MyCity » Ambulanta -> Arhiva Ambulante » Moguci ADWare

Moguci ADWare

Napisano na dan: 11.10.2013
1

Moguci ADWare
Sledeća strana Pagination

Idi na vrh

Poslao: 11 Okt 2013 04:16
Idi na vrh
offline
  • Windows Server Administration-ITAcademy
  • Pridružio: 16 Apr 2010
  • Poruke: 152
  • Gde živiš: Negde u svetu

Napisano: 11 Okt 2013 3:48

Pozdrav Ambulanti i AMF team-u! Smile
pre par dana mi se pojavljuju na forumima "Ads not my this site" kutije,
cak i kad imam adblocker ukljucen.
okacicu log file od DDS-a i MBAM
Koristim AVG Internet security 2013
Internet: Open ADSL 6mbps down 1mbps up
Probao sam da se resim adware-a sa MBAM i AVG ali nisam uspeo.

DDS Log:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.40.2
Run by Acid_Boom at 3:33:45 on 2013-10-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1080 [GMT 2:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Enabled*
.
============== Running Processes ================
.
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\PixArt\PAC7302\Monitor.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Skillbrains\lightshot\4.4.2.0\LightShot.exe
E:\Program Files\Overwolf\Overwolf.exe
E:\Program Files\LOLReplay\LOLRecorder.exe
E:\Program Files\Java\jre7\bin\jqs.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\System32\alg.exe
E:\Program Files\Skype\Phone\Skype.exe
e:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Mozilla Firefox\plugin-container.exe
E:\Program Files\Mozilla Firefox\plugin-container.exe
F:\Program Files\Steem\Steam.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\WINDOWS\System32\svchost.exe -k netsvcs
E:\WINDOWS\system32\svchost.exe -k NetworkService
E:\WINDOWS\system32\svchost.exe -k LocalService
E:\WINDOWS\system32\svchost.exe -k imgsvc
E:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - e:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - e:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - e:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] e:\windows\system32\ctfmon.exe
uRun: [LightShot] e:\documents and settings\acid_boom\local settings\application data\skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
uRun: [Steam] "f:\program files\steem\Steam.exe" -silent
uRun: [Overwolf] e:\program files\overwolf\Overwolf.exe -silent
mRun: [AVG_UI] "e:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [GrooveMonitor] "e:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE e:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE e:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] e:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [PAC7302_Monitor] e:\windows\pixart\pac7302\Monitor.exe
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\lolrec~1.lnk - e:\program files\lolreplay\LOLRecorder.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - e:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - e:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{4B396A69-C905-4651-814F-0B58BD8BBBA9} : DHCPNameServer = 192.168.1.1 0.0.0.0
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - e:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - e:\program files\common files\skype\Skype4COM.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - e:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 mpa.one.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3289075&CUI=UN66839052418783320&UM=1&SearchSource=13
FF - prefs.js: keyword.URL -
FF - plugin: e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}\plugins\np-mswmp.dll
FF - plugin: e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: e:\documents and settings\acid_boom\application data\raidcall\plugins\nprcplugin.dll
FF - plugin: e:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: e:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - plugin: e:\windows\system32\npDeployJava1.dll
FF - plugin: e:\windows\system32\npptools.dll
FF - ExtSQL: 2013-09-13 19:33; https-everywhere@eff.org; e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\https-everywhere@eff.org
FF - ExtSQL: 2013-09-13 19:34; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-09-13 20:19; {2c93446d-612b-416d-9af0-b7355797b611}; e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
FF - ExtSQL: 2013-09-13 20:31; {20a82645-c095-46ed-80e3-08825760534b}; e:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-09-14 18:56; {96f454ea-9d38-474f-b504-56193e00c1a5}; e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
FF - ExtSQL: 2013-10-02 03:51; jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack; e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi
FF - ExtSQL: 2013-10-08 18:37; ila.temw@ayglxrm.edu; e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\ila.temw@ayglxrm.edu
FF - ExtSQL: 2013-10-08 18:38; hz57.eye@ayoo-hgoxcdonou.com; e:\documents and settings\acid_boom\application data\mozilla\firefox\profiles\tx3eee75.default\extensions\hz57.eye@ayoo-hgoxcdonou.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;e:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;e:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;e:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;e:\windows\system32\drivers\avgrkx86.sys [2013-9-5 39224]
R1 AVGIDSDriver;AVGIDSDriver;e:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;e:\windows\system32\drivers\avgidsshimx.sys [2013-9-10 22328]
R1 Avgldx86;AVG AVI Loader Driver;e:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;e:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R2 avgfws;AVG Firewall;e:\program files\avg\avg2013\avgfws.exe [2013-9-4 1432080]
R2 AVGIDSAgent;AVGIDSAgent;e:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;e:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R3 Avgfwdx;Avgfwdx;e:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;e:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;e:\program files\skype\updater\Updater.exe [2013-7-25 162672]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [2013-9-13 1691480]
S3 Avgfwfd;AVG network filter service;e:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
S3 OverwolfUpdaterService;Overwolf Updater Service;e:\program files\overwolf\OverwolfUpdater.exe [2013-10-9 18360]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;e:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-10-10 14:29:24 -------- d-----w- e:\documents and settings\acid_boom\application data\Malwarebytes
2013-10-10 14:29:13 -------- d-----w- e:\documents and settings\all users\application data\Malwarebytes
2013-10-10 14:29:12 22856 ----a-w- e:\windows\system32\drivers\mbam.sys
2013-10-10 14:29:12 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2013-10-10 11:27:55 -------- d-----w- e:\documents and settings\acid_boom\Overwolf
2013-10-09 21:36:47 -------- d-sh--w- e:\windows\ftpcache
2013-10-09 19:14:13 -------- d-----w- e:\program files\Overwolf
2013-10-09 19:14:13 -------- d-----w- e:\program files\common files\Overwolf
2013-10-09 19:13:01 -------- d-sh--w- e:\documents and settings\acid_boom\PrivacIE
2013-10-09 10:32:58 -------- d-----w- e:\program files\PCSX2 1.0.0
2013-10-09 01:26:42 216064 ----a-w- e:\windows\system32\LAGARITH.DLL
2013-10-09 01:24:53 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Dxtory Software
2013-10-09 01:24:48 8300544 ----a-w- e:\windows\system32\DxtoryCodec.dll
2013-10-09 01:24:47 -------- d-----w- e:\program files\Dxtory Software
2013-10-09 01:23:50 -------- d-----w- E:\dxtory
2013-10-09 00:31:59 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\TeknoGods
2013-10-08 16:38:08 -------- d-----w- e:\documents and settings\all users\application data\SummerSoft
2013-10-08 16:37:41 -------- d-----w- e:\documents and settings\all users\application data\SearchNewTab
2013-10-08 16:37:30 -------- d-----w- e:\program files\Ss.Helper
2013-10-08 16:37:08 -------- d-----w- e:\documents and settings\all users\application data\Downloiad keepeir
2013-10-08 16:36:11 -------- d-----w- e:\documents and settings\all users\application data\InstallMate
2013-10-01 18:54:28 -------- d-----w- e:\program files\LOLReplay
2013-09-30 10:08:53 -------- d-----w- E:\Dargon
2013-09-29 18:56:23 -------- d-----w- e:\documents and settings\acid_boom\application data\.minecraft
2013-09-29 18:55:08 -------- d-----w- e:\documents and settings\acid_boom\application data\Craften Terminal
2013-09-29 18:54:54 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Craften.de
2013-09-29 18:54:32 -------- d-----w- e:\program files\Craften Terminal
2013-09-28 12:11:12 -------- d-----w- e:\documents and settings\acid_boom\application data\raidcall
2013-09-28 12:10:56 -------- d-----w- e:\program files\RaidCall
2013-09-27 12:12:08 14848 ----a-w- e:\windows\system32\3Dcc.CPL
2013-09-27 12:12:08 -------- d-----w- e:\program files\JaSMiN Co
2013-09-27 02:13:33 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Sun
2013-09-27 02:11:34 48128 ----a-w- e:\windows\system32\Remove.exe
2013-09-27 02:11:34 -------- d-----w- e:\program files\common files\Eye 312
2013-09-27 02:11:33 6656 ----a-w- e:\windows\system32\CoInst_070614.dll
2013-09-27 02:11:33 457856 ----a-w- e:\windows\system32\drivers\PAC7302.SYS
2013-09-27 02:11:31 129024 ----a-w- e:\windows\system32\SP7302.ax
2013-09-27 02:11:30 14336 ----a-w- e:\windows\system32\P7302USD.dll
2013-09-27 02:11:30 -------- d-----w- e:\windows\PixArt
2013-09-27 02:11:30 -------- d-----w- e:\program files\common files\Pac7302
2013-09-25 01:53:12 -------- d-----w- e:\documents and settings\acid_boom\application data\.technic
2013-09-25 01:53:01 868264 ----a-w- e:\windows\system32\npDeployJava1.dll
2013-09-25 01:53:01 790440 ----a-w- e:\windows\system32\deployJava1.dll
2013-09-25 01:53:01 144896 ----a-w- e:\windows\system32\javacpl.cpl
2013-09-25 01:52:54 94632 ----a-w- e:\windows\system32\WindowsAccessBridge.dll
2013-09-24 15:13:24 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\gtk-2.0
2013-09-24 15:08:28 -------- d-----w- e:\documents and settings\acid_boom\application data\.purple
2013-09-24 15:07:23 -------- d-----w- e:\program files\Combined Community Codec Pack
2013-09-24 15:06:44 -------- d-----w- e:\program files\VideoLAN
2013-09-24 14:27:42 503808 ----a-w- e:\windows\system32\msvcp71.dll
2013-09-24 14:27:42 348160 ----a-w- e:\windows\system32\msvcr71.dll
2013-09-24 14:27:42 1060864 ----a-w- e:\windows\system32\mfc71.dll
2013-09-24 14:27:37 -------- d-----w- e:\windows\Album
2013-09-24 14:27:36 -------- d-----w- e:\program files\KYE
2013-09-23 20:00:48 -------- d-----w- e:\documents and settings\acid_boom\application data\foobar2000
2013-09-23 20:00:20 -------- d-----w- e:\documents and settings\acid_boom\application data\Boom Audio Player
2013-09-23 19:59:50 -------- d-----w- e:\program files\foobar2000
2013-09-23 19:52:00 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Flvto Youtube Downloader
2013-09-22 23:59:40 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Chromium
2013-09-22 23:59:35 283032 ----a-w- e:\windows\system32\PnkBstrB.xtr
2013-09-22 23:59:29 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\PunkBuster
2013-09-22 22:50:46 -------- d-sh--w- e:\documents and settings\acid_boom\IETldCache
2013-09-22 22:33:50 -------- dc-h--w- e:\windows\ie8
2013-09-22 22:17:57 22328 ----a-w- e:\windows\system32\drivers\PnkBstrK.sys
2013-09-22 22:17:56 22328 ----a-w- e:\documents and settings\acid_boom\application data\PnkBstrK.sys
2013-09-22 22:17:24 283032 ----a-w- e:\windows\system32\PnkBstrB.ex0
2013-09-22 22:17:24 103736 ----a-w- e:\windows\system32\PnkBstrB.exe
2013-09-22 22:17:23 66872 ----a-w- e:\windows\system32\PnkBstrA.exe
2013-09-22 22:17:23 3130440 ----a-w- e:\windows\system32\pbsvc_blr.exe
2013-09-22 22:17:23 -------- d-----w- e:\windows\system32\LogFiles
2013-09-22 22:17:21 -------- d-----w- e:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2013-09-22 22:17:16 -------- d-----w- e:\program files\common files\Wise Installation Wizard
2013-09-22 14:34:28 -------- d-----w- e:\program files\CCleaner
2013-09-22 14:32:36 -------- d-----w- e:\program files\TaskSwitchXP
2013-09-22 14:27:58 266360 ----a-w- e:\windows\system32\TweakUI.exe
2013-09-21 20:30:10 -------- d-----w- e:\program files\Call Graph
2013-09-21 20:30:10 -------- d-----w- e:\documents and settings\acid_boom\application data\Call Graph
2013-09-21 15:19:15 23552 ----a-w- e:\windows\system32\normaliz.dll
2013-09-21 15:19:14 -------- d-----w- e:\program files\common files\DVDVideoSoft
2013-09-21 15:19:14 -------- d-----w- e:\documents and settings\acid_boom\application data\DVDVideoSoft
2013-09-21 15:19:13 -------- d-----w- e:\program files\DVDVideoSoft
2013-09-21 14:55:05 -------- d-----w- E:\Sound
2013-09-21 14:55:05 -------- d-----w- E:\Material
2013-09-21 14:50:21 -------- d-----w- e:\documents and settings\acid_boom\.MCReferenceSdk
2013-09-21 14:47:20 -------- d-----w- e:\windows\SxsCaPendDel
2013-09-21 14:46:27 -------- d-----w- e:\program files\Lightworks
2013-09-21 14:42:02 -------- d-----w- e:\program files\Audacity
2013-09-21 14:15:03 -------- d-----w- e:\program files\common files\Steam
2013-09-21 14:02:00 -------- d-----w- e:\documents and settings\acid_boom\application data\FastStone
2013-09-20 18:53:13 -------- d-----w- e:\documents and settings\acid_boom\application data\NVIDIA
2013-09-19 13:00:55 -------- d-----w- e:\program files\Bandicam
2013-09-18 19:07:15 -------- d-----w- e:\program files\Paint.NET
2013-09-18 19:07:09 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Paint.NET
2013-09-18 16:52:34 -------- d-----w- e:\documents and settings\acid_boom\application data\BANDISOFT
2013-09-18 16:51:36 -------- d-----w- e:\program files\BandiMPEG1
2013-09-17 18:17:24 5120 ----a-r- e:\windows\system32\kbdgeo.dll
2013-09-16 16:59:31 -------- d-----w- e:\documents and settings\all users\application data\NVIDIA Corporation
2013-09-16 16:59:26 156960 ----a-w- e:\windows\system32\nvsvc32.exe
2013-09-16 16:59:26 15677728 ----a-w- e:\windows\system32\nvcpl.dll
2013-09-16 16:59:26 144160 ----a-w- e:\windows\system32\nvcolor.exe
2013-09-16 16:59:25 54272 ----a-w- e:\windows\system32\nvwddi.dll
2013-09-16 16:59:25 223008 ----a-w- e:\windows\system32\nvmctray.dll
2013-09-16 16:59:13 57344 ----a-w- e:\windows\system32\OpenCL.dll
2013-09-16 16:59:09 1098460 ----a-w- e:\windows\system32\nvdrsdb1.bin
2013-09-16 16:59:09 1098460 ----a-w- e:\windows\system32\nvdrsdb0.bin
2013-09-16 16:59:09 1 ----a-w- e:\windows\system32\nvdrssel.bin
2013-09-16 16:58:53 893728 ----a-w- e:\windows\system32\nvdispgenco3232049.dll
2013-09-16 16:58:53 7663616 ----a-w- e:\windows\system32\nvcuda.dll
2013-09-16 16:58:53 6320128 ----a-w- e:\windows\system32\nvopencl.dll
2013-09-16 16:58:53 2783008 ----a-w- e:\windows\system32\nvcuvid.dll
2013-09-16 16:58:53 20197376 ----a-w- e:\windows\system32\nvoglnt.dll
2013-09-16 16:58:53 2002720 ----a-w- e:\windows\system32\nvcuvenc.dll
2013-09-16 16:58:53 1024288 ----a-w- e:\windows\system32\nvdispco3232049.dll
2013-09-16 16:58:51 2548736 ----a-w- e:\windows\system32\nvapi.dll
2013-09-16 16:58:51 17551360 ----a-w- e:\windows\system32\nvcompiler.dll
2013-09-16 16:58:33 -------- d-----w- e:\program files\NVIDIA Corporation
2013-09-16 13:33:50 -------- d-----w- e:\documents and settings\acid_boom\application data\TS3Client
2013-09-16 13:31:20 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Overwolf
2013-09-16 13:31:14 -------- d-----w- e:\program files\TeamSpeak 3 Client
2013-09-14 17:19:37 33104 ----a-w- e:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2013-09-14 17:19:37 32592 ----a-w- e:\windows\system32\msonpmon.dll
2013-09-14 17:16:31 -------- d-----w- e:\program files\Microsoft Visual Studio 8
2013-09-14 17:16:00 -------- d-----w- e:\windows\SHELLNEW
2013-09-14 17:15:47 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Microsoft Help
2013-09-14 16:52:26 -------- d-----w- e:\documents and settings\acid_boom\application data\uTorrent
2013-09-14 09:44:42 -------- d-----w- e:\program files\AutoClickerbyShocker
2013-09-13 22:32:52 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\_
2013-09-13 20:44:56 -------- d-----w- e:\documents and settings\acid_boom\application data\LolClient
2013-09-13 18:44:50 -------- d-----w- e:\program files\Skillbrains
2013-09-13 18:44:47 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Skillbrains
2013-09-13 18:37:58 2297552 ----a-w- e:\windows\system32\d3dx9_26.dll
2013-09-13 18:37:50 -------- d-----w- e:\windows\Logs
2013-09-13 18:34:23 60800 ----a-w- e:\windows\system32\drivers\sysaudio.sys
2013-09-13 18:34:22 6272 ----a-w- e:\windows\system32\drivers\splitter.sys
2013-09-13 18:34:21 142592 ----a-w- e:\windows\system32\drivers\aec.sys
2013-09-13 18:34:20 56576 ----a-w- e:\windows\system32\drivers\swmidi.sys
2013-09-13 18:34:19 52864 ----a-w- e:\windows\system32\drivers\DMusic.sys
2013-09-13 18:34:18 7552 ----a-w- e:\windows\system32\drivers\MSKSSRV.sys
2013-09-13 18:34:16 5376 ----a-w- e:\windows\system32\drivers\MSPCLOCK.sys
2013-09-13 18:34:15 172416 ----a-w- e:\windows\system32\drivers\kmixer.sys
2013-09-13 18:34:14 83072 ----a-w- e:\windows\system32\drivers\wdmaud.sys
2013-09-13 18:34:13 4992 ----a-w- e:\windows\system32\drivers\MSPQM.sys
2013-09-13 18:34:12 2944 ----a-w- e:\windows\system32\drivers\drmkaud.sys
2013-09-13 18:34:09 3072 ----a-w- e:\windows\system32\drivers\audstub.sys
2013-09-13 18:33:58 21504 ----a-w- e:\windows\system32\hidserv.dll
2013-09-13 18:33:47 60160 -c--a-w- e:\windows\system32\dllcache\drmk.sys
2013-09-13 18:33:47 60160 ----a-w- e:\windows\system32\drivers\drmk.sys
2013-09-13 18:33:47 60032 ----a-w- e:\windows\system32\drivers\USBAUDIO.sys
2013-09-13 18:33:47 4096 -c--a-w- e:\windows\system32\dllcache\ksuser.dll
2013-09-13 18:33:47 4096 ----a-w- e:\windows\system32\ksuser.dll
2013-09-13 18:33:47 146048 -c--a-w- e:\windows\system32\dllcache\portcls.sys
2013-09-13 18:33:47 146048 ----a-w- e:\windows\system32\drivers\portcls.sys
2013-09-13 18:33:47 129536 ----a-w- e:\windows\system32\ksproxy.ax
2013-09-13 18:33:09 57600 ----a-w- e:\windows\system32\drivers\redbook.sys
2013-09-13 18:32:40 74240 ----a-w- e:\windows\system32\usbui.dll
2013-09-13 18:30:34 89088 ----a-w- e:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-09-13 18:30:26 26144 ----a-w- e:\windows\system32\spupdsvc.exe
2013-09-13 18:30:23 89088 -c----w- e:\windows\system32\dllcache\filterpipelineprintproc.dll
2013-09-13 18:30:23 597504 -c----w- e:\windows\system32\dllcache\printfilterpipelinesvc.exe
2013-09-13 18:30:23 597504 ------w- e:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-09-13 18:30:23 575488 -c----w- e:\windows\system32\dllcache\xpsshhdr.dll
2013-09-13 18:30:23 575488 ------w- e:\windows\system32\xpsshhdr.dll
2013-09-13 18:30:23 117760 ------w- e:\windows\system32\prntvpt.dll
2013-09-13 18:30:22 1676288 -c----w- e:\windows\system32\dllcache\xpssvcs.dll
2013-09-13 18:30:22 1676288 ------w- e:\windows\system32\xpssvcs.dll
2013-09-13 18:30:22 -------- d-----w- E:\f1fdbbdfdfc5a674060d
2013-09-13 18:11:14 359016 ----a-w- e:\windows\vncutil.exe
2013-09-13 18:11:12 5444680 ----a-w- e:\windows\system32\drivers\RtkHDAud.sys
2013-09-13 18:11:12 11368 ----a-w- e:\windows\system32\RtkCoLDRXP.dll
2013-09-13 18:11:11 79432 ----a-w- e:\windows\system32\RtkCoInstIIXP.dll
2013-09-13 18:11:11 129640 ----a-w- e:\windows\RtkAudioService.exe
2013-09-13 18:11:08 25816 ----a-w- e:\windows\system32\drivers\RTAIODAT.DAT
2013-09-13 18:11:08 1395800 ----a-w- e:\windows\system32\drivers\Monfilt.sys
2013-09-13 18:11:04 1691480 ----a-w- e:\windows\system32\drivers\Ambfilt.sys
2013-09-13 18:03:43 -------- d-----w- e:\program files\FastStone Image Viewer
2013-09-13 17:50:02 71048 ----a-w- e:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-13 17:50:02 692616 ----a-w- e:\windows\system32\FlashPlayerApp.exe
2013-09-13 17:49:20 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Adobe
2013-09-13 17:29:12 -------- d-----w- e:\windows\system32\Lang
2013-09-13 17:20:34 -------- d-----r- e:\program files\Skype
2013-09-13 17:19:05 4014592 -c--a-w- e:\windows\system32\dllcache\nv4_disp.dll
2013-09-13 17:19:05 4014592 ----a-w- e:\windows\system32\nv4_disp.dll
2013-09-13 17:19:05 10973504 -c--a-w- e:\windows\system32\dllcache\nv4_mini.sys
2013-09-13 17:19:05 10973504 ----a-w- e:\windows\system32\drivers\nv4_mini.sys
2013-09-13 17:17:16 49152 ------r- e:\windows\system32\ChCfg.exe
2013-09-13 17:17:10 -------- d-----w- e:\windows\system32\RTCOM
2013-09-13 17:17:00 84584 ----a-w- e:\windows\SOUNDMAN.EXE
2013-09-13 17:17:00 1833576 ----a-w- e:\windows\SkyTel.exe
2013-09-13 17:10:24 -------- d-----w- e:\documents and settings\acid_boom\application data\AVG2013
2013-09-13 17:09:48 -------- d-----w- e:\documents and settings\acid_boom\application data\TuneUp Software
2013-09-13 17:08:42 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Mozilla
2013-09-13 17:08:37 -------- d--h--w- E:\$AVG
2013-09-13 17:08:37 -------- d-----w- e:\documents and settings\all users\application data\AVG2013
2013-09-13 17:08:30 -------- d-----w- e:\program files\Mozilla Maintenance Service
2013-09-13 17:08:18 -------- d-----w- e:\program files\AVG
2013-09-13 17:04:21 -------- d--h--w- e:\documents and settings\all users\application data\Common Files
2013-09-13 17:04:21 -------- d-----w- e:\documents and settings\all users\application data\MFAData
2013-09-13 17:04:21 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\MFAData
2013-09-13 17:04:21 -------- d-----w- e:\documents and settings\acid_boom\local settings\application data\Avg2013
2013-09-13 17:00:28 -------- d-----w- e:\windows\system32\SoftwareDistribution
2013-09-13 17:00:11 105856 ----a-r- e:\windows\system32\drivers\Rtenicxp.sys
2013-09-13 17:00:05 -------- d-----w- e:\windows\OPTIONS
2013-09-13 17:00:05 -------- d-----w- e:\program files\Realtek
.
==================== Find3M ====================
.
2013-09-13 17:56:33 16608 ----a-w- e:\windows\gdrv.sys
2013-09-13 16:20:58 97965 ----a-w- e:\windows\system32\eventquery.vbs
2013-09-13 14:21:34 95232 ----a-w- e:\windows\system32\wbem\wmiutils.dll
2013-09-13 14:20:58 247808 ----a-w- e:\windows\system32\wbem\esscli.dll
2013-09-09 23:34:48 22328 ----a-w- e:\windows\system32\drivers\avgidsshimx.sys
2013-09-04 23:43:42 39224 ----a-w- e:\windows\system32\drivers\avgrkx86.sys
2013-07-19 23:51:00 246072 ----a-w- e:\windows\system32\drivers\avglogx.sys
2013-07-19 23:50:56 60216 ----a-w- e:\windows\system32\drivers\avgidshx.sys
2013-07-19 23:50:56 208184 ----a-w- e:\windows\system32\drivers\avgidsdriverx.sys
2013-07-19 23:50:50 171320 ----a-w- e:\windows\system32\drivers\avgldx86.sys
.
============= FINISH: 3:39:37.40 ===============
[/color]

MBAM Log:
[color=purple]Malwarebytes Anti-Malware 1.75.0.1300
malwarebytes.org

Database version: v2013.10.10.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Acid_Boom :: POTATO [administrator]

10/11/2013 3:41:13 AM
MBAM-log-2013-10-11 (03-47-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215194
Time elapsed: 5 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BA447282-7D85-91B6-9A83-0D222BFEAB67} (PUP.Optional.Tarma.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Tarma.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0612D54-53D6-FBC6-0332-21B104BCCB3C} (PUP.Optional.Tarma.A) -> No action taken.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> No action taken.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Detected: 1
E:\Documents and Settings\All Users\Application Data\SearchNewTab (PUP.Optional.SearchNewTab) -> No action taken.

Files Detected: 8
E:\Documents and Settings\All Users\Application Data\InstallMate\{781DF717-25E2-419F-A374-6DC0A3FED5E1}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
E:\Documents and Settings\All Users\Application Data\InstallMate\{781DF717-25E2-419F-A374-6DC0A3FED5E1}\TsuDll.dll (PUP.Optional.Tarma.A) -> No action taken.
E:\Documents and Settings\All Users\Application Data\InstallMate\{9F7D7E42-011C-41E3-A308-493E449E5CB4}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
E:\Documents and Settings\All Users\Application Data\InstallMate\{9F7D7E42-011C-41E3-A308-493E449E5CB4}\TsuDll.dll (PUP.Optional.Tarma.A) -> No action taken.
E:\Documents and Settings\Acid_Boom\Local Settings\Temp\00294823\t1Sc7.exe (PUP.Optional.MultiPlug.A) -> No action taken.
E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\CR2T3XXW\BDZz[1].exe (PUP.Optional.PreLoader.A) -> No action taken.
E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\CR2T3XXW\X7Atih[1].exe (PUP.Optional.PreLoader.A) -> No action taken.
E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\W14ZCHCJ\psupport_install[1].exe (PUP.Optional.SaveByClick.A) -> No action taken.

(end)

Dopuna: 11 Okt 2013 4:16

//attach
zaboravio sam u predhodnom post-u da prikacim fajl..
mycity.rs/must-login.png

Poslao: 11 Okt 2013 06:19
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.





Preuzmi zoek.zip () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;

Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.





Ivance95 (AMF Tim)

Poslao: 11 Okt 2013 16:13
Idi na vrh
offline
  • Windows Server Administration-ITAcademy
  • Pridružio: 16 Apr 2010
  • Poruke: 152
  • Gde živiš: Negde u svetu

Eto me nazad sa logovima! Smile

Zoek:

Zoek.exe Version 4.0.0.5 Updated 09-October-2013
Tool run by Acid_Boom on Fri 10/11/2013 at 16:06:03.70.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: E:\Documents and Settings\Acid_Boom\Desktop\zoek\zoek.exe [Script inserted]

==== System Restore Info ======================

10/11/2013 4:06:24 PM Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== E:\WINDOWS ====
2013-10-09 21:33:16 36E082FBB1CDCB35663975A5FC5347B9 319 ----a-w- E:\WINDOWS\game.ini
2013-09-13 18:31:54 744A838BA4114110D7295031C1DB2FCC 4161 ----a-w- E:\WINDOWS\ODBCINST.INI
2013-09-13 18:31:49 F4DFD83153E8C9088AE2DB704107060D 15360 ----a-w- E:\WINDOWS\TASKMAN.EXE
2013-09-13 18:31:49 5E28284F9B5F9097640D58A73D38AD4C 69120 ----a-w- E:\WINDOWS\NOTEPAD.EXE
2013-09-13 18:11:14 D94DA294C79A1F6CB4D9BC5DABF6C2A4 359016 ----a-w- E:\WINDOWS\vncutil.exe
2013-09-13 18:11:11 129BBDFFE4D3AE373DFA1779E6ED8989 129640 ----a-w- E:\WINDOWS\RtkAudioService.exe
2013-09-13 17:17:00 798C0C1FF4E0FCE646CA82AE0379CCB0 84584 ----a-w- E:\WINDOWS\SOUNDMAN.EXE
2013-09-13 17:17:00 048EFA87303BC48BB38DFAFEA9DF87F8 1833576 ----a-w- E:\WINDOWS\SkyTel.exe
2013-09-13 17:16:56 5BC2C6BAC1356D0D77B238EA9EED2480 1522320 ----a-w- E:\WINDOWS\RtlUpd.exe
2013-09-13 17:16:53 992B653A9B3405BA903CEE7B3D4709B0 9721960 ----a-w- E:\WINDOWS\RTLCPL.EXE
2013-09-13 17:16:43 F7A01E608EDEB9BA5AEA26D1040DA7B7 20143688 ----a-w- E:\WINDOWS\RTHDCPL.EXE
2013-09-13 17:16:38 3616DDC4353F49360DD2EFED8FE4A6C4 2180712 ----a-w- E:\WINDOWS\MicCal.exe
2013-09-13 17:16:36 EEB2E393B7EB8EBC1E9E56ED005806EC 64104 ----a-w- E:\WINDOWS\ALCMTR.EXE
2013-09-13 17:16:36 39C913873B3AB8593116BD4A7B9BB82B 2815592 ----a-w- E:\WINDOWS\ALCWZRD.EXE
2013-09-13 17:16:17 AAE3FA6E8156E4577E1F0AC195F4F11E 2079816 ----a-w- E:\WINDOWS\RtlExUpd.dll
2013-09-13 16:42:41 5C230948DD6652228F88CA7AE6CB276C 16608 ----a-w- E:\WINDOWS\gdrv.sys
2013-09-13 16:40:32 E016ED983E589ABEE607D4C5A4B49FF0 32574 ----a-w- E:\WINDOWS\SchedLgU.Txt
2013-09-13 16:39:16 6A2CB42966136854F4464516FBB4AE72 2048 --s-a-w- E:\WINDOWS\bootstat.dat
2013-09-13 16:37:42 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- E:\WINDOWS\control.ini
2013-09-13 16:37:40 DC17DD0189B0C36D863B4DD0A036C10F 316640 ----a-w- E:\WINDOWS\WMSysPr9.prx
2013-09-13 16:36:58 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- E:\WINDOWS\WindowsShell.Manifest
2013-09-13 16:36:45 81051BCC2CF1BEDF378224B0A93E2877 2 ----a-w- E:\WINDOWS\desktop.ini
2013-09-13 16:36:45 2F3CDC1D898FD25B2547F5BFEB01FD0D 48680 --sh--w- E:\WINDOWS\winnt256.bmp
2013-09-13 16:36:45 2F3CDC1D898FD25B2547F5BFEB01FD0D 48680 --sh--w- E:\WINDOWS\winnt.bmp
2013-09-13 16:36:13 6C2F0BA210C2B53EF07653ABAC6C2490 37 ----a-w- E:\WINDOWS\vbaddin.ini
2013-09-13 16:36:13 487403459F0B2F1A3ADEEF02496BD80E 36 ----a-w- E:\WINDOWS\vb.ini
2013-09-13 16:35:56 EB3BFC14E41FBAA41B4FD4489AA82D39 65832 ----a-w- E:\WINDOWS\Santa Fe Stucco.bmp
2013-09-13 16:35:56 DAC71A10A6A71CB6E3F427AE3283734B 1272 ----a-w- E:\WINDOWS\Blue Lace 16.bmp
2013-09-13 16:35:56 927A66BD587E31CB12D3AB25381658DC 17362 ----a-w- E:\WINDOWS\Rhododendron.bmp
2013-09-13 16:35:56 73D70ED3EC3BBFD8FD35DF431C38F374 17062 ----a-w- E:\WINDOWS\Coffee Bean.bmp
2013-09-13 16:35:56 5B4AC407E566076BB726BA91E067D313 26680 ----a-w- E:\WINDOWS\River Sumida.bmp
2013-09-13 16:35:56 5290EA6951F4724259F423B12C8E1393 9522 ----a-w- E:\WINDOWS\Zapotec.bmp
2013-09-13 16:35:56 3A8B85AB7B415BF3F8AFE285DFE0CE29 16730 ----a-w- E:\WINDOWS\FeatherTexture.bmp
2013-09-13 16:35:56 39F43DBCE366B2561DF073B4C0839299 65978 ----a-w- E:\WINDOWS\Soap Bubbles.bmp
2013-09-13 16:35:56 280920B6773C74C3649A934257112BE1 65954 ----a-w- E:\WINDOWS\Prairie Wind.bmp
2013-09-13 16:35:56 203EF178BF8B0A8EC34E27E4DEDB6349 17336 ----a-w- E:\WINDOWS\Gone Fishing.bmp
2013-09-13 16:35:56 1AC5E83598D4F2143B59A2D893C3279A 26582 ----a-w- E:\WINDOWS\Greenstone.bmp
2013-09-13 16:21:33 B317B33694BAC49D492DD3F23E374899 707 ----a-w- E:\WINDOWS\_default.pif
2013-09-13 16:21:31 8E6F7D51A5CB299C25621C6C1AB57E84 256192 ----a-w- E:\WINDOWS\winhelp.exe
2013-09-13 16:21:31 65A9495A436F5402BC1C467E1B926C27 283648 ----a-w- E:\WINDOWS\winhlp32.exe
2013-09-13 16:21:28 6DEB370E8349BF278C53898C16F4EF6A 595 ----a-w- E:\WINDOWS\win.ini
2013-09-13 16:21:27 B14CA7F013C02BFACE23EF9E7B4816B5 18944 ----a-w- E:\WINDOWS\vmmreg32.dll
2013-09-13 16:21:26 F36A271706EDD23C94956AFB56981184 49680 ----a-w- E:\WINDOWS\twunk_16.exe
2013-09-13 16:21:26 A68224457DD43D18E40E02262D4A9398 25600 ----a-w- E:\WINDOWS\twunk_32.exe
2013-09-13 16:21:26 6B5070F063CE5536A6C883B671E05884 50688 ----a-w- E:\WINDOWS\twain_32.dll
2013-09-13 16:21:26 0BEA3F79A36B1F67B2CE0F595524C77C 94784 ----a-w- E:\WINDOWS\twain.dll
2013-09-13 16:21:25 F4D021E764F6FA554606F4A735A3151B 227 ----a-w- E:\WINDOWS\system.ini
2013-09-13 16:21:20 058710B720282CA82B909912D3EF28DB 146432 ----a-w- E:\WINDOWS\regedit.exe
2013-09-13 16:21:15 B9FB94A8DA62711C6955825DEFB25C5A 1405 ----a-w- E:\WINDOWS\msdfmap.ini
2013-09-13 16:21:00 6BA0A833DCABF3E28622143689E2C92E 10752 ----a-w- E:\WINDOWS\hh.exe
2013-09-13 16:20:57 A3975A7D2C98B30A2AE010754FFB9392 80 ----a-w- E:\WINDOWS\explorer.scf
2013-09-13 16:20:57 12896823FB95BFB3DC9B46BCAEDC9923 1033728 ----a-w- E:\WINDOWS\explorer.exe
2013-09-13 16:20:51 BB516947768FBB05B41A2487F200716E 82944 ----a-w- E:\WINDOWS\clock.avi
====== E:\DOCUME~1\ACID_B~1\LOCALS~1\Temp ====
2013-10-09 19:12:41 147F7DEB8AF219685FF05D65247EBD05 49714176 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\OverwolfSetup.msi
2013-10-08 16:38:08 57E626878D667E65127D1725279B0965 12384 ----atw- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\{9F7D7E42-011C-41E3-A308-493E449E5CB4}\x86\regsvr32.exe
2013-10-08 16:38:08 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\{9F7D7E42-011C-41E3-A308-493E449E5CB4}\x64\regsvr32.exe
2013-10-08 16:37:41 8300C91B40229B42301AEBC6D8859907 342016 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\00294823\t1Sc7.exe
2013-10-08 16:37:41 4F5C722B8686AFBEA6F09C53171D44CA 326656 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\00294823\hmdD.x64.dll
2013-09-30 10:06:35 67298CA14C895932F119FD31FDD5496B 1113088 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\7zO833B8660\Dargon.Installer.exe
2013-09-30 10:03:38 67298CA14C895932F119FD31FDD5496B 1113088 ------w- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\7zO833F749D\Dargon.Installer.exe
====== Java Cache =====
2013-09-27 02:13:34 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-6547af17
====== E:\WINDOWS\system32 =====
2013-10-09 01:26:42 FA425C74CE2EB719B2A77A7A2ADDAE32 216064 ----a-w- E:\WINDOWS\System32\LAGARITH.DLL
2013-10-09 01:26:42 335118FB4D9DD86234E694F452709309 1644 ----a-w- E:\WINDOWS\System32\lagarith.inf
2013-10-09 01:24:48 5D50C52E75BD2F4E7CCB82E163EB929B 8300544 ----a-w- E:\WINDOWS\System32\DxtoryCodec.dll
====== E:\WINDOWS\system32\drivers =====
2013-10-10 14:29:12 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- E:\WINDOWS\System32\drivers\mbam.sys
2013-09-27 02:12:42 E53736A9E30C45FA9E7B5EAC55056D1D 5504 ----a-w- E:\WINDOWS\System32\drivers\MSTEE.sys
2013-09-27 02:12:38 7FF1F1FD8609C149AA432F95A8163D97 10880 ----a-w- E:\WINDOWS\System32\drivers\NdisIP.sys
2013-09-27 02:12:37 77813007BA6265C4B6098187E6ED79D2 15232 ----a-w- E:\WINDOWS\System32\drivers\StreamIP.sys
2013-09-27 02:12:35 866D538EBE33709A5C9F5C62B73B7D14 11136 ----a-w- E:\WINDOWS\System32\drivers\SLIP.sys
2013-09-27 02:12:34 C98B39829C2BBD34E454150633C62C78 19200 ----a-w- E:\WINDOWS\System32\drivers\WSTCODEC.SYS
2013-09-27 02:12:32 5B50F1B2A2ED47D560577B221DA734DB 85248 ----a-w- E:\WINDOWS\System32\drivers\NABTSFEC.sys
2013-09-27 02:12:30 0BE5AEF125BE881C4F854C554F2B025C 17024 ----a-w- E:\WINDOWS\System32\drivers\CCDECODE.sys
2013-09-27 02:11:33 5FAE249A5635A52970652CA8EB216515 457856 ----a-w- E:\WINDOWS\System32\drivers\PAC7302.SYS
2013-09-22 22:17:57 A719B9EE6116B496F4000C0B1311EA13 22328 ----a-w- E:\WINDOWS\System32\drivers\PnkBstrK.sys
2013-09-13 18:34:23 8B83F3ED0F1688B4958F77CD6D2BF290 60800 ----a-w- E:\WINDOWS\System32\drivers\sysaudio.sys
2013-09-13 18:34:22 AB8B92451ECB048A4D1DE7C3FFCB4A9F 6272 ----a-w- E:\WINDOWS\System32\drivers\splitter.sys
2013-09-13 18:34:21 8BED39E3C35D6A489438B8141717A557 142592 ----a-w- E:\WINDOWS\System32\drivers\aec.sys
2013-09-13 18:34:20 8CE882BCC6CF8A62F2B2323D95CB3D01 56576 ----a-w- E:\WINDOWS\System32\drivers\swmidi.sys
2013-09-13 18:34:19 8A208DFCF89792A484E76C40E5F50B45 52864 ----a-w- E:\WINDOWS\System32\drivers\DMusic.sys
2013-09-13 18:34:18 D1575E71568F4D9E14CA56B7B0453BF1 7552 ----a-w- E:\WINDOWS\System32\drivers\MSKSSRV.sys
2013-09-13 18:34:16 325BB26842FC7CCC1FCCE2C457317F3E 5376 ----a-w- E:\WINDOWS\System32\drivers\MSPCLOCK.sys
2013-09-13 18:34:15 692BCF44383D056AED41B045A323D378 172416 ----a-w- E:\WINDOWS\System32\drivers\kmixer.sys
2013-09-13 18:34:14 6768ACF64B18196494413695F0C3A00F 83072 ----a-w- E:\WINDOWS\System32\drivers\wdmaud.sys
2013-09-13 18:34:13 BAD59648BA099DA4A17680B39730CB3D 4992 ----a-w- E:\WINDOWS\System32\drivers\MSPQM.sys
2013-09-13 18:34:12 8F5FCFF8E8848AFAC920905FBD9D33C8 2944 ----a-w- E:\WINDOWS\System32\drivers\drmkaud.sys
2013-09-13 18:34:09 D9F724AA26C010A217C97606B160ED68 3072 ----a-w- E:\WINDOWS\System32\drivers\audstub.sys
2013-09-13 18:33:47 E919708DB44ED8543A7C017953148330 60032 ----a-w- E:\WINDOWS\System32\drivers\USBAUDIO.sys
2013-09-13 18:33:47 E82A496C3961EFC6828B508C310CE98F 146048 ----a-w- E:\WINDOWS\System32\drivers\portcls.sys
2013-09-13 18:33:47 6CB08593487F5701D2D2254E693EAFCE 60160 ----a-w- E:\WINDOWS\System32\drivers\drmk.sys
2013-09-13 18:33:09 F828DD7E1419B6653894A8F97A0094C5 57600 ----a-w- E:\WINDOWS\System32\drivers\redbook.sys
2013-09-13 18:31:49 C93C9FF7B04D772627A3646D89F7BF89 11264 ----a-w- E:\WINDOWS\System32\drivers\irenum.sys
2013-09-13 18:11:12 A7564CC4E170F1E5B84BAE6BB8C5F16E 5444680 ----a-w- E:\WINDOWS\System32\drivers\RtkHDAud.sys
2013-09-13 18:11:08 C7D9F9717916B34C1B00DD4834AF485C 1395800 ----a-w- E:\WINDOWS\System32\drivers\Monfilt.sys
2013-09-13 18:11:08 149BCC90D7A55F9C69662507C7D40A0E 25816 ----a-w- E:\WINDOWS\System32\drivers\RTAIODAT.DAT
2013-09-13 18:11:04 267FC636801EDC5AB28E14036349E3BE 1691480 ----a-w- E:\WINDOWS\System32\drivers\Ambfilt.sys
2013-09-13 17:19:05 A613A14FB4D9117F42A3A280F64E9EC4 10973504 ----a-w- E:\WINDOWS\System32\drivers\nv4_mini.sys
2013-09-13 17:00:11 89619EF503F949FAE09252A8B883EE11 105856 ----a-r- E:\WINDOWS\System32\drivers\Rtenicxp.sys
2013-09-13 16:36:39 B2CF4B0786F8212CB92ED2B50C6DB6B0 129792 ----a-w- E:\WINDOWS\System32\drivers\fltMgr.sys
2013-09-13 16:36:39 76BB022C2FB6902FD5BDD4F78FC13A5D 73472 ----a-w- E:\WINDOWS\System32\drivers\sr.sys
2013-09-13 16:35:52 C56B6D0402371CF3700EB322EF3AAF61 21896 ----a-w- E:\WINDOWS\System32\drivers\tdtcp.sys
2013-09-13 16:35:52 6728E45B66F93C08F11DE2E316FC70DD 139656 ----a-w- E:\WINDOWS\System32\drivers\rdpwd.sys
2013-09-13 16:35:52 6471A66807F5E104E4885F5B67349397 12040 ----a-w- E:\WINDOWS\System32\drivers\tdpipe.sys
2013-09-13 16:35:48 88155247177638048422893737429D9E 40840 ----a-w- E:\WINDOWS\System32\drivers\termdd.sys
2013-09-13 16:35:48 15CABD0F7C00C47C70124907916AF3F1 196224 ----a-w- E:\WINDOWS\System32\drivers\rdpdr.sys
2013-09-13 16:21:33 6ABE6E225ADB5A751622A9CC3BC19CE8 12032 ----a-w- E:\WINDOWS\System32\drivers\ws2ifsl.sys
2013-09-13 16:21:31 2F31B7F954BED437F2C75026C65CAF7B 4352 ----a-w- E:\WINDOWS\System32\drivers\wmilib.sys
2013-09-13 16:21:28 E20B95BAEDB550F32DD489265C1DA1F6 34560 ----a-w- E:\WINDOWS\System32\drivers\wanarp.sys
2013-09-13 16:21:27 E28726B72C46821A28830E077D39A55B 81664 ----a-w- E:\WINDOWS\System32\drivers\videoprt.sys
2013-09-13 16:21:27 4C8FCB5CC53AAB716D810740FE59D025 52352 ----a-w- E:\WINDOWS\System32\drivers\volsnap.sys
2013-09-13 16:21:27 0D3A8FAFCEACD8B7625CD549757A7DF1 20992 ----a-w- E:\WINDOWS\System32\drivers\vga.sys
2013-09-13 16:21:26 BEE793D4A059CAEA55D6AC20E19B3A8F 12800 ----a-w- E:\WINDOWS\System32\drivers\usb8023.sys
2013-09-13 16:21:26 A32426D9B14A089EAA1D922E0C5801A9 26368 ----a-w- E:\WINDOWS\System32\drivers\usbstor.sys
2013-09-13 16:21:26 791912E524CC2CC6F50B5F2B52D1EB71 143872 ----a-w- E:\WINDOWS\System32\drivers\usbport.sys
2013-09-13 16:21:26 65DCF09D0E37D4C6B11B5B0B76D470A7 30208 ----a-w- E:\WINDOWS\System32\drivers\usbehci.sys
2013-09-13 16:21:26 596EB39B50D6EBD9B734DC4AE0544693 4736 ----a-w- E:\WINDOWS\System32\drivers\usbd.sys
2013-09-13 16:21:26 5787B80C2E3C5E2F56C2A233D91FA2C9 66048 ----a-w- E:\WINDOWS\System32\drivers\udfs.sys
2013-09-13 16:21:26 402DDC88356B1BAC0EE3DD1580C76A31 384768 ----a-w- E:\WINDOWS\System32\drivers\update.sys
2013-09-13 16:21:26 26496F9DEE2D787FC3E61AD54821FFE6 20608 ----a-w- E:\WINDOWS\System32\drivers\usbuhci.sys
2013-09-13 16:21:26 1AB3CDDE553B6E064D2E754EFE20285C 59520 ----a-w- E:\WINDOWS\System32\drivers\usbhub.sys
2013-09-13 16:21:26 173F317CE0DB8E21322E71B7E60A27E8 32128 ----a-w- E:\WINDOWS\System32\drivers\usbccgp.sys
2013-09-13 16:21:25 FD6093E3DECD925F1CFFC8A0DD539D72 14976 ----a-w- E:\WINDOWS\System32\drivers\tape.sys
2013-09-13 16:21:25 AA7A55536096D646DC7AB0AC5641E9E8 225664 ----a-w- E:\WINDOWS\System32\drivers\tcpip6.sys
2013-09-13 16:21:25 93EA8D04EC73A85DB02EB8805988F733 361344 ----a-w- E:\WINDOWS\System32\drivers\tcpip.sys
2013-09-13 16:21:25 5252605079810904E31C332E241CD59B 334848 ----a-w- E:\WINDOWS\System32\drivers\srv.sys
2013-09-13 16:21:25 0539D5E53587F82D1B4FD74C5BE205CF 19072 ----a-w- E:\WINDOWS\System32\drivers\tdi.sys
2013-09-13 16:21:21 D66D22D76878BF3483A6BE30183FB648 10240 ----a-w- E:\WINDOWS\System32\drivers\sffp_mmc.sys
2013-09-13 16:21:21 CCA207A8896D4C6A0C9CE29A4AE411A7 64512 ----a-w- E:\WINDOWS\System32\drivers\serial.sys
2013-09-13 16:21:21 C17C331E435ED8737525C86A7557B3AC 11008 ----a-w- E:\WINDOWS\System32\drivers\sffp_sd.sys
2013-09-13 16:21:21 90A3935D05B494A5A39D37E71F09A677 20480 ----a-w- E:\WINDOWS\System32\drivers\secdrv.sys
2013-09-13 16:21:21 8E6B8C671615D126FDC553D1E2DE5562 11392 ----a-w- E:\WINDOWS\System32\drivers\sfloppy.sys
2013-09-13 16:21:21 8D04819A3CE51B9EB47E5689B44D43C4 79232 ----a-w- E:\WINDOWS\System32\drivers\sdbus.sys
2013-09-13 16:21:21 76C465F570E90C28942D52CCB2580A10 96384 ----a-w- E:\WINDOWS\System32\drivers\scsiport.sys
2013-09-13 16:21:21 0FA803C64DF0914B41F807EA276BF2A6 11904 ----a-w- E:\WINDOWS\System32\drivers\sffdisk.sys
2013-09-13 16:21:21 0F29512CCD6BEAD730039FB4BD2C85CE 15744 ----a-w- E:\WINDOWS\System32\drivers\serenum.sys
2013-09-13 16:21:21 017DAECF0ED3AA731313433601EC40FA 14592 ----a-w- E:\WINDOWS\System32\drivers\smclib.sys
2013-09-13 16:21:20 FDBB1D60066FCFBB7452FD8F9829B242 16512 ----a-w- E:\WINDOWS\System32\drivers\raspti.sys
2013-09-13 16:21:20 EFEEC01B1D3CF84F16DDD24D9D9D8F99 48384 ----a-w- E:\WINDOWS\System32\drivers\raspptp.sys
2013-09-13 16:21:20 ECFF394D65671EFDE5A872EB9EF4F2D5 202624 ----a-w- E:\WINDOWS\System32\drivers\RMCast.sys
2013-09-13 16:21:20 D8B0B4ADE32574B2D9C5CC34DC0DBBE7 5888 ----a-w- E:\WINDOWS\System32\drivers\rootmdm.sys
2013-09-13 16:21:20 7AD224AD1A1437FE28D89CF22B17780A 175744 ----a-w- E:\WINDOWS\System32\drivers\rdbss.sys
2013-09-13 16:21:20 601844CBCF617FF8C868130CA5B2039D 30592 ----a-w- E:\WINDOWS\System32\drivers\rndismp.sys
2013-09-13 16:21:20 5BC962F2654137C9909C3D4603587DEE 41472 ----a-w- E:\WINDOWS\System32\drivers\raspppoe.sys
2013-09-13 16:21:20 4912D5B403614CE99C28420F75353332 4224 ----a-w- E:\WINDOWS\System32\drivers\rdpcdd.sys
2013-09-13 16:21:20 01524CD237223B18ADBB48F70083F101 34432 ----a-w- E:\WINDOWS\System32\drivers\rawwan.sys
2013-09-13 16:21:19 FE0D99D6F31E4FAD8159F690D68DED9C 8832 ----a-w- E:\WINDOWS\System32\drivers\rasacd.sys
2013-09-13 16:21:19 80D317BD1C3DBC5D4FE7B1678C60CADD 17792 ----a-w- E:\WINDOWS\System32\drivers\ptilink.sys
2013-09-13 16:21:19 11B4A627BC9614B885C4969BFA5FF8A6 51328 ----a-w- E:\WINDOWS\System32\drivers\rasl2tp.sys
2013-09-13 16:21:19 09298EC810B07E5D582CB3A3F9255424 69120 ----a-w- E:\WINDOWS\System32\drivers\psched.sys
2013-09-13 16:21:18 CCF5F451BB1A5A2A522A76E670000FF0 3328 ----a-w- E:\WINDOWS\System32\drivers\pciide.sys
2013-09-13 16:21:18 BEB3BA25197665D82EC7065B724171C6 19712 ----a-w- E:\WINDOWS\System32\drivers\partmgr.sys
2013-09-13 16:21:18 A219903CCF74233761D92BEF471A07B1 68224 ----a-w- E:\WINDOWS\System32\drivers\pci.sys
2013-09-13 16:21:18 9E89EF60E9EE05E3F2EEF2DA7397F1C1 120192 ----a-w- E:\WINDOWS\System32\drivers\pcmcia.sys
2013-09-13 16:21:18 70E98B3FD8E963A6A46A2E6247E0BEA1 6784 ----a-w- E:\WINDOWS\System32\drivers\parvdm.sys
2013-09-13 16:21:18 52E60F29221D0D1AC16737E8DBF7C3E9 24960 ----a-w- E:\WINDOWS\System32\drivers\pciidex.sys
2013-09-13 16:21:18 4BB30DDC53EBC76895E38694580CDFE9 3456 ----a-w- E:\WINDOWS\System32\drivers\oprghdlr.sys
2013-09-13 16:21:17 C99B3415198D1AAB7227F2C88FD664B9 32512 ----a-w- E:\WINDOWS\System32\drivers\nwlnkfwd.sys
2013-09-13 16:21:17 C0BB7D1615E1ACBDC99757F6CEAF8CF0 55936 ----a-w- E:\WINDOWS\System32\drivers\nwlnkspx.sys
2013-09-13 16:21:17 B305F3FAD35083837EF46A0BBCE2FC57 12416 ----a-w- E:\WINDOWS\System32\drivers\nwlnkflt.sys
2013-09-13 16:21:17 8B8B1BE2DBA4025DA6786C645F77F123 88320 ----a-w- E:\WINDOWS\System32\drivers\nwlnkipx.sys
2013-09-13 16:21:17 78A08DD6A8D65E697C18E1DB01C5CDCA 574976 ----a-w- E:\WINDOWS\System32\drivers\ntfs.sys
2013-09-13 16:21:17 73C1E1F395918BC2C6DD67AF7591A3AD 2944 ----a-w- E:\WINDOWS\System32\drivers\null.sys
2013-09-13 16:21:17 56D34A67C05E94E16377C60609741FF8 63232 ----a-w- E:\WINDOWS\System32\drivers\nwlnknb.sys
2013-09-13 16:21:17 36B9B950E3D2E100970A48D8BAD86740 163584 ----a-w- E:\WINDOWS\System32\drivers\nwrdr.sys
2013-09-13 16:21:17 3182D64AE053D6FB034F44B6DEF8034A 30848 ----a-w- E:\WINDOWS\System32\drivers\npfs.sys
2013-09-13 16:21:17 1E421A6BCF2203CC61B821ADA9DE878B 40320 ----a-w- E:\WINDOWS\System32\drivers\nmnt.sys
2013-09-13 16:21:16 EDC1531A49C80614B2CFDA43CA8659AB 91520 ----a-w- E:\WINDOWS\System32\drivers\ndiswan.sys
2013-09-13 16:21:16 74B2B2F5BEA5E9A3DC021D685551BD3D 162816 ----a-w- E:\WINDOWS\System32\drivers\netbt.sys
2013-09-13 16:21:16 6215023940CFD3702B46ABC304E1D45A 40576 ----a-w- E:\WINDOWS\System32\drivers\ndproxy.sys
2013-09-13 16:21:16 5D81CF9A2F1A3A756B66CF684911CDF0 34688 ----a-w- E:\WINDOWS\System32\drivers\netbios.sys
2013-09-13 16:21:16 2F625D11385B1A94360BFC70AAEFDEE1 105344 ----a-w- E:\WINDOWS\System32\drivers\mup.sys
2013-09-13 16:21:16 1DF7F42665C94B825322FAE71721130D 182656 ----a-w- E:\WINDOWS\System32\drivers\ndis.sys
2013-09-13 16:21:16 1AB3D00C991AB086E69DB84B6C0ED78F 10112 ----a-w- E:\WINDOWS\System32\drivers\ndistapi.sys
2013-09-13 16:21:15 C941EA2454BA8350021D774DAF0F1027 19072 ----a-w- E:\WINDOWS\System32\drivers\msfs.sys
2013-09-13 16:21:15 0A02C63C8B144BD8C86B103DEE7C86A2 35072 ----a-w- E:\WINDOWS\System32\drivers\msgpc.sys
2013-09-13 16:21:13 70C14F5CCA5CF73F8A645C73A01D8726 92544 ----a-w- E:\WINDOWS\System32\drivers\mqac.sys
2013-09-13 16:21:13 68755F0FF16070178B54674FE5B847B0 456576 ----a-w- E:\WINDOWS\System32\drivers\mrxsmb.sys
2013-09-13 16:21:13 11D42BB6206F33FBB3BA0288D3EF81BD 180608 ----a-w- E:\WINDOWS\System32\drivers\mrxdav.sys
2013-09-13 16:21:12 A80B9A0BAD1B73637DBCBBA7DF72D3FD 42368 ----a-w- E:\WINDOWS\System32\drivers\mountmgr.sys
2013-09-13 16:21:12 4AE068242760A1FB6E1A44BF4E16AFA6 4224 ----a-w- E:\WINDOWS\System32\drivers\mnmdd.sys
2013-09-13 16:21:09 D1F8BE91ED4DDB671D42E473E3FE71AB 7680 ----a-w- E:\WINDOWS\System32\drivers\mcd.sys
2013-09-13 16:21:01 CC748EA12C6EFFDE940EE98098BF96BB 152832 ----a-w- E:\WINDOWS\System32\drivers\ipnat.sys
2013-09-13 16:21:01 B87AB476DCF76E72010632B5550955F5 20864 ----a-w- E:\WINDOWS\System32\drivers\ipinip.sys
2013-09-13 16:21:01 9EF487A186DEA361AA06913A75B3FA99 14592 ----a-w- E:\WINDOWS\System32\drivers\kbdhid.sys
2013-09-13 16:21:01 8C953733D8F36EB2133F5BB58808B66B 36352 ----a-w- E:\WINDOWS\System32\drivers\intelppm.sys
2013-09-13 16:21:01 731F22BA402EE4B62748ADAF6363C182 32896 ----a-w- E:\WINDOWS\System32\drivers\ipfltdrv.sys
2013-09-13 16:21:01 463C1EC80CD17420A542B7F36A36F128 24576 ----a-w- E:\WINDOWS\System32\drivers\kbdclass.sys
2013-09-13 16:21:01 3BB22519A194418D5FEC05D800A19AD0 36608 ----a-w- E:\WINDOWS\System32\drivers\ip6fw.sys
2013-09-13 16:21:01 23C74D75E36E7158768DD63D92789A91 75264 ----a-w- E:\WINDOWS\System32\drivers\ipsec.sys
2013-09-13 16:21:01 1705745D900DABF2D89F90EBADDC7517 92288 ----a-w- E:\WINDOWS\System32\drivers\ksecdd.sys
2013-09-13 16:21:01 05A299EC56E52649B1CF2FC52D20F2D7 37248 ----a-w- E:\WINDOWS\System32\drivers\isapnp.sys
2013-09-13 16:21:00 F6AACF5BCE2893E0C1754AFEB672E5C9 264832 ----a-w- E:\WINDOWS\System32\drivers\http.sys
2013-09-13 16:21:00 CCF82C5EC8A7326C3066DE870C06DAF1 10368 ----a-w- E:\WINDOWS\System32\drivers\hidusb.sys
2013-09-13 16:21:00 96ECCF28FDBF1B2CC12725818A63628D 24960 ----a-w- E:\WINDOWS\System32\drivers\hidparse.sys
2013-09-13 16:21:00 7F29903CB8F5590D52DB0C9F97049A25 3440660 ----a-w- E:\WINDOWS\System32\drivers\gm.dls
2013-09-13 16:21:00 7111BFA692A22E4B3C07F1E6C6FF6F72 646 ----a-w- E:\WINDOWS\System32\drivers\gmreadme.txt
2013-09-13 16:21:00 573C7D0A32852B48F3058CFD8026F511 144384 ----a-w- E:\WINDOWS\System32\drivers\hdaudbus.sys
2013-09-13 16:21:00 4A0B06AA8943C1E332520F7440C0AA30 52480 ----a-w- E:\WINDOWS\System32\drivers\i8042prt.sys
2013-09-13 16:21:00 1AF592532532A402ED7C060F6954004F 36864 ----a-w- E:\WINDOWS\System32\drivers\hidclass.sys
2013-09-13 16:21:00 083A052659F5310DD8B6A6CB05EDCF8E 42112 ----a-w- E:\WINDOWS\System32\drivers\imapi.sys
2013-09-13 16:20:59 9D27E7B80BFCDF1CDD9B555862D5E7F0 20480 ----a-w- E:\WINDOWS\System32\drivers\flpydisk.sys
2013-09-13 16:20:59 6AC26732762483366C3969C9E4D2259D 125056 ----a-w- E:\WINDOWS\System32\drivers\ftdisk.sys
2013-09-13 16:20:59 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A 7936 ----a-w- E:\WINDOWS\System32\drivers\fs_rec.sys
2013-09-13 16:20:58 D45926117EB9FA946A6AF572FBE1CAA3 44544 ----a-w- E:\WINDOWS\System32\drivers\fips.sys
2013-09-13 16:20:58 92CDD60B6730B9F50F6A1A0C1F8CDC81 27392 ----a-w- E:\WINDOWS\System32\drivers\fdc.sys
2013-09-13 16:20:57 38D332A6D56AF32635675F132548343E 143744 ----a-w- E:\WINDOWS\System32\drivers\fastfat.sys
2013-09-13 16:20:55 FE97D0343ACFDEBDD578FC67CC91FA87 10496 ----a-w- E:\WINDOWS\System32\drivers\dxapi.sys
2013-09-13 16:20:55 AC7280566A7BB85CB3291F04DDC1198E 71168 ----a-w- E:\WINDOWS\System32\drivers\dxg.sys
2013-09-13 16:20:55 A73F5D6705B1D820C19B18782E176EFD 3328 ----a-w- E:\WINDOWS\System32\drivers\dxgthk.sys
2013-09-13 16:20:53 E9317282A63CA4D188C0DF5E09C6AC5F 5888 ----a-w- E:\WINDOWS\System32\drivers\dmload.sys
2013-09-13 16:20:53 E65E2353A5D74EA89971CB918EEEB2F6 14208 ----a-w- E:\WINDOWS\System32\drivers\diskdump.sys
2013-09-13 16:20:53 D992FE1274BDE0F84AD826ACAE022A41 799744 ----a-w- E:\WINDOWS\System32\drivers\dmboot.sys
2013-09-13 16:20:53 7C824CF7BBDE77D95C08005717A95F6F 153344 ----a-w- E:\WINDOWS\System32\drivers\dmio.sys
2013-09-13 16:20:53 044452051F3E02E7963599FC8F4F3E25 36352 ----a-w- E:\WINDOWS\System32\drivers\disk.sys
2013-09-13 16:20:51 FE47DD8FE6D7768FF94EBEC6C74B2719 49536 ----a-w- E:\WINDOWS\System32\drivers\classpnp.sys
2013-09-13 16:20:51 F934D1B230F84E1D19DD00AC5A7A83ED 71552 ----a-w- E:\WINDOWS\System32\drivers\bridge.sys
2013-09-13 16:20:51 DA1F27D85E0D1525F6621372E7B685E9 4224 ----a-w- E:\WINDOWS\System32\drivers\beep.sys
2013-09-13 16:20:51 C885B02847F5D2FD45A24E219ED93B32 63744 ----a-w- E:\WINDOWS\System32\drivers\cdfs.sys
2013-09-13 16:20:51 90A673FC8E12A79AFBED2576F6A7AAF9 13952 ----a-w- E:\WINDOWS\System32\drivers\cbidf2k.sys
2013-09-13 16:20:51 1F4260CC5B42272D71F79E570A27A4FE 62976 ----a-w- E:\WINDOWS\System32\drivers\cdrom.sys
2013-09-13 16:20:50 E7EF69B38D17BA01F914AE8F66216A38 352256 ----a-w- E:\WINDOWS\System32\drivers\atmuni.sys
2013-09-13 16:20:50 B153AFFAC761E7F5FCFA822B9C4E97BC 14336 ----a-w- E:\WINDOWS\System32\drivers\asyncmac.sys
2013-09-13 16:20:50 AE76348A2605FB197FA8FF1D6F547836 55808 ----a-w- E:\WINDOWS\System32\drivers\atmlane.sys
2013-09-13 16:20:50 9F3A2F5AA6875C72BF062C712CFA2674 96512 ----a-w- E:\WINDOWS\System32\drivers\atapi.sys
2013-09-13 16:20:50 9916C1225104BA14794209CFA8012159 59904 ----a-w- E:\WINDOWS\System32\drivers\atmarpc.sys
2013-09-13 16:20:50 9859C0F6936E723E4892D7141B1327D5 11648 ----a-w- E:\WINDOWS\System32\drivers\acpiec.sys
2013-09-13 16:20:50 8FD99680A539792A30E97944FDAECF17 187776 ----a-w- E:\WINDOWS\System32\drivers\acpi.sys
2013-09-13 16:20:50 39A0A59180F19946374275745B21AEBA 31360 ----a-w- E:\WINDOWS\System32\drivers\atmepvc.sys
2013-09-13 16:20:50 322D0E36693D6E24A2398BEE62A268CD 138112 ----a-w- E:\WINDOWS\System32\drivers\afd.sys
====== E:\WINDOWS\Tasks ======
2013-09-13 18:44:51 37F6FBF94E2D546BD17162182A4B8AF2 384 ----a-w- E:\WINDOWS\Tasks\update-S-1-5-21-842925246-117609710-682003330-1003.job
2013-09-13 18:44:50 92B4355656109F0DCD5877A0D75B15E0 384 ----a-w- E:\WINDOWS\Tasks\update-sys.job
====== E:\WINDOWS\Temp ======
======= E:\Program Files =====
2013-10-09 19:14:13 -------- d-----w- E:\Program Files\Overwolf
2013-10-09 19:14:13 -------- d-----w- E:\Program Files\Common Files\Overwolf
2013-10-09 10:32:58 -------- d-----w- E:\Program Files\PCSX2 1.0.0
2013-10-09 01:24:47 -------- d-----w- E:\Program Files\Dxtory Software
2013-10-08 16:37:30 -------- d-----w- E:\Program Files\Ss.Helper
2013-10-01 18:54:28 -------- d-----w- E:\Program Files\LOLReplay
2013-09-29 18:54:32 -------- d-----w- E:\Program Files\Craften Terminal
2013-09-28 12:10:56 -------- d-----w- E:\Program Files\RaidCall
2013-09-27 12:12:08 -------- d-----w- E:\Program Files\JaSMiN Co
2013-09-27 02:11:34 -------- d-----w- E:\Program Files\Common Files\Eye 312
2013-09-27 02:11:30 -------- d-----w- E:\Program Files\Common Files\Pac7302
2013-09-25 01:53:04 -------- d-----w- E:\Program Files\Common Files\Java
2013-09-25 01:52:39 -------- d-----w- E:\Program Files\Java
2013-09-24 15:07:23 -------- d-----w- E:\Program Files\Combined Community Codec Pack
2013-09-24 15:06:44 -------- d-----w- E:\Program Files\VideoLAN
2013-09-24 14:27:36 -------- d-----w- E:\Program Files\KYE
2013-09-23 19:59:50 -------- d-----w- E:\Program Files\foobar2000
2013-09-22 22:17:16 -------- d-----w- E:\Program Files\Common Files\Wise Installation Wizard
2013-09-22 14:32:36 -------- d-----w- E:\Program Files\TaskSwitchXP
2013-09-21 20:30:10 -------- d-----w- E:\Program Files\Call Graph
2013-09-21 15:19:14 -------- d-----w- E:\Program Files\Common Files\DVDVideoSoft
2013-09-21 15:19:13 -------- d-----w- E:\Program Files\DVDVideoSoft
2013-09-21 14:46:27 -------- d-----w- E:\Program Files\Lightworks
2013-09-21 14:42:02 -------- d-----w- E:\Program Files\Audacity
2013-09-21 14:15:03 -------- d-----w- E:\Program Files\Common Files\Steam
2013-09-19 13:00:55 -------- d-----w- E:\Program Files\Bandicam
2013-09-18 19:07:15 -------- d-----w- E:\Program Files\Paint.NET
2013-09-18 16:51:36 -------- d-----w- E:\Program Files\BandiMPEG1
2013-09-16 16:58:33 -------- d-----w- E:\Program Files\NVIDIA Corporation
2013-09-16 13:31:14 -------- d-----w- E:\Program Files\TeamSpeak 3 Client
2013-09-14 17:18:50 -------- d-----w- E:\Program Files\Microsoft Works
2013-09-14 17:18:25 -------- d-----w- E:\Program Files\Microsoft Visual Studio
2013-09-14 17:18:24 -------- d-----w- E:\Program Files\Common Files\DESIGNER
2013-09-14 17:16:31 -------- d-----w- E:\Program Files\Microsoft Visual Studio 8
2013-09-14 17:15:42 -------- d-----w- E:\Program Files\Microsoft Office
2013-09-14 14:35:09 -------- d-----w- E:\Program Files\Notepad++
2013-09-14 09:44:42 -------- d-----w- E:\Program Files\AutoClickerbyShocker
2013-09-13 18:44:50 -------- d-----w- E:\Program Files\Skillbrains
2013-09-13 18:31:54 -------- d-----w- E:\Program Files\Common Files\ODBC
2013-09-13 18:31:53 -------- d-----w- E:\Program Files\Common Files\SpeechEngines
2013-09-13 18:31:53 -------- d-----w- E:\Program Files\Common Files\Microsoft Shared
2013-09-13 18:31:53 -------- d-----w- E:\Program Files\Common Files
2013-09-13 18:31:02 -------- d-----w- E:\Program Files\MSBuild
2013-09-13 18:30:50 -------- d-----w- E:\Program Files\Reference Assemblies
2013-09-13 18:03:43 -------- d-----w- E:\Program Files\FastStone Image Viewer
2013-09-13 17:54:55 -------- d-----w- E:\Program Files\7-Zip
2013-09-13 17:21:12 -------- d-----w- E:\Program Files\Microsoft.NET
2013-09-13 17:20:34 -------- d-----w- E:\Program Files\Common Files\Skype
2013-09-13 17:20:34 -------- d-----r- E:\Program Files\Skype
2013-09-13 17:16:12 -------- d-----w- E:\Program Files\Common Files\InstallShield
2013-09-13 17:08:30 -------- d-----w- E:\Program Files\Mozilla Maintenance Service
2013-09-13 17:08:18 -------- d-----w- E:\Program Files\AVG
2013-09-13 17:00:05 -------- d--h--w- E:\Program Files\InstallShield Installation Information
2013-09-13 17:00:05 -------- d-----w- E:\Program Files\Realtek
2013-09-13 16:41:14 -------- d--h--w- E:\Program Files\Uninstall Information
2013-09-13 16:37:55 -------- d-----w- E:\Program Files\xerox
2013-09-13 16:37:55 -------- d-----w- E:\Program Files\microsoft frontpage
2013-09-13 16:36:55 -------- d--h--w- E:\Program Files\WindowsUpdate
2013-09-13 16:36:45 -------- d-----w- E:\Program Files\Common Files\Services
2013-09-13 16:36:44 -------- d-----w- E:\Program Files\Common Files\MSSoap
2013-09-13 16:36:42 -------- d-----w- E:\Program Files\Movie Maker
2013-09-13 16:36:39 -------- d-----w- E:\Program Files\NetMeeting
2013-09-13 16:36:38 -------- d-----w- E:\Program Files\Outlook Express
2013-09-13 16:36:37 -------- d-----w- E:\Program Files\Internet Explorer
2013-09-13 16:36:37 -------- d-----w- E:\Program Files\Common Files\System
2013-09-13 16:36:14 -------- d-----w- E:\Program Files\ComPlus Applications
2013-09-13 16:36:04 -------- d-----w- E:\Program Files\Online Services
2013-09-13 16:36:03 -------- d-----w- E:\Program Files\Windows Media Player
2013-09-13 16:35:59 -------- d-----w- E:\Program Files\Messenger
2013-09-13 16:35:58 -------- d-----w- E:\Program Files\MSN Gaming Zone
2013-09-13 16:35:53 -------- d-----w- E:\Program Files\Windows NT
2013-09-13 16:35:53 -------- d-----w- E:\Program Files\MSN
======= E: =====
2013-09-13 16:37:54 807FFE92BD174013D993954DFE54B1B1 195 --sha-r- E:\boot.ini
====== E:\Documents and Settings\Acid_Boom\Application Data ======
2013-10-09 19:14:28 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Overwolf
2013-10-09 01:24:53 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Dxtory Software
2013-10-09 00:31:59 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\TeknoGods
2013-10-08 19:20:14 -------- d-----w- E:\Documents and Settings\NetworkService\Start Menu\Programs
2013-10-03 16:22:46 -------- d-----r- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Administrative Tools
2013-09-30 10:09:56 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Dargon
2013-09-29 18:56:23 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\.minecraft
2013-09-29 18:55:08 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Craften Terminal
2013-09-29 18:54:54 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Craften.de
2013-09-28 12:11:12 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\raidcall
2013-09-28 12:11:05 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\RaidCall
2013-09-27 12:12:08 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\JaSMiN Co\3D Color Changer 3000
2013-09-27 12:12:08 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\JaSMiN Co
2013-09-27 02:22:11 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\vlc
2013-09-27 02:13:33 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Sun
2013-09-25 09:43:33 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Doom 3
2013-09-25 01:53:12 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\.technic
2013-09-25 01:51:31 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Sun
2013-09-24 15:13:24 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\gtk-2.0
2013-09-24 15:08:28 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\.purple
2013-09-23 20:00:48 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\foobar2000
2013-09-23 20:00:20 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Boom Audio Player
2013-09-23 19:52:00 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Flvto Youtube Downloader
2013-09-22 23:59:40 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Chromium
2013-09-22 23:59:29 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\PunkBuster
2013-09-22 22:50:48 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Accessories\System Tools
2013-09-22 22:17:56 A719B9EE6116B496F4000C0B1311EA13 22328 ----a-w- E:\Documents and Settings\Acid_Boom\Application Data\PnkBstrK.sys
2013-09-21 20:30:10 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Call Graph
2013-09-21 15:23:42 -------- d-----w- E:\Documents and Settings\Administrator\Application Data\Audacity
2013-09-21 15:22:25 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Audacity
2013-09-21 15:19:14 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\DVDVideoSoft
2013-09-21 14:02:00 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\FastStone
2013-09-20 18:53:13 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\NVIDIA
2013-09-18 19:07:09 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Paint.NET
2013-09-18 16:55:36 CD4FCFF7AC5094BB5BB65B29C24B3FB4 9728 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-18 16:52:34 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\BANDISOFT
2013-09-16 13:33:50 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\TS3Client
2013-09-16 13:31:20 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Overwolf
2013-09-14 17:15:47 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Microsoft Help
2013-09-14 16:52:26 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\uTorrent
2013-09-14 14:35:11 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Notepad++
2013-09-14 14:35:09 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Notepad++
2013-09-13 22:32:52 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\_
2013-09-13 20:44:56 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\LolClient
2013-09-13 18:44:51 DD5B2DE1EA959C398DA361E2E33E2387 518 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\UserProducts.xml
2013-09-13 18:44:47 -------- d-----w- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\LightShot
2013-09-13 18:44:47 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Skillbrains
2013-09-13 18:42:04 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- E:\Documents and Settings\Administrator\Application Data\desktop.ini
2013-09-13 18:42:04 -------- d-s---w- E:\Documents and Settings\Administrator\Application Data\Microsoft
2013-09-13 18:42:04 -------- d-----w- E:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
2013-09-13 18:31:43 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- E:\Documents and Settings\Default User\Application Data\desktop.ini
2013-09-13 18:31:43 -------- d-----r- E:\Documents and Settings\Default User\Start Menu\Programs\Startup
2013-09-13 18:31:43 -------- d-----r- E:\Documents and Settings\Default User\Start Menu\Programs
2013-09-13 18:31:31 E37F0B614753819242F6D89403D9A61F 239576 ----a-w- E:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-09-13 18:31:31 -------- d-s---w- E:\Documents and Settings\Default User\Application Data\Microsoft
2013-09-13 17:50:16 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Adobe
2013-09-13 17:49:20 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Adobe
2013-09-13 17:20:48 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Skype
2013-09-13 17:10:24 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\AVG2013
2013-09-13 17:10:08 -------- d-----w- E:\WINDOWS\system32\config\systemprofile\Application Data\AVG2013
2013-09-13 17:09:48 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\TuneUp Software
2013-09-13 17:08:42 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Mozilla
2013-09-13 17:08:42 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Mozilla
2013-09-13 17:08:19 -------- d-----w- E:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013
2013-09-13 17:04:21 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Avg2013
2013-09-13 16:59:58 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\InstallShield
2013-09-13 16:41:28 7E88C5028FCF8B4E5EA9336E8E69AB55 83392 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-09-13 16:41:15 -------- d-----w- E:\Documents and Settings\Acid_Boom\Application Data\Identities
2013-09-13 16:41:10 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- E:\Documents and Settings\Acid_Boom\Application Data\desktop.ini
2013-09-13 16:41:10 -------- d-s---w- E:\Documents and Settings\Acid_Boom\Application Data\Microsoft
2013-09-13 16:41:10 -------- d-----w- E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Microsoft
2013-09-13 16:41:09 -------- d-----r- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Startup
2013-09-13 16:41:09 -------- d-----r- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Accessories\Entertainment
2013-09-13 16:41:09 -------- d-----r- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Accessories\Accessibility
2013-09-13 16:41:09 -------- d-----r- E:\Documents and Settings\Acid_Boom\Start Menu\Programs\Accessories
2013-09-13 16:41:09 -------- d-----r- E:\Documents and Settings\Acid_Boom\Start Menu\Programs
2013-09-13 16:40:32 -------- d-----w- E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
2013-09-13 16:40:31 -------- d-s---w- E:\Documents and Settings\LocalService\Application Data\Microsoft
2013-09-13 16:40:21 -------- d-----w- E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
2013-09-13 16:40:20 -------- d-s---w- E:\Documents and Settings\NetworkService\Application Data\Microsoft
2013-09-13 16:39:12 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- E:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini
2013-09-13 16:39:12 -------- d-s---w- E:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft
2013-09-13 16:39:12 -------- d-----w- E:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft
2013-09-13 16:37:48 -------- d-----r- E:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility
2013-09-13 16:37:42 -------- d-----r- E:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment
2013-09-13 16:37:39 -------- d-----w- E:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft
2013-09-13 16:36:52 -------- d-----r- E:\Documents and Settings\Default User\Start Menu\Programs\Accessories
====== E:\Documents and Settings\Acid_Boom ======
2013-10-11 11:40:46 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\inr303vw.exe
2013-10-10 14:28:45 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-10 11:27:55 -------- d-----w- E:\Documents and Settings\Acid_Boom\Overwolf
2013-10-09 19:13:01 -------- d-sh--w- E:\Documents and Settings\Acid_Boom\PrivacIE
2013-10-09 19:11:42 2E17C8DAE4C49A28C5AD65DCDB52B6A2 991160 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\OverwolfInstaller.exe
2013-10-09 10:32:18 F7F9E8E7C7A752EAB409F01C483C36DE 8945660 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\pcsx2-1.0.0-r5350-setup.exe
2013-10-09 00:42:48 DDBD8D3012D4BA6578E089C978114337 1455528 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\SystemCheck_enUS.exe
2013-10-08 19:20:14 -------- d-----w- E:\Documents and Settings\NetworkService\Start Menu
2013-10-01 18:54:09 5256BD415E4E1F44BFD2C52E1318F493 1467513 ----a-w- E:\Documents and Settings\Acid_Boom\My Documents\LOLReplay-0.8.3.0.exe
2013-09-29 18:59:05 605A171C61A0607BDCF6BE80ED07CF95 695296 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\minecraft launcher by anjocaido.exe
2013-09-29 18:54:04 842229D5EE45F73C41E9BD3631623DF3 3877762 ----a-w- E:\Documents and Settings\Acid_Boom\My Documents\craftenterminal.exe
2013-09-28 12:07:37 0CE25152A877F5053EF9702F26E380BD 5519456 ----a-w- E:\Documents and Settings\Acid_Boom\My Documents\raidcall.exe
2013-09-24 21:32:51 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- E:\Documents and Settings\Acid_Boom\.recently-used.xbel
2013-09-22 22:51:52 -------- d-sh--w- E:\Documents and Settings\NetworkService\IETldCache
2013-09-22 22:50:46 -------- d-sh--w- E:\Documents and Settings\Acid_Boom\IETldCache
2013-09-22 14:50:41 -------- d--h--r- E:\Documents and Settings\Acid_Boom\Recent
2013-09-21 14:50:21 -------- d-----w- E:\Documents and Settings\Acid_Boom\.MCReferenceSdk
2013-09-13 18:42:05 CBDA6984D2ECC537AEF07205AE001013 178 --sha-w- E:\Documents and Settings\Administrator\ntuser.ini
2013-09-13 18:42:04 -------- d-sh--w- E:\Documents and Settings\Administrator\Cookies
2013-09-13 18:42:04 -------- d--h--r- E:\Documents and Settings\Administrator\Application Data
2013-09-13 18:42:04 -------- d-----w- E:\Documents and Settings\Administrator\Favorites
2013-09-13 18:42:04 -------- d-----w- E:\Documents and Settings\Administrator\Desktop
2013-09-13 18:42:03 -------- d--h--w- E:\Documents and Settings\Administrator\Templates
2013-09-13 18:42:03 -------- d--h--w- E:\Documents and Settings\Administrator\Recent
2013-09-13 18:42:03 -------- d--h--w- E:\Documents and Settings\Administrator\PrintHood
2013-09-13 18:42:03 -------- d--h--w- E:\Documents and Settings\Administrator\NetHood
2013-09-13 18:42:03 -------- d--h--w- E:\Documents and Settings\Administrator\Local Settings
2013-09-13 18:42:03 -------- d--h--r- E:\Documents and Settings\Administrator\SendTo
2013-09-13 18:42:03 -------- d-----w- E:\Documents and Settings\Administrator\My Documents
2013-09-13 18:42:03 -------- d-----r- E:\Documents and Settings\Administrator\Start Menu
2013-09-13 18:31:43 -------- d-s---w- E:\Documents and Settings\Default User\Cookies
2013-09-13 18:31:43 -------- d--h--w- E:\Documents and Settings\Default User\Templates
2013-09-13 18:31:43 -------- d--h--w- E:\Documents and Settings\Default User\Recent
2013-09-13 18:31:43 -------- d--h--w- E:\Documents and Settings\Default User\PrintHood
2013-09-13 18:31:43 -------- d--h--w- E:\Documents and Settings\Default User\NetHood
2013-09-13 18:31:43 -------- d--h--r- E:\Documents and Settings\Default User\SendTo
2013-09-13 18:31:43 -------- d--h--r- E:\Documents and Settings\Default User\Local Settings
2013-09-13 18:31:43 -------- d-----w- E:\Documents and Settings\Default User\My Documents
2013-09-13 18:31:43 -------- d-----w- E:\Documents and Settings\Default User\Favorites
2013-09-13 18:31:43 -------- d-----w- E:\Documents and Settings\Default User\Desktop
2013-09-13 18:31:43 -------- d-----r- E:\Documents and Settings\Default User\Start Menu
2013-09-13 18:31:31 -------- d--h--r- E:\Documents and Settings\Default User\Application Data
2013-09-13 16:41:11 CBDA6984D2ECC537AEF07205AE001013 178 --sh--w- E:\Documents and Settings\Acid_Boom\ntuser.ini
2013-09-13 16:41:10 -------- d-sh--w- E:\Documents and Settings\Acid_Boom\Cookies
2013-09-13 16:41:10 -------- d--h--w- E:\Documents and Settings\Acid_Boom\PrintHood
2013-09-13 16:41:10 -------- d--h--w- E:\Documents and Settings\Acid_Boom\NetHood
2013-09-13 16:41:10 -------- d--h--w- E:\Documents and Settings\Acid_Boom\Local Settings
2013-09-13 16:41:10 -------- d--h--r- E:\Documents and Settings\Acid_Boom\Application Data
2013-09-13 16:41:10 -------- d-----w- E:\Documents and Settings\Acid_Boom\Desktop
2013-09-13 16:41:10 -------- d-----r- E:\Documents and Settings\Acid_Boom\My Documents
2013-09-13 16:41:10 -------- d-----r- E:\Documents and Settings\Acid_Boom\Favorites
2013-09-13 16:41:09 -------- d--h--w- E:\Documents and Settings\Acid_Boom\Templates
2013-09-13 16:41:09 -------- d--h--r- E:\Documents and Settings\Acid_Boom\SendTo
2013-09-13 16:41:09 -------- d-----r- E:\Documents and Settings\Acid_Boom\Start Menu
2013-09-13 16:40:32 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- E:\Documents and Settings\LocalService\ntuser.ini
2013-09-13 16:40:31 -------- d-sh--w- E:\Documents and Settings\LocalService\Cookies
2013-09-13 16:40:31 -------- d--h--w- E:\Documents and Settings\LocalService\Local Settings
2013-09-13 16:40:31 -------- d-----w- E:\Documents and Settings\LocalService\Application Data
2013-09-13 16:40:21 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- E:\Documents and Settings\NetworkService\ntuser.ini
2013-09-13 16:40:20 -------- d-sh--w- E:\Documents and Settings\NetworkService\Cookies
2013-09-13 16:40:20 -------- d--h--w- E:\Documents and Settings\NetworkService\Local Settings
2013-09-13 16:40:20 -------- d-----w- E:\Documents and Settings\NetworkService\Application Data
2013-09-13 16:39:12 -------- d-s---w- E:\WINDOWS\system32\config\systemprofile\Cookies
2013-09-13 16:39:12 -------- d--h--w- E:\WINDOWS\system32\config\systemprofile\Templates
2013-09-13 16:39:12 -------- d--h--w- E:\WINDOWS\system32\config\systemprofile\Recent
2013-09-13 16:39:12 -------- d--h--w- E:\WINDOWS\system32\config\systemprofile\PrintHood
2013-09-13 16:39:12 -------- d--h--w- E:\WINDOWS\system32\config\systemprofile\NetHood
2013-09-13 16:39:12 -------- d--h--r- E:\WINDOWS\system32\config\systemprofile\SendTo
2013-09-13 16:39:12 -------- d--h--r- E:\WINDOWS\system32\config\systemprofile\Local Settings
2013-09-13 16:39:12 -------- d--h--r- E:\WINDOWS\system32\config\systemprofile\Application Data
2013-09-13 16:39:12 -------- d-----w- E:\WINDOWS\system32\config\systemprofile\My Documents
2013-09-13 16:39:12 -------- d-----w- E:\WINDOWS\system32\config\systemprofile\Favorites
2013-09-13 16:39:12 -------- d-----w- E:\WINDOWS\system32\config\systemprofile\Desktop
2013-09-13 16:39:12 -------- d-----r- E:\WINDOWS\system32\config\systemprofile\Start Menu

====== E: exe-files ==
2013-10-11 11:40:46 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\inr303vw.exe
2013-10-10 14:28:45 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-09 21:40:00 1BEB03CC3EA923D3BD88A4F1DC531662 311296 ----a-w- E:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe
2013-10-09 21:38:42 C825442DE19A4CC8D65F97CA70A56385 311296 ----a-w- E:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe
2013-10-09 21:36:46 18916A53C134780857C5AFB856D0C255 316728 ----a-w- E:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe
2013-10-09 21:33:14 DEE4F31F451AA6BE442E93A8C9E46EB4 316728 ----a-w- E:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\uninstall.exe
2013-10-09 21:21:51 FFD49C51DDE6FDE37C9949BC6DE0EF46 2584848 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\WindowsInstaller-KB893803-x86.exe
2013-10-09 21:21:51 DEE4F31F451AA6BE442E93A8C9E46EB4 316728 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\setup.exe
2013-10-09 21:21:51 11B0C5F75B676D47424C2176D593C1DC 673576 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\pbsvc.exe
2013-10-09 21:21:49 61A5FB191AE2AE876DB31DCCE75E4183 1822520 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\instmsiw.exe
2013-10-09 21:21:48 43F7305C2E5DD4A8F3C5ABEB2FFE4833 1708856 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\instmsia.exe
2013-10-09 21:08:21 5508C873BD9A6ACE8F865C83DB3810DC 4498779 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Setup\Data\iw3sp.exe
2013-10-09 21:08:20 D40C958F78A41E59925D8E544A329D4F 3325952 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Setup\Data\iw3mp.exe
2013-10-09 21:08:18 C960F5F6502ACF342DFB017AD3C713FC 40960 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Setup\rsrc\ereg.exe
2013-10-09 21:08:16 77DAF7047C4D64016EE7B0107780FC98 6982830 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Setup\rsrc\CoD4.exe
2013-10-09 21:08:12 19F765ED048028E34B33C863CD033259 51336 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Setup\rsrc\AUTORUN.EXE
2013-10-09 21:08:11 8D87F601D5F583CDF02105C82BB7F675 98304 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Razor1911\rzr-cod4.exe
2013-10-09 21:08:10 B0B02FC2E0246E23B0787712834A7176 3017216 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Razor1911\iw3sp.exe
2013-10-09 21:08:02 51E2C0FE6D9AF1C857D216080D831A7C 39968152 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Patches 1.6-1.7\CoD4MW-1.7-PatchSetup.exe
2013-10-09 21:07:33 3EA5719672331D145685CCBDBABE900E 296330688 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Patches 1.6-1.7\CoD4MW-1.6-PatchSetup.exe
2013-10-09 21:07:30 667A029BA9FF9E67DC53BAEEF69870CF 21290704 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Extras\Reader\AdbeRdr708_en_US.exe
2013-10-09 21:07:26 773820B9BF2AA7B25F3BFD0C67D43078 503144 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\DirectX\DXSETUP.exe
2013-10-09 19:14:27 94577700BAF72BD4AFFE0F9C0D95DA92 363448 ----a-w- E:\Program Files\Overwolf\owUpdater.exe
2013-10-09 19:14:26 1AA28D0A4E6BDB50613ACB7175778594 18360 ----a-w- E:\Program Files\Overwolf\OverwolfUpdater.exe
2013-10-09 19:11:42 2E17C8DAE4C49A28C5AD65DCDB52B6A2 991160 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\OverwolfInstaller.exe
2013-10-09 12:54:24 9E66E089D184A931C02353F6F4C8F99D 45056 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\COD UNLOCKER_mpgh.net\COD UNLOCKER.exe
2013-10-09 10:32:58 9E411FA0BFB6AF36A888C21DBCAF95FC 66417 ----a-w- E:\Program Files\PCSX2 1.0.0\Uninst-pcsx2-r5350.exe
2013-10-09 10:32:18 F7F9E8E7C7A752EAB409F01C483C36DE 8945660 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\pcsx2-1.0.0-r5350-setup.exe
2013-10-09 01:24:49 ECE4721350ABA95BC2EFE49FC8A51E49 90112 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\LicReg.exe
2013-10-09 01:24:49 9A41C10BC4F964DB75FFCA76353B3D6D 7168 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\tool\Uninstall_DIH.exe
2013-10-09 01:24:49 52D80D1D2C937828812E2F03369AEE7D 6656 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\tool\Install_DIH.exe
2013-10-09 01:24:49 406E7DF08CE79BE3016CC6D15E2ED956 93696 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\UpdateChecker.exe
2013-10-09 01:24:48 9CE5F2FC422F9049E53C248938F735E6 569344 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\Dxtory.exe
2013-10-09 01:24:48 1E716E8D6D705A2A1B9C60758C38E66D 122368 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\DxtoryVideoSetting.exe
2013-10-09 01:24:47 F28047514121214805DDB1016D04A8EC 1211081 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\unins000.exe
2013-10-09 01:24:47 C095CAB32E78BC1F6A36E7F5EB158AA6 25600 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\AudioStreamSplitter.exe
2013-10-09 01:24:47 425E5C0F3837B9A9994BE4142D2F95D7 203264 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\RawCapConv.exe
2013-10-09 01:24:47 1F6DEE66EB17851C7038832640A6238E 72192 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\AVIFix.exe
2013-10-09 00:42:48 DDBD8D3012D4BA6578E089C978114337 1455528 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\SystemCheck_enUS.exe
2013-10-08 19:20:17 2170EAB87949CB2E40E53CFDEDD5D28A 510752 ----a-w- E:\Program Files\Skillbrains\Updater\1.7.0.5\Updater.exe
2013-10-08 19:19:59 B0AE27E0C38EEC19E97E76454C347693 702264 ----a-w- E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VV8VSS7K\setup-updater-1.7.0.5[1].exe
2013-10-08 16:39:33 E717F6CE3A7429BFA6D7F3CF66737A4B 15968 --s-a-r- E:\Documents and Settings\All Users\Application Data\InstallMate\{781DF717-25E2-419F-A374-6DC0A3FED5E1}\Setup.exe
2013-10-08 16:38:08 E717F6CE3A7429BFA6D7F3CF66737A4B 15968 --s-a-r- E:\Documents and Settings\All Users\Application Data\InstallMate\{9F7D7E42-011C-41E3-A308-493E449E5CB4}\Setup.exe
2013-10-08 16:38:08 57E626878D667E65127D1725279B0965 12384 ----atw- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\{9F7D7E42-011C-41E3-A308-493E449E5CB4}\x86\regsvr32.exe
2013-10-08 16:38:08 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\{9F7D7E42-011C-41E3-A308-493E449E5CB4}\x64\regsvr32.exe
2013-10-08 16:37:41 8300C91B40229B42301AEBC6D8859907 342016 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\00294823\t1Sc7.exe
2013-10-08 16:37:38 7C7EF257C875DE3AF893965631C021EF 1096792 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\CR2T3XXW\BDZz[1].exe
2013-10-08 16:37:10 903C06F02D542E7DFE137E8FB2E86E59 1504931 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\W14ZCHCJ\psupport_install[1].exe
2013-10-08 16:36:58 7B59BFDF8E727A903642ED7F358059ED 1096472 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\CR2T3XXW\X7Atih[1].exe
=== E: other files ==
2013-10-10 14:29:12 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- E:\WINDOWS\system32\drivers\mbam.sys
2013-10-09 21:12:40 B7FC614049576C45D03D52196315B3C8 329 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\cod4mw\Setup\Data\Mods\ModWarfare\makeMod.bat
2013-10-09 16:43:00 43E184C40B6969410FAD1544923FACF0 60215 ----a-w- E:\Documents and Settings\Acid_Boom\Local Settings\Temp\funcommandsX_2.3.zip
2013-10-09 09:58:18 CBBA6F9694CDAC3871671A5A1D793D62 465 ----a-w- E:\Documents and Settings\All Users\Application Data\AVG2013\IDS\quarantine\9c5f979c-66d8-47d3-af26-d1569661cde0.zip
2013-10-09 01:26:37 682978B823DF00A64D9760C32603CB52 1047 ----a-w- E:\Documents and Settings\Acid_Boom\Desktop\Lagarith_1327\install.bat
2013-10-09 01:24:49 D85A9954880343D603634AD9B2D7E86D 29 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\DxtoryVideo_Uninstall.bat
2013-10-09 01:24:49 A5739AABAD8E6999F46AF929FCD60F5C 26 ----a-w- E:\Program Files\Dxtory Software\Dxtory2.0\DxtoryVideo_Install.bat
2013-10-09 01:23:59 9A73504DE2FA896160868CEB3AB7B527 4055631 ----a-r- E:\dxtory\Dxtory 2.0.122[A4].zip
2013-10-08 23:57:08 F33556491C10732A205CE6874A973ED3 462 ----a-w- E:\Documents and Settings\All Users\Application Data\AVG2013\IDS\quarantine\8035b44a-668c-47d3-af21-d1569661cde0.zip
2013-10-08 16:39:31 107355B76B92A6AB84D1AA4C1D698527 1002448 ----a-w- E:\Documents and Settings\All Users\Application Data\AVG2013\IDS\quarantine\4b952036-6161-47d3-af21-d1569661cde0.zip
2013-10-06 18:06:34 CE3E38AC0008B1BD5299FB4495C85F2D 19582102 ----a-w- E:\Documents and Settings\Acid_Boom\Application Data\.technic\hexxit\texturepacks\Sphax_Hexxit _32x(1.0).zip
2013-10-06 17:54:35 C739943548E71F524151F4AC0FB94D1F 16153 ----a-w- E:\Documents and Settings\Acid_Boom\Application Data\.technic\hexxit\mods\chestTransporter_1.1.6_Universal.zip
2013-10-06 17:54:35 AB98EF5197EF07832EDB4EB5943B6A1C 128539 ----a-w- E:\Documents and Settings\Acid_Boom\Application Data\.technic\hexxit\mods\SecretRoomsMod-universal-4.6.0.283.zip
2013-10-06 17:51:07 673FE8868C1805C55891065ECCBEB8D6 4820134 ----a-w- E:\Documents and Settings\Acid_Boom\Application Data\.technic\hexxit\temp\betterdungeons-data2-v1.09a.zip
2013-10-06 17:50:39 5A60A3DC0B1D3A26B29DBBC908C24D75 4401682 ----a-w- E:\Documents and Settings\Acid_Boom\Application Data\.technic\hexxit\temp\betterdungeons-data1-v1.09a.zip
2013-10-06 17:50:27 7F23D39E90F6376B209BBFD982C088A3 862233 ----a-w- E:\Documents and Settings\Acid_Boom\Application Data\.technic\hexxit\temp\betterdungeons-v1.09b.zip
2013-10-06 17:36:12 133527294A9B001FC1ABCBBD8D098096 5536158 ----a-w- E:\Documents and Settings\Acid_Boom\Application Data\.technic\hexxit\texturepacks\Sphax PureBDcraft 32x MC15.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-842925246-117609710-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="E:\WINDOWS\system32\ctfmon.exe"
"LightShot"="E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue"
"Steam"="F:\Program Files\Steem\Steam.exe -silent"
"Overwolf"="E:\Program Files\Overwolf\Overwolf.exe -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="E:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"
"RTHDCPL"="RTHDCPL.EXE"
"GrooveMonitor"="E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"NvMediaCenter"="RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"
"NvCplDaemon"="RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup"
"nwiz"="E:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet"
"PAC7302_Monitor"="E:\WINDOWS\PixArt\PAC7302\Monitor.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="E:\WINDOWS\system32\ctfmon.exe"
"LightShot"="E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue"
"Steam"="F:\Program Files\Steem\Steam.exe -silent"
"Overwolf"="E:\Program Files\Overwolf\Overwolf.exe -silent"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BMISR]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BM"
"hkey"="HKLM"
"command"="E:\\Program Files\\KYE\\WebMate\\BM.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dargon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DargonD"
"hkey"="HKCU"
"command"="E:\\Dargon\\DargonD.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DVSSkypeRecorder]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="skyui"
"hkey"="HKCU"
"command"="\"E:\\Program Files\\DVDVideoSoft\\Free Video Call Recorder for Skype\\skyui.exe\" /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"E:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TaskSwitchXP]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TaskSwitchXP"
"hkey"="HKCU"
"command"="E:\\Program Files\\TaskSwitchXP\\TaskSwitchXP.exe"


==== Task Scheduler Jobs ======================

E:\WINDOWS\tasks\update-S-1-5-21-842925246-117609710-682003330-1003.job --a------ E:\Program Files\Skillbrains\Updater\Updater.exe [09/27/2013 01:37 PM]
E:\WINDOWS\tasks\update-sys.job --a------ E:\Program Files\Skillbrains\Updater\Updater.exe [09/27/2013 01:37 PM]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [09/13/2013 08:31 PM]

==== Firefox Extensions ======================

ProfilePath: E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default
- HTTPS-Everywhere - %ProfilePath%\extensions\https-everywhere@eff.org
- SearchNewTab - %ProfilePath%\extensions\hz57.eye@ayoo-hgoxcdonou.com
- Downloiad keepeir - %ProfilePath%\extensions\ila.temw@ayglxrm.edu
- uTorrentControl_v6 - %ProfilePath%\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
- Better TTV - %ProfilePath%\extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi
- Black Youtube - %ProfilePath%\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default
CA0E1DFBE480CF0BE13A0883BEB378B6 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U40
AF661355EBAB898EB92D5454AEF93CE0 - E:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43
E5AF72B7353FF8D431A7C463A4229524 - E:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
28000D7EEB2FD95A36E1A7539F599C3B - E:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - E:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - E:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
ECD2A181CCFD1DD27596570EBA28F3EA - E:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
C899B98999270821EDFFA56044DE2377 - E:\Documents and Settings\Acid_Boom\Application Data\raidcall\plugins\nprcplugin.dll - Raidcall plugin
AB87EEFFD18F2BAAFC274E7075EA6C67 - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
68A131335A20B343923A2957EB1E413D - E:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC"

==== EOF on Fri 10/11/2013 at 16:10:20.34 ======================


mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 11 Okt 2013 16:38
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow
Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt




Ivance95 (AMF Tim)

Poslao: 11 Okt 2013 17:22
Idi na vrh
offline
  • Windows Server Administration-ITAcademy
  • Pridružio: 16 Apr 2010
  • Poruke: 152
  • Gde živiš: Negde u svetu

ADW dao mi je 2 log fajl-a

mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 11 Okt 2013 17:52
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:

E:\Documents and Settings\All Users\Application Data\InstallMate;fs
hz57.eye@ayoo-hgoxcdonou.com;ff
ila.temw@ayglxrm.edu;ff
jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi
autoclean;
emptyclsid;
emptyalltemp;
FFdefaults;



Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.



Arrow Kakvo je stanje sada, da li i dalje imaš obaveštenja?

Poslao: 11 Okt 2013 18:13
Idi na vrh
offline
  • Windows Server Administration-ITAcademy
  • Pridružio: 16 Apr 2010
  • Poruke: 152
  • Gde živiš: Negde u svetu

Zoek:
Zoek.exe Version 4.0.0.5 Updated 09-October-2013
Tool run by Acid_Boom on Fri 10/11/2013 at 17:59:30.73.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: E:\Documents and Settings\Acid_Boom\Desktop\zoek\zoek.exe [Script inserted]

==== Older Logs ======================

E:\zoek-results2013-10-11-141040.log 63809 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default\prefs.js:
user_pref("browser.search.defaulturl", "");
user_pref("browser.search.defaultenginename,S", "");
user_pref("browser.search.selectedEngine,S", "");
user_pref("browser.search.order.1", "");
user_pref("browser.search.order.1,S", "");
user_pref("keyword.URL", "");

Added to E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default

user.js not found
---- Lines hz57.eye@ayoo-hgoxcdonou.com removed from prefs.js ----


---- Lines hz57.eye@ayoo-hgoxcdonou.com modified from prefs.js ----


---- Lines ila.temw@ayglxrm.edu removed from prefs.js ----

user_pref("extensions.bootstrappedAddons", "{\"jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack\":{\"version\":\"6.3.3\",\"type\":\"extension\",\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi\"},\"ila.temw@ayglxrm.edu\":{\"version\":\"1.6\",\"type\":\"extension\",\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\ila.temw@ayglxrm.edu\"},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.4\",\"type\":\"extension\",\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\"}}");

---- Lines ila.temw@ayglxrm.edu modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_20131011_0602_.backup

==== Deleting Files \ Folders ======================

"E:\Documents and Settings\All Users\Application Data\InstallMate" deleted
"E:\Program Files\Common Files\DVDVideoSoft\bin" deleted
"E:\Program Files\Ss.Helper" deleted
"E:\Documents and Settings\All Users\Application Data\InstallMate" deleted
"E:\Documents and Settings\All Users\Application Data\SummerSoft" deleted
"E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default\extensions\hz57.eye@ayoo-hgoxcdonou.com" deleted
"E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default\extensions\ila.temw@ayglxrm.edu" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [09/13/2013 08:31 PM]

==== Firefox Extensions ======================

ProfilePath: E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default
- HTTPS-Everywhere - %ProfilePath%\extensions\https-everywhere@eff.org
- Better TTV - %ProfilePath%\extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi
- Black Youtube - %ProfilePath%\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default
CA0E1DFBE480CF0BE13A0883BEB378B6 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U40
AF661355EBAB898EB92D5454AEF93CE0 - E:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43
E5AF72B7353FF8D431A7C463A4229524 - E:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
28000D7EEB2FD95A36E1A7539F599C3B - E:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - E:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - E:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
ECD2A181CCFD1DD27596570EBA28F3EA - E:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
C899B98999270821EDFFA56044DE2377 - E:\Documents and Settings\Acid_Boom\Application Data\raidcall\plugins\nprcplugin.dll - Raidcall plugin
AB87EEFFD18F2BAAFC274E7075EA6C67 - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
68A131335A20B343923A2957EB1E413D - E:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

E:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
E:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\0LCMHTBK will be deleted at reboot
E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\CR2T3XXW will be deleted at reboot
E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\SH8X0BS5 will be deleted at reboot
E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

E:\Documents and Settings\Acid_Boom\Local Settings\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

E:\WINDOWS\Temp successfully emptied
E:\DOCUME~1\ACID_B~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

E:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\0LCMHTBK" not found
"E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\CR2T3XXW" not found
"E:\Documents and Settings\Acid_Boom\Local Settings\Temporary Internet Files\Content.IE5\SH8X0BS5" not found

==== EOF on Fri 10/11/2013 at 18:07:45.50 ======================

i nemam vise reklame! samo mi sad startup duze traje.

Poslao: 11 Okt 2013 19:37
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:

jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi;ff



Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.



Ivance95 (AMF Tim)

Poslao: 11 Okt 2013 19:51
Idi na vrh
offline
  • Windows Server Administration-ITAcademy
  • Pridružio: 16 Apr 2010
  • Poruke: 152
  • Gde živiš: Negde u svetu

Zoek.exe Version 4.0.0.5 Updated 09-October-2013
Tool run by Acid_Boom on Fri 10/11/2013 at 19:49:58.14.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: E:\Documents and Settings\Acid_Boom\Desktop\zoek\zoek.exe [Script inserted]

==== Older Logs ======================

E:\zoek-results2013-10-11-141040.log 63809 bytes
E:\zoek-results2013-10-11-160832.log 9616 bytes

==== FireFox Fix ======================

ProfilePath: E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default

user.js not found
---- Lines jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi removed from prefs.js ----

user_pref("extensions.bootstrappedAddons", "{\"jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack\":{\"version\":\"6.3.3\",\"type\":\"extension\",\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi\"},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.4\",\"type\":\"extension\",\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\"}}");

---- Lines jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"E:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1379097113406,\"rdfTime\":1213270470000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"E:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1379457303437,\"rdfTime\":1379457303218}}},{\"name\":\"app-profile\",\"addons\":{\"https-everywhere@eff.org\":{\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\https-everywhere@eff.org\",\"mtime\":1381056453617,\"rdfTime\":315529200000},\"jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack\":{\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi\",\"mtime\":1380678704946},\"{2c93446d-612b-416d-9af0-b7355797b611}\":{\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\{2c93446d-612b-416d-9af0-b7355797b611}.xpi\",\"mtime\":1379096393513},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"E:\\\\Documents and Settings\\\\Acid_Boom\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tx3eee75.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1381407322695}}}]");

---- FireFox user.js and prefs.js backups ----

prefs_20131011_0602_.backup
prefs_20131011_0750_.backup

==== Deleting Files \ Folders ======================

"E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default\extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [09/13/2013 08:31 PM]

==== Firefox Extensions ======================

ProfilePath: E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default
- HTTPS-Everywhere - %ProfilePath%\extensions\https-everywhere@eff.org
- Black Youtube - %ProfilePath%\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: E:\Documents and Settings\Acid_Boom\Application Data\Mozilla\Firefox\Profiles\tx3eee75.default
CA0E1DFBE480CF0BE13A0883BEB378B6 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U40
AF661355EBAB898EB92D5454AEF93CE0 - E:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43
E5AF72B7353FF8D431A7C463A4229524 - E:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
28000D7EEB2FD95A36E1A7539F599C3B - E:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - E:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - E:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
ECD2A181CCFD1DD27596570EBA28F3EA - E:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
C899B98999270821EDFFA56044DE2377 - E:\Documents and Settings\Acid_Boom\Application Data\raidcall\plugins\nprcplugin.dll - Raidcall plugin
AB87EEFFD18F2BAAFC274E7075EA6C67 - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
68A131335A20B343923A2957EB1E413D - E:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System


==== EOF on Fri 10/11/2013 at 19:50:43.82 ======================

Poslao: 11 Okt 2013 20:03
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow To bi bilo to, ovim smo završili posao u Ambulanti. Ukoliko imaš bilo kakvih drugih problema, predlažem da otvoriš temu u Windows potforumu.



Arrow Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings

Klikni na dugme "Run" i pričekaj da program završi rad.
Alat ce ukloniti sve koriscene alate u ovoj temi...
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

Nije potrebno dostavljati izvestaj.




Arrow Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Vise o MCShield-u mozes saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html



Ivance95 (AMF Tim)

MyCity » Ambulanta -> Arhiva Ambulante » Moguci ADWare

Ko je trenutno na forumu
 

Ukupno su 896 korisnika na forumu :: 43 registrovanih, 7 sakrivenih i 846 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Alexandar-1973, amaterSRB, antonije64, bankulen, Ben Roj, Brana01, BSD, cavatina, CikaKURE, darionis, deLacy, FOX, Frunze, Kaplar2, Karla, kjkszpj, Krvava Devetka, kybonacci, laurusri, Lieutenant, Lubica, madza, MB120mm, Mi lao shu, mikrimaus, milos.cbr, milutin134, misa2, mocnijogurt, nebojsag, nemkea71, opt1, pein, powSrb, repac, RJ, Romibrat, Singidunumac, Sirius, Trpe Grozni, vobo