Results 1 to 10 of 23

Thread: Self-replicating folders

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member black_lilies's Avatar
    Join Date
    Oct 2013
    Posts
    27

    Default Self-replicating folders

    Hi. I'm having some issues on my laptop, some sort of a virus, it seems like it's taking up space on my computer. I had some problems with sound on my laptop today. Everything was fine when I turned the laptop on, but soon I couldn't hear any sound nor play music, I'm not sure if this is related (when I tried to play music, there was an error message that the program was already in use, or something like that). After that I found a folder named 3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ on local disk C:, full of other folders (the number of folders increasing constantly). I cleaned up some space on my laptop, and also used CCleaner, and then the folder was replaced by a file named 3590F75ABA9E485486C100C1A9D4FF06XZRURUNVBZAFAFQC, and later it just disappeared and the sound went back to normal. Also, I had files like that a few times before, but after they disappeared, I thought I removed them with Spybot.

    I would be very happy if somebody could help me when you have the time, and thank you in advance .


    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.40.2
    Run by Korisnik at 22:12:00 on 2013-10-16
    Microsoft Windows 7 Ultimate 6.1.7601.1.1250.385.1033.18.1935.943 [GMT 2:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\BOINC\boincmgr.exe
    C:\Program Files\BOINC\boinctray.exe
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\Real\RealPlayer\Update\realsched.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files\BOINC\boinc.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Users\Korisnik\AppData\Roaming\Search Protection\SearchProtection.exe
    C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
    C:\Program Files\Folding@home\Folding@home-x86\Folding@home.exe
    C:\Users\Korisnik\AppData\Roaming\Folding@home-x86\FahCore_a4.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\x1sb23sa.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
    C:\Program Files\SpeedFan\speedfan.exe
    C:\Program Files\foobar2000\foobar2000.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\ProgramData\BOINC\projects\docking.cis.udel.edu\charmm34_6.23_windows_intelx86
    C:\ProgramData\BOINC\projects\docking.cis.udel.edu\charmm34_6.23_windows_intelx86
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.hr/
    uSearch Bar = about:blank
    uSearch Page = about:blank
    uSearchURL,(Default) = about:blank
    mSearchAssistant = about:blank
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
    uRun: [FreeRAM XP] "c:\program files\yourware solutions\freeram xp pro\FreeRAM XP Pro.exe" -win
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [SearchProtection] "c:\users\korisnik\appdata\roaming\search protection\SearchProtection.EXE" /autostart
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtkNGUI.exe -s
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\iastoriconlaunch.exe "c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe" 60
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [boincmgr] "c:\program files\boinc\boincmgr.exe" /a /s
    mRun: [boinctray] "c:\program files\boinc\boinctray.exe"
    mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    StartupFolder: c:\users\korisnik\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\users\korisnik\appdata\roaming\micros~1\windows\startm~1\programs\startup\wipetr~1.lnk - c:\program files\wipe 2013\wipetray.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\codeme~1.lnk - c:\program files\codemeter\runtime\bin\CodeMeterCC.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{3D321B9E-A8C6-4146-B8E1-6E10720FA1A7} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{51B6D1B9-5D8C-40A3-95A5-1B3BC0948BB7} : DHCPNameServer = 83.139.105.2 83.139.104.2
    TCP: Interfaces\{51B6D1B9-5D8C-40A3-95A5-1B3BC0948BB7}\651434F4D40244E2F4E2F4E2 : DHCPNameServer = 192.168.1.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\30.0.1599.69\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\
    FF - prefs.js: browser.search.defaulturl -
    FF - prefs.js: browser.startup.homepage - hxxp://amfsa.clicktodonate.org
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
    FF - plugin: c:\program files\sumatrapdf\npPdfViewer.dll
    FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
    FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
    FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
    FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
    FF - plugin: c:\windows\system32\npDeployJava1.dll
    FF - plugin: c:\windows\system32\npmproxy.dll
    FF - ExtSQL: 2013-08-17 12:29; jid0-RW8E9KFMTaLKkM4HqIWfidw29wo@jetpack; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\jid0-RW8E9KFMTaLKkM4HqIWfidw29wo@jetpack.xpi
    FF - ExtSQL: 2013-08-17 13:11; tabscope@xuldev.org; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\tabscope@xuldev.org.xpi
    FF - ExtSQL: 2013-08-17 13:11; rainbow@colors.org; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\rainbow@colors.org.xpi
    FF - ExtSQL: 2013-08-17 13:11; firegestures@xuldev.org; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\firegestures@xuldev.org.xpi
    FF - ExtSQL: 2013-08-24 23:42; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext
    FF - ExtSQL: 2013-09-28 21:17; notreal.ccoptions@environmentalchemistry.com; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\notreal.ccoptions@environmentalchemistry.com.xpi
    FF - ExtSQL: 2013-10-02 18:42; {1280606b-2510-4fe0-97ef-9b5a22eafe30}; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
    FF - ExtSQL: 2013-10-02 19:27; {24cea704-946d-11da-a72b-0800200c9a66}; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\{24cea704-946d-11da-a72b-0800200c9a66}.xpi
    FF - ExtSQL: 2013-10-02 19:27; {03B08592-E5B4-45ff-A0BE-C1D975458688}; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
    FF - ExtSQL: 2013-10-05 15:06; {158d7cb3-7039-4a75-8e0b-3bd0a464edd2}; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2}.xpi
    FF - ExtSQL: 2013-10-05 15:16; {139a120b-c2ea-41d2-bf70-542d9f063dfd}; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
    FF - ExtSQL: 2013-10-05 15:25; {54BB9F3F-07E5-486c-9B39-C7398B99391C}; c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\x1sb23sa.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi
    .
    ---- FIREFOX POLICIES ----
    user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.blocklist.enabled', false);FF - user.js: extentions.webcake.installId - 4c25f721-dde9-4592-8c09-c5e91446a22b
    FF - user.js: extentions.webcake.defaultEnableAppsList - layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-5-21 49376]
    R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-5-21 177864]
    R0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys [2012-9-1 532536]
    R0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys [2012-9-1 25656]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-5-21 770344]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-5-21 369584]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2013-5-21 87968]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-5-21 29816]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-5-21 66336]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-9-11 46808]
    R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2012-11-21 2571704]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2013-5-21 14904]
    R2 IconMan_R;IconMan_R;c:\program files\realtek\realtek pcie card reader\RIconMan.exe [2013-5-21 1830544]
    R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-7-17 55104]
    R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\drivers\RtsP2Stor.sys [2013-5-21 209552]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2013-3-14 552080]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2013-2-28 110408]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2013-2-28 331080]
    S3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiagx.sys [2013-3-14 75816]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 BFN7x86;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x86.sys [2013-3-14 130152]
    S3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys [2013-3-14 150568]
    S3 bxois;bxois;c:\windows\system32\drivers\bxois.sys [2013-3-14 435240]
    S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-12 62464]
    S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2013-2-27 65152]
    S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\system32\drivers\EtronSTOR.sys [2013-2-27 32512]
    S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2013-2-27 88832]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2013-2-27 351288]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2013-2-27 796216]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2013-2-27 73984]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2013-2-27 165120]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-3-23 14848]
    S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2011-4-12 77184]
    S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-3-23 24064]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-3-23 49664]
    S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-3-23 27136]
    S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-4-12 112640]
    .
    =============== Created Last 30 ================
    .
    2013-10-15 06:52:46 -------- d-----w- c:\users\korisnik\appdata\roaming\WIPE2013
    2013-10-15 06:52:39 609824 ----a-w- c:\windows\system32\Comctl32.ocx
    2013-10-15 06:52:39 163840 ----a-w- c:\windows\system32\temp.000
    2013-10-15 06:52:39 1386496 ----a-w- c:\windows\system32\temp.001
    2013-10-15 06:52:38 340992 ----a-w- c:\windows\system32\sqlite36_engine.dll
    2013-10-15 06:52:34 501248 ----a-w- c:\windows\system32\dhRichClient3.dll
    2013-10-15 06:52:34 340992 ----a-w- c:\windows\sqlite36_engine.dll
    2013-10-15 06:52:34 -------- d-----w- c:\program files\Wipe 2013
    2013-10-15 06:39:18 -------- d-----w- c:\program files\SpeedFan
    2013-10-15 06:34:43 -------- d-----w- c:\program files\Free Driver Backup
    2013-10-13 21:46:31 -------- d-----w- c:\users\korisnik\appdata\roaming\IrfanView
    2013-10-13 21:46:26 -------- d-----w- c:\program files\IrfanView
    2013-10-04 06:28:28 -------- d-----w- c:\program files\iPod
    2013-10-04 06:28:23 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-10-04 06:28:23 -------- d-----w- c:\program files\iTunes
    2013-09-21 22:45:54 -------- d-----w- c:\programdata\Oracle
    2013-09-21 22:18:04 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    .
    ==================== Find3M ====================
    .
    2013-10-08 21:33:46 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-10-08 21:33:46 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-09-21 22:17:42 868264 ----a-w- c:\windows\system32\npDeployJava1.dll
    2013-09-21 22:17:42 790440 ----a-w- c:\windows\system32\deployJava1.dll
    2013-08-30 07:48:13 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2013-08-30 07:48:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-08-30 07:48:12 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
    2013-08-30 07:48:12 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2013-08-30 07:48:11 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2013-08-30 07:47:40 41664 ----a-w- c:\windows\avastSS.scr
    2013-08-24 21:41:42 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2013-08-24 21:41:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2013-07-23 23:09:32 0 ----a-w- c:\windows\system32\FAP92BD.tmp
    2013-07-23 22:40:28 0 ----a-w- c:\windows\system32\FAPF718.tmp
    2013-07-23 22:40:27 0 ----a-w- c:\windows\system32\FAPF4E4.tmp
    2013-07-23 22:40:27 0 ----a-w- c:\windows\system32\FAPF188.tmp
    2013-07-23 22:40:26 0 ----a-w- c:\windows\system32\FAPEFC2.tmp
    2013-07-23 22:40:07 0 ----a-w- c:\windows\system32\FAPA46E.tmp
    2013-07-23 22:39:15 0 ----a-w- c:\windows\system32\FAPDB54.tmp
    2013-07-23 22:39:15 0 ----a-w- c:\windows\system32\FAPD9EB.tmp
    2013-07-23 22:39:14 0 ----a-w- c:\windows\system32\FAPD72B.tmp
    2013-07-23 22:39:09 0 ----a-w- c:\windows\system32\FAPC399.tmp
    2013-07-23 22:38:52 0 ----a-w- c:\windows\system32\FAP8080.tmp
    2013-07-23 22:38:51 0 ----a-w- c:\windows\system32\FAP7DEE.tmp
    2013-07-23 22:38:43 0 ----a-w- c:\windows\system32\FAP5D91.tmp
    2013-07-23 22:38:43 0 ----a-w- c:\windows\system32\FAP5B6D.tmp
    2013-07-23 22:38:42 0 ----a-w- c:\windows\system32\FAP5A14.tmp
    2013-07-23 22:36:42 0 ----a-w- c:\windows\system32\FAP8362.tmp
    2013-07-23 22:36:41 0 ----a-w- c:\windows\system32\FAP8238.tmp
    2013-07-23 22:36:41 0 ----a-w- c:\windows\system32\FAP8052.tmp
    2013-07-23 22:36:12 0 ----a-w- c:\windows\system32\FAPF15.tmp
    2013-07-23 22:36:12 0 ----a-w- c:\windows\system32\FAPDCC.tmp
    2013-07-23 22:36:12 0 ----a-w- c:\windows\system32\FAP108E.tmp
    2013-07-23 22:35:54 0 ----a-w- c:\windows\system32\FAPC7A6.tmp
    2013-07-23 22:35:53 0 ----a-w- c:\windows\system32\FAPC66C.tmp
    2013-07-23 22:35:53 0 ----a-w- c:\windows\system32\FAPC532.tmp
    2013-07-23 22:32:22 0 ----a-w- c:\windows\system32\FAP8CE2.tmp
    2013-07-23 22:32:21 0 ----a-w- c:\windows\system32\FAP8957.tmp
    2013-07-23 22:31:32 0 ----a-w- c:\windows\system32\FAPCB15.tmp
    2013-07-23 22:31:32 0 ----a-w- c:\windows\system32\FAPC9DB.tmp
    2013-07-23 22:31:32 0 ----a-w- c:\windows\system32\FAPC8C0.tmp
    2013-07-23 22:30:41 0 ----a-w- c:\windows\system32\FAPCF.tmp
    2013-07-23 22:30:41 0 ----a-w- c:\windows\system32\FAP50.tmp
    2013-07-23 22:30:40 0 ----a-w- c:\windows\system32\FAPFEA9.tmp
    2013-07-23 22:30:33 0 ----a-w- c:\windows\system32\FAPE35A.tmp
    2013-07-23 22:30:32 0 ----a-w- c:\windows\system32\FAPE0E8.tmp
    2013-07-23 22:30:24 0 ----a-w- c:\windows\system32\FAPC184.tmp
    2013-07-23 22:30:24 0 ----a-w- c:\windows\system32\FAPC01B.tmp
    2013-07-23 22:30:24 0 ----a-w- c:\windows\system32\FAPBEF0.tmp
    2013-07-23 22:29:22 0 ----a-w- c:\windows\system32\FAPCE4A.tmp
    2013-07-23 22:29:22 0 ----a-w- c:\windows\system32\FAPCDAC.tmp
    2013-07-23 22:29:21 0 ----a-w- c:\windows\system32\FAPCB49.tmp
    2013-07-23 22:28:38 0 ----a-w- c:\windows\system32\FAP223D.tmp
    2013-07-23 22:28:38 0 ----a-w- c:\windows\system32\FAP20B5.tmp
    2013-07-23 22:28:37 0 ----a-w- c:\windows\system32\FAP1EEE.tmp
    2013-07-23 22:27:42 0 ----a-w- c:\windows\system32\FAP486C.tmp
    2013-07-23 22:27:41 0 ----a-w- c:\windows\system32\FAP4493.tmp
    2013-07-23 22:27:16 0 ----a-w- c:\windows\system32\FAPE301.tmp
    2013-07-23 22:27:16 0 ----a-w- c:\windows\system32\FAPE16A.tmp
    2013-07-23 22:27:16 0 ----a-w- c:\windows\system32\FAPDF55.tmp
    2013-07-23 22:18:39 0 ----a-w- c:\windows\system32\FAPFC07.tmp
    2013-07-23 22:18:38 0 ----a-w- c:\windows\system32\FAPFAAE.tmp
    2013-07-23 22:18:38 0 ----a-w- c:\windows\system32\FAPF84B.tmp
    2013-07-23 22:17:47 0 ----a-w- c:\windows\system32\FAP3182.tmp
    2013-07-23 22:17:46 0 ----a-w- c:\windows\system32\FAP2E26.tmp
    2013-07-23 22:17:45 0 ----a-w- c:\windows\system32\FAP2B46.tmp
    .
    ============= FINISH: 22:13:53,56 ===============



    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-10-16 22:59:41
    -----------------------------
    22:59:41.214 OS Version: Windows 6.1.7601 Service Pack 1
    22:59:41.214 Number of processors: 2 586 0x2A07
    22:59:41.216 ComputerName: KORISNIK-PC UserName: Korisnik
    22:59:43.373 Initialize success
    22:59:45.982 AVAST engine defs: 13101600
    23:00:07.133 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000069
    23:00:07.135 Disk 0 Vendor: ATA_____ A60W Size: 305245MB BusType: 11
    23:00:07.253 Disk 0 MBR read successfully
    23:00:07.256 Disk 0 MBR scan
    23:00:07.261 Disk 0 Windows 7 default MBR code
    23:00:07.274 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    23:00:07.291 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 154900 MB offset 206848
    23:00:07.315 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 150243 MB offset 317442048
    23:00:07.321 Disk 0 scanning sectors +625139712
    23:00:07.544 Disk 0 scanning C:\Windows\system32\drivers
    23:00:28.037 Service scanning
    23:01:07.740 Modules scanning
    23:01:20.279 Disk 0 trace - called modules:
    23:01:20.302 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys halmacpi.dll iaStorA.sys
    23:01:20.308 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87d7a030]
    23:01:20.315 3 CLASSPNP.SYS[891ba59e] -> nt!IofCallDriver -> [0x87d79260]
    23:01:20.321 5 iaStorF.sys[89211138] -> nt!IofCallDriver -> \Device\00000069[0x86154520]
    23:01:22.201 AVAST engine scan C:\Windows
    23:01:24.590 AVAST engine scan C:\Windows\system32
    23:04:47.816 AVAST engine scan C:\Windows\system32\drivers
    23:05:08.873 AVAST engine scan C:\Users\Korisnik
    23:08:35.423 Disk 0 MBR has been saved successfully to "C:\Users\Korisnik\Desktop\MBR.dat"
    23:08:35.434 The log file has been saved successfully to "C:\Users\Korisnik\Desktop\aswMBR.txt"




    Čestitke!: Nisu nađeni spybotovi. (Status)



    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2013-07-21 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-11-04 advcheck.dll (1.6.5.20)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2013-04-11 Includes\Adware.sbi (*)
    2013-10-08 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2012-11-14 Includes\Dialer.sbi (*)
    2013-04-11 Includes\DialerC.sbi (*)
    2013-04-11 Includes\HeavyDuty.sbi (*)
    2012-11-14 Includes\Hijackers.sbi (*)
    2013-04-11 Includes\HijackersC.sbi (*)
    2013-10-16 Includes\iPhone.sbi (*)
    2013-06-25 Includes\Keyloggers.sbi (*)
    2013-04-11 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2013-05-29 Includes\Malware.sbi (*)
    2013-10-01 Includes\MalwareC.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2013-10-08 Includes\PUPSC.sbi (*)
    2010-01-25 Includes\Revision.sbi (*)
    2012-11-14 Includes\Security.sbi (*)
    2013-04-11 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2013-05-22 Includes\Spyware.sbi (*)
    2013-08-06 Includes\SpywareC.sbi (*)
    2012-11-19 Includes\Tracks.uti
    2013-01-16 Includes\Trojans.sbi (*)
    2013-08-13 Includes\TrojansC-02.sbi (*)
    2013-10-07 Includes\TrojansC-03.sbi (*)
    2013-10-16 Includes\TrojansC-04.sbi (*)
    2013-06-13 Includes\TrojansC-05.sbi (*)
    2013-08-06 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll
    Attached Files Attached Files

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •