OTL logfile created on: 21.12.2011 13:59:48 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = F:\ Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000081A | Country: Serbia | Language: SRL | Date Format: d.M.yyyy 511,48 Mb Total Physical Memory | 240,70 Mb Available Physical Memory | 47,06% Memory free 864,38 Mb Paging File | 646,35 Mb Available in Paging File | 74,78% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,26 Gb Total Space | 5,39 Gb Free Space | 28,01% Space Free | Partition Type: NTFS Drive D: | 19,01 Gb Total Space | 18,54 Gb Free Space | 97,51% Space Free | Partition Type: FAT32 Drive F: | 248,76 Mb Total Space | 174,46 Mb Free Space | 70,13% Space Free | Partition Type: FAT32 Computer Name: C3 | User Name: Korisnik 1 | NOT logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011.12.21 12:57:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\OTL.exe PRC - [2011.02.22 11:05:40 | 000,045,435 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\winlogon.exe PRC - [2011.02.22 11:05:40 | 000,045,435 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\services.exe PRC - [2011.02.22 11:05:40 | 000,045,435 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\lsass.exe PRC - [2009.09.19 08:13:00 | 000,265,075 | ---- | M] () -- C:\OptionalComponents\lsass.exe PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2002.09.11 03:57:20 | 000,046,592 | ---- | M] (Avance Logic, Inc.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2002.09.07 11:23:46 | 000,028,672 | ---- | M] (Tablet Driver) -- C:\WINDOWS\system32\WService.exe PRC - [2001.10.19 12:14:22 | 000,049,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Fast.exe PRC - [2001.10.19 12:14:22 | 000,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011.02.22 11:05:40 | 000,045,435 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\winlogon.exe MOD - [2011.02.22 11:05:40 | 000,045,435 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\services.exe MOD - [2011.02.22 11:05:40 | 000,045,435 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\lsass.exe MOD - [2009.09.19 08:13:00 | 000,265,075 | ---- | M] () -- C:\OptionalComponents\lsass.exe MOD - [2001.10.19 12:14:22 | 000,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe MOD - [2001.04.16 16:39:02 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] [color=#E56717]========== Driver Services (SafeList) ==========[/color] [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.rs/ IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://google.com" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008.03.12 14:25:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008.11.06 13:57:17 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Mozilla Firefox\components [2011.05.25 10:58:15 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Mozilla Firefox\plugins [2011.05.25 10:58:15 | 000,000,000 | ---D | M] [2010.11.04 11:04:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Korisnik 1\Application Data\Mozilla\Extensions [2011.12.20 16:17:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Korisnik 1\Application Data\Mozilla\Firefox\Profiles\qolnfh1g.default\extensions [2010.04.07 11:45:27 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Korisnik 1\Application Data\Mozilla\Firefox\Profiles\qolnfh1g.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2008.03.12 14:25:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2008.03.12 14:24:53 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org [2007.10.26 06:47:32 | 000,066,408 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll [2007.10.26 06:47:33 | 000,054,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll [2007.10.26 06:47:34 | 000,034,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll [2007.10.26 06:47:34 | 000,046,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll [2007.10.26 06:47:35 | 000,171,880 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\gcswf32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: AT_AgathaRuizdelaPrada = C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nccdaldnlpmblnjpbboadeocpnclfcbm\2\ O1 HOSTS File: ([2001.08.23 11:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (Reg Error: Value error.) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. O4 - HKLM..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe () O4 - HKLM..\Run: [Bron-Spizaetus] C:\WINDOWS\ShellNew\RakyatKelaparan.exe () O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe () O4 - HKLM..\Run: [FastUser] C:\WINDOWS\system32\Fast.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Avance Logic, Inc.) O4 - HKLM..\Run: [WService] C:\WINDOWS\System32\WService.exe (Tablet Driver) O4 - HKCU..\Run: [Tok-Cirrhatus] File not found O4 - HKCU..\Run: [Tok-Cirrhatus-2718] C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\br6459on.exe () O4 - Startup: C:\Documents and Settings\Korisnik 1\Start Menu\Programs\Startup\configuration.lnk = C:\configuration\configuration.exe () O4 - Startup: C:\Documents and Settings\Korisnik 1\Start Menu\Programs\Startup\Empty.pif () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\mwnsp.dll (MicroWorld Technologies Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mwtsp.dll (MicroWorld Technologies Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mwtsp.dll (MicroWorld Technologies Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mwtsp.dll (MicroWorld Technologies Inc.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21C572BE-C390-4C59-BEB6-92374C4B4E20}: NameServer = 194.247.192.33,194.247.192.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - ("C:\WINDOWS\KesenjanganSosial.exe") -C:\WINDOWS\KesenjanganSosial.exe () O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-2782265572-3796177887-491457471-7797\nvapbar.exe) - File not found O20 - HKCU Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O31 - SafeBoot: AlternateShell - cmd-brontok.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.12.19 14:30:50 | 000,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011.12.21 12:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Bron.tok-17-21 [2011.12.20 15:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Bron.tok-17-20 [2011.12.19 14:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Ok-SendMail-Bron-tok [2011.12.19 14:40:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Loc.Mail.Bron.Tok [2011.12.19 14:35:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\Bron.tok-17-19 [2011.12.19 14:23:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Korisnik 1\IETldCache [2011.12.19 14:19:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2011.12.19 14:18:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2011.12.19 13:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2011.12.19 13:21:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Application Data\SUPERAntiSpyware.com [2011.12.19 12:55:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\DoctorWeb [2011.12.19 12:25:55 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.12.19 12:25:55 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.12.19 12:25:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011.12.13 10:03:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Desktop\Ivana i Bojana [2011.12.07 14:49:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Desktop\DTO1 forever alone [2011.12.02 12:28:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Korisnik 1\Desktop\Ivan Dukic [2011.12.02 12:27:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\My Documents\Ivan Dukic [2011.11.23 15:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Korisnik 1\Desktop\njanja [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011.12.21 13:18:10 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1935655697-1801674531-1005UA.job [2011.12.21 12:08:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.12.20 15:58:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.12.19 14:30:53 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2011.12.19 14:30:53 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2011.12.19 14:30:50 | 000,000,007 | -HS- | M] () -- C:\AUTOEXEC.BAT [2011.12.19 14:26:42 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011.12.19 14:18:02 | 000,000,988 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1935655697-1801674531-1005Core.job [2011.12.19 12:01:13 | 000,261,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.12.16 13:29:13 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Desktop\Microsoft Office Excel 2003.lnk [2011.12.16 12:04:36 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Desktop\Microsoft Office Word 2003.lnk [2011.12.13 10:03:03 | 000,098,304 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\My Documents\Bojana Radić ''18''db4.mdb [2011.12.02 13:37:34 | 000,054,272 | ---- | M] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011.12.19 14:30:53 | 000,000,426 | ---- | C] () -- C:\WINDOWS\tasks\At2.job [2011.12.19 14:30:52 | 000,000,426 | ---- | C] () -- C:\WINDOWS\tasks\At1.job [2011.12.13 10:02:36 | 000,098,304 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\My Documents\Bojana Radić ''18''db4.mdb [2011.12.02 13:28:25 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Desktop\slika.bmp [2011.11.09 16:47:02 | 000,000,219 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2011.11.09 16:38:16 | 000,013,188 | ---- | C] () -- C:\WINDOWS\WSSPORD.DAT [2011.02.25 11:37:08 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2011.02.25 11:33:12 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys [2011.02.25 11:31:49 | 000,010,368 | ---- | C] () -- C:\WINDOWS\OptiTex10.ini [2010.11.03 17:02:56 | 000,045,435 | -H-- | C] () -- C:\WINDOWS\KesenjanganSosial.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\winlogon.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\svchost.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\smss.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\services.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\lsass.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\inetinfo.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\csrss.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\WINDOWS\System32\cmd-brontok.exe [2010.11.03 17:02:56 | 000,045,435 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\br6459on.exe [2010.06.02 11:08:01 | 000,172,040 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009.02.03 13:45:31 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2008.12.22 08:48:47 | 000,130,560 | ---- | C] () -- C:\WINDOWS\System32\ZIPDLL.DLL [2008.12.22 08:48:47 | 000,125,440 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.DLL [2008.03.12 14:25:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008.02.02 14:32:44 | 000,017,066 | ---- | C] () -- C:\WINDOWS\PDS9Demo.ini [2007.04.18 14:16:37 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2007.03.21 12:01:18 | 019,755,560 | ---- | C] () -- C:\WINDOWS\System32\avg75free_446a965.exe [2007.03.07 13:21:06 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\NetMailTmp.bin [2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006.12.14 14:52:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Application Data\sversion.ini [2006.12.14 14:52:14 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Application Data\user60.rdb [2006.11.02 20:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe [2006.05.15 17:54:11 | 000,010,273 | ---- | C] () -- C:\WINDOWS\MARK9.INI [2006.03.09 13:22:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2006.03.09 13:22:48 | 000,000,077 | ---- | C] () -- C:\WINDOWS\PILOTF.INI [2006.03.09 13:22:30 | 000,172,032 | ---- | C] () -- C:\WINDOWS\Pilotf.exe [2006.03.09 13:16:48 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\Inetwh16.dll [2006.03.09 13:16:48 | 000,004,528 | ---- | C] () -- C:\WINDOWS\System32\Setbrows.exe [2006.01.23 13:38:35 | 000,017,114 | ---- | C] () -- C:\WINDOWS\PDS9.ini [2006.01.23 13:38:35 | 000,008,957 | ---- | C] () -- C:\WINDOWS\Optikad.ini [2004.02.10 07:51:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\UCMfg.exe [2003.11.24 18:07:11 | 000,054,272 | ---- | C] () -- C:\Documents and Settings\Korisnik 1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2003.01.20 18:29:19 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2003.01.20 18:06:37 | 000,000,484 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2003.01.20 17:13:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2003.01.20 17:12:47 | 000,261,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2003.01.20 17:12:00 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2003.01.20 16:58:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2003.01.20 16:55:26 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2003.01.20 16:28:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2003.01.20 16:21:03 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2003.01.07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002.10.30 03:53:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\PcHook.DLL [2002.07.24 11:04:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\lhtool.exe [2001.10.29 13:24:02 | 000,198,720 | ---- | C] () -- C:\WINDOWS\System32\timershot.exe [2001.10.19 12:21:10 | 000,016,960 | ---- | C] () -- C:\WINDOWS\System32\mag.dll [2001.10.19 12:21:08 | 000,148,544 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll [2001.10.19 12:14:32 | 000,019,520 | ---- | C] () -- C:\WINDOWS\System32\bgswitch.exe [2001.10.19 12:14:26 | 000,222,784 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe [2001.10.19 12:14:22 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe [2001.10.09 03:54:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ucinst32.dll [2001.08.23 11:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001.08.23 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001.08.23 11:00:00 | 000,392,296 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001.08.23 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001.08.23 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001.08.23 11:00:00 | 000,058,596 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001.08.23 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001.08.23 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001.08.23 11:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001.08.23 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [1999.01.28 06:39:54 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\Inetwh32.dll < End of report >