Komp steka

1

Komp steka

offline
  • Pridružio: 23 Feb 2014
  • Poruke: 9

Pozdrav.
U poslednje vreme mi se lap top bas usporio.Posto je prepun oslobodila sam polovinu memorije preko space sniffera.Medjutim situacija je ostala ista.Potom provalim da imam 2 antivirusa,win firewall i eset.Obrisem Eset,ponovo ista prica...............Inace nekada radi iznenadjujuce brzo a nekada jedan prozor otvara 10 min.Imam sbb wifi i vip modem(i kad god njega stavim komp mi je sporiji).
Skidam svasta sa neta i pretpostavljam da imam dosta virusa.Interesuje me hoce li se oni zaista obrisati preko programa koji ih skenira??????

Rezultati skeniranja:

Database version: v2014.02.23.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16798
win7 :: WIN7-PC [administrator]


Protection: Enabled

2/23/2014 6:39:29 PM
MBAM-log-2014-02-23 (21-30-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222121
Time elapsed: 2 hour(s), 33 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 43
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetIM) -> No action taken.
HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetIM) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetIM) -> No action taken.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetIM) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\Typelib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} (PUP.Optional.BabylonToolBar.A) -> No action taken.
HKCR\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} (PUP.Optional.BabylonToolBar.A) -> No action taken.
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> No action taken.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker (PUP.Optional.Somoto.A) -> No action taken.
HKCR\esrv.BabylonESrvc (PUP.Optional.BabylonToolBar.A) -> No action taken.
HKCR\esrv.BabylonESrvc.1 (PUP.Optional.BabylonToolBar.A) -> No action taken.
HKCR\iMeshIEHelper.DNSGuard (PUP.Optional.iMeshMusicBoxTB.A) -> No action taken.
HKCR\iMeshIEHelper.DNSGuard.1 (PUP.Optional.iMeshMusicBoxTB.A) -> No action taken.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook (PUP.Optional.SweetIM.A) -> No action taken.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.SweetIM.A) -> No action taken.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> No action taken.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> No action taken.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> No action taken.
HKCU\SOFTWARE\BI (PUP.Optional.FilesFrog.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.
HKCU\SOFTWARE\SOMOTO\SDP (PUP.Optional.Somoto.A) -> No action taken.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok (PUP.Optional.PriceGong.A) -> No action taken.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Optional.Funmoods.A) -> No action taken.
HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> No action taken.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM.A) -> No action taken.
HKCR\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM.A) -> No action taken.
HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM.A) -> No action taken.

Registry Values Detected: 14
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\system32\rundll32.exe "C:\Users\win7\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Data: Searchqu Toolbar -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Data: -> No action taken.
HKCU\Software\BI|ui_path_filesfrog (PUP.Optional.FilesFrog.A) -> Data: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker -> No action taken.
HKCU\Software\Somoto\SDP|affid (PUP.Optional.Somoto.A) -> Data: burn4free -> No action taken.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {FFD1F639-B707-11E0-93D0-CC686A2D1AA9} -> No action taken.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {FFD1F639-B707-11E0-93D0-CC686A2D1AA9} -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM.A) -> Data: 1 -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM.A) -> Data: 1 -> No action taken.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://www.buenosearch.com/?babsrc=HP_ss&mntrId=00DC00A0C6000000&affID=128491&tsp=5166) Good: (http://www.google.com) -> No action taken.

Folders Detected: 24
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong (PUP.Optional.PriceGong.A) -> No action taken.
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> No action taken.
C:\Program Files\PriceGong\2.6.11 (PUP.Optional.PriceGong.A) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\34A54EA7318B46E2AA41BD92A5E46E09 (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\65160D417EF041D88B6D1B8310E15507 (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\7B146B9EBCAC4C91B591F110ADDBA9CE (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\C985E5120CDA4363A907552F3A0641D9 (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\DDDF24E045D649B2854A593264BE61CC (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\E9ADB9F616FD4DCDB37FF6D8005CFA30 (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\OpenCandy_7B146B9EBCAC4C91B591F110ADDBA9CE (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Local\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> No action taken.
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075 (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange (PUP.Optional.SweetIM.A) -> No action taken.
C:\Users\win7\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\win7\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> No action taken.

Files Detected: 146
C:\Users\win7\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Users\win7\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.OutBrowse) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\65160D417EF041D88B6D1B8310E15507\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\C985E5120CDA4363A907552F3A0641D9\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\DDDF24E045D649B2854A593264BE61CC\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\E9ADB9F616FD4DCDB37FF6D8005CFA30\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> No action taken.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\uninstall15298643.exe (PUP.Optional.GoForFiles.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\uttE64F.tmp.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\BuenoSearchTB.exe (PUP.Optional.ToolBarInstaller.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\BuenoSearchTB[1].exe (PUP.Optional.ToolBarInstaller.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\is-3QPAN.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\Downloads\SoftonicDownloader_for_subtitle-workshop.exe (PUP.Optional.Softonic.A) -> No action taken.
C:\Users\win7\Downloads\SoftonicDownloader_for_time-adjuster.exe (PUP.Optional.Softonic.A) -> No action taken.
C:\Users\win7\Downloads\bsplayer266.1075.exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\win7\AppData\Local\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> No action taken.
C:\Users\win7\AppData\Local\FilesFrog Update Checker\uninstall.exe (PUP.Optional.Somoto.A) -> No action taken.
C:\Users\win7\AppData\Local\FilesFrog Update Checker\update_checker.exe (PUP.Optional.FilesFrog.A) -> No action taken.
C:\Users\win7\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\win7\Local Settings\Temporary Internet Files\Content.IE5\8R9TJGR3\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\Local Settings\Temporary Internet Files\Content.IE5\EZW1FD8E\ClixSense_com[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\Local Settings\Temporary Internet Files\Content.IE5\EZW1FD8E\goods-376-4797[1].exe (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\win7\Local Settings\Temporary Internet Files\Content.IE5\EZW1FD8E\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\Local Settings\Temporary Internet Files\Content.IE5\QSHEFGVN\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\Local Settings\Temporary Internet Files\Content.IE5\QSHEFGVN\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\Local Settings\Temporary Internet Files\Content.IE5\QSHEFGVN\uTorrentControl_v6[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Windows\Installer\4973d6a.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Windows\Installer\4973d70.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage (PUP.Optional.Pricegong) -> No action taken.
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage-journal (PUP.Optional.Pricegong) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Homepage.lnk (PUP.Optional.PriceGong.A) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Contact Us.lnk (PUP.Optional.PriceGong.A) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Help.lnk (PUP.Optional.PriceGong.A) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\Uninstall PriceGong.lnk (PUP.Optional.PriceGong.A) -> No action taken.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> No action taken.
C:\Users\win7\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> No action taken.
C:\Program Files\PriceGong\2.6.11\PriceGong.crx (PUP.Optional.PriceGong.A) -> No action taken.
C:\Program Files\PriceGong\2.6.11\PriceGongIE.dll (PUP.Optional.PriceGong.A) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\34A54EA7318B46E2AA41BD92A5E46E09\Trial-14.0.1000.88_en-US_1004739_ROW-EN.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\65160D417EF041D88B6D1B8310E15507\3596.ico (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\65160D417EF041D88B6D1B8310E15507\TuneUpUtilities2013-2200319_en-US.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\OpenCandy\7B146B9EBCAC4C91B591F110ADDBA9CE\TuneUpUtilities2013_2200319_en-US.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk (PUP.Optional.FilesFrog.A) -> No action taken.
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk (PUP.Optional.FilesFrog.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\CT3289075.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\initdata.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\manifest.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\win7\AppData\Local\Temp\ct3289075\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\news.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\version.txt (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> No action taken.
C:\Users\win7\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\win7\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> No action taken.

(end)






offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32-bit. i 64-bitna verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.


dvoklikom pokreni program, kada se alat pokrene klikni Yes na Disclaimer prozor;
pod Optional Scan sekciji, označi List BCD i Driver MD5 polja;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 23 Feb 2014
  • Poruke: 9

Napisano: 24 Feb 2014 23:25

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-02-2014 01
Ran by win7 (administrator) on WIN7-PC on 24-02-2014 23:10:17
Running from C:\Users\win7\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe
() C:\Program Files\Vip mobilni internet\CancelAutoPlay.exe
() C:\Program Files\Vip mobilni internet\UIExec.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\Vip mobilni internet\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Vip mobilni internet\UIMain.exe
() C:\Program Files\Vip mobilni internet\CMUpdater.exe
(BitTorrent Inc.) C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [644800 2013-08-30] ()
HKLM\...\Run: [PowerDVD13Agent] - C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-09-13] (CyberLink Corp.)
HKLM\...\Run: [CancelAutoPlay] - C:\Program Files\Vip mobilni internet\CancelAutoPlay.exe [414544 2012-03-12] ()
HKLM\...\Run: [UIExec] - C:\Program Files\Vip mobilni internet\UIExec.exe [156448 2012-05-11] ()
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\Run: [ChicaPasswordManager] - "C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\Run: [uTorrent] - C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe [1307736 2014-01-25] (BitTorrent Inc.)
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\Run: [NextLive] - C:\Windows\system32\rundll32.exe "C:\Users\win7\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [3000704 2014-01-29] (ALLPlayer Group Ltd.)
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {1b5f1567-6f63-11e3-b4c2-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {31567d11-fb5a-11e2-a7c8-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {5652ad49-ee46-11e2-a779-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {7dd840e3-fb04-11e0-8f09-001583c9b7f4} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {7eaf08ed-4bad-11e3-8d2f-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {88f08fc2-054e-11e1-a3c5-001583c9b7f4} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {9aa625bf-6975-11e3-a775-00a0c6000000} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {9e149e32-d04d-11e1-bbc2-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {a355f3c3-d43e-11e2-b120-00a0c6000000} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {a355f3d1-d43e-11e2-b120-00a0c6000000} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {a355f84e-d43e-11e2-b120-001583c9b7f4} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {a7381c28-d05d-11df-92c0-002622848507} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {a86a38ce-cfc6-11df-aa6f-002622848507} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {a86a38de-cfc6-11df-aa6f-002622848507} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {ae24888d-98a2-11e3-bae9-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {aed3602c-60eb-11e3-a6be-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {b450c0af-73aa-11e3-8b7e-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {b65f37a7-def0-11e1-8218-001583c9b7f4} - F:\AutoRun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {ba0653ad-74fe-11e2-a77d-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {ba0653be-74fe-11e2-a77d-001583c9b7f4} - F:\Autorun.exe
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\MountPoints2: {c8e7bf57-0672-11e3-a6b8-00a0c6000000} - G:\Startme.exe
Startup: C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = buenosearch.com/?babsrc=HP_ss&mntrId=00.....1&tsp=5166
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC5FE8FB9FA63CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = search.conduit.com?SearchSource=10&ctid=CT2269050
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn.com/?ocid=EIE9HP&PC=UP50
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = g.msn.com/1me10IE9ENUS/110
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.com/ie
URLSearchHook: HKLM - (No Name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - No File
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - (No Name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - No File
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
SearchScopes: HKCU - 3ADFD602C52048068FE71C5CE710CB61 URL = smartwebsearch.net/index.php?from=4&q={searchTerms}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = start.facemoods.com/?a=wbst&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=00DC00A0C6000000&affID=128491&tsp=5166
SearchScopes: HKCU - {25B9BDBC-150D-4C17-8EF2-525FDB8F8307} URL = search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=589
SearchScopes: HKCU - {329DF456-2B9A-1254-3222-23D6BB4C8442} URL = ics.asksearch.com/s/?q={searchTerms}&iesrc={referrer:source?}&cfg=2-441-0-...
SearchScopes: HKCU - {45F2F17C-18E7-4E01-9E67-D7DED8F1DF83} URL = start.funmoods.com/results.php?f=4&a=nv1&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={sear
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6PQn0B10z9&i=26
SearchScopes: HKCU - {D6E3EE4A-BE5B-4C7F-927A-ABE33E590236} URL = websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^RS&apn_uid=40d3433e-5b7e-448c-9c74-3b728c873720&apn_sauid=41142CA5-28BC-4C76-988A-B5DDD3B4DD51
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
BHO: No Name - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - No Name - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKCU - No Name - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.85.64.173 10.85.64.174

FireFox:
========
FF ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default
FF user.js: detected! => C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default\user.js
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=00DC00A0C6000000&affID=128491&tsp=5166
FF Keyword.URL: hxxp://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q=
FF NewTab: hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrId=00DC00A0C6000000&affID=128491&tsp=5166
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\win7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\win7\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
FF Extension: No Name - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default\Extensions\staged [2014-02-11]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-12-19]
FF HKLM\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files\MyWebSearch\bar\7.bin
FF Extension: No Name - C:\Program Files\MyWebSearch\bar\7.bin [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-07]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-07]
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-07-25]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\win7\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\win7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll No File
CHR Extension: (Google Docs) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-18]
CHR Extension: (Google Drive) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-18]
CHR Extension: (PriceGong) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2014-01-25]
CHR Extension: (YouTube) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-18]
CHR Extension: (uTorrentControl_v6) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp [2014-01-25]
CHR Extension: (Google Search) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-18]
CHR Extension: (BitTorrentControl_v12) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf [2013-05-28]
CHR Extension: (Allin1Convert) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [2013-12-20]
CHR Extension: (Night Time In New York City) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek [2013-09-29]
CHR Extension: (SaveFrom.net помощник) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl [2014-02-11]
CHR Extension: (Google Wallet) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (ClixSense.com) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\odiaflgoglmdpognebeehehkabaclnpb [2013-07-16]
CHR Extension: (Gmail) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-18]
CHR HKLM\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files\PriceGong\2.6.11\pricegong.crx [2013-03-04]
CHR HKLM\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\win7\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2014-01-25]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx [2014-01-25]
CHR HKLM\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\win7\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2013-03-26]
CHR HKLM\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx [2013-03-26]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-26]
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-26]
CHR HKLM\...\Chrome\Extension: [mfhbefhmbfeijngaeeipckikabideogj] - C:\Program Files\BFlix\BFlix.crx [2013-06-26]
CHR HKLM\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\win7\AppData\Local\Temp\crx28FE.tmp [2013-06-26]
CHR HKLM\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\win7\AppData\Local\Temp\ccex.crx [2013-06-26]
CHR HKLM\...\Chrome\Extension: [odiaflgoglmdpognebeehehkabaclnpb] - C:\Users\win7\AppData\Local\CRE\odiaflgoglmdpognebeehehkabaclnpb.crx [2013-06-09]
CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\win7\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2014-01-25]
CHR HKCU\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\win7\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2013-03-26]
CHR HKCU\...\Chrome\Extension: [odiaflgoglmdpognebeehehkabaclnpb] - C:\Users\win7\AppData\Local\CRE\odiaflgoglmdpognebeehehkabaclnpb.crx [2013-06-09]

========================== Services (Whitelisted) =================

R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-09-13] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-09-13] (CyberLink)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-06-25] (Freemake)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [52080 2007-04-21] ()
R2 UI Assistant Service; C:\Program Files\Vip mobilni internet\AssistantServices.exe [274760 2012-08-02] ()

==================== Drivers (Whitelisted) ====================

R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34576 2007-03-05] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [39184 2007-03-05] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2010-07-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2010-07-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-02-23] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-02-08] (Duplex Secure Ltd.)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.)
R3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [116736 2012-02-06] (ZTE Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-09-13] (CyberLink Corp.)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys F81BB7E487EDCEAB630A7EE66CF23913
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athr.sys B01751CC563AECAC09BBE36AAA21FBEF
C:\Windows\System32\DRIVERS\atikmdag.sys 04F09923A393E4E0E8453A8F78361E73
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blueletaudio.sys 1D866FAF96D7369A1817AB208C04CF55
C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys 8FC27B12A02B43947787F0EF1885DF9B
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\btnetdrv.sys C5CCE2B26F73F8CF7F3C82159E79AA08
C:\Windows\System32\Drivers\btcusb.sys D5D025B5F704817B42D13A3E443F7893
C:\Windows\system32\drivers\BthEnum.sys ==> MD5 is legit
C:\Windows\System32\Drivers\vbtenum.sys CE643D0918123D76A5CAAB008FCA9663
C:\Windows\System32\Drivers\BTHidMgr.sys DFCA4FE4C8AEC786B4D0F432EB730F48
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys 1153DE2E4F5941E10C399CB5592F78A1
C:\Windows\System32\Drivers\BTHUSB.sys C81E9413A25A439F436B1D4B6A0CF9E9
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 85449EEBE8F8EBD6481EFBF0F352B4EB
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 71BC35067CABC02C9453AEAA42B2E43E
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\epmntdrv.sys 539CA34FBC74EC366A0D751028C32A08
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\EuGdiDrv.sys 1F2F4AB15CE03ECC257FEB2F6DC5A013
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 2ED0BABD4CD98ED820FD0D0BCBE96721
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys F286830298323272260332D6ABC905C1
C:\Windows\System32\Drivers\ksecpkg.sys D7C760D57B1656DD748B9E4AB6CB5A51
C:\Windows\System32\DRIVERS\L1C62x86.sys 6C32BFEAB708915D6BBF4B20D4F3EF7B
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A
C:\Windows\system32\drivers\mbamswissarmy.sys 0DB7527DB188C7D967A37BB51BBF3963
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys E77DC03DD3C8E5A388BF9EED2A28F3D1
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 21F4B24ACFC79A483515BD986DD9043F
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 32FF06EC6D946EF791D98D6C838A3090
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pccsmcfd.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\Windows\System32\Drivers\RootMdm.sys 564297827D213F52C7A3A2FF749568CA
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys CBEAEA2729985BFB260641AB424E0166
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys CA59F7C570AF70BC174F477CFE2D9EE3
C:\Windows\System32\DRIVERS\tcpip.sys CA59F7C570AF70BC174F477CFE2D9EE3
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys 9CE253214ACAA5A7D323327D2055EFAA
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 0803FBA9FE829D61AE26EC0BCC910C46
C:\Windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041
C:\Windows\System32\DRIVERS\usbehci.sys D40855F89B69305140BBD7E9A3BA2DA6
C:\Windows\System32\DRIVERS\usbhub.sys EDF2DF71C4F1E13A6AC75F5224DE655A
C:\Windows\System32\DRIVERS\usbohci.sys 9828C8D14CC2676421778F0DE638CF97
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbser.sys 007C0C8D5B01D82ACEB70431D15083F6
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\system32\drivers\usbuhci.sys 800AABFD625EEFF899F7E5496BDE37AB
C:\Windows\System32\DRIVERS\VComm.sys 51750B0539986186C6931FC40D171521
C:\Windows\System32\Drivers\VcommMgr.sys 6D9C891C0A761AFED1F3609C2E56F2B9
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys 9417C311E7257634FE735F82035425F3
C:\Windows\System32\DRIVERS\ZTEusbnet.sys 3D38F3270927DA78B367B57D19CBB7FC
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys 9417C311E7257634FE735F82035425F3
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys 9417C311E7257634FE735F82035425F3
C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl 18539F85F3725BEE656E59BAC07D502C

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 23:10 - 2014-02-24 23:10 - 00047782 _____ () C:\Users\win7\Downloads\FRST.txt
2014-02-24 23:07 - 2014-02-24 23:10 - 00000000 ____D () C:\FRST
2014-02-24 23:03 - 2014-02-24 23:03 - 01144320 _____ (Farbar) C:\Users\win7\Downloads\FRST.exe
2014-02-24 22:42 - 2014-02-24 22:43 - 00000000 ____D () C:\Users\win7\Desktop\(1) Photos from Aleksandar Radovic's post - Aleksandar Radovic_files
2014-02-24 22:42 - 2014-02-24 22:42 - 00314672 _____ () C:\Users\win7\Desktop\(1) Photos from Aleksandar Radovic's post - Aleksandar Radovic.htm
2014-02-24 03:39 - 2014-02-24 03:41 - 00000000 ____D () C:\Users\win7\Downloads\Hostel 1 & 2 DVDRip
2014-02-24 02:37 - 2014-02-24 18:28 - 00000000 ____D () C:\Users\win7\Downloads\For a Few Dollars More (1965) 720p.BRrip.Sujaidr (pimprg)
2014-02-24 01:47 - 2014-02-24 03:27 - 00000000 ____D () C:\Users\win7\Downloads\Arizona Dream
2014-02-24 01:39 - 2014-02-24 02:14 - 00000000 ____D () C:\Users\win7\Downloads\Zivot je cudo
2014-02-24 01:33 - 2014-02-24 02:17 - 00000000 ____D () C:\Users\win7\Downloads\Sisanje [2010] domaci film
2014-02-23 21:33 - 2014-02-23 21:34 - 00028078 _____ () C:\Users\win7\Desktop\New Text Document.txt
2014-02-23 19:03 - 2014-02-23 19:04 - 00000000 ____D () C:\Users\win7\Downloads\Ljubav Navika Panika 2
2014-02-23 18:33 - 2014-02-23 18:33 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-23 18:07 - 2014-02-23 18:07 - 00001031 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-23 18:07 - 2014-02-23 18:07 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Malwarebytes
2014-02-23 18:06 - 2014-02-23 18:07 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-23 18:06 - 2014-02-23 18:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-23 18:06 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-23 18:01 - 2014-02-23 18:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\win7\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 14:29 - 2014-02-23 14:29 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-02-23 12:55 - 2014-02-23 12:55 - 00001851 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-02-23 12:55 - 2014-02-23 12:55 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Canneverbe Limited
2014-02-23 12:55 - 2014-02-23 12:55 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-02-23 03:37 - 2014-02-23 03:40 - 05284632 _____ (Canneverbe Limited ) C:\Users\win7\Downloads\cdbxp_setup_4.5.2.4478.exe
2014-02-23 01:03 - 2008-11-25 14:51 - 00127710 _____ () C:\Users\win7\Desktop\A.Streetcar.Named.Desire.1951.464x336.25fps.739kbs.V4mp3.MultiSub.WunSeeDee.Serbian.srt
2014-02-23 00:29 - 2014-02-23 00:30 - 00001886 _____ () C:\Users\win7\Desktop\TimeAdjuster.lnk
2014-02-23 00:29 - 2014-02-23 00:29 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TimeAdjuster
2014-02-23 00:29 - 2014-02-23 00:29 - 00000000 ____D () C:\Program Files\TimeAdjuster
2014-02-23 00:20 - 2014-02-23 00:22 - 00401736 _____ (Softonic ) C:\Users\win7\Downloads\SoftonicDownloader_for_time-adjuster.exe
2014-02-22 23:58 - 2014-02-23 00:00 - 00401744 _____ (Softonic ) C:\Users\win7\Downloads\SoftonicDownloader_for_subtitle-workshop.exe
2014-02-22 20:15 - 2014-02-22 20:16 - 00000000 ____D () C:\Users\win7\Downloads\Pilates
2014-02-22 04:14 - 2014-02-22 04:14 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Artweaver Free
2014-02-19 20:00 - 2014-02-20 20:10 - 00000000 ____D () C:\Users\win7\Desktop\New folder (2)
2014-02-19 05:31 - 2014-02-19 05:31 - 00263530 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-19 05:28 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-19 04:52 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-19 04:52 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-19 04:52 - 2014-02-01 08:58 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-19 04:52 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-19 04:52 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-19 04:52 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-19 04:52 - 2014-02-01 07:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-19 04:51 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-19 03:40 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-19 03:40 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-19 03:40 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-19 03:40 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-19 03:40 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-19 03:40 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-19 03:40 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-19 03:40 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-19 03:40 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-18 18:21 - 2014-02-18 18:22 - 00000000 ____D () C:\Users\win7\AppData\Local\Nero
2014-02-18 18:21 - 2014-02-18 18:21 - 00000000 ____D () C:\Users\win7\Documents\NeroVideo
2014-02-18 17:33 - 2014-02-18 17:33 - 00000634 _____ () C:\Users\win7\Desktop\KMPlayer.lnk
2014-02-18 17:33 - 2014-02-18 17:33 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-02-18 17:30 - 2014-02-23 15:54 - 00000000 ____D () C:\The KMPlayer
2014-02-18 17:09 - 2014-02-18 17:13 - 32247936 _____ (PandoraTV) C:\Users\win7\Downloads\KMPlayer_3.8.0.120.exe
2014-02-18 17:00 - 2014-02-18 17:00 - 00000990 _____ () C:\Users\Public\Desktop\Artweaver Free 4.lnk
2014-02-18 16:59 - 2014-02-18 17:01 - 00000000 ____D () C:\Program Files\Artweaver Free 4
2014-02-18 16:59 - 2014-02-18 16:59 - 00000000 ____D () C:\ProgramData\Artweaver Free
2014-02-18 16:53 - 2014-02-18 16:56 - 09032880 _____ (Boris Eyrich Software ) C:\Users\win7\Downloads\Artweaver.exe
2014-02-18 16:42 - 2014-02-18 16:42 - 00000000 ____D () C:\Program Files\DoubleCAD XT v5
2014-02-18 15:27 - 2012-02-06 09:55 - 00116736 _____ (ZTE Corporation) C:\Windows\system32\Drivers\ZTEusbnet.sys
2014-02-18 15:27 - 2012-02-06 09:55 - 00107520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2014-02-18 15:27 - 2012-02-06 09:55 - 00107520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2014-02-18 15:27 - 2012-02-06 09:55 - 00107520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys
2014-02-18 15:25 - 2014-02-23 21:41 - 00000000 ____D () C:\Program Files\Vip mobilni internet
2014-02-18 15:25 - 2014-02-18 15:27 - 00001742 _____ () C:\Users\Public\Desktop\Vip mobilni internet.lnk
2014-02-18 02:48 - 2014-02-18 02:48 - 00001055 _____ () C:\Users\Public\Desktop\ALLPlayer Remote Control.lnk
2014-02-18 02:48 - 2014-02-18 02:48 - 00000000 ____D () C:\Program Files\ALLPlayer Remote
2014-02-18 02:43 - 2014-02-18 02:43 - 00000941 _____ () C:\Users\win7\Desktop\ALLPlayer.lnk
2014-02-18 02:41 - 2013-11-15 20:02 - 02023808 _____ (ALLPlayer Group Ltd.) C:\Users\win7\Desktop\CatzillaDownloader.exe
2014-02-18 02:40 - 2013-04-05 20:26 - 00276992 _____ (IntelleSoft) C:\Windows\system32\BugTrap.dll
2014-02-18 02:40 - 2007-10-07 14:36 - 00258048 _____ () C:\Windows\system32\libFLAC.dll
2014-02-18 02:39 - 2013-04-05 20:26 - 02106368 _____ () C:\Windows\system32\ac3filter.ax
2014-02-18 02:36 - 2014-02-18 02:43 - 00000000 ____D () C:\Program Files\ALLPlayer
2014-02-18 02:36 - 2014-02-18 02:41 - 00000000 ____D () C:\ProgramData\ALLPlayer
2014-02-18 02:08 - 2014-02-18 02:08 - 00003101 _____ () C:\Users\win7\Desktop\Readon TV Movie Radio Player.lnk
2014-02-18 02:08 - 2014-02-18 02:08 - 00003061 _____ () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Readon TV Movie Radio Player.lnk
2014-02-18 02:04 - 2014-02-18 02:04 - 00000000 ____D () C:\Program Files\Readon Technology
2014-02-18 01:15 - 2014-02-18 01:15 - 00001325 _____ () C:\Users\win7\Desktop\Continue App of the Day.lnk
2014-02-18 01:01 - 2014-02-23 18:19 - 00000000 ____D () C:\Program Files\GoforFiles
2014-02-17 23:32 - 2014-02-17 23:52 - 39616040 _____ (ALLPlayer ) C:\Users\win7\Downloads\ALLPlayerEN.exe
2014-02-17 23:22 - 2014-02-17 23:28 - 08459470 _____ () C:\Users\win7\Downloads\setupTV.zip
2014-02-17 22:55 - 2014-02-17 22:56 - 00000000 ____D () C:\Users\win7\Desktop\Dodavanje naslova i špica za film u program Windows Movie Maker_files
2014-02-17 22:54 - 2014-02-17 22:55 - 00074577 _____ () C:\Users\win7\Desktop\Dodavanje naslova i špica za film u program Windows Movie Maker.htm
2014-02-17 01:34 - 2014-02-17 01:34 - 00000000 _____ () C:\Users\win7\AppData\Roaming\.NANotifyHere
2014-02-14 21:55 - 2014-02-15 18:22 - 00000000 ____D () C:\Users\win7\Desktop\sa tela 14.2
2014-02-14 02:01 - 2014-02-14 02:15 - 69560435 _____ (NETTVPLUS) C:\Users\win7\Downloads\nettv_player_pc_v400.exe
2014-02-11 00:27 - 2014-02-11 00:28 - 00222384 _____ (SaveFrom.net) C:\Users\win7\Downloads\SaveFromNetHelper-Web-Inst.exe
2014-02-10 20:54 - 2014-02-10 20:55 - 00000000 ____D () C:\Users\win7\Desktop\Blu ray player
2014-02-10 20:53 - 2014-02-10 20:54 - 00000000 ____D () C:\Program Files\PowerDVD
2014-02-10 18:56 - 2014-02-10 18:56 - 00000000 ____D () C:\Users\win7\Desktop\Informacije o kvalitetu filmova i serija - Titlovi.com forum - Stranica 1_files
2014-02-10 18:55 - 2014-02-10 18:56 - 00140145 _____ () C:\Users\win7\Desktop\Informacije o kvalitetu filmova i serija - Titlovi.com forum - Stranica 1.htm
2014-02-10 18:41 - 2014-02-10 18:41 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264vfw
2014-02-10 18:41 - 2014-02-10 18:41 - 00000000 ____D () C:\Program Files\x264vfw
2014-02-10 18:11 - 2014-02-10 18:11 - 00001195 _____ () C:\Users\Public\Desktop\Media Player Classic.lnk
2014-02-10 18:11 - 2009-12-11 19:00 - 00000038 _____ () C:\Windows\avisplitter.ini
2014-02-10 18:11 - 2009-07-29 07:35 - 02378752 _____ () C:\Windows\system32\x264vfw.dll
2014-02-10 18:11 - 2009-07-14 01:15 - 00685056 _____ (DivX, Inc.) C:\Windows\system32\divx.dll
2014-02-10 18:11 - 2009-07-14 01:15 - 00090112 _____ (DivX, Inc.) C:\Windows\system32\dpl100.dll
2014-02-10 18:11 - 2008-10-03 13:30 - 00000414 _____ () C:\Windows\system32\lame_acm.xml
2014-02-10 18:11 - 2008-09-24 19:41 - 00839680 _____ (http://www.mp3dev.org/) C:\Windows\system32\lameACM.acm
2014-02-10 18:11 - 2007-09-21 01:52 - 00118784 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2014-02-10 18:11 - 2004-01-25 17:18 - 00217088 _____ (www.helixcommunity.org) C:\Windows\system32\yv12vfw.dll
2014-02-10 18:11 - 2002-08-22 05:00 - 00413760 _____ (Hacked with Joy !) C:\Windows\system32\DivXc32f.dll
2014-02-10 18:11 - 2002-08-01 10:03 - 00413760 _____ (Hacked with Joy !) C:\Windows\system32\DivXc32.dll
2014-02-10 16:40 - 2014-02-19 16:54 - 00000000 ____D () C:\Users\win7\Desktop\Blu-ray Converter, Blu-ray to AVI, Blu-ray to MPEG, Blu-ray to iPod_files
2014-02-10 16:40 - 2014-02-10 16:40 - 00005784 _____ () C:\Users\win7\Desktop\Blu-ray Converter, Blu-ray to AVI, Blu-ray to MPEG, Blu-ray to iPod.htm
2014-02-10 16:02 - 2014-02-10 16:02 - 00000000 ____D () C:\Users\win7\AppData\Local\Cyberlink SoftDMA
2014-02-10 16:00 - 2014-02-10 16:01 - 00000000 ____D () C:\Users\win7\Documents\CyberLink
2014-02-10 15:59 - 2014-02-10 15:59 - 00000000 ____D () C:\Users\win7\AppData\Local\MediaServer
2014-02-10 15:59 - 2014-02-10 15:59 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-02-10 15:57 - 2014-02-10 15:59 - 00000000 ____D () C:\Users\win7\AppData\Local\Cyberlink
2014-02-10 15:53 - 2014-02-10 15:53 - 00000000 ____D () C:\ProgramData\PDVD
2014-02-10 15:52 - 2014-02-10 15:52 - 00002103 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk
2014-02-10 15:37 - 2014-02-10 15:37 - 00000000 ____D () C:\Program Files\CyberLink
2014-02-10 15:28 - 2014-02-10 16:36 - 00000000 ____D () C:\ProgramData\install_clap
2014-02-10 14:48 - 2014-02-10 14:48 - 01029080 _____ (CyberLink) C:\Users\win7\Downloads\CyberLink_PowerDVD_Downloader.exe
2014-02-10 14:43 - 2014-02-10 14:43 - 00001088 _____ () C:\Users\win7\Desktop\AVGo Media Recorder.lnk
2014-02-10 14:43 - 2014-02-10 14:43 - 00000000 ____D () C:\Program Files\AVGo
2014-02-10 14:43 - 2008-04-08 15:11 - 00000322 _____ () C:\Windows\system32\mr.dat
2014-02-10 14:43 - 2006-07-08 04:07 - 00114688 _____ (Cucusoft Inc.) C:\Windows\system32\PropListCtrl.ocx
2014-02-10 14:43 - 2003-03-18 22:20 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.DLL
2014-02-10 14:36 - 2014-02-10 14:37 - 04762640 _____ (AVGo, Inc. ) C:\Users\win7\Downloads\MediaRecorder.exe
2014-02-10 04:03 - 2014-02-10 04:03 - 00000000 ____D () C:\Users\win7\AppData\Roaming\AVS4YOU
2014-02-10 04:01 - 2014-02-10 04:01 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-02-10 03:57 - 2014-02-10 03:57 - 00001159 _____ () C:\Users\win7\Desktop\AVS Video Converter.lnk
2014-02-10 03:53 - 2014-02-10 04:01 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-02-10 03:53 - 2012-03-23 19:59 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-02-10 03:52 - 2014-02-10 04:03 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-02-10 03:52 - 2014-02-10 04:01 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-02-10 03:40 - 2014-02-10 03:41 - 00000000 ____D () C:\Users\win7\Desktop\How to convert Blu-ray video _files
2014-02-10 03:39 - 2014-02-10 03:39 - 00036895 _____ () C:\Users\win7\Desktop\How to convert Blu-ray video .htm
2014-02-10 03:29 - 2014-02-10 03:46 - 63042752 _____ (Online Media Technologies Ltd. ) C:\Users\win7\Downloads\AVSVideoConverter.exe
2014-02-10 03:16 - 2014-02-10 03:16 - 00000953 _____ () C:\Users\win7\Desktop\MediaCoder.lnk
2014-02-10 03:16 - 2014-02-10 03:16 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
2014-02-10 03:14 - 2014-02-10 03:17 - 00000000 ____D () C:\Program Files\MediaCoder
2014-02-10 03:14 - 2014-02-10 03:14 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Mediatronic
2014-02-10 03:08 - 2014-02-10 03:11 - 62558130 _____ (Mediatronic Pty Ltd) C:\Users\win7\Downloads\MediaCoder-0.8.28.5588.exe
2014-02-10 00:23 - 2014-02-10 00:23 - 00000000 ___HT () C:\Windows\wusa.lock
2014-02-10 00:23 - 2014-02-10 00:23 - 00000000 ____D () C:\6d4bf4e342ddf99f3b9169d591e5
2014-02-10 00:20 - 2014-02-09 20:36 - 00112640 _____ () C:\Windows\system32\ff_vfw.dll
2014-02-10 00:20 - 2008-06-08 22:58 - 00060273 _____ (Open Source Software community project) C:\Windows\system32\pthreadGC2.dll
2014-02-10 00:19 - 2014-02-10 19:48 - 00000000 ____D () C:\Program Files\ffdshow
2014-02-10 00:16 - 2014-02-10 00:16 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-02-10 00:15 - 2014-02-10 00:15 - 00000000 ____D () C:\Program Files\Haali
2014-02-10 00:14 - 2014-02-10 00:14 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-02-10 00:13 - 2014-02-10 00:14 - 00000000 ____D () C:\Program Files\AviSynth 2.5
2014-02-10 00:10 - 2014-02-10 00:10 - 00001158 _____ () C:\Users\Public\Desktop\Sothink HD Movie Maker.lnk
2014-02-10 00:01 - 2009-05-07 17:14 - 00290816 _____ (SourceTec Software Co., LTD) C:\Windows\system32\stFLVSource.ax
2014-02-10 00:00 - 2014-02-10 00:00 - 00000000 ____D () C:\Program Files\Common Files\SourceTec
2014-02-10 00:00 - 2008-12-18 16:43 - 00278528 _____ (Real Networks, Inc) C:\Windows\system32\pncrt.dll
2014-02-10 00:00 - 2007-12-27 11:40 - 01184984 _____ (Microsoft Corporation) C:\Windows\system32\wvc1dmod.dll
2014-02-10 00:00 - 2004-08-18 00:04 - 00217088 _____ (-) C:\Windows\system32\CoreFLACDecoder.ax
2014-02-09 23:59 - 2014-02-09 23:59 - 00000000 ____D () C:\Program Files\SourceTec
2014-02-09 23:59 - 2006-03-11 04:56 - 00438272 _____ (Gabest) C:\Windows\system32\Mpeg2DecFilter.ax
2014-02-09 23:37 - 2014-02-09 23:40 - 20639670 _____ (SourceTec Software Co., LTD ) C:\Users\win7\Downloads\HD_Movie_Maker_RegNow_Trial.exe
2014-02-09 00:03 - 2014-02-09 00:03 - 00000000 ____D () C:\Users\win7\.android
2014-02-09 00:02 - 2014-02-23 15:45 - 00000000 ____D () C:\Users\win7\AppData\Roaming\newnext.me
2014-02-09 00:02 - 2014-02-09 00:02 - 00000000 ____D () C:\Users\win7\AppData\Local\genienext
2014-02-08 20:12 - 2014-02-08 20:12 - 00000000 ____D () C:\Users\win7\Documents\StarBurn
2014-02-08 20:12 - 2014-02-08 20:12 - 00000000 ____D () C:\Users\win7\AppData\Roaming\StarBurn
2014-02-08 19:55 - 2014-02-08 19:55 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-02-08 19:54 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-02-08 19:38 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-02-08 19:33 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-02-08 19:19 - 2014-02-08 19:19 - 00013175 _____ () C:\Users\win7\Desktop\OTT Kopernikus.htm
2014-02-08 19:19 - 2014-02-08 19:19 - 00000000 ____D () C:\Users\win7\Desktop\OTT Kopernikus_files
2014-02-08 19:06 - 2014-02-08 19:06 - 00082544 _____ () C:\Users\win7\Desktop\Kape i igle za pramenove Pribor za farbanje kose Pribor i sitan inventar Sve za frizere i nega kose Online prodaja kozmetike - Saloninfo.htm
2014-02-08 19:06 - 2014-02-08 19:06 - 00000000 ____D () C:\Users\win7\Desktop\Kape i igle za pramenove Pribor za farbanje kose Pribor i sitan inventar Sve za frizere i nega kose Online prodaja kozmetike - Saloninfo_files
2014-02-08 18:41 - 2014-02-08 18:42 - 00930440 _____ (CNET Download.com) C:\Users\win7\Downloads\cbsidlm-cbsi176-Nero_2014_Platinum-ORG-10028984.exe
2014-02-08 18:33 - 2014-02-08 18:33 - 00001051 _____ () C:\Users\win7\Desktop\Totally Free Burner.lnk
2014-02-08 18:33 - 2014-02-08 18:33 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Totally Free Burner
2014-02-08 18:32 - 2014-02-08 18:33 - 00000000 ____D () C:\Program Files\Totally Free Burner
2014-02-08 17:54 - 2014-02-08 17:56 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-02-08 17:46 - 2014-02-08 17:46 - 00001229 _____ () C:\Users\Public\Desktop\StarBurn.lnk
2014-02-08 17:45 - 2014-02-08 17:45 - 00000000 ____D () C:\Users\win7\AppData\Roaming\MediaFilters
2014-02-08 17:45 - 2014-02-08 17:45 - 00000000 ____D () C:\Program Files\StarBurn Software
2014-02-07 00:11 - 2014-02-23 04:15 - 00000000 ____D () C:\Users\win7\Desktop\Lepljenje prevoda na film
2014-02-06 22:15 - 2014-02-23 00:09 - 00000000 ____D () C:\Program Files\Subtitle Workshop
2014-02-06 22:11 - 2014-02-08 23:57 - 00000000 ____D () C:\Users\win7\AppData\Local\Softonic
2014-02-06 22:11 - 2014-02-06 22:11 - 00000000 ____D () C:\Users\win7\AppData\Local\CrashRpt
2014-02-06 21:10 - 2014-02-06 21:10 - 00000000 ____D () C:\Program Files\VSFilter
2014-02-06 21:01 - 2014-02-06 21:01 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter
2014-02-06 20:59 - 2013-04-05 21:26 - 01679360 _____ () C:\Windows\system32\ac3filter.acm
2014-02-06 20:58 - 2014-02-06 21:00 - 00000000 ____D () C:\Program Files\AC3Filter
2014-02-06 20:57 - 2014-02-06 20:57 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DivX
2014-02-06 20:56 - 2014-02-06 20:56 - 00000000 ____D () C:\Program Files\DirectVobSub
2014-02-06 19:28 - 2014-02-06 19:28 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
2014-02-06 19:28 - 2014-02-06 19:28 - 00000000 ____D () C:\Program Files\XviD
2014-02-06 17:54 - 2014-02-06 19:24 - 00001252 _____ () C:\Users\win7\Desktop\SnowFox YouTube Downloader HD.lnk
2014-02-06 17:54 - 2014-02-06 17:54 - 00000000 ____D () C:\Program Files\SnowFox Software
2014-02-06 17:46 - 2014-02-06 17:48 - 02287584 _____ (SnowFox Software Studio ) C:\Users\win7\Downloads\youtube-downloader_setup.exe
2014-02-06 00:17 - 2014-02-06 00:18 - 00000000 ____D () C:\Program Files\Convert Srt to Ssa
2014-02-06 00:03 - 2014-02-06 00:03 - 00003065 _____ () C:\Users\win7\Desktop\Convert Srt To Ssa.lnk
2014-02-06 00:03 - 2014-02-06 00:03 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macallan
2014-02-06 00:02 - 2014-02-06 00:02 - 00000000 ____D () C:\Program Files\Macallan
2014-02-05 01:08 - 2010-09-05 20:52 - 02669056 _____ () C:\Users\win7\Desktop\VirtualDub.exe
2014-02-05 00:56 - 2014-02-15 14:45 - 00000000 ____D () C:\Program Files\VirtualDub
2014-02-01 22:34 - 2014-02-01 22:34 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-01 19:40 - 2014-02-01 19:40 - 00000000 ____D () C:\Users\win7\Documents\FormatFactory
2014-02-01 19:05 - 2014-02-06 21:12 - 00000000 ____D () C:\Program Files\FreeTime
2014-01-27 17:56 - 2014-01-27 17:56 - 00001044 _____ () C:\Users\Public\Desktop\BS.Player FREE.lnk
2014-01-27 17:54 - 2014-02-08 17:16 - 00000000 ____D () C:\Users\win7\AppData\Roaming\BSplayer
2014-01-27 17:54 - 2014-01-27 17:54 - 00000000 ____D () C:\Users\win7\AppData\Roaming\BSplayer Pro
2014-01-27 17:53 - 2014-01-27 17:53 - 10511384 _____ () C:\Users\win7\Downloads\bsplayer_installer.exe
2014-01-27 17:43 - 2014-01-27 17:49 - 01104216 _____ (Conduit) C:\Users\win7\Downloads\bsplayer266.1075.exe
2014-01-26 16:44 - 2014-01-26 16:44 - 00094580 _____ () C:\Users\win7\Desktop\TOP 10 Najbolji vestern filmovi Muški magazin - M@N!.htm
2014-01-26 16:44 - 2014-01-26 16:44 - 00000000 ____D () C:\Users\win7\Desktop\TOP 10 Najbolji vestern filmovi Muški magazin - M@N!_files
2014-01-26 00:33 - 2014-01-26 00:33 - 00000218 _____ () C:\Users\win7\AppData\Local\recently-used.xbel
2014-01-25 22:47 - 2014-01-25 22:47 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Python-Eggs
2014-01-25 22:32 - 2014-01-26 00:35 - 00000000 ____D () C:\Users\win7\AppData\Roaming\BitLord
2014-01-25 22:06 - 2014-01-25 22:06 - 00000000 ____D () C:\Users\win7\Documents\BitLord
2014-01-25 21:55 - 2014-01-25 21:56 - 00717504 _____ () C:\Users\win7\Downloads\BitlordSetup.exe
2014-01-25 21:02 - 2014-01-25 21:02 - 00000000 ____D () C:\Users\win7\AppData\Local\NativeMessaging
2014-01-25 20:55 - 2014-01-25 20:55 - 00000849 _____ () C:\Users\win7\Desktop\µTorrent.lnk
2014-01-25 20:55 - 2014-01-25 20:55 - 00000829 _____ () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-01-25 20:53 - 2014-02-24 23:15 - 00000000 ____D () C:\Users\win7\AppData\Roaming\uTorrent
2014-01-25 20:52 - 2014-01-25 20:53 - 01307736 _____ (BitTorrent Inc.) C:\Users\win7\Downloads\utorrent.exe
2014-01-25 20:39 - 2014-01-25 20:41 - 00000000 ___SD () C:\Users\win7\Documents\Chica Passwords
2014-01-25 20:39 - 2014-01-25 20:39 - 00000000 ____D () C:\Program Files\PriceGong
2014-01-25 20:38 - 2014-02-19 20:28 - 00000000 ____D () C:\Program Files\Retro PC Calculator
2014-01-25 00:35 - 2014-01-25 00:36 - 00692512 _____ (RealNetworks, Inc.) C:\Users\win7\Downloads\RealDownloader.exe

==================== One Month Modified Files and Folders =======

2014-02-24 23:15 - 2014-01-25 20:53 - 00000000 ____D () C:\Users\win7\AppData\Roaming\uTorrent
2014-02-24 23:13 - 2014-02-24 23:10 - 00047782 _____ () C:\Users\win7\Downloads\FRST.txt
2014-02-24 23:10 - 2014-02-24 23:07 - 00000000 ____D () C:\FRST
2014-02-24 23:04 - 2012-04-01 19:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 23:03 - 2014-02-24 23:03 - 01144320 _____ (Farbar) C:\Users\win7\Downloads\FRST.exe
2014-02-24 22:53 - 2010-10-04 22:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 22:43 - 2014-02-24 22:42 - 00000000 ____D () C:\Users\win7\Desktop\(1) Photos from Aleksandar Radovic's post - Aleksandar Radovic_files
2014-02-24 22:42 - 2014-02-24 22:42 - 00314672 _____ () C:\Users\win7\Desktop\(1) Photos from Aleksandar Radovic's post - Aleksandar Radovic.htm
2014-02-24 21:51 - 2011-10-22 20:26 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3525473822-1617828288-4062223653-1000UA.job
2014-02-24 18:28 - 2014-02-24 02:37 - 00000000 ____D () C:\Users\win7\Downloads\For a Few Dollars More (1965) 720p.BRrip.Sujaidr (pimprg)
2014-02-24 18:14 - 2010-10-26 19:08 - 00082944 ____H () C:\Users\win7\Desktop\photothumb.db
2014-02-24 14:18 - 2010-10-01 00:12 - 01266506 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 03:41 - 2014-02-24 03:39 - 00000000 ____D () C:\Users\win7\Downloads\Hostel 1 & 2 DVDRip
2014-02-24 03:27 - 2014-02-24 01:47 - 00000000 ____D () C:\Users\win7\Downloads\Arizona Dream
2014-02-24 02:17 - 2014-02-24 01:33 - 00000000 ____D () C:\Users\win7\Downloads\Sisanje [2010] domaci film
2014-02-24 02:14 - 2014-02-24 01:39 - 00000000 ____D () C:\Users\win7\Downloads\Zivot je cudo
2014-02-24 00:51 - 2011-10-22 20:26 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3525473822-1617828288-4062223653-1000Core.job
2014-02-24 00:48 - 2010-10-04 22:06 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-23 22:21 - 2014-01-01 11:33 - 00417914 _____ () C:\Windows\system32\perfh011.dat
2014-02-23 22:21 - 2014-01-01 11:33 - 00121742 _____ () C:\Windows\system32\perfc011.dat
2014-02-23 22:21 - 2014-01-01 06:14 - 00743438 _____ () C:\Windows\system32\perfh013.dat
2014-02-23 22:21 - 2014-01-01 06:14 - 00152558 _____ () C:\Windows\system32\perfc013.dat
2014-02-23 22:21 - 2014-01-01 04:33 - 00494260 _____ () C:\Windows\system32\perfh014.dat
2014-02-23 22:21 - 2014-01-01 04:33 - 00094108 _____ () C:\Windows\system32\perfc014.dat
2014-02-23 22:21 - 2013-12-31 16:27 - 00728804 _____ () C:\Windows\system32\prfh0816.dat
2014-02-23 22:21 - 2013-12-31 16:27 - 00152088 _____ () C:\Windows\system32\prfc0816.dat
2014-02-23 22:21 - 2013-12-31 06:17 - 00740072 _____ () C:\Windows\system32\perfh015.dat
2014-02-23 22:21 - 2013-12-31 06:17 - 00155212 _____ () C:\Windows\system32\perfc015.dat
2014-02-23 22:21 - 2013-05-16 00:10 - 00713834 _____ () C:\Windows\system32\prfh0416.dat
2014-02-23 22:21 - 2013-05-16 00:10 - 00021978 _____ () C:\Windows\system32\prfc0416.dat
2014-02-23 22:21 - 2013-01-10 01:13 - 00049808 _____ () C:\Windows\system32\perfh019.dat
2014-02-23 22:21 - 2013-01-10 01:13 - 00020674 _____ () C:\Windows\system32\perfc019.dat
2014-02-23 22:21 - 2012-02-15 03:52 - 00052060 _____ () C:\Windows\system32\perfh010.dat
2014-02-23 22:21 - 2012-02-15 03:52 - 00022196 _____ () C:\Windows\system32\perfc010.dat
2014-02-23 22:21 - 2012-02-15 00:52 - 00048078 _____ () C:\Windows\system32\perfh01F.dat
2014-02-23 22:21 - 2012-02-15 00:52 - 00021120 _____ () C:\Windows\system32\perfc01F.dat
2014-02-23 22:21 - 2011-11-13 01:12 - 00025924 _____ () C:\Windows\system32\prfh0404.dat
2014-02-23 22:21 - 2011-11-13 01:12 - 00018592 _____ () C:\Windows\system32\prfc0404.dat
2014-02-23 22:21 - 2010-09-30 15:20 - 09706244 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 21:41 - 2014-02-18 15:25 - 00000000 ____D () C:\Program Files\Vip mobilni internet
2014-02-23 21:34 - 2014-02-23 21:33 - 00028078 _____ () C:\Users\win7\Desktop\New Text Document.txt
2014-02-23 19:04 - 2014-02-23 19:03 - 00000000 ____D () C:\Users\win7\Downloads\Ljubav Navika Panika 2
2014-02-23 18:47 - 2013-08-31 02:20 - 00000000 ____D () C:\Users\win7\AppData\Local\Mobogenie
2014-02-23 18:47 - 2013-08-31 01:48 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-02-23 18:47 - 2013-08-31 01:47 - 00000000 ____D () C:\Program Files\Mobogenie
2014-02-23 18:33 - 2014-02-23 18:33 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-23 18:19 - 2014-02-18 01:01 - 00000000 ____D () C:\Program Files\GoforFiles
2014-02-23 18:07 - 2014-02-23 18:07 - 00001031 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-23 18:07 - 2014-02-23 18:07 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Malwarebytes
2014-02-23 18:07 - 2014-02-23 18:06 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-23 18:06 - 2014-02-23 18:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-23 18:02 - 2014-02-23 18:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\win7\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 16:53 - 2013-08-31 02:20 - 00085341 _____ () C:\Users\win7\daemonprocess.txt
2014-02-23 15:54 - 2014-02-18 17:30 - 00000000 ____D () C:\The KMPlayer
2014-02-23 15:45 - 2014-02-09 00:02 - 00000000 ____D () C:\Users\win7\AppData\Roaming\newnext.me
2014-02-23 14:29 - 2014-02-23 14:29 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-02-23 14:15 - 2009-07-14 05:34 - 00017488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-23 14:15 - 2009-07-14 05:34 - 00017488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-23 14:00 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-23 13:59 - 2013-06-30 00:01 - 00020608 _____ () C:\Windows\setupact.log
2014-02-23 12:55 - 2014-02-23 12:55 - 00001851 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-02-23 12:55 - 2014-02-23 12:55 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Canneverbe Limited
2014-02-23 12:55 - 2014-02-23 12:55 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-02-23 04:29 - 2010-09-30 16:08 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-02-23 04:28 - 2010-09-30 16:08 - 00000000 ____D () C:\Program Files\Nero
2014-02-23 04:23 - 2010-09-30 16:08 - 00000000 ____D () C:\ProgramData\Nero
2014-02-23 04:15 - 2014-02-07 00:11 - 00000000 ____D () C:\Users\win7\Desktop\Lepljenje prevoda na film
2014-02-23 03:40 - 2014-02-23 03:37 - 05284632 _____ (Canneverbe Limited ) C:\Users\win7\Downloads\cdbxp_setup_4.5.2.4478.exe
2014-02-23 00:30 - 2014-02-23 00:29 - 00001886 _____ () C:\Users\win7\Desktop\TimeAdjuster.lnk
2014-02-23 00:29 - 2014-02-23 00:29 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TimeAdjuster
2014-02-23 00:29 - 2014-02-23 00:29 - 00000000 ____D () C:\Program Files\TimeAdjuster
2014-02-23 00:25 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-02-23 00:22 - 2014-02-23 00:20 - 00401736 _____ (Softonic ) C:\Users\win7\Downloads\SoftonicDownloader_for_time-adjuster.exe
2014-02-23 00:09 - 2014-02-06 22:15 - 00000000 ____D () C:\Program Files\Subtitle Workshop
2014-02-23 00:00 - 2014-02-22 23:58 - 00401744 _____ (Softonic ) C:\Users\win7\Downloads\SoftonicDownloader_for_subtitle-workshop.exe
2014-02-22 23:21 - 2013-05-18 03:17 - 00002133 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-22 20:20 - 2010-09-30 15:15 - 00000000 ____D () C:\Users\win7\AppData\Local\VirtualStore
2014-02-22 20:16 - 2014-02-22 20:15 - 00000000 ____D () C:\Users\win7\Downloads\Pilates
2014-02-22 04:14 - 2014-02-22 04:14 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Artweaver Free
2014-02-21 20:05 - 2012-04-01 19:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 20:05 - 2011-05-16 15:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-20 20:10 - 2014-02-19 20:00 - 00000000 ____D () C:\Users\win7\Desktop\New folder (2)
2014-02-20 18:45 - 2014-01-13 23:14 - 00000000 ____D () C:\Users\win7\Desktop\New folder (3)
2014-02-20 14:29 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-19 20:35 - 2009-07-14 05:33 - 03808640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-19 20:28 - 2014-01-25 20:38 - 00000000 ____D () C:\Program Files\Retro PC Calculator
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-02-19 20:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-19 16:54 - 2014-02-10 16:40 - 00000000 ____D () C:\Users\win7\Desktop\Blu-ray Converter, Blu-ray to AVI, Blu-ray to MPEG, Blu-ray to iPod_files
2014-02-19 05:31 - 2014-02-19 05:31 - 00263530 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-19 05:28 - 2013-07-30 02:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-19 05:18 - 2010-09-30 15:47 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-19 05:01 - 2013-12-03 13:00 - 00222473 _____ () C:\Windows\IE11_main.log
2014-02-18 23:13 - 2013-12-04 00:36 - 00001960 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-02-18 23:13 - 2013-12-04 00:36 - 00001958 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-02-18 23:13 - 2013-12-04 00:36 - 00001948 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-02-18 18:24 - 2010-10-04 15:31 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Nero
2014-02-18 18:22 - 2014-02-18 18:21 - 00000000 ____D () C:\Users\win7\AppData\Local\Nero
2014-02-18 18:21 - 2014-02-18 18:21 - 00000000 ____D () C:\Users\win7\Documents\NeroVideo
2014-02-18 17:42 - 2010-10-05 00:00 - 00109680 _____ () C:\Users\win7\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-18 17:33 - 2014-02-18 17:33 - 00000634 _____ () C:\Users\win7\Desktop\KMPlayer.lnk
2014-02-18 17:33 - 2014-02-18 17:33 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-02-18 17:13 - 2014-02-18 17:09 - 32247936 _____ (PandoraTV) C:\Users\win7\Downloads\KMPlayer_3.8.0.120.exe
2014-02-18 17:01 - 2014-02-18 16:59 - 00000000 ____D () C:\Program Files\Artweaver Free 4
2014-02-18 17:00 - 2014-02-18 17:00 - 00000990 _____ () C:\Users\Public\Desktop\Artweaver Free 4.lnk
2014-02-18 16:59 - 2014-02-18 16:59 - 00000000 ____D () C:\ProgramData\Artweaver Free
2014-02-18 16:56 - 2014-02-18 16:53 - 09032880 _____ (Boris Eyrich Software ) C:\Users\win7\Downloads\Artweaver.exe
2014-02-18 16:42 - 2014-02-18 16:42 - 00000000 ____D () C:\Program Files\DoubleCAD XT v5
2014-02-18 15:40 - 2013-11-23 01:15 - 00000000 ____D () C:\Program Files\NETTV4
2014-02-18 15:27 - 2014-02-18 15:25 - 00001742 _____ () C:\Users\Public\Desktop\Vip mobilni internet.lnk
2014-02-18 15:27 - 2013-02-12 14:33 - 00000000 ____D () C:\Windows\system32\SupportAppCB
2014-02-18 15:25 - 2010-09-30 16:22 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-18 02:48 - 2014-02-18 02:48 - 00001055 _____ () C:\Users\Public\Desktop\ALLPlayer Remote Control.lnk
2014-02-18 02:48 - 2014-02-18 02:48 - 00000000 ____D () C:\Program Files\ALLPlayer Remote
2014-02-18 02:43 - 2014-02-18 02:43 - 00000941 _____ () C:\Users\win7\Desktop\ALLPlayer.lnk
2014-02-18 02:43 - 2014-02-18 02:36 - 00000000 ____D () C:\Program Files\ALLPlayer
2014-02-18 02:41 - 2014-02-18 02:36 - 00000000 ____D () C:\ProgramData\ALLPlayer
2014-02-18 02:08 - 2014-02-18 02:08 - 00003101 _____ () C:\Users\win7\Desktop\Readon TV Movie Radio Player.lnk
2014-02-18 02:08 - 2014-02-18 02:08 - 00003061 _____ () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Readon TV Movie Radio Player.lnk
2014-02-18 02:04 - 2014-02-18 02:04 - 00000000 ____D () C:\Program Files\Readon Technology
2014-02-18 01:15 - 2014-02-18 01:15 - 00001325 _____ () C:\Users\win7\Desktop\Continue App of the Day.lnk
2014-02-17 23:52 - 2014-02-17 23:32 - 39616040 _____ (ALLPlayer ) C:\Users\win7\Downloads\ALLPlayerEN.exe
2014-02-17 23:28 - 2014-02-17 23:22 - 08459470 _____ () C:\Users\win7\Downloads\setupTV.zip
2014-02-17 22:56 - 2014-02-17 22:55 - 00000000 ____D () C:\Users\win7\Desktop\Dodavanje naslova i špica za film u program Windows Movie Maker_files
2014-02-17 22:55 - 2014-02-17 22:54 - 00074577 _____ () C:\Users\win7\Desktop\Dodavanje naslova i špica za film u program Windows Movie Maker.htm
2014-02-17 17:48 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-02-17 01:34 - 2014-02-17 01:34 - 00000000 _____ () C:\Users\win7\AppData\Roaming\.NANotifyHere
2014-02-15 18:22 - 2014-02-14 21:55 - 00000000 ____D () C:\Users\win7\Desktop\sa tela 14.2
2014-02-15 14:45 - 2014-02-05 00:56 - 00000000 ____D () C:\Program Files\VirtualDub
2014-02-14 02:30 - 2013-11-23 01:28 - 00000000 ____D () C:\Users\Public\nettv
2014-02-14 02:15 - 2014-02-14 02:01 - 69560435 _____ (NETTVPLUS) C:\Users\win7\Downloads\nettv_player_pc_v400.exe
2014-02-11 00:28 - 2014-02-11 00:27 - 00222384 _____ (SaveFrom.net) C:\Users\win7\Downloads\SaveFromNetHelper-Web-Inst.exe
2014-02-10 20:55 - 2014-02-10 20:54 - 00000000 ____D () C:\Users\win7\Desktop\Blu ray player
2014-02-10 20:54 - 2014-02-10 20:53 - 00000000 ____D () C:\Program Files\PowerDVD
2014-02-10 19:48 - 2014-02-10 00:19 - 00000000 ____D () C:\Program Files\ffdshow
2014-02-10 18:56 - 2014-02-10 18:56 - 00000000 ____D () C:\Users\win7\Desktop\Informacije o kvalitetu filmova i serija - Titlovi.com forum - Stranica 1_files
2014-02-10 18:56 - 2014-02-10 18:55 - 00140145 _____ () C:\Users\win7\Desktop\Informacije o kvalitetu filmova i serija - Titlovi.com forum - Stranica 1.htm
2014-02-10 18:41 - 2014-02-10 18:41 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264vfw
2014-02-10 18:41 - 2014-02-10 18:41 - 00000000 ____D () C:\Program Files\x264vfw
2014-02-10 18:11 - 2014-02-10 18:11 - 00001195 _____ () C:\Users\Public\Desktop\Media Player Classic.lnk
2014-02-10 18:11 - 2010-07-25 12:23 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-02-10 17:22 - 2010-11-08 17:29 - 00000000 ____D () C:\Users\win7\AppData\Roaming\CyberLink
2014-02-10 17:20 - 2010-09-30 16:23 - 00000000 ____D () C:\ProgramData\CyberLink
2014-02-10 16:49 - 2012-10-22 22:12 - 00000000 ____D () C:\Users\win7\AppData\Local\Windows Live
2014-02-10 16:40 - 2014-02-10 16:40 - 00005784 _____ () C:\Users\win7\Desktop\Blu-ray Converter, Blu-ray to AVI, Blu-ray to MPEG, Blu-ray to iPod.htm
2014-02-10 16:36 - 2014-02-10 15:28 - 00000000 ____D () C:\ProgramData\install_clap
2014-02-10 16:02 - 2014-02-10 16:02 - 00000000 ____D () C:\Users\win7\AppData\Local\Cyberlink SoftDMA
2014-02-10 16:01 - 2014-02-10 16:00 - 00000000 ____D () C:\Users\win7\Documents\CyberLink
2014-02-10 15:59 - 2014-02-10 15:59 - 00000000 ____D () C:\Users\win7\AppData\Local\MediaServer
2014-02-10 15:59 - 2014-02-10 15:59 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-02-10 15:59 - 2014-02-10 15:57 - 00000000 ____D () C:\Users\win7\AppData\Local\Cyberlink
2014-02-10 15:59 - 2010-11-08 17:30 - 00000000 ____D () C:\Users\Public\CyberLink
2014-02-10 15:53 - 2014-02-10 15:53 - 00000000 ____D () C:\ProgramData\PDVD
2014-02-10 15:52 - 2014-02-10 15:52 - 00002103 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk
2014-02-10 15:37 - 2014-02-10 15:37 - 00000000 ____D () C:\Program Files\CyberLink
2014-02-10 14:48 - 2014-02-10 14:48 - 01029080 _____ (CyberLink) C:\Users\win7\Downloads\CyberLink_PowerDVD_Downloader.exe
2014-02-10 14:43 - 2014-02-10 14:43 - 00001088 _____ () C:\Users\win7\Desktop\AVGo Media Recorder.lnk
2014-02-10 14:43 - 2014-02-10 14:43 - 00000000 ____D () C:\Program Files\AVGo
2014-02-10 14:37 - 2014-02-10 14:36 - 04762640 _____ (AVGo, Inc. ) C:\Users\win7\Downloads\MediaRecorder.exe
2014-02-10 04:03 - 2014-02-10 04:03 - 00000000 ____D () C:\Users\win7\AppData\Roaming\AVS4YOU
2014-02-10 04:03 - 2014-02-10 03:52 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-02-10 04:01 - 2014-02-10 04:01 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-02-10 04:01 - 2014-02-10 03:53 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-02-10 04:01 - 2014-02-10 03:52 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-02-10 03:57 - 2014-02-10 03:57 - 00001159 _____ () C:\Users\win7\Desktop\AVS Video Converter.lnk
2014-02-10 03:46 - 2014-02-10 03:29 - 63042752 _____ (Online Media Technologies Ltd. ) C:\Users\win7\Downloads\AVSVideoConverter.exe
2014-02-10 03:41 - 2014-02-10 03:40 - 00000000 ____D () C:\Users\win7\Desktop\How to convert Blu-ray video _files
2014-02-10 03:39 - 2014-02-10 03:39 - 00036895 _____ () C:\Users\win7\Desktop\How to convert Blu-ray video .htm
2014-02-10 03:17 - 2014-02-10 03:14 - 00000000 ____D () C:\Program Files\MediaCoder
2014-02-10 03:16 - 2014-02-10 03:16 - 00000953 _____ () C:\Users\win7\Desktop\MediaCoder.lnk
2014-02-10 03:16 - 2014-02-10 03:16 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
2014-02-10 03:14 - 2014-02-10 03:14 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Mediatronic
2014-02-10 03:11 - 2014-02-10 03:08 - 62558130 _____ (Mediatronic Pty Ltd) C:\Users\win7\Downloads\MediaCoder-0.8.28.5588.exe
2014-02-10 01:15 - 2013-07-18 20:33 - 00091302 _____ () C:\Windows\PFRO.log
2014-02-10 00:23 - 2014-02-10 00:23 - 00000000 ___HT () C:\Windows\wusa.lock
2014-02-10 00:23 - 2014-02-10 00:23 - 00000000 ____D () C:\6d4bf4e342ddf99f3b9169d591e5
2014-02-10 00:16 - 2014-02-10 00:16 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-02-10 00:15 - 2014-02-10 00:15 - 00000000 ____D () C:\Program Files\Haali
2014-02-10 00:14 - 2014-02-10 00:14 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-02-10 00:14 - 2014-02-10 00:13 - 00000000 ____D () C:\Program Files\AviSynth 2.5
2014-02-10 00:10 - 2014-02-10 00:10 - 00001158 _____ () C:\Users\Public\Desktop\Sothink HD Movie Maker.lnk
2014-02-10 00:00 - 2014-02-10 00:00 - 00000000 ____D () C:\Program Files\Common Files\SourceTec
2014-02-09 23:59 - 2014-02-09 23:59 - 00000000 ____D () C:\Program Files\SourceTec
2014-02-09 23:40 - 2014-02-09 23:37 - 20639670 _____ (SourceTec Software Co., LTD ) C:\Users\win7\Downloads\HD_Movie_Maker_RegNow_Trial.exe
2014-02-09 20:36 - 2014-02-10 00:20 - 00112640 _____ () C:\Windows\system32\ff_vfw.dll
2014-02-09 00:24 - 2013-08-31 02:21 - 00000000 ____D () C:\Users\win7\AppData\Local\cache
2014-02-09 00:17 - 2010-07-27 01:05 - 00000000 ____D () C:\Program Files\Uniblue
2014-02-09 00:03 - 2014-02-09 00:03 - 00000000 ____D () C:\Users\win7\.android
2014-02-09 00:03 - 2010-09-30 15:15 - 00000000 ____D () C:\Users\win7
2014-02-09 00:02 - 2014-02-09 00:02 - 00000000 ____D () C:\Users\win7\AppData\Local\genienext
2014-02-08 23:57 - 2014-02-06 22:11 - 00000000 ____D () C:\Users\win7\AppData\Local\Softonic
2014-02-08 22:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Cursors
2014-02-08 20:12 - 2014-02-08 20:12 - 00000000 ____D () C:\Users\win7\Documents\StarBurn
2014-02-08 20:12 - 2014-02-08 20:12 - 00000000 ____D () C:\Users\win7\AppData\Roaming\StarBurn
2014-02-08 19:55 - 2014-02-08 19:55 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-02-08 19:19 - 2014-02-08 19:19 - 00013175 _____ () C:\Users\win7\Desktop\OTT Kopernikus.htm
2014-02-08 19:19 - 2014-02-08 19:19 - 00000000 ____D () C:\Users\win7\Desktop\OTT Kopernikus_files
2014-02-08 19:06 - 2014-02-08 19:06 - 00082544 _____ () C:\Users\win7\Desktop\Kape i igle za pramenove Pribor za farbanje kose Pribor i sitan inventar Sve za frizere i nega kose Online prodaja kozmetike - Saloninfo.htm
2014-02-08 19:06 - 2014-02-08 19:06 - 00000000 ____D () C:\Users\win7\Desktop\Kape i igle za pramenove Pribor za farbanje kose Pribor i sitan inventar Sve za frizere i nega kose Online prodaja kozmetike - Saloninfo_files
2014-02-08 18:42 - 2014-02-08 18:41 - 00930440 _____ (CNET Download.com) C:\Users\win7\Downloads\cbsidlm-cbsi176-Nero_2014_Platinum-ORG-10028984.exe
2014-02-08 18:33 - 2014-02-08 18:33 - 00001051 _____ () C:\Users\win7\Desktop\Totally Free Burner.lnk
2014-02-08 18:33 - 2014-02-08 18:33 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Totally Free Burner
2014-02-08 18:33 - 2014-02-08 18:32 - 00000000 ____D () C:\Program Files\Totally Free Burner
2014-02-08 17:56 - 2014-02-08 17:54 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-02-08 17:46 - 2014-02-08 17:46 - 00001229 _____ () C:\Users\Public\Desktop\StarBurn.lnk
2014-02-08 17:45 - 2014-02-08 17:45 - 00000000 ____D () C:\Users\win7\AppData\Roaming\MediaFilters
2014-02-08 17:45 - 2014-02-08 17:45 - 00000000 ____D () C:\Program Files\StarBurn Software
2014-02-08 17:16 - 2014-01-27 17:54 - 00000000 ____D () C:\Users\win7\AppData\Roaming\BSplayer
2014-02-06 22:11 - 2014-02-06 22:11 - 00000000 ____D () C:\Users\win7\AppData\Local\CrashRpt
2014-02-06 21:12 - 2014-02-01 19:05 - 00000000 ____D () C:\Program Files\FreeTime
2014-02-06 21:10 - 2014-02-06 21:10 - 00000000 ____D () C:\Program Files\VSFilter
2014-02-06 21:01 - 2014-02-06 21:01 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter
2014-02-06 21:00 - 2014-02-06 20:58 - 00000000 ____D () C:\Program Files\AC3Filter
2014-02-06 20:59 - 2013-01-22 22:27 - 00000000 ____D () C:\Users\win7\AppData\Roaming\OpenCandy
2014-02-06 20:57 - 2014-02-06 20:57 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DivX
2014-02-06 20:57 - 2010-07-29 22:40 - 00000000 ____D () C:\Program Files\DivX
2014-02-06 20:56 - 2014-02-06 20:56 - 00000000 ____D () C:\Program Files\DirectVobSub
2014-02-06 19:28 - 2014-02-06 19:28 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
2014-02-06 19:28 - 2014-02-06 19:28 - 00000000 ____D () C:\Program Files\XviD
2014-02-06 19:24 - 2014-02-06 17:54 - 00001252 _____ () C:\Users\win7\Desktop\SnowFox YouTube Downloader HD.lnk
2014-02-06 18:15 - 2011-03-21 01:50 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-02-06 18:15 - 2010-10-05 15:21 - 00000000 ____D () C:\Program Files\Free YouTube Downloader Converter
2014-02-06 17:54 - 2014-02-06 17:54 - 00000000 ____D () C:\Program Files\SnowFox Software
2014-02-06 17:48 - 2014-02-06 17:46 - 02287584 _____ (SnowFox Software Studio ) C:\Users\win7\Downloads\youtube-downloader_setup.exe
2014-02-06 00:18 - 2014-02-06 00:17 - 00000000 ____D () C:\Program Files\Convert Srt to Ssa
2014-02-06 00:03 - 2014-02-06 00:03 - 00003065 _____ () C:\Users\win7\Desktop\Convert Srt To Ssa.lnk
2014-02-06 00:03 - 2014-02-06 00:03 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macallan
2014-02-06 00:02 - 2014-02-06 00:02 - 00000000 ____D () C:\Program Files\Macallan
2014-02-01 22:40 - 2013-09-24 23:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-01 22:34 - 2014-02-01 22:34 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-01 22:34 - 2013-09-24 23:12 - 00000000 ____D () C:\Program Files\Java
2014-02-01 19:40 - 2014-02-01 19:40 - 00000000 ____D () C:\Users\win7\Documents\FormatFactory
2014-02-01 08:58 - 2014-02-19 04:52 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-01 08:58 - 2014-02-19 04:52 - 01140736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-01 08:58 - 2014-02-19 04:52 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 08:57 - 2014-02-19 04:52 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-01 08:57 - 2014-02-19 04:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-01 08:57 - 2014-02-19 04:51 - 14359040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-01 08:34 - 2014-02-19 04:52 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-01 07:38 - 2014-02-19 04:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-27 17:56 - 2014-01-27 17:56 - 00001044 _____ () C:\Users\Public\Desktop\BS.Player FREE.lnk
2014-01-27 17:54 - 2014-01-27 17:54 - 00000000 ____D () C:\Users\win7\AppData\Roaming\BSplayer Pro
2014-01-27 17:53 - 2014-01-27 17:53 - 10511384 _____ () C:\Users\win7\Downloads\bsplayer_installer.exe
2014-01-27 17:53 - 2010-02-24 14:32 - 00000000 ____D () C:\Program Files\Webteh
2014-01-27 17:49 - 2014-01-27 17:43 - 01104216 _____ (Conduit) C:\Users\win7\Downloads\bsplayer266.1075.exe
2014-01-26 16:44 - 2014-01-26 16:44 - 00094580 _____ () C:\Users\win7\Desktop\TOP 10 Najbolji vestern filmovi Muški magazin - M@N!.htm
2014-01-26 16:44 - 2014-01-26 16:44 - 00000000 ____D () C:\Users\win7\Desktop\TOP 10 Najbolji vestern filmovi Muški magazin - M@N!_files
2014-01-26 00:35 - 2014-01-25 22:32 - 00000000 ____D () C:\Users\win7\AppData\Roaming\BitLord
2014-01-26 00:33 - 2014-01-26 00:33 - 00000218 _____ () C:\Users\win7\AppData\Local\recently-used.xbel
2014-01-25 22:47 - 2014-01-25 22:47 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Python-Eggs
2014-01-25 22:06 - 2014-01-25 22:06 - 00000000 ____D () C:\Users\win7\Documents\BitLord
2014-01-25 21:56 - 2014-01-25 21:55 - 00717504 _____ () C:\Users\win7\Downloads\BitlordSetup.exe
2014-01-25 21:03 - 2013-07-16 16:14 - 00000009 _____ () C:\END
2014-01-25 21:02 - 2014-01-25 21:02 - 00000000 ____D () C:\Users\win7\AppData\Local\NativeMessaging
2014-01-25 21:02 - 2013-05-28 01:19 - 00000000 ____D () C:\Users\win7\AppData\Local\CRE
2014-01-25 21:01 - 2011-03-01 23:38 - 00000000 ____D () C:\Users\win7\AppData\Local\Conduit
2014-01-25 20:55 - 2014-01-25 20:55 - 00000849 _____ () C:\Users\win7\Desktop\µTorrent.lnk
2014-01-25 20:55 - 2014-01-25 20:55 - 00000829 _____ () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-01-25 20:53 - 2014-01-25 20:52 - 01307736 _____ (BitTorrent Inc.) C:\Users\win7\Downloads\utorrent.exe
2014-01-25 20:41 - 2014-01-25 20:39 - 00000000 ___SD () C:\Users\win7\Documents\Chica Passwords
2014-01-25 20:39 - 2014-01-25 20:39 - 00000000 ____D () C:\Program Files\PriceGong
2014-01-25 19:12 - 2011-07-19 16:55 - 00000000 ____D () C:\Users\win7\Desktop\RECEPTI
2014-01-25 00:36 - 2014-01-25 00:35 - 00692512 _____ (RealNetworks, Inc.) C:\Users\win7\Downloads\RealDownloader.exe

Some content of TEMP:
====================
C:\Users\win7\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\win7\AppData\Local\Temp\BackupSetup.exe
C:\Users\win7\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\win7\AppData\Local\Temp\BuenoSearchTB[1].exe
C:\Users\win7\AppData\Local\Temp\DownloadManager.exe
C:\Users\win7\AppData\Local\Temp\driverscanner.exe
C:\Users\win7\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\win7\AppData\Local\Temp\htmlayout.dll
C:\Users\win7\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\win7\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\win7\AppData\Local\Temp\Softonic_EN_1-5-7.exe
C:\Users\win7\AppData\Local\Temp\StpF2C4_TMP.EXE
C:\Users\win7\AppData\Local\Temp\tmp5606.exe
C:\Users\win7\AppData\Local\Temp\tmpE03A.exe
C:\Users\win7\AppData\Local\Temp\toolbar27173736.exe
C:\Users\win7\AppData\Local\Temp\uninstall15298643.exe
C:\Users\win7\AppData\Local\Temp\uninstall15606386.exe
C:\Users\win7\AppData\Local\Temp\uninstall15606542.exe
C:\Users\win7\AppData\Local\Temp\uttE64F.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {e7bf4f46-ccef-11df-b734-e3c0a094d39a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {e7bf4f48-ccef-11df-b734-e3c0a094d39a}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {e7bf4f46-ccef-11df-b734-e3c0a094d39a}
nx OptIn

Windows Boot Loader
-------------------
identifier {e7bf4f48-ccef-11df-b734-e3c0a094d39a}
device ramdisk=[C:]\Recovery\e7bf4f48-ccef-11df-b734-e3c0a094d39a\Winre.wim,{e7bf4f49-ccef-11df-b734-e3c0a094d39a}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\e7bf4f48-ccef-11df-b734-e3c0a094d39a\Winre.wim,{e7bf4f49-ccef-11df-b734-e3c0a094d39a}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {e7bf4f46-ccef-11df-b734-e3c0a094d39a}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {e7bf4f49-ccef-11df-b734-e3c0a094d39a}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\e7bf4f48-ccef-11df-b734-e3c0a094d39a\boot.sdi



LastRegBack: 2014-02-01 14:51

==================== End Of Log ============================







Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-02-2014 01
Ran by win7 at 2014-02-24 23:19:38
Running from C:\Users\win7\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.)
AC3Filter (remove only) (HKLM\...\AC3Filter) (Version: - )
AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.05) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
ALLPlayer Remote Control (HKLM\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.1 - ALLPlayer Group, Ltd.)
ALLPlayer V5.X (HKLM\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.)
Artweaver Free 4 (HKLM\...\{6567E404-A019-4D0C-BD18-10564126A579}_is1) (Version: 4.0 - Boris Eyrich Software)
AVGo Media Recorder 1.08 (HKLM\...\AVGo Media Recorder_is1) (Version: - AVGo, Inc.)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
AVS Video Converter 8.5 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
Bluesoleil3.2.2.8 Release 070421 (HKLM\...\{8E9D738A-2C30-4574-90FE-E6B4F6065D48}) (Version: 3.2.2.8 Release 070421 - IVT Corporation)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version: - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Conduit Engine (HKLM\...\conduitEngine) (Version: - Conduit Ltd.) <==== ATTENTION
CyberLink PowerDVD 13 (HKLM\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3313.58 - CyberLink Corp.)
CyberLink PowerDVD 13 (Version: 13.0.3313.58 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DirectVobSub (remove only) (HKLM\...\DirectVobSub) (Version: - )
dirLock (HKLM\...\{AF21F061-F04B-42B4-B6C3-784A080F782A}) (Version: 1.4.1 - Emon)
DivX Media Format Filter Build 1 (HKLM\...\DivX Media Format Filter Build 1) (Version: - )
DolbyFiles (Version: 2.0 - Nero AG) Hidden
EASEUS Partition Master 6.5.1 Home Edition (HKLM\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FairUse Wizard 2 (HKLM\...\FairUse Wizard 2) (Version: (v2.11a LE) - FairUse Wizard)
ffdshow v1.3.4530 [2014-02-09] (HKLM\...\ffdshow_is1) (Version: 1.3.4530.0 - )
FilesFrog Update Checker (HKLM\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
FM Screen Capture Codec (Remove Only) (HKLM\...\FMCODEC) (Version: - )
Freemake Video Converter version 4.0.2 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.2 - Ellora Assets Corporation)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.5.1 (HKLM\...\KLiteCodecPack_is1) (Version: 5.5.1 - )
Macallan Convert Srt To Ssa (HKLM\...\{F070CE8E-8A5F-41EB-A5A6-639920BF929C}) (Version: 2.1.00013 - Macallan)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaCoder 0.8.28.5588 (HKLM\...\MediaCoder) (Version: 0.8.28.5588 - Mediatronic)
Microsoft .NET Framework 4.5.1 (ARA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DAN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (ELL) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (ESN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (FIN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (FRA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HEB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HUN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (JPN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (NOR) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (PTG) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (RUS) (Version: 4.5.50938 - Корпорация Майкрософт) Hidden
Microsoft .NET Framework 4.5.1 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (TRK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.5.50938 - Корпорация Майкрософт)
Microsoft .NET Framework 4.5.1 (עברית) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1, norsk språkpakke (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 programski dodatak za preslovljavanje (HKLM\...\{51312349-0B4D-450E-AFAA-03CC28A9531F}) (Version: 1.0.0527.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero InfoTool (Version: 6.4.12.100 - Nero AG) Hidden
Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden
NeroBurningROM (Version: 9.4.26.100 - Nero AG) Hidden
NeroExpress (Version: 9.4.26.100 - Nero AG) Hidden
PC Connectivity Solution (HKLM\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.19.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PriceGong 2.6.11 (HKLM\...\PriceGong) (Version: 2.6.11 - PriceGong) <==== ATTENTION
Readon TV Movie Radio Player 7.6.0.0 (HKLM\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SearchCore for Browsers (HKLM\...\SearchCore for Browsers) (Version: 3.0.0.115554 - SearchCore)
Similarity 1.5.2 (HKLM\...\{72A37DEC-B329-4D7B-ADDC-A7D609522F1C}) (Version: 1.5.2.970 - GAR Software)
SnowFox YouTube Downloader HD 2.6.5.0 (HKLM\...\SnowFox YouTube Downloader HD_is1) (Version: - )
Sony PC Companion 2.10.181 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.181 - Sony)
Sothink HD Movie Maker (HKLM\...\{39352E3D-43FF-44E7-AC2F-0ADA04AF9BB2}_is1) (Version: 1.1 - SourceTec Software Co., LTD)
StarBurn Version 15.2 (Build 0x20131129) (HKLM\...\StarBurn_is1) (Version: 15.2 - StarBurn Software)
SweetIM for Messenger 3.5 (HKLM\...\{97B4DF0B-7499-455F-AFBA-F70F64D6D86A}) (Version: 3.5.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetIM Toolbar for Internet Explorer 4.1 (HKLM\...\{A1194237-547A-461d-BD44-B97B1574A7DA}) (Version: 4.1.0003 - SweetIM Technologies Ltd.) <==== ATTENTION
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.8.0.120 - PandoraTV)
Time Adjuster STANDARD 3.1 (HKCU\...\TimeAdjuster) (Version: - IrekSoftware.com)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{525A4A44-8940-40AD-ABA0-14501199D2F0}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2343F7D1-9E41-4CD7-AC67-264E8E9968BD}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Vip mobilni internet (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
VSFilter 2.41.322 (0c3a1ea) Nightly (HKLM\...\vsfilter_is1) (Version: 2.41.322 - MPC-HC Team)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.00 beta 4 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.4 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
XviD Video Codec (remove only) (HKLM\...\XviD Video Codec) (Version: - )
YouTube Downloader Toolbar v1.0 (HKLM\...\{004098A1-0362-4C42-A1C3-CAD436CFF4A1}) (Version: 1.1.2 - Spigot, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04320FFD-3678-4CC6-99F5-F25FF931D3D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {1456C357-8D35-4AB1-8384-5337D1ECA857} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3525473822-1617828288-4062223653-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {145E7274-44D5-49C7-A868-62D1655821DB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3525473822-1617828288-4062223653-1000UA => C:\Users\win7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {162E0E00-9A6D-45EE-A3C2-638EA7EAE2FA} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe [2014-02-18] (http://goforfiles.com/) <==== ATTENTION
Task: {4523761D-9CF4-44F5-92C9-D0E028DD1DB6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3525473822-1617828288-4062223653-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4B9CEA0B-29FF-447F-9FFD-365220EDC7F1} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe
Task: {5DE02B6F-075F-417E-937B-CDCE0EE192DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {901530C0-46FC-4F99-A9C2-A29B5223BDBD} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3525473822-1617828288-4062223653-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {959B85B1-F637-4C15-AD9B-B43DB2AA99A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-17] (Google Inc.)
Task: {9BFE74B8-2C1E-45D8-A942-7C562FF9614D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-17] (Google Inc.)
Task: {B0DB1B7A-988F-4CC8-8C78-2042B72D85D0} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3525473822-1617828288-4062223653-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B69F99FC-3F92-4AAC-9399-6B2E727585A9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3525473822-1617828288-4062223653-1000Core => C:\Users\win7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {B7917A1A-B43F-416D-836D-28B1AA310FA5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3525473822-1617828288-4062223653-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E4E017A5-0388-4E19-AABD-CE13AB84700C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3525473822-1617828288-4062223653-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F3259206-B4E6-4E62-96C3-F41A0626156E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3525473822-1617828288-4062223653-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F3DEFD0E-6BC6-4E3F-8969-AA7A1AE6C04C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3525473822-1617828288-4062223653-1000Core.job => C:\Users\win7\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3525473822-1617828288-4062223653-1000UA.job => C:\Users\win7\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-06 20:59 - 2013-04-05 21:26 - 01679360 _____ () C:\Windows\system32\ac3filter.acm
2014-02-10 15:45 - 2013-09-13 12:16 - 00862472 _____ () C:\Program Files\CyberLink\PowerDVD13\common\UNO\UNO.dll
2014-02-10 15:42 - 2013-05-02 01:06 - 00081920 _____ () C:\Program Files\CyberLink\PowerDVD13\Common\koan\_ctypes.pyd
2014-02-10 15:43 - 2013-05-02 01:06 - 00053248 _____ () C:\Program Files\CyberLink\PowerDVD13\Common\Koan\_socket.pyd
2014-02-10 15:43 - 2013-05-02 01:06 - 00655360 _____ () C:\Program Files\CyberLink\PowerDVD13\Common\Koan\_ssl.pyd
2014-02-10 15:44 - 2013-09-13 12:18 - 00043272 _____ () C:\Program Files\CyberLink\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll
2014-02-18 15:26 - 2012-03-12 10:57 - 00414544 _____ () C:\Program Files\Vip mobilni internet\CancelAutoPlay.exe
2014-02-18 15:26 - 2012-05-11 09:41 - 00156448 _____ () C:\Program Files\Vip mobilni internet\UIExec.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-02-18 15:26 - 2012-08-02 08:23 - 00274760 _____ () C:\Program Files\Vip mobilni internet\AssistantServices.exe
2014-02-22 23:20 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-22 23:20 - 2014-02-20 02:02 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-22 23:20 - 2014-02-20 02:02 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-22 23:20 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-22 23:20 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-22 23:20 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-18 15:26 - 2012-08-02 08:23 - 07000392 _____ () C:\Program Files\Vip mobilni internet\UIMain.exe
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2014-02-18 15:26 - 2012-02-21 20:23 - 01515856 _____ () C:\Program Files\Vip mobilni internet\QMI_Server.dll
2014-02-18 15:26 - 2012-08-02 08:23 - 00719176 _____ () C:\Program Files\Vip mobilni internet\CMUpdater.exe
2014-02-18 15:26 - 2011-01-24 20:29 - 00238928 _____ () C:\Program Files\Vip mobilni internet\UICommonDlg.dll
2014-02-18 15:26 - 2011-01-24 20:29 - 00349520 _____ () C:\Program Files\Vip mobilni internet\UISkin.dll
2014-02-18 15:26 - 2011-01-24 20:29 - 00165712 _____ () C:\Program Files\Vip mobilni internet\BIXml.dll
2014-02-18 15:26 - 2011-01-24 20:29 - 00617808 _____ () C:\Program Files\Vip mobilni internet\UpdateAgent.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\ProgramData\Temp:4E0ADA73
AlternateDataStreams: C:\ProgramData\Temp:8CE646EE

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: TuneUp.UtilitiesSvc => 2

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2014 09:51:23 AM) (Source: Google Update) (User: win7-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (02/23/2014 09:51:15 PM) (Source: Google Update) (User: win7-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (02/23/2014 00:51:06 PM) (Source: Google Update) (User: win7-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (02/23/2014 09:51:09 AM) (Source: Google Update) (User: win7-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (02/23/2014 06:51:13 AM) (Source: Google Update) (User: win7-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (02/23/2014 03:50:35 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Nero 2014.; Error = 0x81000101).

Error: (02/23/2014 03:35:10 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Nero 2014.; Error = 0x81000101).

Error: (02/23/2014 03:21:45 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume \\?\Volume{a51b85c9-cce7-11df-8607-806e6f6e6963}\.
The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully.
], Flush[0x00000000, The operation completed successfully.
], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced.
], OnRun[0x00000000, The operation completed successfully.
].


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (02/23/2014 03:21:11 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Nero 2014.; Error = 0x81000101).

Error: (02/23/2014 03:09:37 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Nero 2014.; Error = 0x81000101).


System errors:
=============
Error: (02/24/2014 10:50:50 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 10.86.41.206 with the system
having network hardware address 00-A0-C6-00-00-01. Network operations on this system may
be disrupted as a result.

Error: (02/24/2014 05:47:34 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 10.86.39.112 with the system
having network hardware address 00-A0-C6-00-00-01. Network operations on this system may
be disrupted as a result.

Error: (02/24/2014 02:53:43 AM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 10.82.239.65 with the system
having network hardware address 00-A0-C6-00-00-01. Network operations on this system may
be disrupted as a result.

Error: (02/24/2014 02:23:59 AM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 10.86.207.190 with the system
having network hardware address 00-A0-C6-00-00-01. Network operations on this system may
be disrupted as a result.

Error: (02/23/2014 02:07:29 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (02/23/2014 02:07:09 PM) (Source: DCOM) (User: )
Description: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}

Error: (02/23/2014 02:04:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

Error: (02/23/2014 02:00:50 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Improver service failed to start due to the following error:
%%1053

Error: (02/23/2014 02:00:50 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.

Error: (02/23/2014 01:59:48 PM) (Source: atikmdag) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 93%
Total physical RAM: 764.05 MB
Available physical RAM: 50.54 MB
Total Pagefile: 2791.09 MB
Available Pagefile: 714.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.42 GB) (Free:1.03 GB) NTFS
Drive d: () (Fixed) (Total:74.53 GB) (Free:0.66 GB) NTFS
Drive f: (Vip broadband) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 23412340)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=75 GB) - (Type=OF Extended)

==================== End Of Log ============================

Dopuna: 24 Feb 2014 23:27

Izvinjavam se sto je Addition.txt ovako postavljen,moralo je,otvorio ga notepad

Dopuna: 24 Feb 2014 23:36

Zaboravila sam da kazem,da cesto radim defregmentaciju diska,tako da nije spor komp zbog toga.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

Bundled software uninstaller
FilesFrog Update Checker
Google Toolbar for Internet Explorer
PriceGong 2.6.11
SearchCore for Browsers
SweetIM for Messenger 3.5
SweetIM Toolbar for Internet Explorer 4.1
YouTube Downloader Toolbar v1.0




Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Arrow Korak 3

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [644800 2013-08-30] ()
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\Run: [NextLive] - C:\Windows\system32\rundll32.exe "C:\Users\win7\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_ss&mntrId=00.....1&tsp=5166
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.conduit.com?SearchSource=10&ctid=CT2269050
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKLM - (No Name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - No File
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
SearchScopes: HKCU - 3ADFD602C52048068FE71C5CE710CB61 URL = http://www.smartwebsearch.net/index.php?from=4&q={searchTerms}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=wbst&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=00DC00A0C6000000&affID=128491&tsp=5166
SearchScopes: HKCU - {25B9BDBC-150D-4C17-8EF2-525FDB8F8307} URL = http://search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=589
SearchScopes: HKCU - {329DF456-2B9A-1254-3222-23D6BB4C8442} URL = http://ics.asksearch.com/s/?q={searchTerms}&iesrc={referrer:source?}&cfg=2-441-0-...
SearchScopes: HKCU - {45F2F17C-18E7-4E01-9E67-D7DED8F1DF83} URL = http://start.funmoods.com/results.php?f=4&a=nv1&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6PQn0B10z9&i=26
SearchScopes: HKCU - {D6E3EE4A-BE5B-4C7F-927A-ABE33E590236} URL = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^RS&apn_uid=40d3433e-5b7e-448c-9c74-3b728c873720&apn_sauid=41142CA5-28BC-4C76-988A-B5DDD3B4DD51
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - No Name - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No File
Task: {162E0E00-9A6D-45EE-A3C2-638EA7EAE2FA} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe [2014-02-18] (http://goforfiles.com/) <==== ATTENTION


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum

offline
  • Pridružio: 23 Feb 2014
  • Poruke: 9

FilesFrog Update Checker je nestao iz programa kada sam izbrisala Bundled software uninstaller,a YouTube Downloader Toolbar v1.0 nisam uspela da izbrisem.Probacu korak 2 bez ovoga,pa sta bude.

offline
  • Pridružio: 23 Feb 2014
  • Poruke: 9

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-02-2014 01
Ran by win7 at 2014-02-25 02:22:33 Run:1
Running from C:\Users\win7\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [644800 2013-08-30] ()
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\...\Run: [NextLive] - C:\Windows\system32\rundll32.exe "C:\Users\win7\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = buenosearch.com/?babsrc=HP_ss&mntrId=00.....1&tsp=5166
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = search.conduit.com?SearchSource=10&ctid=CT2269050
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKLM - (No Name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - No File
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
SearchScopes: HKCU - 3ADFD602C52048068FE71C5CE710CB61 URL = smartwebsearch.net/index.php?from=4&q={searchTerms}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = start.facemoods.com/?a=wbst&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=00DC00A0C6000000&affID=128491&tsp=5166
SearchScopes: HKCU - {25B9BDBC-150D-4C17-8EF2-525FDB8F8307} URL = search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=589
SearchScopes: HKCU - {329DF456-2B9A-1254-3222-23D6BB4C8442} URL = ics.asksearch.com/s/?q={searchTerms}&iesrc={referrer:source?}&cfg=2-441-0-...
SearchScopes: HKCU - {45F2F17C-18E7-4E01-9E67-D7DED8F1DF83} URL = start.funmoods.com/results.php?f=4&a=nv1&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6PQn0B10z9&i=26
SearchScopes: HKCU - {D6E3EE4A-BE5B-4C7F-927A-ABE33E590236} URL = websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^RS&apn_uid=40d3433e-5b7e-448c-9c74-3b728c873720&apn_sauid=41142CA5-28BC-4C76-988A-B5DDD3B4DD51
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={FFD1F639-B707-11E0-93D0-CC686A2D1AA9}
BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - No Name - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No File
Task: {162E0E00-9A6D-45EE-A3C2-638EA7EAE2FA} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe [2014-02-18] (http://goforfiles.com/) <==== ATTENTION
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Unable to delete value
HKU\S-1-5-21-3525473822-1617828288-4062223653-1000\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Unable to delete value
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Restore => Value deleted successfully.
Default URLSearchHook was restored successfully .
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} => Unable to delete value
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\3ADFD602C52048068FE71C5CE710CB61 => Key deleted successfully.
HKCR\Wow6432Node\CLSID\3ADFD602C52048068FE71C5CE710CB61 => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} => Key not found.
HKCR\Wow6432Node\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{25B9BDBC-150D-4C17-8EF2-525FDB8F8307} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{25B9BDBC-150D-4C17-8EF2-525FDB8F8307} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{329DF456-2B9A-1254-3222-23D6BB4C8442} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{329DF456-2B9A-1254-3222-23D6BB4C8442} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45F2F17C-18E7-4E01-9E67-D7DED8F1DF83} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{45F2F17C-18E7-4E01-9E67-D7DED8F1DF83} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found.
HKCR\Wow6432Node\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6E3EE4A-BE5B-4C7F-927A-ABE33E590236} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D6E3EE4A-BE5B-4C7F-927A-ABE33E590236} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Unable to delete value
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} => Unable to delete value
HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ED0E8CA5-42FB-4B18-997B-769E0408E79D} => Value deleted successfully.
HKCR\CLSID\{ED0E8CA5-42FB-4B18-997B-769E0408E79D} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{162E0E00-9A6D-45EE-A3C2-638EA7EAE2FA} => Key not found.
C:\Windows\System32\Tasks\GoforFilesUpdate not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate => Key deleted successfully.

==== End of Fixlog ====
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

offline
  • Pridružio: 23 Feb 2014
  • Poruke: 9

Zoek.exe v5.0.0.0 Updated 15-February-2014
Tool run by win7 on Tue 02/25/2014 at 15:58:21.48.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\win7\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2/25/2014 4:06:52 PM Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-02-10 17:11:18 8B138ED363128BFF2C2E1E7FEA9793B4 38 ----a-w- C:\Windows\avisplitter.ini
2014-02-09 23:23:32 D41D8CD98F00B204E9800998ECF8427E 0 ---hatw- C:\Windows\wusa.lock
====== C:\Users\win7\AppData\Local\Temp ====
2014-02-24 23:16:20 5AA3E89A59E3D556B5F9B6D8D8EE3A82 42080 ----a-w- C:\Users\win7\AppData\Local\Temp\bi_cleaner.exe
2014-02-23 17:14:25 C3F5BC905AE7A450ED1C2978AD7B1BA8 8942528 ----a-w- C:\Users\win7\AppData\Local\Temp\uninstall15298643.exe
2014-02-22 23:26:03 40987D8303F1F8C735EA19CF8786AE20 414232 ----a-w- C:\Users\win7\AppData\Local\Temp\BuenoSearchTB[1].exe
2014-02-22 23:04:04 40987D8303F1F8C735EA19CF8786AE20 414232 ----a-w- C:\Users\win7\AppData\Local\Temp\BuenoSearchTB.exe
2014-02-18 14:19:14 1BD976DD77B31FE0F25708AD5C1351AE 319456 ----a-w- C:\Users\win7\AppData\Local\Temp\{E98DD8A2-0C08-45E1-89B4-924EDD432CC9}\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}\difxapi.dll
2014-02-18 13:56:12 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{533E6A33-B7E9-41AF-9564-4BEEA8DC3F5E}\setup.exe
2014-02-18 13:42:41 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{E147A589-634C-46F6-82BA-B16B8EF30DCB}\setup.exe
2014-02-18 13:07:46 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{513356DD-A187-4326-BB1B-C27E705CB835}\setup.exe
2014-02-18 13:07:12 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{BA1079DD-3C4C-4078-81EE-C1269A61EB16}\setup.exe
2014-02-18 13:06:12 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{B6EC2812-D97D-42A2-A1EE-9C1AE2A09F6B}\setup.exe
2014-02-18 12:58:17 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{EB8EAC51-449D-4143-A0FE-9200E7DF8741}\setup.exe
2014-02-18 12:57:50 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{34CC5919-88D0-4A05-99D3-6C084A7F6B0A}\setup.exe
2014-02-18 12:57:12 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{6DED8658-E451-4168-B38C-ECD7801C6610}\setup.exe
2014-02-18 12:55:49 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{9F55AD44-3535-4D28-969C-4CA5836DEE12}\setup.exe
2014-02-18 12:54:54 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{E20DA4C1-9EAD-41CE-BC8B-87E767F59B25}\setup.exe
2014-02-18 12:53:10 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{FC26623C-52A2-431A-A92D-BF7CA957809C}\setup.exe
2014-02-18 12:38:14 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{2A4F7C0D-75E3-4F9E-BD1E-30F93DDF74AF}\setup.exe
2014-02-18 12:17:19 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{09F6AEA8-0640-4467-8D50-08616915D3BD}\setup.exe
2014-02-18 12:06:25 8BB343442755E143A2C7B972FF24F4BF 381256 ----a-w- C:\Users\win7\AppData\Local\Temp\{F39EBA43-6919-4FEE-B449-438330A70E47}\setup.exe
2014-02-18 00:09:12 04D97D753F8FE2737A9E04B3DFD874F7 1338136 ----a-w- C:\Users\win7\AppData\Local\Temp\DownloadManager.exe
2014-02-18 00:05:26 031E44A981406C4067C8A1326393FD08 953844 ----a-w- C:\Users\win7\AppData\Local\Temp\toolbar27173736.exe
2014-02-18 00:02:30 4CE42D5CF5D556A4D429E95B474F413C 2370560 ----a-w- C:\Users\win7\AppData\Local\Temp\uninstall15606386.exe
2014-02-18 00:02:16 F6278B5A16F830885B184D5F72E1B935 947200 ----a-w- C:\Users\win7\AppData\Local\Temp\uninstall15606542.exe
2014-02-17 23:59:15 F6278B5A16F830885B184D5F72E1B935 947200 ----a-w- C:\Users\win7\AppData\Local\Temp\htmlayout.dll
2014-02-14 01:30:09 067D8DDFBF8B8F0EAE9FBC719FD45E8D 224840 ------w- C:\Users\win7\AppData\Local\Temp\jna-win7\jna3283388288477542536.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2014-02-19 04:28:21 B8BF98AB4F9408C0C0AC5504E8BF4BBA 523776 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-19 03:52:59 96484B4ED8FD9838692E3B5896C6DA61 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-19 03:52:57 FFD94811DD4D65FFA5EF36B5C1432B06 163840 ----a-w- C:\Windows\System32\msrating.dll
2014-02-19 03:52:57 2F867C9A274B4C731E3ADB9BAF3337C4 690688 ----a-w- C:\Windows\System32\jscript.dll
2014-02-19 03:52:54 0AAE2EE5A85EA18E00079CAF359B9387 2877952 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-19 03:52:53 6733B2B5EEA3243E1B0FC5EABDA7223B 39936 ----a-w- C:\Windows\System32\jsproxy.dll
2014-02-19 03:52:51 71EB230269480E7F5F62E46261404B10 61440 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-19 03:52:49 2060E914C746DA531EE593098DA4A45E 391168 ----a-w- C:\Windows\System32\ieui.dll
2014-02-19 03:52:46 952B209CA4A39FB67C9CF110B9855583 493056 ----a-w- C:\Windows\System32\msfeeds.dll
2014-02-19 03:52:45 E016BB18F1D978772EF5D1662E536372 33280 ----a-w- C:\Windows\System32\iernonce.dll
2014-02-19 03:52:45 562607B4083D6C702742167F16C0E705 42496 ----a-w- C:\Windows\System32\ie4uinit.exe
2014-02-19 03:52:43 E8D832E99CD4CDA14FACCC7A5F47EB00 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-02-19 03:52:42 A66F7525EBF8530C495D10E742FCDA2B 109056 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-19 03:52:41 66A313E15312F666829D024235B1BA24 1140736 ----a-w- C:\Windows\System32\urlmon.dll
2014-02-19 03:52:39 5DC326473A638CC67EA5A4AF4C776BEB 2049024 ----a-w- C:\Windows\System32\iertutil.dll
2014-02-19 03:52:29 1FF83D2BE92B40DAE234CF4236680B6E 1767936 ----a-w- C:\Windows\System32\wininet.dll
2014-02-19 03:52:23 FAF025218BF7A20BDD899C097B86E4A8 13760512 ----a-w- C:\Windows\System32\ieframe.dll
2014-02-19 03:51:46 4098C722E878697489F0207108C8E0DA 14359040 ----a-w- C:\Windows\System32\mshtml.dll
2014-02-19 02:40:49 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2014-02-19 02:40:48 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\System32\RMActivate.exe
2014-02-19 02:40:47 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2014-02-19 02:40:46 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\System32\secproc_isv.dll
2014-02-19 02:40:46 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2014-02-19 02:40:44 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\System32\secproc.dll
2014-02-19 02:40:43 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\System32\msdrm.dll
2014-02-19 02:40:42 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\System32\secproc_ssp.dll
2014-02-19 02:40:39 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2014-02-18 01:40:05 5C3739F97D09CAF8ABCC0A1F14C82A49 258048 ----a-w- C:\Windows\System32\libFLAC.dll
2014-02-18 01:40:03 50816F543DF3FDDDDFAFE9EC4BDE636A 276992 ----a-w- C:\Windows\System32\BugTrap.dll
2014-02-18 01:39:59 C83CBDC7231410784D0F828C0B3C12A9 2106368 ----a-w- C:\Windows\System32\ac3filter.ax
====== C:\Windows\system32\drivers =====
2014-02-23 17:06:22 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-18 14:27:31 9417C311E7257634FE735F82035425F3 107520 ----a-w- C:\Windows\System32\drivers\ZTEusbser6k.sys
2014-02-18 14:27:31 9417C311E7257634FE735F82035425F3 107520 ----a-w- C:\Windows\System32\drivers\ZTEusbnmea.sys
2014-02-18 14:27:31 9417C311E7257634FE735F82035425F3 107520 ----a-w- C:\Windows\System32\drivers\ZTEusbmdm6k.sys
2014-02-18 14:27:31 3D38F3270927DA78B367B57D19CBB7FC 116736 ----a-w- C:\Windows\System32\drivers\ZTEusbnet.sys
2014-02-08 16:54:59 CBEAEA2729985BFB260641AB424E0166 320120 ----a-w- C:\Windows\System32\drivers\sptd.sys
====== C:\Windows\Tasks ======
2014-02-22 23:30:25 69ECB252274654BC33C7B864D3E9480E 3100 ----a-w- C:\Windows\system32\Tasks\{29CDE68F-B407-4905-B19E-DAE954281966}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-02-23 11:55:42 -------- d-----w- C:\Program Files\CDBurnerXP
2014-02-22 23:29:10 -------- d-----w- C:\Program Files\TimeAdjuster
2014-02-18 15:59:49 -------- d-----w- C:\Program Files\Artweaver Free 4
2014-02-18 15:42:58 -------- d-----w- C:\Program Files\DoubleCAD XT v5
2014-02-18 14:25:45 -------- d-----w- C:\Program Files\Vip mobilni internet
2014-02-18 01:48:08 -------- d-----w- C:\Program Files\ALLPlayer Remote
2014-02-18 01:36:49 -------- d-----w- C:\Program Files\ALLPlayer
2014-02-10 19:53:49 -------- d-----w- C:\Program Files\PowerDVD
2014-02-10 17:41:13 -------- d-----w- C:\Program Files\x264vfw
2014-02-10 14:37:53 -------- d-----w- C:\Program Files\CyberLink
2014-02-10 13:43:15 -------- d-----w- C:\Program Files\AVGo
2014-02-10 02:53:08 -------- d-----w- C:\Program Files\Common Files\AVSMedia
2014-02-10 02:52:58 -------- d-----w- C:\Program Files\AVS4YOU
2014-02-10 02:14:22 -------- d-----w- C:\Program Files\MediaCoder
2014-02-09 23:19:59 -------- d-----w- C:\Program Files\ffdshow
2014-02-09 23:15:48 -------- d-----w- C:\Program Files\Haali
2014-02-09 23:13:59 -------- d-----w- C:\Program Files\AviSynth 2.5
2014-02-09 23:00:57 -------- d-----w- C:\Program Files\Common Files\SourceTec
2014-02-09 22:59:18 -------- d-----w- C:\Program Files\SourceTec
2014-02-08 18:55:48 -------- d-----w- C:\Program Files\MSXML 4.0
2014-02-08 17:32:27 -------- d-----w- C:\Program Files\Totally Free Burner
2014-02-08 16:45:31 -------- d-----w- C:\Program Files\StarBurn Software
2014-02-06 21:15:17 -------- d-----w- C:\Program Files\Subtitle Workshop
2014-02-06 20:10:35 -------- d-----w- C:\Program Files\VSFilter
2014-02-06 19:58:23 -------- d-----w- C:\Program Files\AC3Filter
2014-02-06 19:56:56 -------- d-----w- C:\Program Files\DirectVobSub
2014-02-06 18:28:12 -------- d-----w- C:\Program Files\XviD
2014-02-06 16:54:07 -------- d-----w- C:\Program Files\SnowFox Software
2014-02-05 23:17:32 -------- d-----w- C:\Program Files\Convert Srt to Ssa
2014-02-05 23:02:53 -------- d-----w- C:\Program Files\Macallan
2014-02-04 23:56:26 -------- d-----w- C:\Program Files\VirtualDub
2014-02-01 18:05:51 -------- d-----w- C:\Program Files\FreeTime
======= C: =====
====== C:\Users\win7\AppData\Roaming ======
2014-02-23 11:55:58 -------- d-----w- C:\Users\win7\AppData\Roaming\Canneverbe Limited
2014-02-22 23:29:15 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TimeAdjuster
2014-02-22 03:14:00 -------- d-----w- C:\Users\win7\AppData\Roaming\Artweaver Free
2014-02-18 17:21:53 -------- d-----w- C:\Users\win7\AppData\Local\Nero
2014-02-18 16:33:04 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-02-17 00:34:34 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\win7\AppData\Roaming\.NANotifyHere
2014-02-10 17:41:16 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264vfw
2014-02-10 15:02:44 -------- d-----w- C:\Users\win7\AppData\Local\Cyberlink SoftDMA
2014-02-10 14:59:41 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\MediaServer
2014-02-10 14:59:36 -------- d-----w- C:\Users\win7\AppData\Local\MediaServer
2014-02-10 14:57:07 -------- d-----w- C:\Users\win7\AppData\Local\Cyberlink
2014-02-10 03:03:39 -------- d-----w- C:\Users\win7\AppData\Roaming\AVS4YOU
2014-02-10 03:01:25 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-02-10 02:16:48 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
2014-02-10 02:14:47 -------- d-----w- C:\Users\win7\AppData\Roaming\Mediatronic
2014-02-09 23:16:52 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-02-09 23:14:37 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-02-08 23:53:19 -------- d-----w- C:\Users\win7\AppData\Local\Diagnostics
2014-02-08 19:12:18 -------- d-----w- C:\Users\win7\AppData\Roaming\StarBurn
2014-02-08 17:33:25 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Totally Free Burner
2014-02-08 16:45:33 -------- d-----w- C:\Users\win7\AppData\Roaming\MediaFilters
2014-02-06 21:11:54 -------- d-----w- C:\Users\win7\AppData\Local\CrashRpt
2014-02-06 20:01:02 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter
2014-02-06 19:57:49 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DivX
2014-02-06 18:28:12 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
2014-02-05 23:03:56 -------- d-----w- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macallan
2014-01-27 16:54:50 -------- d-----w- C:\Users\win7\AppData\Roaming\BSplayer Pro
2014-01-27 16:54:49 -------- d-----w- C:\Users\win7\AppData\Roaming\BSplayer
====== C:\Users\win7 ======
2014-02-25 02:23:48 80EF5B894A2F143F1C20D90AB24FBE6C 228864 ----a-w- C:\Users\win7\Desktop\SUB2SSA.exe
2014-02-25 00:33:06 0840EB50F38B3A9BBA2D24780AEB07A6 1241834 ----a-w- C:\Users\win7\Desktop\AdwCleaner.exe
2014-02-24 22:03:01 9493E71C25E2EE545E9BEF70CD7683EA 1144320 ----a-w- C:\Users\win7\Desktop\FRST.exe
2014-02-23 17:01:49 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\win7\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 13:29:31 -------- d-----w- C:\ProgramData\Canneverbe Limited
2014-02-23 02:37:09 E22C61FCF2247D259F3F6433E307F39D 5284632 ----a-w- C:\Users\win7\Downloads\cdbxp_setup_4.5.2.4478.exe
2014-02-22 23:29:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeAdjuster
2014-02-22 23:20:12 E98D5DE4298831307ECA0813BB1D5AF7 401736 ----a-w- C:\Users\win7\Downloads\SoftonicDownloader_for_time-adjuster.exe
2014-02-22 22:58:03 70C12B70A924392235A4939F44BE588B 401744 ----a-w- C:\Users\win7\Downloads\SoftonicDownloader_for_subtitle-workshop.exe
2014-02-18 16:09:44 82E16C8B81AAC8B8A547B6985498D060 32247936 ----a-w- C:\Users\win7\Downloads\KMPlayer_3.8.0.120.exe
2014-02-18 16:00:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artweaver Free
2014-02-18 15:59:49 -------- d-----w- C:\ProgramData\Artweaver Free
2014-02-18 15:53:42 8F64B3CAE93280771BE4D03F3E83FB99 9032880 ----a-w- C:\Users\win7\Downloads\Artweaver.exe
2014-02-18 14:27:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vip mobilni internet
2014-02-18 01:48:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer Remote Control
2014-02-18 01:43:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
2014-02-18 01:41:41 9D300552E2B6FB066F7D1A338E76D891 2023808 ----a-w- C:\Users\win7\Desktop\CatzillaDownloader.exe
2014-02-18 01:36:49 -------- d-----w- C:\ProgramData\ALLPlayer
2014-02-17 22:32:19 6D63C644D240E0341787218645A22F76 39616040 ----a-w- C:\Users\win7\Downloads\ALLPlayerEN.exe
2014-02-14 01:01:28 561EA645AC459236272DF65EA3DA86F5 69560435 ----a-w- C:\Users\win7\Downloads\nettv_player_pc_v400.exe
2014-02-10 17:41:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
2014-02-10 17:11:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-02-10 14:53:10 -------- d-----w- C:\ProgramData\PDVD
2014-02-10 14:52:51 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13
2014-02-10 14:28:08 -------- d-----w- C:\ProgramData\install_clap
2014-02-10 13:43:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVGo Video Converter
2014-02-10 02:57:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-02-10 02:52:58 -------- d-----w- C:\ProgramData\AVS4YOU
2014-02-09 23:16:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-02-09 23:14:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-02-09 23:08:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
2014-02-08 23:03:36 -------- d-----w- C:\Users\win7\.android
2014-02-08 16:46:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarBurn Software
2014-02-06 20:10:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter
2014-02-06 19:58:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2014-02-06 19:57:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-02-06 18:28:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
2014-02-06 16:54:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnowFox Software
2014-01-27 16:56:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player

====== C: exe-files ==
2014-02-25 01:22:32 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSHEFGVN\FRST[1].exe
2014-02-24 23:15:42 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QSHEFGVN\bi_cleaner[1].exe
2014-02-23 11:55:49 8189348359B3F2D665E4A372A85CE28B 24392 ----a-w- C:\Program Files\CDBurnerXP\updater.exe
2014-02-23 11:55:49 07409CADE03F0A16B9F2985CDFDB79FA 1734984 ----a-w- C:\Program Files\CDBurnerXP\cdbxpp.exe
2014-02-23 11:55:49 0615EB2BA58ED90DE000BF7889FB600F 25928 ----a-w- C:\Program Files\CDBurnerXP\cdbxpcmd.exe
2014-02-23 11:55:42 FC8007495A4105259F24C845369AB38F 1565759 ----a-w- C:\Program Files\CDBurnerXP\unins000.exe
2014-02-22 23:29:14 24D1A52F1E1C68746F811BC56010DFEE 80329 ----a-w- C:\Program Files\TimeAdjuster\Uninstall.exe
2014-02-22 23:08:57 03D713B1B1D27CC402A53EFB261E310F 819712 ----a-w- C:\Program Files\Subtitle Workshop\SubtitleWorkshop4.exe
2014-02-22 20:22:10 A4F0C36642681927FA53CD6A90CA2975 7620312 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.117\33.0.1750.117_32.0.1700.107_chrome_updater.exe
2014-02-19 03:52:51 BC327B65D38FF611B40A718AFC6C248B 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-02-19 03:52:24 B04EE6BFF70C11D478680BB74E1D33AB 770736 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-02-18 16:35:21 16F2ABA1EC0AB1F1F4E5E256CBEF07C0 19517744 ----a-w- C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZW1FD8E\goods-376-4797[1].exe
2014-02-18 16:30:48 9961E8970E388DD90109929C3A452B34 126971 ----a-w- C:\The KMPlayer\uninstall.exe
2014-02-18 16:00:38 7872C76584EAEA20AF8D13EBF4310445 60184 ----a-w- C:\Program Files\Artweaver Free 4\Updater\UPU.exe
2014-02-18 15:59:54 6B0098E2DE987A59EAACA816D0FCFBF2 7324440 ----a-w- C:\Program Files\Artweaver Free 4\Artweaver.exe
2014-02-18 15:59:52 4CD6E02B013BB519F02FF75257859EA9 1198793 ----a-w- C:\Program Files\Artweaver Free 4\unins000.exe
=== C: other files ==
2014-02-25 01:51:34 387CA2B50F3B3803429602BCA373EF63 287217 ----a-w- C:\Users\win7\Downloads\SUBtoSSA.zip

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default
- Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Undetermined - %AppDir%\extensions\youtubedownloader@mybrowserbar.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Undetermined - %AppDir%\extensions\dealio@mybrowserbar.com
- Undetermined - %AppDir%\extensions\searchsettings@spigot.com

==== Firefox Plugins ======================

Profilepath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\win7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
380F9A643A149B9030142E7171EFA91B - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
99F97C9FE748C37528C338A423577FCB - C:\Users\win7\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bpegkgagfojjbcpkihigfmkojdmmimdf - No path found[]
ehgldbbpchgpcfagfpfjgoomddhccfgh - No path found[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[]
jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[06/22/2013 07:34 AM]
mfhbefhmbfeijngaeeipckikabideogj - C:\Program Files\BFlix\BFlix.crx[]
mhfdcmehmjcclgopdodkjdicohagipid - C:\Users\win7\AppData\Local\Temp\crx28FE.tmp[]
naipdapbimiiikbbgjcpbgmfhnlbagpj - C:\Users\win7\AppData\Local\Temp\ccex.crx[]

Google Docs - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Allin1Convert - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl
Night Time In New York City - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek
message Download YouTube RapidShare VK.com and 40 sites in one click. - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl
Google Wallet - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
{AB79D3B4-AEDB-428a-B504-BAC00521A1C7} Bing Url="http://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q={searchTerms}&src=IE-SearchBox"
{D8184542-C3A8-4806-A664-634367108F8C} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Tue 02/25/2014 at 16:17:35.91 ======================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

C:\Users\win7\Downloads\SoftonicDownloader_for_time-adjuster.exe;f
C:\Users\win7\Downloads\SoftonicDownloader_for_subtitle-workshop.exe;f
C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com;fs
bpegkgagfojjbcpkihigfmkojdmmimdf;chr
ehgldbbpchgpcfagfpfjgoomddhccfgh;chr
mfhbefhmbfeijngaeeipckikabideogj;chr
C:\Program Files\BFlix;fs
mhfdcmehmjcclgopdodkjdicohagipid;chr
naipdapbimiiikbbgjcpbgmfhnlbagpj;chr
mdpljndcmbeikfnlflcggaipgnhiedbl;chr
emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.



Question

Kakvo je sada stanje sistema?

offline
  • Pridružio: 23 Feb 2014
  • Poruke: 9

Stanje je trenutno ok,malo bolje nego pre "ciscenja".Obzirom da je i ranije bilo situacija kada radi savrseno i kada koci,konacan rezultat mogu javiti za par dana.





Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by win7 on Tue 02/25/2014 at 17:09:34.41.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\win7\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-25-151735.log 25141 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3525473822-1617828288-4062223653-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3049C3E9-B461-4BC5-8870-4C09146192CA} deleted successfully
HKEY_USERS\S-1-5-21-3525473822-1617828288-4062223653-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3049C3E9-B461-4BC5-8870-4C09146192CA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3525473822-1617828288-4062223653-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully
HKEY_USERS\S-1-5-21-3525473822-1617828288-4062223653-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51A86BB3-6602-4C85-92A5-130EE4864F13} deleted successfully
HKEY_USERS\S-1-5-21-3525473822-1617828288-4062223653-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} deleted successfully
HKEY_USERS\S-1-5-21-3525473822-1617828288-4062223653-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} deleted successfully
HKEY_USERS\S-1-5-21-3525473822-1617828288-4062223653-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{34712C68-7391-4c47-94F3-8F88D49AD632} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{FCE04E1F-9378-4f39-96F6-5689A9159E45} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default

user.js not found
---- Lines babsrc removed from prefs.js ----
user_pref("browser.startup.homepage", "http://www.buenosearch.com/?babsrc=HP_ss&mntrId=00DC00A0C6000000&affID=128491&tsp=5166");
user_pref("browser.newtab.url", "http://www.buenosearch.com/?babsrc=NT_ss&mntrId=00DC00A0C6000000&affID=128491&tsp=5166");
---- Lines WebSearch modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"m3ffxtbr@mywebsearch.com\":{\"descriptor\":\"C:\\\\Program Files\
---- Lines ffxtbr modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"m3ffxtbr@mydisabled.com\":{\"descriptor\":\"C:\\\\Program Files\\
---- FireFox user.js and prefs.js backups ----

prefs_20140225_0538_.backup

ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\hcn0ewwx.default

prefs.js not found
user.js not found
---- FireFox user.js and prefs.js backups ----


==== Deleting Files \ Folders ======================

C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com not found
C:\Program Files\BFlix not found
C:\Users\win7\daemonprocess.txt deleted
C:\Users\win7\.android deleted
C:\Program Files\Alawar deleted
C:\Program Files\PHPNukeEN deleted
C:\Program Files\BS_Player deleted
C:\Program Files\Common Files\Wondershare deleted
C:\Users\win7\AppData\Roaming\Wondershare deleted
C:\Users\win7\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\win7\AppData\Local\CRE deleted
C:\Users\win7\AppData\Local\Wondershare deleted
C:\Users\win7\AppData\Local\cache deleted
C:\Users\win7\Downloads\SoftonicDownloader_for_subtitle-workshop.exe deleted
C:\Users\win7\Downloads\SoftonicDownloader_for_time-adjuster.exe deleted
C:\Users\win7\AppData\LocalLow\imeshmediabartb deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\user.js deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\win7\Desktop\CatzillaDownloader.exe deleted
C:\Users\win7\Desktop\Free YouTube Downloader Converter on the Web.lnk deleted
C:\Users\win7\Desktop\SnowFox YouTube Downloader HD.lnk deleted
"C:\Users\win7\AppData\Roaming\.NANotifyHere" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default
- Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Undetermined - %AppDir%\extensions\youtubedownloader@mybrowserbar.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Undetermined - %AppDir%\extensions\dealio@mybrowserbar.com
- Undetermined - %AppDir%\extensions\searchsettings@spigot.com

==== Firefox Plugins ======================

Profilepath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\koatksg8.default
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\win7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
380F9A643A149B9030142E7171EFA91B - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
99F97C9FE748C37528C338A423577FCB - C:\Users\win7\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bpegkgagfojjbcpkihigfmkojdmmimdf - No path found[]
ehgldbbpchgpcfagfpfjgoomddhccfgh - No path found[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[]
jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[06/22/2013 07:34 AM]
mfhbefhmbfeijngaeeipckikabideogj - C:\Program Files\BFlix\BFlix.crx[]
mhfdcmehmjcclgopdodkjdicohagipid - C:\Users\win7\AppData\Local\Temp\crx28FE.tmp[]
naipdapbimiiikbbgjcpbgmfhnlbagpj - C:\Users\win7\AppData\Local\Temp\ccex.crx[]

Google Docs - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Allin1Convert - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl
Night Time In New York City - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek
message Download YouTube RapidShare VK.com and 40 sites in one click. - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl
Google Wallet - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.conduitapps.com_0.localstorage deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_youtube.conduitapps.com_0.localstorage deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_youtube.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.babylon-idiomas.com_0.localstorage deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.babylon-idiomas.com_0.localstorage-journal deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_besthd-blu-ray-to-mp4-converter.en.softonic.com_0.localstorage deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_besthd-blu-ray-to-mp4-converter.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdpljndcmbeikfnlflcggaipgnhiedbl_0.localstorage deleted successfully
C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdpljndcmbeikfnlflcggaipgnhiedbl_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{AB79D3B4-AEDB-428a-B504-BAC00521A1C7} Bing Url="http://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q={searchTerms}&src=IE-SearchBox"
{D8184542-C3A8-4806-A664-634367108F8C} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2621A4C0-4C4F-69C0-45BE-660DB14582BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mfhbefhmbfeijngaeeipckikabideogj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\naipdapbimiiikbbgjcpbgmfhnlbagpj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully

==== Empty IE Cache ======================

C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\win7\AppData\Local\Mozilla\Firefox\Profiles\koatksg8.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=90 folders=39 18267345 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\win7\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\win7\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Tue 02/25/2014 at 17:59:51.50 ======================

Ko je trenutno na forumu
 

Ukupno su 897 korisnika na forumu :: 14 registrovanih, 1 sakriven i 882 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, drimer, ekser222, Istman, Kruger, mean_machine, mgolub, mnn2, operniki, panzerwaffe, RecA, Tvrtko I, W123, zzapNDjuric99