD5 is legit C:\WINDOWS\system32\winlogon.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll => MD5 is legit C:\WINDOWS\system32\userinit.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01 Ran by digital at 2014-03-08 20:36:01 Running from C:\Documents and Settings\digital\My Documents\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall (Disabled) {8decf618-9569-4340-b34a-d78d28969b66} ==================== Installed Programs ====================== 7-Zip 9.15 beta (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.) Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden AGEIA PhysX v6.10.05 (HKLM\...\{582876EC-A178-44D4-9823-C10D6C62EAFF}) (Version: 6.10.05 - AGEIA Technologies, Inc.) AIMP2 (HKLM\...\AIMP2) (Version: - AIMP DevTeam) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.121-050322a-022141C-ATI - ) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4336 - AVG Technologies) AVG 2014 (Version: 14.0.3722 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4336 - AVG Technologies) Hidden BitLord 2.3 (HKLM\...\BitLord) (Version: 2.3.2-254 - House of Life) BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.53.1033 - Webteh, d.o.o.) CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform) C-Media High Definition Audio Driver (HKLM\...\C-Media Audio Driver) (Version: - ) Cool Smiley Bar for Facebook (HKLM\...\Cool Smiley Bar for Facebook) (Version: 1.0.0.3 - Plus Winks) <==== ATTENTION Counter Strike 1.6 Reloaded (HKLM\...\Counter Strike 1.6 Reloaded) (Version: 1.00 - The Reloaded Team) CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1719 - CyberLink Corp.) CyberLink PowerDVD 9 (Version: 9.0.1719 - CyberLink Corp.) Hidden DolbyFiles (Version: 2.0 - Nero AG) Hidden FastestTube (HKLM\...\FastestTube) (Version: 2.1.9 - Kwizzu) FastestTube-1.3.7.0 (HKLM\...\{E6FE96CE-99C3-42DE-AD9B-E0A63BD7805D}_is1) (Version: - ) ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - FreeCodecPack) GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.) Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden GreenWebPlayer (HKCU\...\gwp-DEFAULT) (Version: - ) <==== ATTENTION GreyGray 2013.11.07.204235 (HKLM\...\GreyGray) (Version: 2013.11.07.204235 - GreyGray) <==== ATTENTION GTI Racing [ENG repacked 1.0] (HKLM\...\GTI Racing [ENG repacked 1.0]) (Version: - ) Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - FreeCodecPack) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.1.0 - LIGHTNING UK!) iVIDI Plugin 1.3 (HKLM\...\iVIDI Plugin) (Version: 1.3 - iVIDI Plugin, Inc.) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden K-Lite Codec Pack 6.1.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.1.0 - ) Malwarebytes Anti-Malware 1.46 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: - malwarebytes.org/) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) More! 1 CD-ROM (HKLM\...\{7D48E2F5-CE8E-4A55-88F9-205E889E7265}) (Version: 1.0.4 - Cambridge University Press) More! 2 CD-ROM (HKLM\...\{7B4CE235-A1D4-48BA-86E4-3E3CE120166D}) (Version: 1.0.0 - Cambridge University Press) MotoGP2 Demo (HKLM\...\MotoGP2 Demo_is1) (Version: - THQ) Mozilla Firefox 27.0.1 (x86 hr) (HKLM\...\Mozilla Firefox 27.0.1 (x86 hr)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) Nero 9 (HKLM\...\{8b21818e-8510-4ae4-beeb-38260f3c1ef5}) (Version: - Nero AG) Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden Nero InfoTool (Version: 6.4.12.100 - Nero AG) Hidden Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden NeroBurningROM (Version: 9.4.26.100 - Nero AG) Hidden NeroExpress (Version: 9.4.26.100 - Nero AG) Hidden Ogg Codecs 0.80.15039 (HKLM\...\Ogg Codecs) (Version: 0.80.15039 - Xiph.Org) OpenAL (HKLM\...\OpenAL) (Version: - ) PhotoScape (HKLM\...\PhotoScape) (Version: - ) SiteFinder (HKLM\...\SiteFinder) (Version: 1.0.0.0 - SiteFinder) <==== ATTENTION Skype™ 4.2 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.169 - Skype Technologies S.A.) 'Steel Fury - Kharkov 1942' (HKLM\...\STLFR_eng_is1) (Version: - Lighthouse Interactive) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TP-LINK Wireless Client Utility (HKLM\...\{0036B17C-2B0C-4D49-B50B-712F4B38B510}) (Version: - TP-LINK) TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.88 - TuneUp Software) Hidden Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden Vauddix (HKLM\...\{681002C6-5019-81A2-7871-A43754F71E56}) (Version: 4.0.0.1778 - Vaudixu) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows Media Player 11 (Version: - Microsoft Corporation) Hidden WinRAR 5.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH) YTD Video Downloader 3.9.6 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL) ==================== Restore Points ========================= 13-02-2014 20:52:43 System Checkpoint 13-02-2014 20:52:43 Registry Reviver Restore Point (09/30/13) 13-02-2014 20:52:44 System Checkpoint 13-02-2014 20:52:45 System Checkpoint 13-02-2014 20:52:45 Software Distribution Service 3.0 13-02-2014 20:52:45 Installed More! 2 CD-ROM 13-02-2014 20:52:45 Software Distribution Service 3.0 13-02-2014 20:52:45 System Checkpoint 13-02-2014 20:52:45 Installed Java 7 Update 45 13-02-2014 20:52:45 System Checkpoint 13-02-2014 20:52:45 Installed DirectX 13-02-2014 20:52:45 System Checkpoint 13-02-2014 20:52:46 System Checkpoint 13-02-2014 20:52:46 System Checkpoint 13-02-2014 20:52:46 System Checkpoint 13-02-2014 20:52:46 Installed AVG PC TuneUp 2014 13-02-2014 20:52:46 Software Distribution Service 3.0 13-02-2014 20:52:46 Installed DirectX 13-02-2014 20:52:46 Removed AVG PC TuneUp 2014 13-02-2014 20:52:46 Removed AVG PC TuneUp 2014 (en-US) 13-02-2014 20:52:46 System Checkpoint 13-02-2014 20:52:46 System Checkpoint 13-02-2014 20:52:46 zoek.exe restore point 13-02-2014 20:52:46 Removed TuneUp Utilities 2014 13-02-2014 20:52:47 End of disinfection 13-02-2014 20:52:47 Installed Windows Media Player 11 13-02-2014 20:52:48 Installed Windows XP Wudf01000. 13-02-2014 20:52:48 Installed Windows XP MSCompPackV1. 13-02-2014 20:52:48 Software Distribution Service 3.0 13-02-2014 20:52:49 System Checkpoint 13-02-2014 20:52:49 System Checkpoint 13-02-2014 20:52:50 Installed AVG PC TuneUp 2014 13-02-2014 20:52:50 Removed AVG PC TuneUp 2014 13-02-2014 20:52:50 Removed AVG PC TuneUp 2014 (en-US) 13-02-2014 20:52:51 Software Distribution Service 3.0 13-02-2014 20:52:51 Removed America's Army 13-02-2014 20:52:52 Installed DirectX 13-02-2014 20:52:52 Installed DirectX 13-02-2014 20:52:53 System Checkpoint 13-02-2014 20:52:53 Registry Reviver Restore Point (01/01/03) 13-02-2014 20:52:55 Software Distribution Service 3.0 13-02-2014 20:52:55 Installed Java 7 Update 51 13-02-2014 20:52:56 Installed DirectX 13-02-2014 20:52:57 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 13-02-2014 20:52:57 Removed Google Drive 13-02-2014 20:52:58 Removed Skype Toolbars 13-02-2014 20:52:59 zoek.exe restore point 13-02-2014 20:52:59 Software Distribution Service 3.0 13-02-2014 20:53:19 End of disinfection 16-02-2014 18:03:01 System Checkpoint 28-02-2014 18:02:57 System Checkpoint 02-03-2014 13:44:05 GTI Racing [ENG repacked 1.0] Installation 06-03-2014 14:01:00 Software Distribution Service 3.0 08-03-2014 14:07:55 System Checkpoint 08-03-2014 15:02:36 Removed Java 7 Update 40 08-03-2014 15:04:20 Installed Java 7 Update 51 09-03-2014 17:18:02 System Checkpoint 11-03-2014 23:33:41 Software Distribution Service 3.0 14-03-2014 13:21:34 System Checkpoint 15-03-2014 14:58:03 System Checkpoint 16-03-2014 15:45:34 System Checkpoint 17-03-2014 16:11:23 System Checkpoint 18-03-2014 18:38:33 System Checkpoint 18-03-2014 22:04:30 Software Distribution Service 3.0 19-03-2014 16:38:51 Malwarebytes Anti-Rootkit Restore Point 19-03-2014 18:16:19 zoek.exe restore point ==================== Hosts content: ========================== 2008-04-14 13:00 - 2008-04-14 13:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe ==================== Loaded Modules (whitelisted) ============= 2013-12-21 11:39 - 2013-12-21 11:39 - 00016384 _____ () C:\WINDOWS\runservice.exe 2013-12-21 11:39 - 2013-12-21 11:39 - 00048640 _____ () C:\WINDOWS\mmfs.dll 2012-10-04 11:25 - 2007-04-10 08:25 - 00377014 _____ () C:\WINDOWS\system32\wgapi.dll 2012-10-04 11:25 - 2007-04-10 08:09 - 00094208 _____ () C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\oemres.dll 2014-03-07 14:14 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-03-15 13:48 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll 2008-04-14 13:00 - 2008-04-14 13:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll 2008-04-14 13:00 - 2008-04-14 13:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2014-03-15 13:49 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll 2014-03-15 13:49 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll 2014-03-15 13:48 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll 2014-01-29 13:21 - 2014-01-29 13:21 - 16287624 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\Temp:AD022376 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\Temp:D1B5B4F1 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver" ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgnsx.exe, version 14.0.0.4302, faulting module msvcr110.dll, version 11.0.51106.1, fault address 0x0009f979. Processing media-specific event for [avgnsx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgmfapx.exe, version 14.0.0.4334, faulting module avgmfapx.exe, version 14.0.0.4334, fault address 0x003ce613. Processing media-specific event for [avgmfapx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgnsx.exe, version 14.0.0.4302, faulting module msvcr110.dll, version 11.0.51106.1, fault address 0x0009f979. Processing media-specific event for [avgnsx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgnsx.exe, version 14.0.0.4302, faulting module msvcr110.dll, version 11.0.51106.1, fault address 0x0009f979. Processing media-specific event for [avgnsx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgmfapx.exe, version 14.0.0.4334, faulting module avgmfapx.exe, version 14.0.0.4334, fault address 0x003ce613. Processing media-specific event for [avgmfapx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgnsx.exe, version 14.0.0.4302, faulting module msvcr110.dll, version 11.0.51106.1, fault address 0x0009f979. Processing media-specific event for [avgnsx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgmfapx.exe, version 14.0.0.4334, faulting module avgmfapx.exe, version 14.0.0.4334, fault address 0x003ce613. Processing media-specific event for [avgmfapx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgmfapx.exe, version 14.0.0.4334, faulting module avgmfapx.exe, version 14.0.0.4334, fault address 0x003ce613. Processing media-specific event for [avgmfapx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgnsx.exe, version 14.0.0.4302, faulting module msvcr110.dll, version 11.0.51106.1, fault address 0x0009f979. Processing media-specific event for [avgnsx.exe!ws!] Error: (08/24/2033 11:10:08 AM) (Source: Application Error) (User: ) Description: Faulting application avgmfapx.exe, version 14.0.0.4334, faulting module avgmfapx.exe, version 14.0.0.4334, fault address 0x003ce613. Processing media-specific event for [avgmfapx.exe!ws!] System errors: ============= Error: (03/19/2014 06:52:59 PM) (Source: Service Control Manager) (User: ) Description: The PopularScreensaversService service failed to start due to the following error: %%3 Error: (03/19/2014 05:45:34 PM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: PCIIde Error: (03/19/2014 05:45:07 PM) (Source: Service Control Manager) (User: ) Description: The PopularScreensaversService service failed to start due to the following error: %%3 Error: (08/24/2033 11:10:08 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service terminated with service-specific error 3758213658 (0xE001CA1A). Error: (08/24/2033 11:10:08 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service terminated with service-specific error 3758213658 (0xE001CA1A). Error: (08/24/2033 11:10:08 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service terminated with service-specific error 3758213658 (0xE001CA1A). Error: (08/24/2033 11:10:08 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service terminated with service-specific error 3758213658 (0xE001CA1A). Error: (08/24/2033 11:10:08 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service terminated with service-specific error 3758213658 (0xE001CA1A). Error: (08/24/2033 11:10:08 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service terminated with service-specific error 3758213658 (0xE001CA1A). Error: (08/24/2033 11:10:08 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service terminated with service-specific error 3758213658 (0xE001CA1A). Microsoft Office Sessions: ========================= Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgnsx.exe14.0.0.4302msvcr110.dll11.0.51106.10009f979 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgmfapx.exe14.0.0.4334avgmfapx.exe14.0.0.4334003ce613 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgnsx.exe14.0.0.4302msvcr110.dll11.0.51106.10009f979 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgnsx.exe14.0.0.4302msvcr110.dll11.0.51106.10009f979 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgmfapx.exe14.0.0.4334avgmfapx.exe14.0.0.4334003ce613 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgnsx.exe14.0.0.4302msvcr110.dll11.0.51106.10009f979 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgmfapx.exe14.0.0.4334avgmfapx.exe14.0.0.4334003ce613 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgmfapx.exe14.0.0.4334avgmfapx.exe14.0.0.4334003ce613 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgnsx.exe14.0.0.4302msvcr110.dll11.0.51106.10009f979 Error: (08/24/2033 11:10:08 AM) (Source: Application Error)(User: ) Description: avgmfapx.exe14.0.0.4334avgmfapx.exe14.0.0.4334003ce613 ==================== Memory info =========================== Percentage of memory in use: 75% Total physical RAM: 1022.42 MB Available physical RAM: 247.6 MB Total Pagefile: 2459.37 MB Available Pagefile: 1721.48 MB Total Virtual: 2047.88 MB Available Virtual: 1954.49 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:78.13 GB) (Free:44.01 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: () (Fixed) (Total:154.75 GB) (Free:145.05 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: F33DF33D) Partition: GPT Partition Type. ==================== End Of Log ============================

Profil

magna86 Poslao: 21 Mar 2014 15:55 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo slavisa71, Postavljeni FRST logovi izgledaju cisto. Nema tragova infekcije. FRST prijavljuje par zaostalih PUP/Adware programa (zapravo to su ostatci u regeditu) koje je potrebno da rucno uklonis. Start > ControlPanel > Add or Remove programs i sa liste instaliranih programa pronadji (ako ih vidis) sledece programe i pokreni deinstalaciju. Da se ne zbunis, Windows ce najverovatnije detektovati da taj program ne postoji i uklonice ga sa liste zajedno sa tim kljucem koji FRST vidi. -Cool Smiley Bar for Facebook -GreenWebPlayer -GreyGray 2013.11.07.204235 -SiteFinder Potom otvori GoogleChrome i isprati ova podesavanja za postavljanje HomePage i SearchScope nazad na google.com/rs http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html tu je objasnjeno kako u GoogleChrome da postavis podesavanja nazad na google --- --- --- --- --- --- To bi bilo to. Ostatci bi trebali da su uklonjeni a infekcije nema. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » provera zarazenosti racunara

Ko je trenutno na forumu

Ukupno su 1016 korisnika na forumu :: 36 registrovanih, 2 sakrivenih i 978 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Apok, Arahne, avijacija, babaroga, Bane san, bobomicek, Brana01, Bubimir, dankisha, Denaya, Dorcolac, draganca, Georgius, Krusarac, ladro, Litostroton, mercedesamg, Metanoja, mile33, milenko crazy north, milos.cbr, Miskohd, Nemanja.M, Neutral-M, nikoladim, pape, procesor, RED4G-304, Stoilkovic, theNedjeljko, Tvrtko I, vathra, VJ, Vlada78, W123, zdrebac

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by