|
Poslao: 30 Okt 2014 10:33
|
offline
- Pridružio: 03 Avg 2014
- Poruke: 60
|
Desava mi se da nekada malo cesce kada sam na fb ne ucita stranicu skroz slike ne ucita,evo slika gore mi je ucitalo odma stranicu onaj krugic sto se vrti on se ucita brzo i nema ga ali mi ne ucitava objave evo ovako zabode pa moram refresovati 2-3 puta da bi ucitalo
Brisao sam ccleanerom,defragmentovao HDD sa asuslogic,korisio advanced system care pa sam ga obrisao...To ima nekoliko dana ne znam tacno.
ADSL speedtest
Ping 35ms,download 5,2mbps upload 0.52mbps.
U igricama ping dobar cs 1.6 na serverima iz srbije i bih ping mali 8-9-10ms ne skace uvek je tako.
Zaboravio sam napisati i na youtube mi nekad zeza,kada ocu da premotam klip pustim ga i ocu odma na 2minuta da premotam nece da ucita klip stane i vrti se na klipu da ucitava a ne uzima mi internet jer ne svetlucaju lampice na modemu samo stoje upaljene sto znaci da nista ne uzima protok.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014
Ran by Zeljko (administrator) on ADMINISTRATOR on 30-10-2014 10:30:33
Running from C:\Documents and Settings\Zeljko\Desktop
Loaded Profile: Zeljko (Available profiles: Zeljko & Igre & UpdatusUser & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Maple Studio) C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\Application\chrome.exe
(Maple Studio) C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\Application\chrome.exe
(Maple Studio) C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\Application\chrome.exe
(Maple Studio) C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [ClearRecentDocsOnExit] 0x0100000000000000
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoFileAssociate] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoSMBalloonTip] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoCDBurning] 0
BootExecute:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF user.js: detected! => C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718\user.js
FF Extension: TVU Web Player - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718\Extensions\firefox@tvunetworks.com [2014-09-28]
FF Extension: No Name - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718\extensions\ascsurfingprotection@iobit.com [Not Found]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.600.19) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U60) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Profile: C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google disk) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-04]
CHR Extension: (YouTube) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-04]
CHR Extension: (Google pretraživanje) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-04]
CHR Extension: (Resize YT To Window Size) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jnlekakfccbmkfgmjmjopjopafgnojca [2014-09-29]
CHR Extension: (Google Novčanik) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-04]
CHR Extension: (Gmail) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-04]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 6to4; C:\WINDOWS\System32\6to4svc.dll [100352 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S4 AppMgmt; C:\WINDOWS\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
S3 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\WINDOWS\System32\bthserv.dll [30208 2008-04-14] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [399360 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [246272 2008-04-14] (Microsoft Corporation) [File not signed]
S3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation) [File not signed]
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
S4 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S4 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
S4 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [121600 2013-04-05] (Intel Corporation)
R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [96768 2008-04-14] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S4 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S4 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation) [File not signed]
S4 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-02-04] ()
S4 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [281152 2014-02-04] ()
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [399360 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2001-08-23] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [57856 2008-04-14] (Microsoft Corporation) [File not signed]
S2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
S4 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TeamViewer9; D:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [4799760 2014-09-12] (TeamViewer GmbH)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S4 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation) [File not signed]
S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
S3 HWDeviceService.exe; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2001-08-23] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2013-11-03] (Advanced Micro Devices) [File not signed]
S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (Wondershare)
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
S3 awUSB; C:\WINDOWS\System32\DRIVERS\USBDrv.sys [13824 2014-10-20] (Scott)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2001-08-23] (Microsoft Corporation) [File not signed]
S3 BthEnum; C:\WINDOWS\System32\DRIVERS\BthEnum.sys [17024 2008-04-14] (Microsoft Corporation) [File not signed]
S3 BthPan; C:\WINDOWS\System32\DRIVERS\bthpan.sys [101120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\WINDOWS\System32\Drivers\BTHport.sys [272128 2008-06-13] (Microsoft Corporation) [File not signed]
S3 BTHUSB; C:\WINDOWS\System32\Drivers\BTHUSB.sys [18944 2008-04-14] (Microsoft Corporation) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2001-08-23] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2007-02-18] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2001-08-23] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation) [File not signed]
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2014-02-24] (Phoenix Technologies) [File not signed]
S3 E100B; C:\WINDOWS\System32\DRIVERS\e100b325.sys [117760 2001-08-17] (Intel Corporation) [File not signed]
S3 E100E; C:\WINDOWS\System32\DRIVERS\e100ent.sys [25360 2004-08-25] (Intel Corporation) [File not signed]
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Flpydisk; C:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2001-08-23] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2001-08-23] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation) [File not signed]
R3 HBtnKey; C:\WINDOWS\System32\DRIVERS\tkbtnpn.sys [7463 2007-10-30] (Lenovo) [File not signed]
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider) [File not signed]
R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hidusbf; C:\WINDOWS\System32\DRIVERS\hidusbf.sys [4096 2011-04-05] (SweetLow) [File not signed]
S3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [264832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Intels51; C:\WINDOWS\System32\DRIVERS\Intels51.sys [670203 2003-05-22] (Intel Corporation) [File not signed]
R3 Ip6Fw; C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2001-08-23] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2001-08-23] (Microsoft Corporation) [File not signed]
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MODEMCSA; C:\WINDOWS\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation) [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-08-17] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
S3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2001-08-23] (Microsoft Corporation) [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [71936 2010-08-12] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2013-11-03] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2014-10-09] (NVIDIA Corporation)
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2001-08-23] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2001-08-23] (Microsoft Corporation) [File not signed]
R3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80128 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2001-08-23] (Microsoft Corporation) [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2001-08-23] (Microsoft Corporation) [File not signed]
R0 Pcmcia; C:\WINDOWS\System32\DRIVERS\pcmcia.sys [120192 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [35840 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2001-08-23] (Parallel Technologies, Inc.) [File not signed]
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] ()
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2001-08-23] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2001-08-23] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2001-08-23] (Microsoft Corporation) [File not signed]
R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RFCOMM; C:\WINDOWS\System32\DRIVERS\rfcomm.sys [59136 2008-04-14] (Microsoft Corporation) [File not signed]
S3 rt2870; C:\WINDOWS\System32\DRIVERS\Drt2870.sys [1213632 2011-11-14] (Ralink Technology, Corp.)
R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation) [File not signed]
S4 sr; C:\WINDOWS\system32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [13120 2013-08-25] ()
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation) [File not signed]
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 tapse01; C:\WINDOWS\System32\DRIVERS\tapse01.sys [33720 2013-10-16] (The OpenVPN Project)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2014-06-23] (Microsoft Corporation) [File not signed]
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
R3 tunmp; C:\WINDOWS\System32\DRIVERS\tunmp.sys [12288 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation) [File not signed]
S4 UI5IFS; D:\Program Files\Ashampoo\Ashampoo UnInstaller 5\IFS32.sys [33632 2013-05-08] ()
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation) [File not signed]
R3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed]
R3 usbcamcl; C:\WINDOWS\System32\DRIVERS\usbcamcl.sys [31104 2009-10-31] (usb camera) [File not signed]
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation) [File not signed]
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [File not signed]
S3 usbstor; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbUDisc; C:\WINDOWS\System32\DRIVERS\USBDrv.sys [13824 2014-10-20] (Scott)
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-17] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2001-08-23] (Microsoft Corporation) [File not signed]
R3 WsAudioDevice_383; C:\WINDOWS\System32\drivers\WsAudioDevice_383.sys [25632 2013-05-30] (Wondershare)
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation) [File not signed]
R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
U3 AeLookupSvc; No ImagePath
S4 AmdLLD; No ImagePath
U3 Appinfo; No ImagePath
U3 AxInstSV; No ImagePath
S3 catchme; \??\C:\DOCUME~1\Zeljko\LOCALS~1\Temp\catchme.sys [X]
U4 CertPropSvc; No ImagePath
U3 clr_optimization_v2.0.50727_64; No ImagePath
U4 CscService; No ImagePath
U4 defragsvc; No ImagePath
S4 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X]
U4 EFS; No ImagePath
S4 ESEADriver2; No ImagePath
S4 ew_hwusbdev; No ImagePath
U3 fdPHost; No ImagePath
U4 FDResPub; No ImagePath
U3 HomeGroupListener; No ImagePath
U3 HomeGroupProvider; No ImagePath
S4 huawei_cdcacm; No ImagePath
S4 huawei_cdcecm; No ImagePath
S4 huawei_enumerator; No ImagePath
S4 huawei_ext_ctrl; No ImagePath
S4 IntelIde; No ImagePath
U4 IPBusEnum; No ImagePath
U4 iphlpsvc; No ImagePath
U3 KeyIso; No ImagePath
U4 lltdsvc; No ImagePath
S4 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U4 MSiSCSI; No ImagePath
S4 NANMp50; No ImagePath
S4 NANSp50; No ImagePath
U3 netprofm; No ImagePath
U3 p2pimsvc; No ImagePath
U3 p2psvc; No ImagePath
S4 PBDOWNFORCE_SERVICE; No ImagePath
U4 PcaSvc; No ImagePath
U4 PeerDistSvc; No ImagePath
U4 PNRPAutoReg; No ImagePath
U3 PNRPsvc; No ImagePath
U4 QWAVE; No ImagePath
U4 SCPolicySvc; No ImagePath
U4 SensrSvc; No ImagePath
U4 SNMPTRAP; No ImagePath
U3 sppuinotify; No ImagePath
U4 TabletInputService; No ImagePath
U4 TBS; No ImagePath
U4 TermService; %SystemRoot%\System32\svchost.exe -k DComLaunch
U4 UI0Detect; No ImagePath
U4 UmRdpService; No ImagePath
U3 wampapache; No ImagePath
U4 WbioSrvc; No ImagePath
U4 wcncsvc; No ImagePath
U4 wercplsupport; No ImagePath
U4 WerSvc; No ImagePath
U4 WinDefend; No ImagePath
U4 WinHttpAutoProxySvc; No ImagePath
U4 WPCSvc; No ImagePath
U4 WPDBusEnum; No ImagePath
U4 WwanSvc; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-30 10:30 - 2014-10-30 10:30 - 00038512 _____ () C:\Documents and Settings\Zeljko\Desktop\FRST.txt
2014-10-30 10:29 - 2014-10-30 10:30 - 00000000 ____D () C:\FRST
2014-10-30 10:26 - 2014-10-30 10:26 - 01105408 _____ (Farbar) C:\Documents and Settings\Zeljko\Desktop\FRST.exe
2014-10-29 23:06 - 2014-08-12 21:15 - 00017313 _____ () C:\Documents and Settings\Zeljko\Desktop\Titlovi.rar
2014-10-29 20:42 - 2014-10-29 22:35 - 00012219 _____ () C:\WINDOWS\setupapi.log
2014-10-29 20:40 - 2014-10-30 10:29 - 00000000 ____D () C:\Documents and Settings\Zeljko\Desktop\Zdravko CD muzika narezat
2014-10-29 20:12 - 2014-10-29 20:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2014-10-29 00:52 - 2014-10-30 10:02 - 00020534 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-29 00:48 - 2014-10-30 10:30 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\temp
2014-10-29 00:48 - 2014-10-29 00:48 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-10-29 00:48 - 2014-10-29 00:48 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-10-29 00:48 - 2014-10-29 00:48 - 00000000 ____D () C:\Documents and Settings\Igre\Local Settings\temp
2014-10-29 00:48 - 2014-10-29 00:48 - 00000000 ____D () C:\Documents and Settings\Guest.ADMINISTRATOR\Local Settings\temp
2014-10-29 00:48 - 2014-10-29 00:48 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-10-29 00:48 - 2014-10-29 00:48 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\temp
2014-10-29 00:47 - 2014-10-29 00:47 - 00026697 _____ () C:\ComboFix.txt
2014-10-28 22:00 - 2014-10-28 22:00 - 00000833 _____ () C:\Documents and Settings\Zeljko\Desktop\µTorrent.lnk
2014-10-28 19:26 - 2014-10-28 19:26 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Auslogics
2014-10-27 22:50 - 2014-10-27 22:50 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\CrashRpt
2014-10-27 18:38 - 2014-10-27 18:38 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\BitTorrent
2014-10-27 18:28 - 2014-10-27 18:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\APN
2014-10-27 15:07 - 2014-10-27 15:07 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-27 15:07 - 2014-10-27 15:06 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-10-27 15:07 - 2014-10-27 15:06 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-10-27 15:06 - 2014-10-27 15:06 - 00000000 ____D () C:\Program Files\Java
2014-10-27 15:06 - 2014-10-27 15:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-10-27 15:06 - 2014-10-27 15:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2014-10-27 14:53 - 2014-10-27 14:53 - 00000000 ____D () C:\WINDOWS\Sun
2014-10-27 12:20 - 2014-10-27 12:20 - 00000000 ____D () C:\Documents and Settings\Zeljko\Desktop\nvidiaInspector
2014-10-26 19:10 - 2013-06-18 17:32 - 439086036 ____R () C:\Documents and Settings\Zeljko\Desktop\Polaroid_MID0714.img
2014-10-26 01:28 - 2014-10-26 01:28 - 00000000 _____ () C:\asc_rdflag
2014-10-25 22:39 - 2014-10-25 22:40 - 00000000 ____D () C:\Documents and Settings\Zeljko\Desktop\CFG
2014-10-25 21:26 - 2014-10-25 21:26 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\Temp
2014-10-25 17:06 - 2014-10-25 17:06 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\New Version Available
2014-10-25 17:05 - 2014-10-25 17:05 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Free_Empty_Folder_Delete
2014-10-24 12:53 - 2014-10-24 12:56 - 00000524 _____ () C:\WINDOWS\Tasks\Auslogics Disk Defrag Prof Task {00000001-F629-4C9E-9F91-E8C0BE9E5312} for Zeljko.job
2014-10-24 12:53 - 2014-10-24 12:56 - 00000524 _____ () C:\WINDOWS\Tasks\Auslogics Disk Defrag Prof Task {00000001-F32E-4E59-B5F8-8B15B147E341} for Zeljko.job
2014-10-21 19:13 - 2014-10-21 19:15 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-21 19:09 - 2014-10-25 17:01 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Popcorn Time
2014-10-21 10:29 - 2014-10-21 10:30 - 00000032 _____ () C:\Documents and Settings\Zeljko\Desktop\New Text Document.txt
2014-10-20 21:17 - 2014-10-20 22:27 - 00013824 _____ (Scott) C:\WINDOWS\system32\Drivers\USBDrv.sys
2014-10-20 21:00 - 2011-08-23 16:02 - 00118784 _____ () C:\WINDOWS\system32\DriverCoInstaller.dll
2014-10-19 20:18 - 2014-10-19 20:18 - 00000000 ____D () C:\OETemp
2014-10-18 14:06 - 2014-10-18 14:06 - 00000000 ____D () C:\WINDOWS\system32\Adobe
2014-10-16 23:02 - 2014-10-25 17:05 - 00000000 ____D () C:\Program Files\Steam
2014-10-14 18:49 - 2014-10-14 18:49 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2014-10-14 18:49 - 2014-10-14 18:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2014-10-14 18:49 - 2014-10-14 18:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NVIDIA
2014-10-14 18:49 - 2014-05-24 01:29 - 00000000 __SHD () C:\Documents and Settings\UpdatusUser\IETldCache
2014-10-14 18:49 - 2013-11-03 19:30 - 00001599 _____ () C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Remote Assistance.lnk
2014-10-14 18:49 - 2013-11-03 19:30 - 00000000 ___RD () C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Accessories
2014-10-14 18:49 - 2013-11-03 19:29 - 00000792 _____ () C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Windows Media Player.lnk
2014-10-14 18:48 - 2014-10-27 12:24 - 01072592 _____ () C:\WINDOWS\system32\nvdrsdb1.bin
2014-10-14 18:48 - 2014-10-27 12:24 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin
2014-10-14 18:48 - 2014-10-27 12:23 - 01072592 _____ () C:\WINDOWS\system32\nvdrsdb0.bin
2014-10-14 18:48 - 2014-10-14 18:48 - 00000000 _____ () C:\WINDOWS\system32\nvdrswr.lk
2014-10-14 18:48 - 2013-01-31 10:02 - 15517472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-10-14 18:48 - 2013-01-31 10:02 - 00156448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
2014-10-14 18:48 - 2013-01-31 10:02 - 00144160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcolor.exe
2014-10-14 18:48 - 2013-01-31 10:02 - 00108832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-10-14 18:48 - 2013-01-31 10:02 - 00054272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwddi.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 19189760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglnt.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 17551360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 07536640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 05967872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 02816504 _____ () C:\WINDOWS\system32\nvdata.data
2014-10-14 18:47 - 2013-01-31 12:22 - 02581792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 02389504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 01869088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 01010464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco32.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco32.dll
2014-10-14 18:47 - 2013-01-31 12:22 - 00015449 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-10-13 21:26 - 2014-10-13 21:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_0914av
2014-10-13 21:13 - 2014-10-13 23:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-10-13 21:13 - 2014-10-13 21:13 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\MFAData
2014-10-13 21:09 - 2014-10-13 21:09 - 00013088 ____H () C:\WINDOWS\system32\mlfcache.dat
2014-10-13 11:15 - 2014-10-13 11:15 - 03452992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-13 11:15 - 2014-10-13 11:15 - 00013104 _____ () C:\Documents and Settings\Zeljko\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-10-09 19:20 - 2014-10-09 19:20 - 00215656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVCOSMB.DLL
2014-10-09 19:19 - 2014-10-09 19:19 - 00212224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnrm.sys
2014-10-09 19:19 - 2014-10-09 19:19 - 00207464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvconrm.dll
2014-10-09 19:19 - 2014-10-09 19:19 - 00013824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnetbus.sys
2014-10-09 19:19 - 2014-10-09 19:19 - 00011264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\bdco1ins.dll
2014-10-09 19:19 - 2014-10-09 19:19 - 00011264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\bdco1.dll
2014-10-09 12:27 - 2013-01-31 12:22 - 00065536 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-10-09 00:47 - 2014-10-09 19:19 - 00008824 _____ () C:\WINDOWS\system32\nvnrm.nvu
2014-10-09 00:47 - 2010-03-04 02:49 - 00600680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvunrm.exe
2014-10-09 00:47 - 2010-03-04 02:49 - 00600680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvuninst.exe
2014-10-09 00:35 - 2013-01-31 10:06 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshe.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsar.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00286720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfr.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsit.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrses.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsel.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsde.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspt.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsnl.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsja.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsesm.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsru.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsptb.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00266240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsko.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00262144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshu.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrstr.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssl.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssk.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspl.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsth.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssv.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsno.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsda.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfi.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrseng.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrscs.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00229376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszhc.dll
2014-10-09 00:35 - 2013-01-31 10:06 - 00126976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszht.dll
2014-10-09 00:34 - 2013-01-31 12:22 - 12648960 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv4_mini.sys
2014-10-09 00:34 - 2013-01-31 12:22 - 12648960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2014-10-09 00:34 - 2013-01-31 12:22 - 04494336 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv4_disp.dll
2014-10-09 00:34 - 2013-01-31 12:22 - 04494336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2014-10-08 23:56 - 2014-10-09 00:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SecTaskMan
2014-10-08 23:23 - 2014-10-08 23:23 - 00000000 ____D () C:\Program Files\WinRAR
2014-10-08 22:56 - 2014-10-08 22:56 - 00000000 ____D () C:\Program Files\Cheat Engine 6.4
2014-10-08 22:56 - 2014-10-08 22:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4
2014-10-07 23:22 - 2014-10-07 23:25 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\CSO
2014-10-07 23:22 - 2014-10-07 23:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Nexon
2014-10-07 17:18 - 2014-10-07 17:18 - 00000000 ____D () C:\Program Files\Auslogics
2014-10-07 17:17 - 2014-10-07 17:18 - 00000524 _____ () C:\WINDOWS\Tasks\Auslogics Disk Defrag Prof Task {00000001-8321-4069-96D6-2E41AB430FA5} for Zeljko.job
2014-10-07 17:16 - 2014-10-07 17:18 - 00000524 _____ () C:\WINDOWS\Tasks\Auslogics Disk Defrag Prof Task {00000001-BF84-4729-A51C-C0869598FDA3} for Zeljko.job
2014-10-06 21:06 - 2014-10-26 01:28 - 30515200 _____ () C:\WINDOWS\system32\config\software.iodefrag.bak
2014-10-06 21:06 - 2014-10-26 01:28 - 04816896 _____ () C:\WINDOWS\system32\config\default.iodefrag.bak
2014-10-06 21:06 - 2014-10-26 01:28 - 00061440 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2014-10-06 21:06 - 2014-10-26 01:28 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak
2014-10-06 20:58 - 2014-10-26 01:32 - 00000000 ____D () C:\Program Files\IObit
2014-10-06 20:57 - 2014-10-26 01:31 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\IObit
2014-10-04 23:07 - 2014-10-24 13:12 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-30 10:17 - 2014-08-16 21:55 - 00000332 _____ () C:\WINDOWS\wiadebug.log
2014-10-30 10:01 - 2014-08-16 21:55 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-10-30 10:01 - 2013-11-03 19:54 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-30 00:17 - 2014-08-26 10:31 - 00032494 _____ () C:\WINDOWS\SchedLgU.Txt
2014-10-30 00:17 - 2013-11-03 19:57 - 00000178 ___SH () C:\Documents and Settings\Zeljko\ntuser.ini
2014-10-30 00:09 - 2013-11-14 21:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MCShield
2014-10-29 22:29 - 2013-11-03 20:21 - 00602460 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-29 21:36 - 2013-11-09 14:40 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Youtube Downloader HD
2014-10-29 13:11 - 2014-01-19 11:50 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\uTorrent
2014-10-29 00:51 - 2014-06-19 16:05 - 00000000 ____D () C:\AdwCleaner
2014-10-29 00:50 - 2013-11-03 19:27 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-10-29 00:48 - 2013-11-03 19:54 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-10-29 00:48 - 2013-11-03 19:32 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-10-29 00:46 - 2001-08-23 12:00 - 00000277 _____ () C:\WINDOWS\system.ini
2014-10-29 00:45 - 2013-11-03 19:57 - 00000000 ____D () C:\Documents and Settings\Zeljko
2014-10-29 00:26 - 2014-03-20 22:45 - 00000000 ____D () C:\WINDOWS\erdnt
2014-10-28 18:21 - 2013-11-04 20:16 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\TeamViewer
2014-10-27 21:41 - 2014-09-28 22:31 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\vlc
2014-10-27 18:04 - 2014-08-15 22:58 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Adobe
2014-10-26 01:03 - 2013-12-07 17:54 - 00000132 _____ () C:\Documents and Settings\Zeljko\Application Data\Adobe PNG Format CS6 Prefs
2014-10-26 01:01 - 2013-11-03 20:51 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Adobe
2014-10-26 00:16 - 2013-11-10 19:37 - 00000000 ___RD () C:\Documents and Settings\Zeljko\Desktop\Programi
2014-10-26 00:15 - 2013-11-04 23:40 - 30515200 _____ () C:\WINDOWS\system32\config\software.iobit
2014-10-26 00:15 - 2013-11-04 23:40 - 04816896 _____ () C:\WINDOWS\system32\config\default.iobit
2014-10-26 00:15 - 2013-11-04 23:40 - 00061440 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-10-26 00:15 - 2013-11-04 23:40 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-10-26 00:11 - 2013-11-04 23:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ProductData
2014-10-26 00:10 - 2013-11-04 23:35 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Apple Computer
2014-10-25 21:28 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-25 17:11 - 2014-06-22 21:17 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\BSplayer
2014-10-25 17:06 - 2013-11-03 22:00 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-10-25 17:06 - 2013-11-03 20:46 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-10-25 17:05 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\security
2014-10-25 17:05 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\ime
2014-10-25 17:05 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\Cursors
2014-10-25 17:05 - 2013-11-03 19:27 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-25 17:02 - 2013-11-12 21:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-25 17:02 - 2013-11-03 20:18 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-25 17:02 - 2013-11-03 19:57 - 00000000 ___RD () C:\Documents and Settings\Zeljko\Start Menu\Programs\Accessories
2014-10-25 17:02 - 2013-11-03 19:26 - 00000000 ____D () C:\Program Files\MSN
2014-10-25 17:01 - 2014-08-19 12:00 - 00000000 ____D () C:\Documents and Settings\Guest.ADMINISTRATOR\Application Data\BSplayer
2014-10-25 17:01 - 2014-08-16 01:09 - 00000000 ____D () C:\Documents and Settings\Igre
2014-10-25 17:01 - 2014-08-08 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-10-25 17:01 - 2014-07-09 19:32 - 00000000 ____D () C:\Documents and Settings\Guest.ADMINISTRATOR
2014-10-25 17:01 - 2014-03-29 23:57 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Origin
2014-10-25 17:01 - 2014-03-29 23:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Origin
2014-10-25 17:01 - 2014-01-25 21:06 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR
2014-10-25 17:01 - 2014-01-09 22:56 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\ArcSoft
2014-10-25 17:01 - 2014-01-09 22:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ArcSoft
2014-10-25 17:01 - 2014-01-09 16:37 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Overwolf
2014-10-25 17:01 - 2014-01-05 10:42 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google
2014-10-25 17:01 - 2013-11-21 17:03 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Mozilla
2014-10-25 17:01 - 2013-11-04 22:53 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\.minecraft
2014-10-24 13:12 - 2014-06-01 18:14 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-10-24 01:52 - 2014-01-19 22:59 - 01789314 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1547161642-1659004503-1801674531-1003-0.dat
2014-10-24 01:52 - 2014-01-19 22:59 - 00184250 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-10-24 01:41 - 2014-02-24 22:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2014-10-23 18:54 - 2014-09-23 23:07 - 00000000 ____D () C:\Program Files\Common Files\Webroot Shared
2014-10-23 18:54 - 2014-09-23 23:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Webroot
2014-10-23 17:27 - 2013-11-03 20:23 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\AIMP3
2014-10-20 11:02 - 2014-03-19 19:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-10-20 00:15 - 2014-05-11 15:38 - 00417282 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-18-0.dat
2014-10-19 19:34 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\pchealth
2014-10-19 18:37 - 2013-11-03 20:18 - 00000372 ___SH () C:\boot.ini
2014-10-16 11:41 - 2014-09-29 10:42 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-10-16 11:41 - 2014-09-29 10:42 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-10-14 18:49 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\Help
2014-10-14 18:49 - 2013-11-03 20:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-13 00:07 - 2014-06-01 18:13 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-10-13 00:07 - 2014-06-01 18:13 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-10-13 00:07 - 2014-03-01 20:52 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-10-13 00:07 - 2013-12-07 17:42 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-10-12 12:14 - 2001-08-23 12:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-10-09 19:22 - 2013-11-03 21:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IObit
2014-10-09 12:24 - 2014-01-25 21:06 - 00000178 ___SH () C:\Documents and Settings\Administrator.ADMINISTRATOR\ntuser.ini
2014-10-09 00:52 - 2014-09-29 18:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AGEIA
2014-10-09 00:29 - 2014-06-08 15:32 - 00013104 _____ () C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-10-09 00:26 - 2014-03-22 21:53 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\WindowsApplication1
2014-10-09 00:25 - 2013-11-03 20:05 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-10-09 00:20 - 2014-01-25 21:06 - 00000000 __SHD () C:\WINDOWS\CSC
2014-10-09 00:15 - 2001-08-23 12:00 - 00000548 _____ () C:\WINDOWS\win.ini
2014-10-08 23:23 - 2013-11-03 20:27 - 00000000 ____D () C:\Documents and Settings\Zeljko\Start Menu\Programs\WinRAR
2014-10-08 23:23 - 2013-11-03 20:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
2014-10-07 23:22 - 2013-11-03 19:28 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2014-10-07 17:18 - 2013-11-03 21:00 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2014-10-04 23:03 - 2014-06-25 01:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
2014-10-04 13:16 - 2013-11-03 19:54 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini
2014-10-02 12:29 - 2014-07-31 14:21 - 00000000 ____D () C:\Muzika
Some content of TEMP:
====================
C:\Documents and Settings\Zeljko\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Zeljko\Local Settings\temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
mycity.rs/must-login.png
|
|
|
|
|
|
|
|
|
Poslao: 02 Nov 2014 13:23
|
offline
- Pridružio: 03 Avg 2014
- Poruke: 60
|
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-11-2014
Ran by Zeljko at 2014-11-02 01:22:08 Run:1
Running from C:\Documents and Settings\Zeljko\Desktop
Loaded Profile: Zeljko (Available profiles: Zeljko & Igre & UpdatusUser & Administrator & Guest)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF user.js: detected! => C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718\user.js
FF Extension: No Name - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718\extensions\ascsurfingprotection@iobit.com [Not Found]
CHR Extension: (Resize YT To Window Size) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jnlekakfccbmkfgmjmjopjopafgnojca [2014-09-29]
EmtpyTemp:
*****************
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718\user.js => Moved successfully.
C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718\extensions\ascsurfingprotection@iobit.com => not found.
C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jnlekakfccbmkfgmjmjopjopafgnojca => Moved successfully.
EmtpyTemp: => Error: No automatic fix found for this entry.
==== End of Fixlog ====
|
|
|
|
|
|
|
|
|
Poslao: 02 Nov 2014 14:31
|
offline
- Pridružio: 03 Avg 2014
- Poruke: 60
|
Zoek.exe v5.0.0.0 Updated 02-November-2014
Tool run by Zeljko on Sun 11/02/2014 at 1:24:20.31.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Zeljko\desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
11/2/2014 1:25:35 AM Zoek.exe System Restore Point Created Succesfully.
==== Suspicious Entries Found ======================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009"
"8317:TCP"="8317:TCP:*:Enabled:TechSmith Camtasia Studio"
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"5985:TCP"="5985:TCP:*:Disabled:Windows Remote Management "
==== Running Processes ======================
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Zeljko\desktop\zoek.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
====== C:\DOCUME~1\Zeljko\LOCALS~1\Temp ====
====== Java Cache =====
2014-10-08 15:32:48 FE668AB14C48D29EE1DD3729833BD9DF 17197 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\12\6c77b78c-10610a14
2014-10-12 13:30:01 CEF82AC30D6E7762BE7DF9267D06C0CE 37 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\13\3d9e380d-013e565a33992b3707ac1a844d56444e972b295a23e3911589cdec8f214b1a37-6.0.lap
2014-10-08 15:31:55 C14FE55D43E29FE990CA5704565A50A5 416 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\13\567603cd-4fa283a181ccd65c0c0d1dbcf37033feba09e872128cc3ebf413c2429970e83b-6.0.lap
2014-10-08 15:31:56 FA4513EAD4867F7DF66822FCA1AFCDE3 19521 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\20\2ea66e94-26b49057
2014-10-18 22:39:10 4CF2CBFA99CD797C4C73C62CBF539CBE 17298 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\20\7f753e14-6fafdb4b
2014-10-18 22:39:08 ACD42DC94DC151345BB9D1656F77FB16 429 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\21\1cabd695-bee8d7301653a5bdeb2dba44a3da0da67a2443c2f568d7b9d7021c317a8cefa8-6.0.lap
2014-10-08 15:17:42 F87D912D86550770E0978A22E7B94DE0 17249 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\21\69f44155-34cf714f
2014-11-01 14:58:22 DDAF8060F549759DA784CA1545ABC1B4 84 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\24\716f0f58-c2b7e372179dec0af4ee7420a20511ad606786bc795dd0fe9d1e6530518aa15b-6.0.lap
2014-10-08 15:17:41 1DF1FED587EAF2C84B8241EDB99A505A 428 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\25\72cb2559-168490eb870da1834d7aa84a152b16eded52e9dac1dacfa69a1b983aba45f03a-6.0.lap
2014-10-08 15:22:59 FE668AB14C48D29EE1DD3729833BD9DF 17197 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\27\40fd39b-19601e80
2014-10-08 15:27:43 F5DD1CD05911137F411A315CD415C355 424 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\29\182173dd-ca57c1ca0324b3834bea2fa64ad6f5bdd3feafad2976fe4277779b3f4a1fe057-6.0.lap
2014-10-08 15:32:40 FE668AB14C48D29EE1DD3729833BD9DF 17197 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\44\76becf6c-364b2220
2014-10-21 22:24:17 CDB07D6BAFE5136BB66960B53E5AF645 39096 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\46\490cacae-76889a23
2014-10-19 14:06:21 3F38AFF8D56812D4AEC25D4023CBE05C 37 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\47\60a0ef-18c527daaec8fd0ec8f9a5c5117810e046c4813e3c2d8686df412b6585fee096-6.0.lap
2014-10-08 15:28:16 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\49\329df131-4578870f
2014-10-08 15:22:59 8EB0867A11AC173491C7AA99C7177DD1 424 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\5\1a517c5-ba9970ec80eb2ae30a977cb1ab353908dd031cf3518f2d84e9ac2043759e29cc-6.0.lap
2014-10-28 20:45:40 A5441B6D1A65806362DB931DF785B351 432 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\5\263a0c45-d8bf4de72b7828dcba655fcad71f371ef89899a7f1cdd61af69532cea8927952-6.0.lap
2014-10-28 20:45:42 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\50\1c044a72-2d3509c7
2014-10-08 15:28:15 84ED86644E800A0AC0AD564B79055D41 434 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\50274ab5-590745dfbb42f2e43af54901603b610af8ad3ad64fea2d5ec15afc43d92f8702-6.0.lap
2014-10-18 13:56:02 550D98C3FED4E15451FD8D5C43E0FD65 17193 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\54\168c0336-67e3bb25
2014-10-12 13:30:09 38D2C441A5F783E082D9ED899E51527E 17743 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\55\7c8e77b7-51f3c133
2014-10-08 15:32:39 4CC0A0EA1356E1A2FE40727C1346F41C 423 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\60\4bd5cc3c-5e3f92e43995fa53ffea9daf8440a7e1c46da4142225dac46e2cfde55cb88e66-6.0.lap
2014-10-21 22:24:15 55929438273536007892BE3377CBE24E 413 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\60\6415717c-f6492d447a99bbbab02e680f69074680976715eeeece134ce52958751c272ad5-6.0.lap
2014-10-18 13:55:52 550D98C3FED4E15451FD8D5C43E0FD65 17193 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\61\209db9fd-57e347a6
2014-11-01 14:52:04 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\9\25a051c9-51ff0b29
2014-11-01 14:52:01 6BF6413EBA3A947FA4246516DB1D88A2 437 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\9\4bec0b89-c6066a7221bdce42d4d75bdd0f049dd68f468399da491ceb8757b8d0c4a5c786-6.0.lap
====== C:\WINDOWS\system32 =====
2014-10-27 14:07:04 AF055C8537B32EA3A8FA5EA8AEB76621 146432 ----a-w- C:\WINDOWS\System32\javacpl.cpl
2014-10-27 14:07:04 742BD1F196FEFC94A6379BA039D3CD00 96680 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll
2014-10-20 20:00:29 C1E7889F6C0CC4CE44A173868CF345C6 118784 ----a-w- C:\WINDOWS\System32\DriverCoInstaller.dll
====== C:\WINDOWS\system32\drivers =====
2014-10-20 20:17:34 FC43C9C666A1F5F288091BF2140ADA59 13824 ----a-w- C:\WINDOWS\System32\drivers\USBDrv.sys
2014-10-20 20:17:34 A6DE8BD4B72B4E37678692726B08766F 2976 ----a-w- C:\WINDOWS\System32\drivers\USBDrv.inf
2014-10-09 18:19:44 C529B614EF88BE0F62B886C67B516550 13824 ----a-w- C:\WINDOWS\System32\drivers\nvnetbus.sys
2014-10-09 18:19:44 93929FD32C37FCD47C89A10AA35C2ECD 212224 ----a-w- C:\WINDOWS\System32\drivers\nvnrm.sys
2014-10-08 23:34:19 7C56F3FD65B2BDB315CA3605A5392D7B 12648960 ----a-w- C:\WINDOWS\System32\drivers\nv4_mini.sys
====== C:\WINDOWS\Tasks ======
2014-10-04 22:07:29 A03D958827E9184E2D8704A7B1E3D5F9 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-10-27 14:07:10 -------- d-----w- C:\Program Files\Common Files\Java
2014-10-27 14:06:31 -------- d-----w- C:\Program Files\Java
2014-10-16 22:02:07 -------- d-----w- C:\Program Files\Steam
2014-10-08 22:23:27 -------- d-----w- C:\Program Files\WinRAR
2014-10-08 21:56:08 -------- d-----w- C:\Program Files\Cheat Engine 6.4
2014-10-06 19:58:23 -------- d-----w- C:\Program Files\IObit
======= C: =====
2014-11-02 07:27:45 93B885ADFE0DA089CDF634904FD59F71 1 --sha-w- C:\BOOTNXT
2014-10-26 00:28:12 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\asc_rdflag
====== C:\Documents and Settings\Zeljko\Application Data ======
2014-10-27 21:50:10 -------- d-----w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\CrashRpt
2014-10-27 17:38:42 -------- d-----w- C:\Documents and Settings\Zeljko\Application Data\BitTorrent
2014-10-25 16:06:56 -------- d-----w- C:\Documents and Settings\Zeljko\Application Data\New Version Available
2014-10-25 16:05:41 -------- d-----w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Free_Empty_Folder_Delete
2014-10-21 18:09:58 -------- d-----w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\Popcorn Time
2014-10-20 20:11:49 -------- d-----w- C:\Documents and Settings\Zeljko\Application Data\AdbDriverInstaller
2014-10-14 17:49:07 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- C:\Documents and Settings\UpdatusUser\Application Data\desktop.ini
2014-10-14 17:49:07 -------- d-s---w- C:\Documents and Settings\UpdatusUser\Application Data\Microsoft
2014-10-14 17:49:07 -------- d-----w- C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Microsoft
2014-10-14 17:49:07 -------- d-----r- C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Accessories\Entertainment
2014-10-14 17:49:07 -------- d-----r- C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Accessories\Accessibility
2014-10-14 17:49:07 -------- d-----r- C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Accessories
2014-10-14 17:49:07 -------- d-----r- C:\Documents and Settings\UpdatusUser\Start Menu\Programs
2014-10-13 10:15:52 F16561CA0FD607EB5FA32E2EE71E6C1F 13104 ----a-w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-10-07 22:22:32 -------- d-----w- C:\Documents and Settings\Zeljko\Local Settings\Application Data\CSO
2014-10-06 19:57:40 -------- d-----w- C:\Documents and Settings\Zeljko\Application Data\IObit
====== C:\Documents and Settings\Zeljko ======
2014-11-02 00:27:40 -------- d--h--r- C:\Documents and Settings\Zeljko\Recent
2014-11-02 00:21:46 01B8CD96EC74364DB3DC89CB35B43C7E 1105920 ----a-w- C:\Documents and Settings\Zeljko\Desktop\FRST.exe
2014-10-28 23:26:38 -------- d--h--w- C:\Documents and Settings\Zeljko\PrintHood
2014-10-28 23:26:38 -------- d-----r- C:\Documents and Settings\All Users\Documents\My Videos
2014-10-28 23:26:38 -------- d-----r- C:\Documents and Settings\All Users\Documents\My Pictures
2014-10-19 17:02:39 -------- d-sh--w- C:\Documents and Settings\UpdatusUser\Cookies
2014-10-14 17:49:08 CBDA6984D2ECC537AEF07205AE001013 178 --sh--w- C:\Documents and Settings\UpdatusUser\ntuser.ini
2014-10-14 17:49:07 -------- d-sh--w- C:\Documents and Settings\UpdatusUser\IETldCache
2014-10-14 17:49:07 -------- d--h--w- C:\Documents and Settings\UpdatusUser\Templates
2014-10-14 17:49:07 -------- d--h--w- C:\Documents and Settings\UpdatusUser\Local Settings
2014-10-14 17:49:07 -------- d--h--r- C:\Documents and Settings\UpdatusUser\SendTo
2014-10-14 17:49:07 -------- d--h--r- C:\Documents and Settings\UpdatusUser\Application Data
2014-10-14 17:49:07 -------- d-----r- C:\Documents and Settings\UpdatusUser\Start Menu
2014-10-06 19:58:34 -------- d-----w- C:\Documents and Settings\Zeljko\LocalLow
====== C: exe-files ==
2014-11-02 00:21:46 01B8CD96EC74364DB3DC89CB35B43C7E 1105920 ----a-w- C:\Documents and Settings\Zeljko\Desktop\FRST.exe
2014-11-01 21:04:28 DBE8F91B75AA78FA3326D0245FFB4661 631208 ----a-w- C:\Torent Downloads\Downloads\Downloads\rufus.exe
2014-11-01 21:03:57 AF911BE206423BF440EA9D4DF075A632 2721168 ----a-w- C:\Torent Downloads\Downloads\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
2014-10-29 19:00:24 D7069DD81E8066117346BD150DE483FC 656438 ----a-w- C:\Torent Downloads\Downloads\Downloads\ccfilesetup.exe
2014-10-28 23:50:57 FF33D8CDF04B1D15F3808D49406BEA43 1998336 ----a-w- C:\Torent Downloads\Downloads\Downloads\AdwCleaner.exe
2014-10-28 20:59:56 D2C5DE47427E4FBCD24CC35182CFF8E3 1689168 ----a-w- C:\Documents and Settings\Zeljko\Application Data\uTorrent\updates\3.4.2_35141.exe
2014-10-28 20:59:39 D2C5DE47427E4FBCD24CC35182CFF8E3 1689168 ----a-w- C:\Torent Downloads\Downloads\Downloads\uTorrent.exe
2014-10-27 17:11:58 697D1E5E6452171F0B9FE3849889BC90 1385808 ----a-w- C:\Documents and Settings\Zeljko\Application Data\uTorrent\updates\3.4.2_34944.exe
2014-10-27 14:06:58 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath_target_14399015\java.exe
2014-10-27 14:06:58 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\java.exe
2014-10-27 14:06:58 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath_target_14399015\javaw.exe
2014-10-27 14:06:58 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\javaw.exe
2014-10-27 14:06:58 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath_target_14399015\javaws.exe
2014-10-27 14:06:58 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Documents and Settings\All Users\Application Data\Oracle\Java\javapath\javaws.exe
2014-10-27 14:06:50 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\unpack200.exe
2014-10-27 14:06:50 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\ssvagent.exe
2014-10-27 14:06:50 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\tnameserv.exe
2014-10-27 14:06:49 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\pack200.exe
2014-10-27 14:06:49 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmid.exe
2014-10-27 14:06:49 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jabswitch.exe
2014-10-27 14:06:49 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jjs.exe
2014-10-27 14:06:49 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\java.exe
2014-10-27 14:06:49 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\keytool.exe
2014-10-27 14:06:49 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\kinit.exe
2014-10-27 14:06:49 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\orbd.exe
2014-10-27 14:06:49 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\policytool.exe
2014-10-27 14:06:49 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
2014-10-27 14:06:49 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\java-rmi.exe
2014-10-27 14:06:49 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe
2014-10-27 14:06:49 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaws.exe
2014-10-27 14:06:49 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jp2launcher.exe
2014-10-27 14:06:49 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\klist.exe
2014-10-27 14:06:49 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmiregistry.exe
2014-10-27 14:06:49 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\servertool.exe
2014-10-27 14:06:49 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\ktab.exe
2014-10-27 14:01:38 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Torent Downloads\Downloads\Downloads\chromeinstall-8u25.exe
2014-10-27 11:20:40 9F47D0DBD1848419AD07AC8DE8B9527F 570880 ----a-w- C:\Documents and Settings\Zeljko\Desktop\nvidiaInspector\nvidiaInspector\nvidiaInspector.exe
=== C: other files ==
2014-11-01 20:26:21 18738C581670266CAC825BFA61EB5D44 856724 ----a-w- C:\Torent Downloads\Downloads\Downloads\ZOTAC WinUSB Maker v1.1.zip
2014-10-27 14:06:50 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files\Java\jre1.8.0_25\lib\deploy\ffjcext.zip
2014-10-27 10:49:39 2FD2B81A0AB8A41683AD1595FF4F2B10 2363 ----a-w- C:\Torent Downloads\Downloads\Downloads\f42c50d5467ac230.zip
2014-10-26 17:56:21 9E7D3A4F075C029F0B76F470F537F4F0 292934906 ----a-w- C:\Torent Downloads\Downloads\Downloads\Polaroid_MID0714.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-1547161642-1659004503-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"uTorrent"="C:\Documents and Settings\Zeljko\Application Data\uTorrent\uTorrent.exe /MINIMIZED"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"uTorrent"="C:\Documents and Settings\Zeljko\Application Data\uTorrent\uTorrent.exe /MINIMIZED"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\3288]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="3288"
"hkey"="HKLM"
"command"="D:\\Program Files\\ARK\\3288.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS6ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BluetoothAuthenticationAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BluetoothAuthenticationAgent"
"hkey"="HKLM"
"command"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KernelFaultCheck"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCShield Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MCShield Monitor"
"hkey"="HKCU"
"command"="D:\\Program Files\\MCShield\\MCShieldRTM.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSMSGS"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvCplDaemon"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\rfagent]
"hkey"="HKLM"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="rfagent32.exe"
"command"="\"D:\\Program Files\\RFA 9\\rfagent32.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RTHDCPL"
"hkey"="HKLM"
"command"="RTHDCPL.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
"hkey"="HKLM"
"item"="SunJavaUpdateSched"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SwitchBoard"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"
"command"="\"C:\\Documents and Settings\\Zeljko\\Application Data\\uTorrent\\uTorrent.exe\" /MINIMIZED"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wondershare Helper Compact.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wondershare Helper Compact.exe"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
"item"="O&O Defrag Tray"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Zeljko^Start Menu^Programs^Startup^MemInfo.lnk]
"item"="MemInfo"
"backup"="C:\\WINDOWS\\pss\\MemInfo.lnkStartup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Zeljko^Start Menu^Programs^Startup^Rainmeter.lnk]
"item"="Rainmeter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Zeljko^Start Menu^Programs^Startup^TeamViewer 9.lnk]
"item"="TeamViewer 9"
"backup"="C:\\WINDOWS\\pss\\TeamViewer 9.lnkStartup"
"command"="d:\\progra~1\\teamvi~1\\Version9\\TEAMVI~1.EXE"
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10/16/2014 11:41 AM]
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-44D8-4356-A006-762764B291CC} for Zeljko.job --a------ C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [10/06/2014 06:19 PM]
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-8321-4069-96D6-2E41AB430FA5} for Zeljko.job --a------ C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [10/06/2014 06:19 PM]
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-BF84-4729-A51C-C0869598FDA3} for Zeljko.job --a------ C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [10/06/2014 06:19 PM]
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-D7AC-47CB-8091-395296FBE6C6} for Zeljko.job --a------ C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [10/06/2014 06:19 PM]
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-D8A3-4DA1-8E7F-9A9755418F49} for Zeljko.job --a------ C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [10/06/2014 06:19 PM]
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-F32E-4E59-B5F8-8B15B147E341} for Zeljko.job --a------ C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [10/06/2014 06:19 PM]
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-F629-4C9E-9F91-E8C0BE9E5312} for Zeljko.job --a------ C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [10/06/2014 06:19 PM]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [06/12/2014 08:55 PM]
C:\WINDOWS\tasks\JetBoost_AutoUpdate.job --a------ C:\Program Files\BlueSprig\JetBoost\AutoUpdate.exe []
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job --a------ C:\WINDOWS\system32\xp_eos.exe [02/26/2014 02:59 AM]
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718
- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718
E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25
238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18
63F8C13F269B10BC9363B007DAAACAE6 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash
9419AA8A2799526EC32B473C2BB7A10D - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
DCB0BCEF594E2C410793C4A823C318F3 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director
8E9A08E2092B3E1ADFF3C46BC1A5124B - C:\WINDOWS\system32\TVUAx\npTVUAx.dll - TVU Web Player for FireFox
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
==== Chromium Look ======================
greatsaVeer - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YTBookMark - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
SNT - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
greatsaVeer - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YTBookMark - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
HTML Saver - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
Google Wallet - Administrator.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
greatsaVeer - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YTBookMark - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
YoutubeAdblocker - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
SNT - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
SNT - ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
YoutubeAdblocker - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
SNT - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
YTBookMark - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
SNT - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
SNT - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
YTBookMark - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
YoutubeAdblocker - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
SNT - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
Google Docs - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
greatsaVeer - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
HTML Saver - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
greatsaVeer - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YTBookMark - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
Google Docs - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
YTBookMark - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
YTBookMark - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
Google Drive - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
YTBookMark - Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
SNT - Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
YouTube - Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Resize YT To Window Size - Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\jnlekakfccbmkfgmjmjopjopafgnojca
CoolNovo Theme - Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\padfaldcjmpgohbkmflinacjddgffpii
Gmail - Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chromium Startpages ======================
C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.google.rs/" ]
C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Preferences
"urls_to_restore_on_startup": [ "http://www.google.rs/" ]
==== IE Start and Search Settings ======================
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{searchCLSID} Unknown Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{3D585554-3A2C-4BF8-9587-2D99C7A6EBAD} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on Sun 11/02/2014 at 1:27:30.03 ======================
|
|
|
|
|
|
|
|
|
Poslao: 02 Nov 2014 15:20
|
offline
- Pridružio: 03 Avg 2014
- Poruke: 60
|
Zoek.exe v5.0.0.0 Updated 02-November-2014
Tool run by Zeljko on Sun 11/02/2014 at 1:59:35.29.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Zeljko\desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-11-02-002730.log 36985 bytes
==== Suspicious Entries Found ======================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009"
"8317:TCP"="8317:TCP:*:Enabled:TechSmith Camtasia Studio"
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"5985:TCP"="5985:TCP:*:Disabled:Windows Remote Management "
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"=-
"8317:TCP"=-
"1900:UDP"=-
"2869:TCP"=-
"5985:TCP"=-
==== Deleting Files \ Folders ======================
C:\Documents and Settings\Zeljko\.android deleted
C:\Program Files\Common Files\Wondershare deleted
C:\adb.exe deleted
C:\fastboot.exe deleted
C:\Documents and Settings\Zeljko\Application Data\Wondershare deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\APN deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg_Update_0914av deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\ProductData deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Package Cache deleted
C:\Documents and Settings\Zeljko\Local Settings\Application Data\Wondershare deleted
C:\Documents and Settings\Zeljko\Local Settings\Application Data\CrashRpt deleted
C:\Documents and Settings\All Users\Start Menu\Programs\UltraSearch deleted
C:\Documents and Settings\All Users\Start Menu\Programs\Wondershare deleted
C:\WINDOWS\wininit.ini deleted
C:\WINDOWS\system32\GroupPolicy\Adm deleted
C:\WINDOWS\system32\GroupPolicy\Machine deleted
C:\WINDOWS\system32\GroupPolicy\User deleted
C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\c9fd6e60585639f3\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\c9fd6e60585639f3\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\c9fd6e60585639f3\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\c9fd6e60585639f3\{CA41BB14-E67B-1653-C57B-5CA99418A866}" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\c9fd6e60585639f3\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\c9fd6e60585639f3" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718
- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\m9dhnhac.default-1411837746718
E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25
238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18
63F8C13F269B10BC9363B007DAAACAE6 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash
9419AA8A2799526EC32B473C2BB7A10D - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
DCB0BCEF594E2C410793C4A823C318F3 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director
8E9A08E2092B3E1ADFF3C46BC1A5124B - C:\WINDOWS\system32\TVUAx\npTVUAx.dll - TVU Web Player for FireFox
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
==== Chromium Look ======================
greatsaVeer - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YTBookMark - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
SNT - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
greatsaVeer - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YTBookMark - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
HTML Saver - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
Google Wallet - Administrator.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
greatsaVeer - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YTBookMark - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
YoutubeAdblocker - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
SNT - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
SNT - ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
YoutubeAdblocker - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
SNT - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
YTBookMark - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
SNT - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
SNT - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
YTBookMark - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
YoutubeAdblocker - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
SNT - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
Google Docs - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest.ADMINISTRATOR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
greatsaVeer - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
HTML Saver - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
greatsaVeer - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina
YTBookMark - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
YoutubeAdblocker - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd
SNT - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
Google Docs - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Igre\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
YTBookMark - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
YTBookMark - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
SNT - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
Google Drive - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
YTBookMark - Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo
SNT - Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg
HTML Saver - Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll
YouTube - Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Resize YT To Window Size - Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\jnlekakfccbmkfgmjmjopjopafgnojca
CoolNovo Theme - Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\padfaldcjmpgohbkmflinacjddgffpii
Gmail - Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chromium Startpages ======================
C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.google.rs/" ]
C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Preferences
"urls_to_restore_on_startup": [ "http://www.google.rs/" ]
==== Chromium Fix ======================
C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina deleted successfully
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina deleted successfully
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina deleted successfully
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ddoohllebocmdcfodnpjeebloiigkina deleted successfully
C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ikpikneknooggcefonogfofbppkkhnfo deleted successfully
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\ogbhlddejmblbppkdnflbfldkknbcahg deleted successfully
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll deleted successfully
C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll deleted successfully
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll deleted successfully
C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd deleted successfully
C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd deleted successfully
C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd deleted successfully
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd deleted successfully
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\niogmfidpdokloehljjkkcbildclhohd deleted successfully
C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\jnlekakfccbmkfgmjmjopjopafgnojca deleted successfully
C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Extensions\padfaldcjmpgohbkmflinacjddgffpii deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{searchCLSID} Unknown Url="Not_Found"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{3D585554-3A2C-4BF8-9587-2D99C7A6EBAD} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
==== shortcuts on Users Desktops ======================
C:\Documents and Settings\Igre\Desktop\Shortcut to JetBoost.lnk - E:\Program Files\BlueSprig\JetBoost\JetBoost.exe
C:\Documents and Settings\Zeljko\Desktop\CoolNovo.lnk - C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\Application\chrome.exe
C:\Documents and Settings\Zeljko\Desktop\µTorrent.lnk - C:\Documents and Settings\Zeljko\Application Data\uTorrent\uTorrent.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\4K YouTube to MP3.lnk - D:\Program Files\4KDownload\4kyoutubetomp3\4kyoutubetomp3.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Adobe Reader XI.lnk - D:\Program Files\Reader 11.0\Reader\AcroRd32.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\AIMP3.lnk - E:\Program Files\AIMP3\AIMP3.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\ArkCamera.exe.lnk - D:\Program Files\ARK\ArkCamera.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Ashampo Uninstaler.lnk - D:\Program Files\Ashampoo\Ashampoo UnInstaller 5\UI5.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Auslogics Disk Defrag Professional.lnk - C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Battlefield 2.lnk - D:\Program Files\EA GAMES\Battlefield 2\BF2.exe +menu 1 +fullscreen 1
C:\Documents and Settings\Zeljko\Desktop\Programi\BS.Player FREE.lnk - D:\Program Files\Webteh\BSPlayer\bsplayer.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\BSRemote.lnk - D:\Program Files\BSRemote\BSRemote.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Camtasia Studio 8.lnk - D:\Program Files\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\CDBurnerXP.lnk - D:\Program Files\CDBurnerXP\cdbxpp.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Cheat Engine.lnk - C:\Program Files\Cheat Engine 6.4\Cheat Engine.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Counter-Strike WaRzOnE.lnk - C:\Games\Counter-Strike\hl.exe -steam -game cstrike -noforcemparms -noforcemaccel
C:\Documents and Settings\Zeljko\Desktop\Programi\FormatFactory.lnk - D:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Internet Explorer.lnk -
C:\Documents and Settings\Zeljko\Desktop\Programi\JetBoost.lnk - E:\Program Files\BlueSprig\JetBoost\JetBoost.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Mozilla Firefox.lnk - D:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Need For Speed World.lnk - C:\Program Files\Electronic Arts\Need For Speed World\GameLauncher.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Need for Speed™ Carbon.lnk - D:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Opera.lnk - D:\Program Files\Opera\launcher.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Origin.lnk - D:\Program Files\Origin\Origin.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Photoshop CS6.lnk - D:\Program Files\Adobe Photoshop CS6\Photoshop.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Play BF2 Online Now.lnk -
C:\Documents and Settings\Zeljko\Desktop\Programi\Quick Boost.lnk - E:\Program Files\BlueSprig\JetBoost\JetBoost.exe -game
C:\Documents and Settings\Zeljko\Desktop\Programi\RamCleaner.lnk - C:\WINDOWS\system32\rundll32.exe advapi32.dll,ProcessIdleTasks
C:\Documents and Settings\Zeljko\Desktop\Programi\Readon TV Movie Radio Player.lnk - C:\WINDOWS\Installer\{80074966-5231-428D-9AE7-B7D5D2DC3246}\_55F11AB420338FF650F1F4.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Registry First Aid.lnk - D:\Program Files\RFA 9\reg1aid32.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\RegSeeker.lnk - D:\Program Files\RegSeeker\RegSeeker.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\ResHackerFX.lnk - D:\Program Files\Resource Hacker\ResHackerFX.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Revo Uninstaller Pro.lnk - D:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\TeamViewer 9.lnk - D:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Temp File Cleaner.lnk - D:\Program Files\Temp File Cleaner\TempFileCleaner.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\VLC media player.lnk - D:\Program Files\VideoLAN\VLC\vlc.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Wondershare Streaming Audio Recorder.lnk - E:\Program Files\Wondershare\Streaming Audio Recorder\Streaming Audio Recorder.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\Youtube Downloader HD.lnk - D:\Program Files\Youtube Downloader HD\YouTubeDownloaderHD.exe
C:\Documents and Settings\Zeljko\Desktop\Programi\µTorrent.lnk - C:\Documents and Settings\Zeljko\Application Data\uTorrent\uTorrent.exe
==== shortcuts on All Users Desktop ======================
C:\Documents and Settings\All Users\desktop\AIMP3.lnk - E:\Program Files\AIMP3\AIMP3.exe
C:\Documents and Settings\All Users\desktop\Steam.lnk - D:\Program Files\Steam\Steam.exe
==== shortcuts in Users Start Menu ======================
C:\Documents and Settings\Zeljko\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Documents and Settings\Zeljko\Start Menu\Programs\Accessories\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\Accessories\Synchronize.lnk - C:\WINDOWS\system32\mobsync.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\Accessories\Windows Explorer.lnk - C:\WINDOWS\explorer.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Documents and Settings\Zeljko\Start Menu\Programs\Microsoft Bootvis\Bootvis Help.lnk - C:\Documents and Settings\Zeljko\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\Microsoft Bootvis\Bootvis.lnk - C:\Documents and Settings\Zeljko\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\Microsoft Bootvis\License Agreement.lnk - C:\Documents and Settings\Zeljko\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\Microsoft Bootvis\readme.lnk - C:\Documents and Settings\Zeljko\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\MySQL\MySQL Installer\MySQL Installer.lnk - C:\Program Files\MySQL\MySQL Installer\MySQLInstaller.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\RegSeeker\License.lnk - D:\Program Files\RegSeeker\license.rtf
C:\Documents and Settings\Zeljko\Start Menu\Programs\RegSeeker\Order.lnk - D:\Program Files\RegSeeker\Order.doc
C:\Documents and Settings\Zeljko\Start Menu\Programs\RegSeeker\RegSeeker.lnk - D:\Program Files\RegSeeker\RegSeeker.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\RegSeeker\Uninstall.lnk - D:\Program Files\RegSeeker\uninst.exe
C:\Documents and Settings\Zeljko\Start Menu\Programs\RegSeeker\Website.lnk - D:\Program Files\RegSeeker\RegSeeker.url
C:\Documents and Settings\Zeljko\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Documents and Settings\Zeljko\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files\WinRAR\WhatsNew.txt
C:\Documents and Settings\Zeljko\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Documents and Settings\Zeljko\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe
==== shortcuts in All Users Start Menu ======================
C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Calculator.lnk - C:\WINDOWS\system32\calc.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk - C:\WINDOWS\system32\cleanmgr.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics\Disk Defrag Professional\Auslogics Disk Defrag Professional.lnk - C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics\Disk Defrag Professional\Uninstall Auslogics Disk Defrag Professional.lnk - C:\Program Files\Auslogics\Disk Defrag Professional\unins000.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (32-bit).lnk - C:\Program Files\Cheat Engine 6.4\cheatengine-i386.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (64-bit).lnk - C:\Program Files\Cheat Engine 6.4\cheatengine-x86_64.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4.lnk - C:\Program Files\Cheat Engine 6.4\Cheat Engine.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine help.lnk - C:\Program Files\Cheat Engine 6.4\CheatEngine.chm
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine tutorial.lnk - C:\Program Files\Cheat Engine 6.4\Tutorial-i386.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\main.lua.lnk - C:\WINDOWS\system32\notepad.exe C:\Program Files\Cheat Engine 6.4\main.lua
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\Reset settings.lnk - C:\Program Files\Cheat Engine 6.4\ceregreset.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\Uninstall Cheat Engine.lnk - C:\Program Files\Cheat Engine 6.4\unins000.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.4\Kernel stuff\Unload kernel module.lnk - C:\Program Files\Cheat Engine 6.4\Kernelmoduleunloader.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab about
C:\Documents and Settings\All Users\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab update
C:\Documents and Settings\All Users\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Java\Get Help.lnk -
C:\Documents and Settings\All Users\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\MCShield Control Center.lnk - D:\Program Files\MCShield\MCShieldCC.exe
C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\MCShield Real-Time Monitor.lnk - D:\Program Files\MCShield\MCShieldRTM.exe
C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\Logs\All scans.lnk - C:\Documents and Settings\All Users\Application Data\MCShield\AllScans.txt
C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\Logs\Last scan.lnk - C:\Documents and Settings\All Users\Application Data\MCShield\LastScan.txt
C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\Logs\Summary.lnk - C:\Documents and Settings\All Users\Application Data\MCShield\Summary.txt
C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\Tools\MCShield Translator.lnk - D:\Program Files\MCShield\Tools\Translator.exe
C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\Uninstall\Uninstall MCShield.lnk - D:\Program Files\MCShield\MCS-Uninstall.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Registry First Aid 9\Actions\Open Backup Folder.lnk - E:\Documents and Settings\All Users\Application Data\RFA_Backups
C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - D:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf
C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - D:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro\Uninstall Revo Uninstaller Pro.lnk - D:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe
C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files\WinRAR\WhatsNew.txt
C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe
==== shortcuts in Quick Launch ======================
C:\Documents and Settings\Zeljko\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - D:\Program Files\Webteh\BSPlayer\bsplayer.exe
C:\Documents and Settings\Zeljko\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zeljko\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk - D:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Zeljko\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - D:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Zeljko\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk - D:\Program Files\Opera\launcher.exe
C:\Documents and Settings\Zeljko\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Documents and Settings\Zeljko\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Documents and Settings\Zeljko\Application Data\uTorrent\uTorrent.exe
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F9196C6-58B4-445B-B56E-B1200FECC151} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\6C6919F04B85B5445BE61B02F0CE1C15 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3288 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCShield Monitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rfagent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully
==== Empty IE Cache ======================
C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Zeljko\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio\ChromePlus\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=314 folders=127 20774974 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\temp emptied successfully
C:\Documents and Settings\Guest.ADMINISTRATOR\Local Settings\temp emptied successfully
C:\Documents and Settings\Igre\Local Settings\temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\Documents and Settings\UpdatusUser\Local Settings\Temp emptied successfully
C:\Documents and Settings\Zeljko\Local Settings\temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Zeljko\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\Zeljko\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on Sun 11/02/2014 at 2:18:06.26 ======================
|
|
|
|
|
|
|
Poslao: 02 Nov 2014 15:25
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Kakvo je sada stanje?
|
|
|
|
|
|
|
Poslao: 02 Nov 2014 15:33
|
offline
- Pridružio: 03 Avg 2014
- Poruke: 60
|
Mislim da je sad dobro,videcu do veceras kako ce biti oce li se opet ono ubagovati posto nije uvek.Hvala 
|
|
|
|
|
|
|
|
Preuzmi 
dugme i pričekaj da se skeniranje završi.
) na ikonicu programa:
