Ponekad sporo otvara stranice

Ponekad sporo otvara stranice

offline
  • zdr 
  • Građanin
  • Pridružio: 01 Okt 2013
  • Poruke: 190

1.Detaljan opis problema:
Pa ponekad mi stranice neke sporo otvara nije do interneta sto se tice interneta download/upload/ping su uredu.Kada otvorim stranicu ono mi otvori pola stranice i onda se vrti gore i cekam da mi otvori drugi dio.U toku "vrtenja" krugica za ucitavanje na modemu mi ne svetlucaju lamptice od Interneta i Lan1 sto znaci da uopste ne downloaduje nista sa interneta sa te stranice nego da se ta stranica ucitava sa HDD-a pa baguje.Facebook mi radi dobro,do skoro,skoro svaka stranica je tako bagovala pa sam malo cistio sa raznim programimama Temp File Cleaner,CClener,ASC,Wise Clener 365...i defragmentirao hdd njega cesto defragmentiram sa Asuslogic Disk Defrag Professional.
Drugi problem je sto mi se skoro za 3-4 minute koristenja interneta preko Google Chrome-a fb/youtube kada ocu da izadjem iz Google Chrome ili da ga minimiziram komp kao uspori toliko da kada minimiziram ili izadjem na destopu nestanu i onda se pojavljuju redom i tako malo refresam ga 20-ak puta da dodje sebi.Sada skidam Cool Novo ovaj manje zahtevan Google Chrome(editovani) pa cu da vidim je li i na njemu.Imam dve mrezne kartice integrisana Nvidi-a i Intelova diskretna.
Treci problem mi se poceo danas desavati kada igram Counter Strike mis mi se u sred igre iskljuci,cuje se onaj zvuk kada ustekam/istek neki USB uredjaj i tako u pola igre se cuje taj zvuk i kao da se kabal isteka i ponovo sam usteka.Mislim da se duzom igrom to cesce pojavljuje svako minut dok sam malo odmorio i ponovo pokrenuo cs onda je redje svako 4-5 min.
Internet ADLS 3560/320.Komp mi je los znam i sam obicna kanta ali je do skoro sve dobro radilo sto se tice cs 1.6 100fps do 250 dogura pa varira do 80 u smoke.Znam i da mi je monitor preveliki za ovu integrisanu graficku od 512 a rezolucija mi destopa 1920x1080.Ali znam da moze bolje nego sto sada radi.Sistem sam mu uradio pre mozda 4 meseca ne znam tacno takodje imam dual boot Xp/7.
Da,i ovo danas dok sam skidao sa ovog bleepingcomputer sajta sto vi dajete linkove dok mi je pokrenulo skidanje ADW Cleanera i JunkWare removera cekao sam mozda i preko minute kliknuo download umesto da odma pocne skidat cekao sam preko minut a pre dok je sve radilo posle 4-5s krece download.Evo i sad dok ovaj Farbar Recovery skidam za log isto kliknem download ucitava stranicu oko 20-ak sekundi stim sto je nju ucitalo ovako vizuelnu cjelu ali gore se vrti onaj krugic dok na modemu ne trepere lampice znaci baguje nesto u kompu.

LOG Frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-06-2014
Ran by Zeljko (administrator) on ADMINISTRATOR on 20-06-2014 00:05:30
Running from C:\Documents and Settings\Zeljko\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\system: [DisableLockWorkStation] 0
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoFileAssociate] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoSMBalloonTip] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1547161642-1659004503-1801674531-1003\...\Policies\Explorer: [NoCDBurning] 0
BootExecute:

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4A38C904-265F-4E99-ABB0-7E03680B28AA}: [NameServer]192.168.1.1,81.93.64.1
Tcpip\..\Interfaces\{E8D5FB94-1C7E-4466-9B2C-35C2C59C01F9}: [NameServer]192.168.1.1,81.93.64.9
Tcpip\..\Interfaces\{F85AFED7-7362-46A5-8449-145789134850}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF Extension: TVU Web Player - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\Extensions\firefox@tvunetworks.com [2013-12-08]
FF Extension: PrivDog - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\Extensions\PrivDog@AdTrustMedia.com [2014-06-14]
FF Extension: iMacros for Firefox - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-05-25]
FF Extension: DownloadHelper - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-30]
FF Extension: Ghostery - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\Extensions\firefox@ghostery.com.xpi [2014-06-01]
FF Extension: SQLite Manager - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2014-06-01]
FF Extension: NoScript - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-06-01]
FF Extension: Adblock Plus - C:\Documents and Settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-01]

Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://www.google.rs/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.600.19) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U60) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-04]
CHR Extension: (Google disk) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-04]
CHR Extension: (YouTube) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-04]
CHR Extension: (Google pretraživanje) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-04]
CHR Extension: (Google Novčanik) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-04]
CHR Extension: (Gmail) - C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-04]

========================== Services (Whitelisted) =================

S3 6to4; C:\WINDOWS\System32\6to4svc.dll [100352 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S4 AppMgmt; C:\WINDOWS\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\WINDOWS\System32\bthserv.dll [30208 2008-04-14] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [399360 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [246272 2008-04-14] (Microsoft Corporation) [File not signed]
S3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation) [File not signed]
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
S4 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S4 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
S4 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [121600 2013-04-05] (Intel Corporation)
S3 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-06-15] (Oracle Corporation)
R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [96768 2008-04-14] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S4 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S4 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation) [File not signed]
S4 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
S3 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-02-04] ()
S3 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [281152 2014-02-04] ()
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [399360 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2001-08-23] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [57856 2008-04-14] (Microsoft Corporation) [File not signed]
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
S4 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S4 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation) [File not signed]
S4 W32Time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation) [File not signed]
S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
S3 HWDeviceService.exe; No ImagePath
S3 LiveUpdateSvc; No ImagePath

==================== Drivers (Whitelisted) ====================

R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2001-08-23] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2013-11-03] (Advanced Micro Devices) [File not signed]
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2001-08-23] (Microsoft Corporation) [File not signed]
S3 BthEnum; C:\WINDOWS\System32\DRIVERS\BthEnum.sys [17024 2008-04-14] (Microsoft Corporation) [File not signed]
S3 BthPan; C:\WINDOWS\System32\DRIVERS\bthpan.sys [101120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\WINDOWS\System32\Drivers\BTHport.sys [272128 2008-06-13] (Microsoft Corporation) [File not signed]
S3 BTHUSB; C:\WINDOWS\System32\Drivers\BTHUSB.sys [18944 2008-04-14] (Microsoft Corporation) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2001-08-23] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2007-02-18] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2001-08-23] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation) [File not signed]
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [21376 2014-04-30] (Dev47Apps) [File not signed]
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2014-02-24] (Phoenix Technologies) [File not signed]
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-06-09] (Disc Soft Ltd)
S3 E100E; C:\WINDOWS\System32\DRIVERS\e100ent.sys [25360 2004-08-25] (Intel Corporation) [File not signed]
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Flpydisk; C:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2001-08-23] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2001-08-23] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation) [File not signed]
R3 HBtnKey; C:\WINDOWS\System32\DRIVERS\tkbtnpn.sys [7463 2007-10-30] (Lenovo) [File not signed]
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider) [File not signed]
R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hidusbf; C:\WINDOWS\System32\DRIVERS\hidusbf.sys [4544 2006-11-08] (SweetLow) [File not signed]
S3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [264832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Intels51; C:\WINDOWS\System32\DRIVERS\Intels51.sys [670203 2003-05-22] (Intel Corporation) [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2001-08-23] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2001-08-23] (Microsoft Corporation) [File not signed]
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MODEMCSA; C:\WINDOWS\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation) [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2007-02-18] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
S3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2001-08-23] (Microsoft Corporation) [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [70912 2013-11-03] (NVIDIA Corporation) [File not signed]
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2013-11-03] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2013-11-03] (NVIDIA Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2001-08-23] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2001-08-23] (Microsoft Corporation) [File not signed]
R3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80128 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2001-08-23] (Microsoft Corporation) [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2001-08-23] (Microsoft Corporation) [File not signed]
R0 Pcmcia; C:\WINDOWS\System32\DRIVERS\pcmcia.sys [120192 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [35840 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2001-08-23] (Parallel Technologies, Inc.) [File not signed]
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] ()
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2001-08-23] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2001-08-23] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2001-08-23] (Microsoft Corporation) [File not signed]
R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RFCOMM; C:\WINDOWS\System32\DRIVERS\rfcomm.sys [59136 2008-04-14] (Microsoft Corporation) [File not signed]
S3 rt2870; C:\WINDOWS\System32\DRIVERS\Drt2870.sys [1213632 2011-11-14] (Ralink Technology, Corp.)
R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 seehcri; C:\WINDOWS\System32\DRIVERS\seehcri.sys [27632 2014-03-06] (Sony Ericsson Mobile Communications) [File not signed]
R3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
S3 ssudserd; C:\WINDOWS\System32\DRIVERS\ssudserd.sys [182680 2013-08-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [13120 2013-08-25] ()
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation) [File not signed]
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 tapse01; C:\WINDOWS\System32\DRIVERS\tapse01.sys [33720 2013-10-16] (The OpenVPN Project)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
R3 tunmp; C:\WINDOWS\System32\DRIVERS\tunmp.sys [12288 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation) [File not signed]
R2 UI5IFS; C:\Program Files\Ashampoo\Ashampoo UnInstaller 5\IFS32.sys [33632 2013-05-08] ()
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation) [File not signed]
R3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed]
R3 usbcamcl; C:\WINDOWS\System32\DRIVERS\usbcamcl.sys [31104 2009-10-31] (usb camera) [File not signed]
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation) [File not signed]
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbser; C:\WINDOWS\System32\DRIVERS\usbser.sys [26240 2013-08-29] (Microsoft Corporation) [File not signed]
S3 usbstor; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-17] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WpdUsb; C:\WINDOWS\system32\Drivers\WpdUsb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2001-08-23] (Microsoft Corporation) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation) [File not signed]
R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation) [File not signed]
U3 AeLookupSvc;
S3 AmdLLD; No ImagePath
U3 Appinfo;
U3 AxInstSV;
S3 catchme; No ImagePath
U4 CertPropSvc;
U3 clr_optimization_v2.0.50727_64;
U4 CscService;
U4 defragsvc;
U4 EFS;
S3 ESEADriver2; No ImagePath
S3 ew_hwusbdev; No ImagePath
U3 fdPHost;
U4 FDResPub;
U3 HomeGroupListener;
U3 HomeGroupProvider;
S3 huawei_cdcacm; No ImagePath
S3 huawei_cdcecm; No ImagePath
S3 huawei_enumerator; No ImagePath
S3 huawei_ext_ctrl; No ImagePath
S4 IntelIde; No ImagePath
U4 IPBusEnum;
U4 iphlpsvc;
U3 KeyIso;
U4 lltdsvc;
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U4 MSiSCSI;
U3 netprofm;
U3 p2pimsvc;
U3 p2psvc;
S3 PBDOWNFORCE_SERVICE; No ImagePath
U4 PcaSvc;
U4 PeerDistSvc;
U4 PNRPAutoReg;
U3 PNRPsvc;
U4 QWAVE;
U4 SCPolicySvc;
U4 SensrSvc;
U4 SNMPTRAP;
U3 sppuinotify;
U4 TabletInputService;
U4 TBS;
U4 TermService; %SystemRoot%\System32\svchost.exe -k DComLaunch
U4 UI0Detect;
U4 UmRdpService;
U5 UnlockerDriver5; D:\Windows.old\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
U4 WbioSrvc;
U4 wcncsvc;
U4 wercplsupport;
U4 WerSvc;
U4 WinDefend;
U4 WinHttpAutoProxySvc;
S3 WiseHDInfo; \??\D:\Program Files\Wise\Wise Care 365\WiseHDInfo32.dll [X]
U4 WPCSvc;
U4 WPDBusEnum;
U4 WwanSvc;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-20 00:05 - 2014-06-20 00:05 - 00038026 _____ () C:\Documents and Settings\Zeljko\Desktop\FRST.txt
2014-06-20 00:05 - 2014-06-20 00:05 - 00000000 ____D () C:\FRST
2014-06-20 00:05 - 2014-06-20 00:04 - 01072128 _____ (Farbar) C:\Documents and Settings\Zeljko\Desktop\FRST.exe
2014-06-19 16:05 - 2014-06-19 16:06 - 00000000 ____D () C:\AdwCleaner
2014-06-19 16:04 - 2014-06-19 16:04 - 00001550 _____ () C:\Documents and Settings\Zeljko\Desktop\JRT.txt
2014-06-19 15:56 - 2014-06-19 15:58 - 00134086 _____ () C:\Documents and Settings\Zeljko\Desktop\Rkill.txt
2014-06-19 15:36 - 2014-06-19 15:36 - 00003570 _____ () C:\Documents and Settings\Zeljko\Desktop\Log.log
2014-06-19 15:35 - 2014-06-19 15:35 - 00003570 _____ () C:\Documents and Settings\Zeljko\Desktop\New Text Document.txt
2014-06-19 15:24 - 2014-06-19 15:24 - 06220854 _____ () C:\Documents and Settings\Zeljko\Desktop\untitled.bmp
2014-06-19 02:08 - 2014-06-19 02:08 - 00000429 _____ () C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk
2014-06-19 02:08 - 2014-06-19 02:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Railroad Tycoon 3
2014-06-19 02:05 - 2014-06-19 02:08 - 00000000 ____D () C:\Documents and Settings\Zeljko\Desktop\Railroad Tycoon 3 + Coast Expansion Pack + Updates + NOCD (zabranjeno) + Movies RT3 III to
2014-06-19 01:30 - 2014-06-19 01:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini061914-01.dmp
2014-06-19 01:27 - 2014-06-19 01:27 - 00000623 _____ () C:\Documents and Settings\Zeljko\Desktop\Auto Power-on & Shut-down.lnk
2014-06-19 01:27 - 2014-06-19 01:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auto Power-on & Shut-down
2014-06-19 00:41 - 2014-06-19 00:41 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Kiloo Games
2014-06-19 00:40 - 2014-06-19 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AutoHotkey
2014-06-18 21:18 - 2014-06-19 11:17 - 00028622 _____ () C:\WINDOWS\setupapi.log
2014-06-18 17:05 - 2014-06-19 16:06 - 00001987 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-18 13:27 - 2014-06-19 16:07 - 00000237 _____ () C:\WINDOWS\wiadebug.log
2014-06-18 13:27 - 2014-06-19 16:07 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-06-18 13:27 - 2014-06-18 13:27 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-06-17 00:45 - 2014-06-17 00:48 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\TeraCopy
2014-06-17 00:45 - 2014-06-17 00:45 - 00000000 ____D () C:\Program Files\TeraCopy
2014-06-17 00:45 - 2014-06-17 00:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeraCopy
2014-06-16 21:47 - 2014-06-19 16:07 - 00000276 _____ () C:\WINDOWS\Tasks\JetBoost_AutoUpdate.job
2014-06-16 21:45 - 2014-06-19 21:00 - 00000380 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2014-06-16 21:45 - 2014-06-16 21:45 - 00012720 _____ () C:\Documents and Settings\Zeljko\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-16 21:39 - 2014-06-16 21:39 - 03452968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-16 16:19 - 2010-12-21 07:55 - 00132424 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdmdm.sys
2014-06-16 16:19 - 2010-12-21 07:55 - 00104648 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdbus.sys
2014-06-16 16:19 - 2010-12-21 07:55 - 00014920 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdmdfl.sys
2014-06-16 16:19 - 2010-12-21 07:55 - 00012616 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdcmnt.sys
2014-06-16 16:19 - 2010-12-21 07:55 - 00012616 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdcm.sys
2014-06-16 16:19 - 2010-12-21 07:55 - 00012488 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdwhnt.sys
2014-06-16 16:19 - 2010-12-21 07:55 - 00012488 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdwh.sys
2014-06-15 14:14 - 2014-06-15 14:14 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-15 14:14 - 2014-06-15 14:13 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-15 14:13 - 2014-06-15 14:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-06-15 14:13 - 2014-06-15 14:13 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-15 14:13 - 2014-06-15 14:13 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-15 02:11 - 2014-06-15 02:11 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\KSafe
2014-06-15 02:10 - 2014-06-15 02:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kingsoft
2014-06-15 02:10 - 2014-06-15 02:10 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\kingsoft
2014-06-15 02:03 - 2014-06-15 02:03 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\GlarySoft
2014-06-15 01:59 - 2014-06-15 01:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\JetBoost
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\WINDOWS\system32\config\software.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\WINDOWS\system32\config\SECURITY.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\WINDOWS\system32\config\default.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\Documents and Settings\Zeljko\ntuser.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\Documents and Settings\NetworkService\NTUSER.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\Documents and Settings\LocalService\NTUSER.rhk.LOG
2014-06-15 01:49 - 2014-06-15 01:49 - 00000710 _____ () C:\Documents and Settings\Zeljko\Desktop\Temp File Cleaner.lnk
2014-06-15 01:49 - 2014-06-15 01:49 - 00000000 ____D () C:\Program Files\Temp File Cleaner
2014-06-14 23:39 - 2014-06-15 01:52 - 00000000 ____D () C:\Program Files\NCH Software
2014-06-14 23:39 - 2014-06-14 23:39 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\TechSmith
2014-06-14 23:39 - 2014-06-14 23:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NCH Software
2014-06-14 23:36 - 2014-06-14 23:36 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\TechSmith
2014-06-14 23:33 - 2014-06-14 23:33 - 00000893 _____ () C:\Documents and Settings\All Users\Desktop\Camtasia Studio 8.lnk
2014-06-14 23:33 - 2014-06-14 23:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TechSmith
2014-06-14 23:33 - 2014-06-14 23:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\regid.1995-08.com.techsmith
2014-06-14 23:32 - 2014-06-14 23:32 - 00000000 ____D () C:\Program Files\TechSmith
2014-06-14 23:32 - 2014-06-14 23:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TechSmith
2014-06-14 23:18 - 2014-06-14 23:21 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Audacity
2014-06-12 00:40 - 2014-06-12 00:58 - 00000000 ____D () C:\WINDOWS\system32\oodag
2014-06-12 00:40 - 2014-06-12 00:40 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\O&O
2014-06-12 00:40 - 2014-06-12 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\OO Software
2014-06-12 00:19 - 2014-06-15 01:49 - 00000716 _____ () C:\Documents and Settings\Zeljko\Start Menu\Programs\Temp File Cleaner.lnk
2014-06-12 00:19 - 2014-06-12 00:19 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\addpcs
2014-06-10 22:11 - 2014-06-10 22:11 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Publish Providers
2014-06-10 22:07 - 2014-06-10 23:23 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Sony
2014-06-10 22:07 - 2014-06-10 22:07 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sony
2014-06-10 22:07 - 2014-06-10 22:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sony
2014-06-10 22:05 - 2014-06-12 00:22 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWMFDist11$
2014-06-10 21:44 - 2014-06-10 21:44 - 00000000 ____D () C:\Documents and Settings\Zeljko\Start Menu\Programs\Fraps
2014-06-09 23:48 - 2014-06-09 23:48 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Application Data\Auslogics
2014-06-09 19:17 - 2014-06-09 19:17 - 00000216 _____ () C:\Documents and Settings\Zeljko\Desktop\Dead Bits.url
2014-06-09 14:11 - 2014-06-09 14:11 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-09 14:11 - 2014-06-09 14:11 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-06-08 19:13 - 2014-06-16 21:38 - 06553600 _____ () C:\Documents and Settings\Zeljko\ntuser.bak
2014-06-08 19:13 - 2014-06-16 21:38 - 00237568 _____ () C:\Documents and Settings\NetworkService\NTUSER.bak
2014-06-08 19:06 - 2014-06-08 19:06 - 31305728 _____ () C:\WINDOWS\system32\config\software.blues
2014-06-08 19:06 - 2014-06-08 19:06 - 07458816 _____ () C:\WINDOWS\system32\config\system.blues
2014-06-08 19:06 - 2014-06-08 19:06 - 04890624 _____ () C:\WINDOWS\system32\config\default.blues
2014-06-08 19:06 - 2014-06-08 19:06 - 00057344 _____ () C:\WINDOWS\system32\config\SECURITY.blues
2014-06-08 19:06 - 2014-06-08 19:06 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.blues
2014-06-08 19:06 - 2012-07-20 10:53 - 00022896 _____ (BlueSprig) C:\WINDOWS\system32\JetCleanRegDefrag.exe
2014-06-08 19:05 - 2014-06-08 19:05 - 00000000 ____D () C:\Program Files\BlueSprig
2014-06-08 19:05 - 2014-06-08 19:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\BlueSprig
2014-06-08 18:51 - 2014-06-08 18:51 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\SlimWare Utilities Inc
2014-06-08 18:43 - 2014-06-08 19:11 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-06-08 18:42 - 2014-06-08 18:42 - 00000020 ___SH () C:\WINDOWS\Win7745.Settings Collection
2014-06-08 18:42 - 2014-06-08 18:42 - 00000020 ___SH () C:\Documents and Settings\Zeljko\Application Data\App4870.ConfCollection.bin
2014-06-08 18:42 - 2002-01-05 11:37 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr70.dll
2014-06-08 18:42 - 2002-01-05 06:48 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc70.dll
2014-06-08 18:42 - 2002-01-05 05:40 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp70.dll
2014-06-08 18:42 - 2000-05-22 16:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.ocx
2014-06-08 18:41 - 2014-06-08 18:41 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\BlueSprig
2014-06-08 15:44 - 2006-11-08 22:19 - 00004544 _____ (SweetLow) C:\WINDOWS\system32\Drivers\hidusbf.sys
2014-06-08 15:39 - 2014-06-08 15:39 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Application Data\WinRAR
2014-06-08 15:37 - 2014-06-08 15:37 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\Application Data\COMODO
2014-06-08 15:32 - 2014-06-08 15:32 - 00012720 _____ () C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-08 15:31 - 2014-06-08 15:31 - 00000000 __SHD () C:\Documents and Settings\Administrator.ADMINISTRATOR\IETldCache
2014-06-06 17:47 - 2014-06-19 01:30 - 137469952 _____ () C:\WINDOWS\MEMORY.DMP
2014-06-06 11:47 - 2014-06-06 11:47 - 04558848 _____ (Google Inc.) C:\WINDOWS\system32\GPhotos.scr
2014-06-06 00:49 - 2014-06-06 00:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2014-06-06 00:48 - 2014-06-06 00:48 - 00001556 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
2014-06-06 00:48 - 2014-06-06 00:48 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-06-06 00:48 - 2013-08-25 11:30 - 00013120 _____ () C:\WINDOWS\system32\Drivers\StarOpen.sys
2014-06-05 23:17 - 2014-06-05 23:17 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\dlg
2014-06-05 19:09 - 2014-06-20 00:05 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\temp
2014-06-05 19:09 - 2014-06-08 15:40 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\temp
2014-06-05 19:09 - 2014-06-05 19:09 - 00022561 _____ () C:\ComboFix.txt
2014-06-05 19:09 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\temp
2014-06-05 19:09 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-06-05 19:09 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-06-05 19:09 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-06-05 15:07 - 2014-06-05 15:07 - 00000000 ____D () C:\SUPERDelete
2014-06-04 19:20 - 2014-06-04 19:33 - 00001859 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-06-04 19:20 - 2014-06-04 19:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-06-04 15:26 - 2014-06-04 15:26 - 00404920 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-06-04 15:07 - 2014-06-04 15:07 - 00000775 _____ () C:\Documents and Settings\Zeljko\Start Menu\BS.Player FREE.lnk
2014-06-04 15:07 - 2014-06-04 15:07 - 00000000 ____D () C:\Documents and Settings\Zeljko\Start Menu\Programs\BS.Player
2014-06-04 15:06 - 2014-06-04 15:22 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\BSplayer
2014-06-02 22:28 - 2014-06-02 22:31 - 00369299 _____ () C:\Documents and Settings\Zeljko\avgremover.log
2014-06-02 19:41 - 2014-06-02 19:41 - 00000000 ____D () C:\Program Files\Security Task Manager
2014-06-02 16:18 - 2014-06-02 16:18 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\COMODO
2014-06-02 16:17 - 2014-06-02 16:17 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2014-06-02 16:13 - 2014-06-02 19:33 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO I.evt
2014-06-02 16:09 - 2014-06-02 19:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo
2014-06-01 23:28 - 2014-06-01 23:28 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
2014-06-01 23:27 - 2014-06-01 23:27 - 00000000 ____D () C:\Documents and Settings\Zeljko\SecurityScans
2014-06-01 23:19 - 2014-06-01 23:20 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Adobe
2014-06-01 23:05 - 2014-06-16 21:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Comodo
2014-06-01 23:04 - 2014-06-02 19:35 - 00000000 ____D () C:\Program Files\Comodo
2014-06-01 23:04 - 2014-06-01 23:28 - 00048392 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll
2014-06-01 23:03 - 2014-06-01 23:03 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71.dll
2014-06-01 23:03 - 2014-06-01 23:03 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2014-06-01 21:00 - 2014-06-15 14:13 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-06-01 20:59 - 2014-06-15 14:13 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-06-01 20:43 - 2014-06-12 00:19 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\CrystalIdea Software
2014-06-01 20:13 - 2014-06-02 19:55 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2014-06-01 18:14 - 2014-06-08 15:00 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-06-01 18:13 - 2014-06-12 01:41 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-06-01 18:13 - 2014-06-12 01:41 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-06-01 18:12 - 2014-06-16 21:38 - 00237568 _____ () C:\Documents and Settings\LocalService\NTUSER.bak
2014-06-01 18:12 - 2014-06-01 18:12 - 00000000 _____ () C:\asc_rdflag
2014-06-01 17:20 - 2014-03-06 18:59 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-06-01 17:20 - 2014-03-06 18:59 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-06-01 17:20 - 2014-03-06 18:59 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-06-01 17:20 - 2014-03-06 18:59 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-06-01 17:20 - 2014-03-06 18:59 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-06-01 17:20 - 2014-03-06 18:59 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-06-01 17:20 - 2014-03-06 18:59 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-06-01 17:20 - 2014-03-06 18:59 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-06-01 17:18 - 2014-02-26 02:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-06-01 17:18 - 2014-02-26 02:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-06-01 16:58 - 2014-06-01 16:59 - 00006608 _____ () C:\WINDOWS\system32\TZLog.log
2014-06-01 16:48 - 2013-07-17 01:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-06-01 16:48 - 2013-07-17 01:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-06-01 16:48 - 2013-07-17 01:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-06-01 16:47 - 2014-06-08 15:39 - 00142976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-06-01 16:47 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-06-01 16:47 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-06-01 16:47 - 2013-07-03 02:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-06-01 16:47 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-06-01 16:20 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2014-06-01 15:24 - 2012-01-11 20:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2014-06-01 15:24 - 2012-01-11 20:06 - 00003072 ____C () C:\WINDOWS\system32\dllcache\iacenc.dll
2014-06-01 15:19 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-06-01 15:05 - 2011-07-15 14:29 - 00456320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2014-06-01 15:01 - 2014-06-01 17:21 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-06-01 14:49 - 2014-06-12 00:21 - 00000000 __HDC () C:\WINDOWS\$968930Uinstall_KB968930$
2014-06-01 14:49 - 2014-06-01 17:51 - 00065536 _____ () C:\WINDOWS\system32\config\Windows .evt
2014-06-01 14:49 - 2014-06-01 17:51 - 00065536 _____ () C:\WINDOWS\system32\config\Microsof.evt
2014-06-01 14:49 - 2014-06-01 14:49 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-01 14:49 - 2014-06-01 14:49 - 00000000 ____D () C:\WINDOWS\system32\WindowsPowerShell
2014-06-01 14:33 - 2013-07-04 04:03 - 02149888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2014-06-01 14:33 - 2013-07-04 03:59 - 02193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2014-06-01 14:33 - 2013-07-04 03:08 - 02028544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2014-06-01 14:32 - 2008-05-03 12:55 - 00002560 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsp4res.dll
2014-06-01 14:31 - 2014-06-01 14:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-06-01 13:48 - 2014-06-01 13:48 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\RoboForm
2014-06-01 13:47 - 2014-06-01 13:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RoboForm
2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Eusing
2014-05-31 13:41 - 2014-06-19 19:20 - 89114604 _____ () C:\Documents and Settings\Zeljko\Desktop\ManiaCS.dem
2014-05-30 23:01 - 2014-06-08 12:03 - 00014191 ____R () C:\Documents and Settings\Zeljko\Desktop\config.cfg
2014-05-30 00:20 - 2014-05-30 00:20 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-05-30 00:18 - 2014-05-30 00:18 - 00000235 _____ () C:\Documents and Settings\All Users\Application Data\SYSTEM_CLEANER_HISTORY.xml
2014-05-30 00:17 - 2014-05-30 00:17 - 00002252 _____ () C:\Documents and Settings\All Users\Application Data\SERVICES_HISTORY.xml
2014-05-30 00:16 - 2014-05-30 00:16 - 00005021 _____ () C:\Documents and Settings\All Users\Application Data\InternetSettingsHistory.xml
2014-05-30 00:15 - 2014-05-30 00:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Backup
2014-05-30 00:07 - 2014-05-30 00:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RegInOut
2014-05-28 17:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 00140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\COMDLG32.OCX
2014-05-28 14:10 - 2014-05-28 14:10 - 00053760 _____ () C:\WINDOWS\system32\zlib.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 00049152 _____ (PCSCT Software) C:\WINDOWS\UNINS.EXE
2014-05-28 14:10 - 2014-05-28 14:10 - 00028672 _____ ( ) C:\WINDOWS\system32\shelllnk.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 00006114 _____ () C:\WINDOWS\system32\shelllnk.tlb
2014-05-28 14:10 - 2014-05-28 14:10 - 00002616 _____ () C:\WINDOWS\system32\shelllnk.lib
2014-05-28 14:10 - 2014-05-28 14:10 - 00000975 _____ () C:\WINDOWS\system32\shelllnk.exp
2014-05-28 14:10 - 2002-06-06 16:13 - 01077344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscomctl.ocx
2014-05-26 19:03 - 2013-06-19 17:16 - 00342640 _____ (Hide My IP) C:\WINDOWS\system32\HMIPCore.dll
2014-05-26 19:02 - 2014-05-26 19:07 - 00004112 _____ () C:\WINDOWS\system32\HideMyIpSRV.ini
2014-05-26 19:02 - 2014-05-26 19:07 - 00002240 _____ () C:\WINDOWS\system32\HideMyIpSRVOff.ini
2014-05-26 18:49 - 2014-06-17 00:23 - 00000000 ____D () C:\Program Files\Origin Games
2014-05-25 22:27 - 2014-05-29 23:57 - 00000433 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-05-25 21:59 - 2014-05-25 21:59 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\JAM Software
2014-05-25 16:38 - 2014-05-25 16:38 - 00000000 ____D () C:\Program Files\Badosoft
2014-05-25 13:02 - 2014-05-25 13:02 - 00000833 _____ () C:\Documents and Settings\Zeljko\Start Menu\µTorrent.lnk
2014-05-24 14:29 - 2014-05-24 14:29 - 00000814 _____ () C:\Documents and Settings\Zeljko\Desktop\Photoshop CS6.lnk
2014-05-24 13:27 - 2014-05-24 13:27 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-05-24 11:35 - 2014-05-24 11:35 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\F-Secure
2014-05-24 01:30 - 2014-05-24 01:30 - 00020353 _____ () C:\WINDOWS\prodsett_copy.ini
2014-05-24 01:29 - 2014-05-24 01:29 - 00000000 __SHD () C:\Documents and Settings\Default User\IETldCache
2014-05-24 01:29 - 2014-05-24 01:29 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\F-Secure
2014-05-24 01:22 - 2014-05-24 13:20 - 00000000 ____D () C:\Program Files\F-Secure
2014-05-24 01:21 - 2014-05-24 13:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\F-Secure
2014-05-22 22:33 - 2014-05-22 22:33 - 00000935 _____ () C:\Documents and Settings\Zeljko\Desktop\DiskDefragPro.lnk
2014-05-22 22:01 - 2014-05-22 22:01 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio
2014-05-22 19:43 - 2014-05-22 19:43 - 00000197 _____ () C:\Documents and Settings\Zeljko\Application Data\gdscan.log
2014-05-22 19:43 - 2014-05-22 19:43 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt32_01007.Wdf
2014-05-22 19:42 - 2014-05-22 22:13 - 00000000 ____D () C:\Program Files\G Data
2014-05-21 16:09 - 2014-05-21 16:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\BitDefender
2014-05-21 15:48 - 2014-05-21 15:48 - 00000000 ____D () C:\Program Files\Lavasoft

==================== One Month Modified Files and Folders =======

2014-06-20 00:05 - 2014-06-20 00:05 - 00038026 _____ () C:\Documents and Settings\Zeljko\Desktop\FRST.txt
2014-06-20 00:05 - 2014-06-20 00:05 - 00000000 ____D () C:\FRST
2014-06-20 00:05 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\temp
2014-06-20 00:04 - 2014-06-20 00:05 - 01072128 _____ (Farbar) C:\Documents and Settings\Zeljko\Desktop\FRST.exe
2014-06-19 22:07 - 2014-04-17 14:04 - 00000000 ____D () C:\Program Files\Steam
2014-06-19 21:00 - 2014-06-16 21:45 - 00000380 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2014-06-19 19:20 - 2014-05-31 13:41 - 89114604 _____ () C:\Documents and Settings\Zeljko\Desktop\ManiaCS.dem
2014-06-19 16:11 - 2013-11-03 20:21 - 00602460 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-19 16:07 - 2014-06-18 13:27 - 00000237 _____ () C:\WINDOWS\wiadebug.log
2014-06-19 16:07 - 2014-06-18 13:27 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-06-19 16:07 - 2014-06-16 21:47 - 00000276 _____ () C:\WINDOWS\Tasks\JetBoost_AutoUpdate.job
2014-06-19 16:07 - 2013-11-03 19:54 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-19 16:06 - 2014-06-19 16:05 - 00000000 ____D () C:\AdwCleaner
2014-06-19 16:06 - 2014-06-18 17:05 - 00001987 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-19 16:06 - 2014-03-22 14:40 - 00032528 _____ () C:\WINDOWS\SchedLgU.Txt
2014-06-19 16:06 - 2013-11-03 19:57 - 00000178 ___SH () C:\Documents and Settings\Zeljko\ntuser.ini
2014-06-19 16:06 - 2013-11-03 19:57 - 00000000 ____D () C:\Documents and Settings\Zeljko
2014-06-19 16:04 - 2014-06-19 16:04 - 00001550 _____ () C:\Documents and Settings\Zeljko\Desktop\JRT.txt
2014-06-19 15:58 - 2014-06-19 15:56 - 00134086 _____ () C:\Documents and Settings\Zeljko\Desktop\Rkill.txt
2014-06-19 15:36 - 2014-06-19 15:36 - 00003570 _____ () C:\Documents and Settings\Zeljko\Desktop\Log.log
2014-06-19 15:35 - 2014-06-19 15:35 - 00003570 _____ () C:\Documents and Settings\Zeljko\Desktop\New Text Document.txt
2014-06-19 15:24 - 2014-06-19 15:24 - 06220854 _____ () C:\Documents and Settings\Zeljko\Desktop\untitled.bmp
2014-06-19 11:17 - 2014-06-18 21:18 - 00028622 _____ () C:\WINDOWS\setupapi.log
2014-06-19 11:17 - 2013-11-14 21:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MCShield
2014-06-19 02:08 - 2014-06-19 02:08 - 00000429 _____ () C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk
2014-06-19 02:08 - 2014-06-19 02:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Railroad Tycoon 3
2014-06-19 02:08 - 2014-06-19 02:05 - 00000000 ____D () C:\Documents and Settings\Zeljko\Desktop\Railroad Tycoon 3 + Coast Expansion Pack + Updates + NOCD (zabranjeno) + Movies RT3 III to
2014-06-19 02:07 - 2013-11-03 20:18 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-19 02:06 - 2014-01-25 13:38 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\DAEMON Tools Lite
2014-06-19 01:30 - 2014-06-19 01:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini061914-01.dmp
2014-06-19 01:30 - 2014-06-06 17:47 - 137469952 _____ () C:\WINDOWS\MEMORY.DMP
2014-06-19 01:30 - 2013-11-28 19:41 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-19 01:27 - 2014-06-19 01:27 - 00000623 _____ () C:\Documents and Settings\Zeljko\Desktop\Auto Power-on & Shut-down.lnk
2014-06-19 01:27 - 2014-06-19 01:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auto Power-on & Shut-down
2014-06-19 01:12 - 2014-01-19 11:50 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\uTorrent
2014-06-19 00:41 - 2014-06-19 00:41 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Kiloo Games
2014-06-19 00:40 - 2014-06-19 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AutoHotkey
2014-06-19 00:40 - 2014-02-04 23:37 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-06-18 13:27 - 2014-06-18 13:27 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-06-17 20:45 - 2014-01-19 22:59 - 01533527 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1547161642-1659004503-1801674531-1003-0.dat
2014-06-17 20:45 - 2014-01-19 22:59 - 00182054 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-06-17 00:48 - 2014-06-17 00:45 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\TeraCopy
2014-06-17 00:45 - 2014-06-17 00:45 - 00000000 ____D () C:\Program Files\TeraCopy
2014-06-17 00:45 - 2014-06-17 00:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeraCopy
2014-06-17 00:28 - 2014-03-29 23:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Origin
2014-06-17 00:23 - 2014-05-26 18:49 - 00000000 ____D () C:\Program Files\Origin Games
2014-06-17 00:22 - 2014-03-29 23:53 - 00000000 ____D () C:\Program Files\Origin
2014-06-16 21:46 - 2014-06-01 23:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Comodo
2014-06-16 21:46 - 2014-01-05 10:42 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Comodo
2014-06-16 21:45 - 2014-06-16 21:45 - 00012720 _____ () C:\Documents and Settings\Zeljko\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-16 21:39 - 2014-06-16 21:39 - 03452968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-16 21:39 - 2013-11-03 19:54 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-06-16 21:38 - 2014-06-08 19:13 - 06553600 _____ () C:\Documents and Settings\Zeljko\ntuser.bak
2014-06-16 21:38 - 2014-06-08 19:13 - 00237568 _____ () C:\Documents and Settings\NetworkService\NTUSER.bak
2014-06-16 21:38 - 2014-06-01 18:12 - 00237568 _____ () C:\Documents and Settings\LocalService\NTUSER.bak
2014-06-16 21:38 - 2013-11-03 20:18 - 28311552 _____ () C:\WINDOWS\system32\config\software.bak
2014-06-16 21:38 - 2013-11-03 20:18 - 04980736 _____ () C:\WINDOWS\system32\config\default.bak
2014-06-16 21:38 - 2013-11-03 20:18 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-06-16 21:38 - 2013-11-03 20:18 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-06-16 21:38 - 2013-11-03 19:32 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-06-16 20:53 - 2013-11-10 19:37 - 00000000 ___RD () C:\Documents and Settings\Zeljko\Desktop\Programi
2014-06-15 20:21 - 2014-03-07 13:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
2014-06-15 20:19 - 2013-12-07 17:54 - 00000132 _____ () C:\Documents and Settings\Zeljko\Application Data\Adobe PNG Format CS6 Prefs
2014-06-15 19:24 - 2013-11-09 14:40 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Youtube Downloader HD
2014-06-15 14:14 - 2014-06-15 14:14 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-15 14:14 - 2014-06-15 14:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-06-15 14:13 - 2014-06-15 14:14 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-15 14:13 - 2014-06-15 14:13 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-15 14:13 - 2014-06-15 14:13 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-15 14:13 - 2014-06-01 21:00 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-06-15 14:13 - 2014-06-01 20:59 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-06-15 02:29 - 2013-11-03 19:59 - 00000000 ____D () C:\Program Files\Google
2014-06-15 02:28 - 2014-04-17 22:53 - 00000000 ____D () C:\Program Files\Auslogics
2014-06-15 02:28 - 2013-11-03 21:00 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2014-06-15 02:20 - 2013-11-03 22:00 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-06-15 02:12 - 2014-06-15 02:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kingsoft
2014-06-15 02:11 - 2014-06-15 02:11 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\KSafe
2014-06-15 02:10 - 2014-06-15 02:10 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\kingsoft
2014-06-15 02:08 - 2013-11-03 20:18 - 28155904 _____ () C:\WINDOWS\system32\config\software.gbck
2014-06-15 02:08 - 2013-11-03 20:18 - 07077888 _____ () C:\WINDOWS\system32\config\system.gbck
2014-06-15 02:08 - 2013-11-03 20:18 - 04886528 _____ () C:\WINDOWS\system32\config\default.gbck
2014-06-15 02:08 - 2013-11-03 20:18 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.gbck
2014-06-15 02:08 - 2013-11-03 20:18 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.gbck
2014-06-15 02:03 - 2014-06-15 02:03 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\GlarySoft
2014-06-15 02:00 - 2013-11-03 19:54 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini
2014-06-15 01:59 - 2014-06-15 01:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\JetBoost
2014-06-15 01:58 - 2013-11-06 21:12 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Notepad++
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\WINDOWS\system32\config\software.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\WINDOWS\system32\config\SECURITY.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\WINDOWS\system32\config\default.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\Documents and Settings\Zeljko\ntuser.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\Documents and Settings\NetworkService\NTUSER.rhk.LOG
2014-06-15 01:54 - 2014-06-15 01:54 - 00000000 ____H () C:\Documents and Settings\LocalService\NTUSER.rhk.LOG
2014-06-15 01:52 - 2014-06-14 23:39 - 00000000 ____D () C:\Program Files\NCH Software
2014-06-15 01:49 - 2014-06-15 01:49 - 00000710 _____ () C:\Documents and Settings\Zeljko\Desktop\Temp File Cleaner.lnk
2014-06-15 01:49 - 2014-06-15 01:49 - 00000000 ____D () C:\Program Files\Temp File Cleaner
2014-06-15 01:49 - 2014-06-12 00:19 - 00000716 _____ () C:\Documents and Settings\Zeljko\Start Menu\Programs\Temp File Cleaner.lnk
2014-06-14 23:39 - 2014-06-14 23:39 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\TechSmith
2014-06-14 23:39 - 2014-06-14 23:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NCH Software
2014-06-14 23:36 - 2014-06-14 23:36 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\TechSmith
2014-06-14 23:33 - 2014-06-14 23:33 - 00000893 _____ () C:\Documents and Settings\All Users\Desktop\Camtasia Studio 8.lnk
2014-06-14 23:33 - 2014-06-14 23:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TechSmith
2014-06-14 23:33 - 2014-06-14 23:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\regid.1995-08.com.techsmith
2014-06-14 23:32 - 2014-06-14 23:32 - 00000000 ____D () C:\Program Files\TechSmith
2014-06-14 23:32 - 2014-06-14 23:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TechSmith
2014-06-14 23:21 - 2014-06-14 23:18 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Audacity
2014-06-12 14:40 - 2013-11-30 15:41 - 00000000 ____D () C:\WINDOWS\pss
2014-06-12 01:41 - 2014-06-01 18:13 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-06-12 01:41 - 2014-06-01 18:13 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-06-12 01:41 - 2014-03-01 20:52 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-06-12 01:41 - 2013-12-07 17:42 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-06-12 00:58 - 2014-06-12 00:40 - 00000000 ____D () C:\WINDOWS\system32\oodag
2014-06-12 00:40 - 2014-06-12 00:40 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\O&O
2014-06-12 00:40 - 2014-06-12 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\OO Software
2014-06-12 00:22 - 2014-06-10 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWMFDist11$
2014-06-12 00:22 - 2014-05-06 18:54 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-06-12 00:22 - 2014-01-27 15:55 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2014-06-12 00:21 - 2014-06-01 14:49 - 00000000 __HDC () C:\WINDOWS\$968930Uinstall_KB968930$
2014-06-12 00:19 - 2014-06-12 00:19 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\addpcs
2014-06-12 00:19 - 2014-06-01 20:43 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\CrystalIdea Software
2014-06-11 17:45 - 2013-11-09 18:52 - 00000000 ____D () C:\FFOutput
2014-06-11 13:29 - 2013-11-04 22:53 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\.minecraft
2014-06-11 09:49 - 2001-08-23 12:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-06-10 23:23 - 2014-06-10 22:07 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Sony
2014-06-10 22:11 - 2014-06-10 22:11 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Publish Providers
2014-06-10 22:07 - 2014-06-10 22:07 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Sony
2014-06-10 22:07 - 2014-06-10 22:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sony
2014-06-10 22:05 - 2013-11-03 19:29 - 00316640 _____ () C:\WINDOWS\WMSysPr9.prx
2014-06-10 22:05 - 2013-11-03 19:29 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-06-10 21:44 - 2014-06-10 21:44 - 00000000 ____D () C:\Documents and Settings\Zeljko\Start Menu\Programs\Fraps
2014-06-10 00:05 - 2014-01-25 21:06 - 00000178 ___SH () C:\Documents and Settings\Administrator.ADMINISTRATOR\ntuser.ini
2014-06-09 23:48 - 2014-06-09 23:48 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Application Data\Auslogics
2014-06-09 19:17 - 2014-06-09 19:17 - 00000216 _____ () C:\Documents and Settings\Zeljko\Desktop\Dead Bits.url
2014-06-09 14:18 - 2014-02-18 16:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Electronic Arts
2014-06-09 14:14 - 2014-02-18 16:34 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-06-09 14:13 - 2013-11-03 19:28 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2014-06-09 14:11 - 2014-06-09 14:11 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-09 14:11 - 2014-06-09 14:11 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-06-09 14:11 - 2014-04-27 23:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
2014-06-08 22:39 - 2014-01-29 22:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SecTaskMan
2014-06-08 22:31 - 2013-11-03 20:18 - 00000483 ___SH () C:\boot.ini
2014-06-08 22:31 - 2001-08-23 12:00 - 00000547 _____ () C:\WINDOWS\win.ini
2014-06-08 22:31 - 2001-08-23 12:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-06-08 22:19 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\security
2014-06-08 19:11 - 2014-06-08 18:43 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-06-08 19:06 - 2014-06-08 19:06 - 31305728 _____ () C:\WINDOWS\system32\config\software.blues
2014-06-08 19:06 - 2014-06-08 19:06 - 07458816 _____ () C:\WINDOWS\system32\config\system.blues
2014-06-08 19:06 - 2014-06-08 19:06 - 04890624 _____ () C:\WINDOWS\system32\config\default.blues
2014-06-08 19:06 - 2014-06-08 19:06 - 00057344 _____ () C:\WINDOWS\system32\config\SECURITY.blues
2014-06-08 19:06 - 2014-06-08 19:06 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.blues
2014-06-08 19:05 - 2014-06-08 19:05 - 00000000 ____D () C:\Program Files\BlueSprig
2014-06-08 19:05 - 2014-06-08 19:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\BlueSprig
2014-06-08 19:00 - 2014-05-10 18:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-08 18:51 - 2014-06-08 18:51 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\SlimWare Utilities Inc
2014-06-08 18:42 - 2014-06-08 18:42 - 00000020 ___SH () C:\WINDOWS\Win7745.Settings Collection
2014-06-08 18:42 - 2014-06-08 18:42 - 00000020 ___SH () C:\Documents and Settings\Zeljko\Application Data\App4870.ConfCollection.bin
2014-06-08 18:41 - 2014-06-08 18:41 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\BlueSprig
2014-06-08 18:41 - 2013-11-03 21:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics
2014-06-08 18:18 - 2014-01-17 18:22 - 00000000 ____D () C:\Games
2014-06-08 15:40 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\temp
2014-06-08 15:39 - 2014-06-08 15:39 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Application Data\WinRAR
2014-06-08 15:39 - 2014-06-01 16:47 - 00142976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-06-08 15:39 - 2008-04-14 00:15 - 00142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-06-08 15:37 - 2014-06-08 15:37 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\Application Data\COMODO
2014-06-08 15:32 - 2014-06-08 15:32 - 00012720 _____ () C:\Documents and Settings\Administrator.ADMINISTRATOR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-08 15:31 - 2014-06-08 15:31 - 00000000 __SHD () C:\Documents and Settings\Administrator.ADMINISTRATOR\IETldCache
2014-06-08 15:31 - 2014-01-25 21:06 - 00000000 ____D () C:\Documents and Settings\Administrator.ADMINISTRATOR
2014-06-08 15:00 - 2014-06-01 18:14 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-06-08 12:03 - 2014-05-30 23:01 - 00014191 ____R () C:\Documents and Settings\Zeljko\Desktop\config.cfg
2014-06-07 00:11 - 2014-03-11 13:55 - 00000000 ____D () C:\Download XP
2014-06-06 11:47 - 2014-06-06 11:47 - 04558848 _____ (Google Inc.) C:\WINDOWS\system32\GPhotos.scr
2014-06-06 00:49 - 2014-06-06 00:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2014-06-06 00:48 - 2014-06-06 00:48 - 00001556 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
2014-06-06 00:48 - 2014-06-06 00:48 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-06-06 00:43 - 2013-11-03 20:47 - 00000548 __RSH () C:\Documents and Settings\All Users\ntuser.pol
2014-06-05 23:23 - 2013-11-03 20:46 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-06-05 23:17 - 2014-06-05 23:17 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\dlg
2014-06-05 20:34 - 2014-03-20 22:45 - 00000000 ____D () C:\WINDOWS\erdnt
2014-06-05 20:34 - 2013-11-03 19:27 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-06-05 19:09 - 2014-06-05 19:09 - 00022561 _____ () C:\ComboFix.txt
2014-06-05 19:09 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\temp
2014-06-05 19:09 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-06-05 19:09 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-06-05 19:09 - 2014-06-05 19:09 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-06-05 17:03 - 2013-11-03 20:23 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\AIMP3
2014-06-05 16:54 - 2014-05-05 23:24 - 00000079 _____ () C:\WINDOWS\wininit.ini
2014-06-05 15:50 - 2014-05-05 22:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-06-05 15:07 - 2014-06-05 15:07 - 00000000 ____D () C:\SUPERDelete
2014-06-04 19:33 - 2014-06-04 19:20 - 00001859 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-06-04 19:20 - 2014-06-04 19:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-06-04 19:20 - 2013-11-03 19:59 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Google
2014-06-04 17:11 - 2013-11-03 20:13 - 01075020 _____ () C:\WINDOWS\system32\nvdrsdb1.bin
2014-06-04 17:11 - 2013-11-03 20:13 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin
2014-06-04 17:04 - 2013-11-03 20:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2014-06-04 17:04 - 2013-11-03 20:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-04 15:26 - 2014-06-04 15:26 - 00404920 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-06-04 15:22 - 2014-06-04 15:06 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\BSplayer
2014-06-04 15:07 - 2014-06-04 15:07 - 00000775 _____ () C:\Documents and Settings\Zeljko\Start Menu\BS.Player FREE.lnk
2014-06-04 15:07 - 2014-06-04 15:07 - 00000000 ____D () C:\Documents and Settings\Zeljko\Start Menu\Programs\BS.Player
2014-06-02 22:32 - 2013-12-31 18:30 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0
2014-06-02 22:32 - 2013-12-31 18:30 - 00000000 ____D () C:\Documents and Settings\Guest
2014-06-02 22:32 - 2013-12-31 18:30 - 00000000 ____D () C:\Documents and Settings\ASPNET
2014-06-02 22:32 - 2013-12-31 18:30 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-06-02 22:31 - 2014-06-02 22:28 - 00369299 _____ () C:\Documents and Settings\Zeljko\avgremover.log
2014-06-02 19:55 - 2014-06-01 20:13 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2014-06-02 19:41 - 2014-06-02 19:41 - 00000000 ____D () C:\Program Files\Security Task Manager
2014-06-02 19:35 - 2014-06-02 16:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo
2014-06-02 19:35 - 2014-06-01 23:04 - 00000000 ____D () C:\Program Files\Comodo
2014-06-02 19:33 - 2014-06-02 16:13 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO I.evt
2014-06-02 16:18 - 2014-06-02 16:18 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\COMODO
2014-06-02 16:17 - 2014-06-02 16:17 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2014-06-01 23:28 - 2014-06-01 23:28 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
2014-06-01 23:28 - 2014-06-01 23:04 - 00048392 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll
2014-06-01 23:27 - 2014-06-01 23:27 - 00000000 ____D () C:\Documents and Settings\Zeljko\SecurityScans
2014-06-01 23:20 - 2014-06-01 23:19 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\Adobe
2014-06-01 23:03 - 2014-06-01 23:03 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71.dll
2014-06-01 23:03 - 2014-06-01 23:03 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2014-06-01 21:44 - 2013-11-05 23:52 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-06-01 21:15 - 2013-11-09 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Youtube Downloader HD
2014-06-01 18:32 - 2014-04-10 22:48 - 00000000 ____D () C:\Program Files\Opera
2014-06-01 18:12 - 2014-06-01 18:12 - 00000000 _____ () C:\asc_rdflag
2014-06-01 17:51 - 2014-06-01 14:49 - 00065536 _____ () C:\WINDOWS\system32\config\Windows .evt
2014-06-01 17:51 - 2014-06-01 14:49 - 00065536 _____ () C:\WINDOWS\system32\config\Microsof.evt
2014-06-01 17:21 - 2014-06-01 15:01 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-06-01 16:59 - 2014-06-01 16:58 - 00006608 _____ () C:\WINDOWS\system32\TZLog.log
2014-06-01 16:25 - 2013-11-08 23:57 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-06-01 14:56 - 2013-11-03 19:27 - 00000000 ____D () C:\Program Files\Outlook Express
2014-06-01 14:53 - 2013-11-03 19:28 - 00000000 ____D () C:\Program Files\Movie Maker
2014-06-01 14:49 - 2014-06-01 14:49 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-01 14:49 - 2014-06-01 14:49 - 00000000 ____D () C:\WINDOWS\system32\WindowsPowerShell
2014-06-01 14:49 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\Help
2014-06-01 14:49 - 2013-11-03 19:25 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-06-01 14:31 - 2014-06-01 14:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-06-01 14:16 - 2013-11-03 19:26 - 00000000 ____D () C:\Program Files\Messenger
2014-06-01 14:05 - 2013-11-04 23:40 - 29310976 _____ () C:\WINDOWS\system32\config\software.iobit
2014-06-01 14:05 - 2013-11-04 23:40 - 04886528 _____ () C:\WINDOWS\system32\config\default.iobit
2014-06-01 14:05 - 2013-11-04 23:40 - 00057344 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-06-01 14:05 - 2013-11-04 23:40 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-06-01 14:01 - 2013-11-04 23:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ProductData
2014-06-01 13:48 - 2014-06-01 13:48 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\RoboForm
2014-06-01 13:47 - 2014-06-01 13:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RoboForm
2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Eusing
2014-06-01 02:30 - 2014-05-03 21:40 - 00000000 ____D () C:\Program Files\WestBalkan Avangard CS 1.6
2014-05-30 00:20 - 2014-05-30 00:20 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-05-30 00:18 - 2014-05-30 00:18 - 00000235 _____ () C:\Documents and Settings\All Users\Application Data\SYSTEM_CLEANER_HISTORY.xml
2014-05-30 00:17 - 2014-05-30 00:17 - 00002252 _____ () C:\Documents and Settings\All Users\Application Data\SERVICES_HISTORY.xml
2014-05-30 00:16 - 2014-05-30 00:16 - 00005021 _____ () C:\Documents and Settings\All Users\Application Data\InternetSettingsHistory.xml
2014-05-30 00:15 - 2014-05-30 00:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Backup
2014-05-30 00:07 - 2014-05-30 00:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RegInOut
2014-05-29 23:57 - 2014-05-25 22:27 - 00000433 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-05-29 23:57 - 2014-03-07 13:28 - 00004945 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-05-29 15:03 - 2013-11-15 14:17 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-29 13:17 - 2014-03-29 23:57 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Origin
2014-05-28 22:00 - 2014-02-16 12:49 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 17:47 - 2014-01-19 19:40 - 00000000 ____D () C:\Program Files\QuickTime
2014-05-28 14:10 - 2014-05-28 14:10 - 00140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\COMDLG32.OCX
2014-05-28 14:10 - 2014-05-28 14:10 - 00053760 _____ () C:\WINDOWS\system32\zlib.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 00049152 _____ (PCSCT Software) C:\WINDOWS\UNINS.EXE
2014-05-28 14:10 - 2014-05-28 14:10 - 00028672 _____ ( ) C:\WINDOWS\system32\shelllnk.dll
2014-05-28 14:10 - 2014-05-28 14:10 - 00006114 _____ () C:\WINDOWS\system32\shelllnk.tlb
2014-05-28 14:10 - 2014-05-28 14:10 - 00002616 _____ () C:\WINDOWS\system32\shelllnk.lib
2014-05-28 14:10 - 2014-05-28 14:10 - 00000975 _____ () C:\WINDOWS\system32\shelllnk.exp
2014-05-28 13:53 - 2013-11-04 23:35 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Apple Computer
2014-05-27 21:13 - 2013-11-03 19:29 - 00000749 ___RH () C:\WINDOWS\WindowsShell.Manifest
2014-05-27 21:13 - 2013-11-03 19:29 - 00000749 ___RH () C:\WINDOWS\system32\wuaucpl.cpl.manifest
2014-05-27 21:13 - 2013-11-03 19:29 - 00000749 ___RH () C:\WINDOWS\system32\sapi.cpl.manifest
2014-05-27 21:13 - 2013-11-03 19:29 - 00000749 ___RH () C:\WINDOWS\system32\nwc.cpl.manifest
2014-05-27 21:13 - 2013-11-03 19:29 - 00000749 ___RH () C:\WINDOWS\system32\ncpa.cpl.manifest
2014-05-27 21:13 - 2013-11-03 19:29 - 00000749 ___RH () C:\WINDOWS\system32\cdplayer.exe.manifest
2014-05-26 19:29 - 2014-05-16 02:26 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-05-26 19:29 - 2014-05-16 02:25 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-26 19:07 - 2014-05-26 19:02 - 00004112 _____ () C:\WINDOWS\system32\HideMyIpSRV.ini
2014-05-26 19:07 - 2014-05-26 19:02 - 00002240 _____ () C:\WINDOWS\system32\HideMyIpSRVOff.ini
2014-05-26 00:25 - 2014-04-19 19:48 - 00001516 _____ () C:\WINDOWS\Sandboxie.ini
2014-05-25 21:59 - 2014-05-25 21:59 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\JAM Software
2014-05-25 16:38 - 2014-05-25 16:38 - 00000000 ____D () C:\Program Files\Badosoft
2014-05-25 13:02 - 2014-05-25 13:02 - 00000833 _____ () C:\Documents and Settings\Zeljko\Start Menu\µTorrent.lnk
2014-05-24 14:29 - 2014-05-24 14:29 - 00000814 _____ () C:\Documents and Settings\Zeljko\Desktop\Photoshop CS6.lnk
2014-05-24 13:27 - 2014-05-24 13:27 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-05-24 13:27 - 2013-11-03 20:51 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\Adobe
2014-05-24 13:21 - 2014-05-24 01:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\F-Secure
2014-05-24 13:20 - 2014-05-24 01:22 - 00000000 ____D () C:\Program Files\F-Secure
2014-05-24 11:35 - 2014-05-24 11:35 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\F-Secure
2014-05-24 02:03 - 2014-05-03 14:13 - 00000524 _____ () C:\WINDOWS\Tasks\Auslogics Disk Defrag Prof Task {00000001-D8A3-4DA1-8E7F-9A9755418F49} for Zeljko.job
2014-05-24 01:30 - 2014-05-24 01:30 - 00020353 _____ () C:\WINDOWS\prodsett_copy.ini
2014-05-24 01:29 - 2014-05-24 01:29 - 00000000 __SHD () C:\Documents and Settings\Default User\IETldCache
2014-05-24 01:29 - 2014-05-24 01:29 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\F-Secure
2014-05-22 22:33 - 2014-05-22 22:33 - 00000935 _____ () C:\Documents and Settings\Zeljko\Desktop\DiskDefragPro.lnk
2014-05-22 22:31 - 2013-11-03 20:13 - 01075020 _____ () C:\WINDOWS\system32\nvdrsdb0.bin
2014-05-22 22:13 - 2014-05-22 19:42 - 00000000 ____D () C:\Program Files\G Data
2014-05-22 22:12 - 2014-01-27 15:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\G Data
2014-05-22 22:12 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-05-22 22:12 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\system32\mui
2014-05-22 22:01 - 2014-05-22 22:01 - 00000000 ____D () C:\Documents and Settings\Zeljko\Local Settings\Application Data\MapleStudio
2014-05-22 20:43 - 2013-11-03 20:15 - 00000000 ____D () C:\WINDOWS\repair
2014-05-22 20:43 - 2013-11-03 19:27 - 00000000 ____D () C:\WINDOWS\Registration
2014-05-22 19:43 - 2014-05-22 19:43 - 00000197 _____ () C:\Documents and Settings\Zeljko\Application Data\gdscan.log
2014-05-22 19:43 - 2014-05-22 19:43 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt32_01007.Wdf
2014-05-21 23:03 - 2013-11-04 20:16 - 00000000 ____D () C:\Documents and Settings\Zeljko\Application Data\TeamViewer
2014-05-21 16:09 - 2014-05-21 16:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\BitDefender
2014-05-21 15:48 - 2014-05-21 15:48 - 00000000 ____D () C:\Program Files\Lavasoft

Some content of TEMP:
====================
C:\Documents and Settings\Zeljko\Local Settings\temp\CmdLineExt03.dll
C:\Documents and Settings\Zeljko\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Zeljko\Local Settings\temp\SIntf16.dll
C:\Documents and Settings\Zeljko\Local Settings\temp\SIntf32.dll
C:\Documents and Settings\Zeljko\Local Settings\temp\SIntfNT.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Arrow

Arrow Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.











Arrow

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.



Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku;
Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata;
Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata;
Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.

offline
  • zdr 
  • Građanin
  • Pridružio: 01 Okt 2013
  • Poruke: 190

ComboFix 14-06-19.01 - Zeljko 06/20/2014 12:25:51.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.895.634 [GMT 1:00]
Running from: c:\documents and settings\Zeljko\desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2014-05-20 to 2014-06-20 )))))))))))))))))))))))))))))))
.
.
2014-06-19 23:26 . 2014-06-20 11:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-06-19 23:26 . 2014-06-20 11:08 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-19 23:25 . 2014-06-20 11:07 54232 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-19 23:05 . 2014-06-19 23:06 -------- d-----w- C:\FRST
2014-06-19 15:05 . 2014-06-19 15:06 -------- d-----w- C:\AdwCleaner
2014-06-19 01:06 . 2014-06-19 01:06 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2014-06-19 01:06 . 2014-06-19 01:06 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2014-06-19 01:06 . 2003-02-27 15:12 696320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2014-06-19 01:06 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2014-06-19 01:06 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2014-06-19 01:06 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2014-06-19 01:06 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2014-06-18 23:41 . 2014-06-18 23:41 -------- d-----w- c:\documents and settings\Zeljko\Local Settings\Application Data\Kiloo Games
2014-06-16 23:45 . 2014-06-16 23:48 -------- d-----w- c:\documents and settings\Zeljko\Application Data\TeraCopy
2014-06-16 23:45 . 2014-06-16 23:45 -------- d-----w- c:\program files\TeraCopy
2014-06-16 15:19 . 2010-12-21 06:55 14920 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2014-06-16 15:19 . 2010-12-21 06:55 132424 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2014-06-16 15:19 . 2010-12-21 06:55 12616 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2014-06-16 15:19 . 2010-12-21 06:55 12616 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2014-06-16 15:19 . 2010-12-21 06:55 12488 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2014-06-16 15:19 . 2010-12-21 06:55 12488 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2014-06-16 15:19 . 2010-12-21 06:55 104648 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2014-06-15 13:14 . 2014-06-15 13:14 -------- d-----w- c:\program files\Common Files\Java
2014-06-15 01:11 . 2014-06-15 01:11 -------- d-----w- c:\documents and settings\Zeljko\Local Settings\Application Data\KSafe
2014-06-15 01:10 . 2014-06-15 01:10 -------- d-----w- c:\documents and settings\Zeljko\Application Data\kingsoft
2014-06-15 01:10 . 2014-06-15 01:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Kingsoft
2014-06-15 01:03 . 2014-06-15 01:03 -------- d-----w- c:\documents and settings\Zeljko\Application Data\GlarySoft
2014-06-15 00:49 . 2014-06-15 00:49 -------- d-----w- c:\program files\Temp File Cleaner
2014-06-14 22:39 . 2014-06-14 22:39 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software
2014-06-14 22:39 . 2014-06-15 00:52 -------- d-----w- c:\program files\NCH Software
2014-06-14 22:39 . 2014-06-14 22:39 -------- d-----w- c:\documents and settings\Zeljko\Local Settings\Application Data\TechSmith
2014-06-14 22:36 . 2014-06-14 22:36 -------- d-----w- c:\documents and settings\Zeljko\Application Data\TechSmith
2014-06-14 22:33 . 2014-06-14 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1995-08.com.techsmith
2014-06-14 22:32 . 2014-06-14 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2014-06-14 22:32 . 2014-06-14 22:32 -------- d-----w- c:\program files\TechSmith
2014-06-14 22:18 . 2014-06-14 22:21 -------- d-----w- c:\documents and settings\Zeljko\Application Data\Audacity
2014-06-11 23:40 . 2014-06-11 23:40 -------- d-----w- c:\documents and settings\Zeljko\Local Settings\Application Data\O&O
2014-06-11 23:40 . 2014-06-11 23:58 -------- d-----w- c:\windows\system32\oodag
2014-06-11 23:40 . 2014-06-11 23:40 -------- d-----w- c:\documents and settings\All Users\Application Data\OO Software
2014-06-11 23:19 . 2014-06-11 23:19 -------- d-----w- c:\documents and settings\Zeljko\Application Data\addpcs
2014-06-10 21:11 . 2014-06-10 21:11 -------- d-----w- c:\documents and settings\Zeljko\Application Data\Publish Providers
2014-06-10 21:07 . 2014-06-10 22:23 -------- d-----w- c:\documents and settings\Zeljko\Application Data\Sony
2014-06-10 21:07 . 2014-06-10 21:07 -------- d-----w- c:\documents and settings\Zeljko\Local Settings\Application Data\Sony
2014-06-10 21:07 . 2014-06-10 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2014-06-09 22:48 . 2014-06-09 22:48 -------- d-----w- c:\documents and settings\Administrator.ADMINISTRATOR\Application Data\Auslogics
2014-06-09 13:11 . 2014-06-09 13:11 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-06-09 13:11 . 2014-06-09 13:11 -------- d-----w- c:\program files\DAEMON Tools Lite
2014-06-08 18:06 . 2012-07-20 09:53 22896 ----a-w- c:\windows\system32\JetCleanRegDefrag.exe
2014-06-08 18:05 . 2014-06-08 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\BlueSprig
2014-06-08 18:05 . 2014-06-08 18:05 -------- d-----w- c:\program files\BlueSprig
2014-06-08 17:51 . 2014-06-08 17:51 -------- d-----w- c:\documents and settings\Zeljko\Local Settings\Application Data\SlimWare Utilities Inc
2014-06-08 17:43 . 2014-06-08 18:11 -------- d-----w- c:\program files\SlimCleaner
2014-06-08 17:42 . 2014-06-08 17:42 20 --sha-w- c:\documents and settings\Zeljko\Application Data\App4870.ConfCollection.bin
2014-06-08 17:42 . 2002-01-05 10:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2014-06-08 17:42 . 2002-01-05 05:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2014-06-08 17:42 . 2002-01-05 04:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2014-06-08 17:42 . 2000-05-22 15:58 608448 ----a-w- c:\windows\system32\comctl32.ocx
2014-06-08 17:41 . 2014-06-08 17:41 -------- d-----w- c:\documents and settings\Zeljko\Application Data\BlueSprig
2014-06-08 14:44 . 2006-11-08 21:19 4544 ----a-w- c:\windows\system32\drivers\hidusbf.sys
2014-06-08 14:37 . 2014-06-08 14:37 -------- d-----w- c:\documents and settings\Administrator.ADMINISTRATOR\Local Settings\Application Data\COMODO
2014-06-08 14:31 . 2014-06-08 14:31 -------- d-sh--w- c:\documents and settings\Administrator.ADMINISTRATOR\IETldCache
2014-06-06 10:47 . 2014-06-06 10:47 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2014-06-05 23:49 . 2014-06-05 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited
2014-06-05 23:48 . 2013-08-25 10:30 13120 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2014-06-05 23:48 . 2014-06-05 23:48 -------- d-----w- c:\program files\CDBurnerXP
2014-06-05 22:17 . 2014-06-05 22:17 -------- d-----w- c:\documents and settings\Zeljko\Application Data\dlg
2014-06-05 14:07 . 2014-06-05 14:07 -------- d-----w- C:\SUPERDelete
2014-06-04 14:26 . 2014-06-04 14:26 404920 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-06-04 14:06 . 2014-06-04 14:22 -------- d-----w- c:\documents and settings\Zeljko\Application Data\BSplayer
2014-06-02 18:41 . 2014-06-02 18:41 -------- d-----w- c:\program files\Security Task Manager
2014-06-02 15:18 . 2014-06-02 15:18 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\COMODO
2014-06-02 15:17 . 2014-06-02 15:17 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2014-06-02 15:12 . 2014-06-02 15:12 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2014-06-02 15:09 . 2014-06-02 18:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2014-06-01 22:28 . 2014-06-01 22:28 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\COMODO
2014-06-01 22:27 . 2014-06-01 22:27 -------- d-----w- c:\documents and settings\Zeljko\SecurityScans
2014-06-01 22:19 . 2014-06-01 22:20 -------- d-----w- c:\documents and settings\Zeljko\Local Settings\Application Data\Adobe
2014-06-01 22:04 . 2014-06-01 22:28 48392 ----a-w- c:\windows\system32\certsentry.dll
2014-06-01 22:04 . 2014-06-02 18:35 -------- d-----w- c:\program files\Comodo
2014-06-01 22:03 . 2014-06-01 22:03 1060864 ----a-w- c:\windows\system32\mfc71.dll
2014-06-01 22:03 . 2014-06-01 22:03 348160 ----a-w- c:\windows\system32\msvcr71.dll
2014-06-01 20:00 . 2014-06-15 13:13 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-06-01 19:59 . 2014-06-15 13:13 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-06-01 19:43 . 2014-06-11 23:19 -------- d-----w- c:\documents and settings\Zeljko\Application Data\CrystalIdea Software
2014-06-01 19:13 . 2014-06-02 18:55 -------- d-----w- c:\windows\system32\Macromed
2014-06-01 16:20 . 2014-03-06 17:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2014-06-01 16:20 . 2014-03-06 17:59 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2014-06-01 16:20 . 2014-03-06 17:59 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2014-06-01 16:20 . 2014-03-06 17:59 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2014-06-01 16:20 . 2014-03-06 17:59 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2014-06-01 16:20 . 2014-03-06 17:59 11113472 -c----w- c:\windows\system32\dllcache\ieframe.dll
2014-06-01 16:20 . 2014-03-06 17:59 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2014-06-01 16:20 . 2014-03-06 17:59 2006016 -c----w- c:\windows\system32\dllcache\iertutil.dll
2014-06-01 16:18 . 2014-02-26 01:59 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-06-01 16:18 . 2014-02-26 01:59 13312 ------w- c:\windows\system32\xp_eos.exe
2014-06-01 15:48 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-06-01 15:48 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-06-01 15:48 . 2013-07-17 00:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-06-01 15:47 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-06-01 15:47 . 2013-07-03 01:59 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2014-06-01 15:47 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-06-01 15:47 . 2014-06-08 14:39 142976 -c--a-w- c:\windows\system32\dllcache\usbport.sys
2014-06-01 15:47 . 2013-08-09 00:55 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-06-01 15:20 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-06-01 14:24 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2014-06-01 14:24 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2014-06-01 14:19 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2014-06-01 14:05 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2014-06-01 14:01 . 2014-06-01 16:21 -------- d-----w- c:\windows\ie8updates
2014-06-01 13:49 . 2014-06-01 13:49 -------- d-----w- c:\windows\system32\winrm
2014-06-01 13:49 . 2014-06-11 23:21 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2014-06-01 13:33 . 2013-07-04 03:03 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2014-06-01 13:33 . 2013-07-04 02:59 2193536 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2014-06-01 13:33 . 2013-07-04 02:08 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2014-06-01 13:32 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2014-06-01 12:48 . 2014-06-01 12:48 -------- d-----w- c:\documents and settings\Zeljko\Application Data\RoboForm
2014-06-01 12:47 . 2014-06-01 12:47 -------- d-----w- c:\documents and settings\All Users\Application Data\RoboForm
2014-06-01 09:17 . 2014-06-01 09:17 -------- d-----w- c:\documents and settings\Zeljko\Application Data\Eusing
2014-05-29 23:20 . 2014-05-29 23:20 -------- d-----w- c:\windows\system32\Lang
2014-05-29 23:15 . 2014-05-29 23:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Backup
2014-05-29 23:07 . 2014-05-29 23:07 -------- d-----w- c:\documents and settings\All Users\Application Data\RegInOut
2014-05-28 16:55 . 2010-08-30 07:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-05-28 13:10 . 2014-05-28 13:10 49152 ----a-w- c:\windows\UNINS.EXE
2014-05-28 13:10 . 2014-05-28 13:10 28672 ----a-w- c:\windows\system32\shelllnk.dll
2014-05-28 13:10 . 2014-05-28 13:10 140096 ----a-w- c:\windows\system32\COMDLG32.OCX
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-08 14:39 . 2008-04-13 23:15 142976 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-04-30 20:49 . 2014-04-30 20:49 21376 ----a-w- c:\windows\system32\drivers\droidcam.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2001-08-23 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\erdnt\cache\beep.sys
[-] 2001-08-23 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-08-23 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2001-08-23 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\erdnt\cache\null.sys
[-] 2001-08-23 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-08-23 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\erdnt\cache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2012-07-06 . CFD4E51402DA9838B5A04AE680AF54A0 . 78336 . . [5.1.2600.6260] . . c:\windows\erdnt\cache\browser.dll
[-] 2012-07-06 . CFD4E51402DA9838B5A04AE680AF54A0 . 78336 . . [5.1.2600.6260] . . c:\windows\system32\browser.dll
[-] 2012-07-06 . CFD4E51402DA9838B5A04AE680AF54A0 . 78336 . . [5.1.2600.6260] . . c:\windows\system32\dllcache\browser.dll
.
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 04:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\erdnt\cache\comres.dll
[-] 2008-04-14 04:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 04:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\erdnt\cache\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\system32\rpcss.dll
.
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\erdnt\cache\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
.
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
.
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\erdnt\cache\comctl32.dll
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2007-02-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-04-14 04:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\erdnt\cache\es.dll
[-] 2008-04-14 04:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\system32\es.dll
.
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2014-03-12 . 4A45B692D2BAA74124DF57472D5EA2F1 . 993280 . . [5.1.2600.6532] . . c:\windows\erdnt\cache\kernel32.dll
[-] 2014-03-12 . 4A45B692D2BAA74124DF57472D5EA2F1 . 993280 . . [5.1.2600.6532] . . c:\windows\system32\kernel32.dll
[-] 2014-03-12 . 4A45B692D2BAA74124DF57472D5EA2F1 . 993280 . . [5.1.2600.6532] . . c:\windows\system32\dllcache\kernel32.dll
.
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2014-04-30 . 3DB2624CCB1663BF6D62311B2B9E7B55 . 6022144 . . [8.00.6001.23588] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2014-03-06 . 0964EFC80BD54FDF37397A09FDAE8395 . 6021632 . . [8.00.6001.23580] . . c:\windows\ie8updates\KB2964358-IE8\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\erdnt\cache\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB2936068-IE8\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie8\mshtml.dll
.
[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\erdnt\cache\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2007-02-18 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
.
[-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\system32\mswsock.dll
.
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\erdnt\cache\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2014-03-06 . 8AF91E4B4C1F5338EBE1548117304296 . 920064 . . [8.00.6001.23580] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\erdnt\cache\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB2936068-IE8\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\system32\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ie8\wininet.dll
.
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\erdnt\cache\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\regedit.exe
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2013-08-05 . 59B408E5B8489B0B36A0D783D150EDCC . 1289728 . . [5.1.2600.6435] . . c:\windows\system32\dllcache\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll
.
[-] 2013-07-10 . 1D845821F5ADB076831DE4C2818F858B . 406016 . . [1.0420.2600.6421] . . c:\windows\erdnt\cache\usp10.dll
[-] 2013-07-10 . 1D845821F5ADB076831DE4C2818F858B . 406016 . . [1.0420.2600.6421] . . c:\windows\system32\usp10.dll
[-] 2013-07-10 . 1D845821F5ADB076831DE4C2818F858B . 406016 . . [1.0420.2600.6421] . . c:\windows\system32\dllcache\usp10.dll
.
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\erdnt\cache\ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\ksuser.dll
.
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\erdnt\cache\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
.
[-] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\msimg32.dll
[-] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[-] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msimg32.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\erdnt\cache\ntdll.dll
[-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
[-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
.
[-] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\MSCTFIME.IME
[-] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\system32\MSCTFIME.IME
[-] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msctfime.ime
.
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\hnetcfg.dll
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\appmgmts.dll
[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
.
[-] 2001-08-23 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\erdnt\cache\acpiec.sys
[-] 2001-08-23 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 22:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\erdnt\cache\aec.sys
[-] 2008-04-13 22:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\erdnt\cache\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
.
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 04:42 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\erdnt\cache\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
[-] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\erdnt\cache\ntkrnlpa.exe
[-] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\system32\ntkrnlpa.exe
[-] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\system32\dllcache\ntkrnlpa.exe
.
[-] 2008-04-14 04:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\erdnt\cache\ntmssvc.dll
[-] 2008-04-14 04:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 04:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\erdnt\cache\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\erdnt\cache\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\erdnt\cache\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 04:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\olepro32.dll
[-] 2008-04-14 04:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 04:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
[-] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\erdnt\cache\ntoskrnl.exe
[-] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\system32\ntoskrnl.exe
[-] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\system32\dllcache\ntoskrnl.exe
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\midimap.dll
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\rasadhlp.dll
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
.
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\wshtcpip.dll
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wshtcpip.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2013-10-04 20145368]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
backup=c:\windows\pss\O&O Defrag Tray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Zeljko^Start Menu^Programs^Startup^Rainmeter.lnk]
backup=c:\windows\pss\Rainmeter.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Zeljko^Start Menu^Programs^Startup^TeamViewer 9.lnk]
backup=c:\windows\pss\TeamViewer 9.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-04-04 05:09 446392 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2012-03-09 15:26 1073312 ----a-w- c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 04:42 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2014-05-20 13:29 4529944 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 04:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2013-01-31 09:02 108832 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-05-07 13:44 256896 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-06-17 22:33 1267536 ----a-w- c:\documents and settings\Zeljko\Application Data\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Documents and Settings\\Zeljko\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Dead Bits\\Dead Bits.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"8317:TCP"= 8317:TCP:TechSmith Camtasia Studio
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [6/9/2014 2:11 PM 243128]
R1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [6/20/2014 12:25 AM 54232]
R2 UI5IFS;Ashampoo Uninstaller 5 FileSystemChanges Driver;c:\program files\Ashampoo\Ashampoo UnInstaller 5\IFS32.sys [2/15/2014 4:50 PM 33632]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [3/6/2014 7:32 PM 27632]
R3 usbcamcl;Driver for usbcamcl Device;c:\windows\system32\drivers\usbcamcl.sys [11/10/2013 7:36 PM 31104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3/22/2014 10:14 PM 1691480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [5/13/2011 3:21 AM 30312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [11/15/2013 2:01 PM 84248]
S3 DroidCam;DroidCam Virtual Audio;c:\windows\system32\drivers\droidcam.sys [4/30/2014 9:49 PM 21376]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2/24/2014 2:49 PM 23456]
S3 E100E;E100E;c:\windows\system32\drivers\E100ENT.sys [2/1/2013 1:39 AM 25360]
S3 ESEADriver2;ESEADriver2; [x]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; [x]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11/7/2013 6:53 PM 12400]
S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\drivers\hidusbf.sys [6/8/2014 3:44 PM 4544]
S3 huawei_cdcacm;huawei_cdcacm; [x]
S3 huawei_cdcecm;huawei_cdcecm; [x]
S3 huawei_enumerator;huawei_enumerator; [x]
S3 huawei_ext_ctrl;huawei_ext_ctrl; [x]
S3 HWDeviceService.exe;HWDeviceService.exe; [x]
S3 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [4/5/2013 3:53 AM 121600]
S3 LiveUpdateSvc;LiveUpdate; [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [12/6/2013 2:37 PM 29728]
S3 PBDOWNFORCE_SERVICE;PBDOWNFORCE_SERVICE; [x]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [3/23/2014 1:29 PM 15688]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [3/23/2014 1:29 PM 10320]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [5/13/2011 3:21 AM 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [5/13/2011 3:21 AM 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [5/13/2011 3:21 AM 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [5/13/2011 3:21 AM 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [11/15/2013 2:01 PM 182680]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudserd.sys [11/15/2013 2:01 PM 182680]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
S3 tapse01;SurfEasy TAP-Windows Adapter V9;c:\windows\system32\drivers\tapse01.sys [10/16/2013 9:51 PM 33720]
S3 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [5/10/2014 3:09 PM 5024576]
S3 WiseHDInfo;WiseHDInfo;\??\d:\program files\Wise\Wise Care 365\WiseHDInfo32.dll --> d:\program files\Wise\Wise Care 365\WiseHDInfo32.dll [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-04 18:19 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-03 c:\windows\Tasks\Auslogics Disk Defrag Prof Task {00000001-44D8-4356-A006-762764B291CC} for Zeljko.job
- c:\program files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2014-05-03 18:05]
.
2014-05-03 c:\windows\Tasks\Auslogics Disk Defrag Prof Task {00000001-D7AC-47CB-8091-395296FBE6C6} for Zeljko.job
- c:\program files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2014-05-03 18:05]
.
2014-05-24 c:\windows\Tasks\Auslogics Disk Defrag Prof Task {00000001-D8A3-4DA1-8E7F-9A9755418F49} for Zeljko.job
- c:\program files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2014-05-03 18:05]
.
2014-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-03 19:03]
.
2014-06-08 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- c:\windows\system32\xp_eos.exe [2014-06-01 01:59]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4A38C904-265F-4E99-ABB0-7E03680B28AA}: NameServer = 192.168.1.1,81.93.64.1
TCP: Interfaces\{E8D5FB94-1C7E-4466-9B2C-35C2C59C01F9}: NameServer = 192.168.1.1,81.93.64.9
TCP: Interfaces\{F85AFED7-7362-46A5-8449-145789134850}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\documents and settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\
FF - ExtSQL: 2014-06-02 16:11; PrivDog@AdTrustMedia.com; c:\documents and settings\Zeljko\Application Data\Mozilla\Firefox\Profiles\cbmngrb9.default\extensions\PrivDog@AdTrustMedia.com.xpi
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-OODefragTray - c:\program files\OO Software\Defrag\oodtray.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2014-06-20 12:31
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1547161642-1659004503-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7F42ED0A-A645-F5FF-B774-3FFFE25EA6D9}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jafhciigfadnijnpjglh"=hex:62,61,68,62,00,00
"jafhciigfadnijnpjghh"=hex:62,61,68,62,00,00
"iafageabocnbfjlhpk"=hex:6b,61,61,62,68,6c,6b,70,6d,64,6a,65,68,63,63,67,6f,69,
6a,66,66,67,00,00
"happefdljeahocip"=hex:6b,61,61,62,68,6c,6b,70,6d,64,6a,65,68,63,63,67,6f,69,
6a,66,66,67,00,00
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="7DB828EDB2E91B16FC80D93F9696EA0851861ACBA1947E5A1AC48A17153FF4186BE20B77096F41EE3A6C1EEC6C9FC9346158D84A7FCEAAAFAB596AAF74468141718727CC111EBFCA4BCDB382E59F1B79CAB5B1C3946E89CDCF7380D0A7084682E2D597C0778B70B8207060D7A15B35FB40A4B0331005860D1C75C3BB0E03EA0BD1ADD876ED43D4DC714FC916C2890EF2B860C565269632DAE7778E040B28B89C1AA1CFE7A9C30E6C361EFB3A6F5743ABEE5846808D1CC2384F431C11895E1D0ED6FC406164816335AE41E596D2639387E2AD6A7883828F3BB1FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A6A0AC4980AC79338EDD5E5BE2F6E6675D575E7D6A3B9808272A9CA892C453A3473BA3C68FFAA37F68710EC0B21604742D7B11562DC7243A231E1C5FECD188557E70C717CE051FE3B59784EF13C99BFD631E2E7AB1BC29A37AD3D95E73D56D3CCB3F07DB5CA45720D7A513676C1CBB3FF616034CA9EBCDC94C909DE6FBE8D96E0A39D0675D8B57AD8495EBABCF77C7B21CE52AA0B217EAC5E88286C05546BA49C750E7926B0DC1C72A4419C445683514BA730FD1DF26E8F6D53605B53DCF8FEA47DEE23913A3CBEEE5F27441C5210E65710973BCB92248FDCD22619569866CB500A0ADB9D46ABD688CC8AEB0BEF8F06C8FD56B443ABC1D42BC9BB2328093FAD11DB405F72624F63AA4CCCAA7936791311A6C604CCFC68DEC455E68629F44F5A97AA17D5DF0B466326A6D223F198CB300C7C18DBFDE37D56DBC09C3015606AD6DACCEFCD21225925FCDFBDE9499A832EB0731850D3C2A4475AB21DAEBA8EE870F79883FCAD8A29417712F82C6D3A37D4AF8792DA336DD3D7AD18C17858EB5FBC65C7FD0370C7C1AEFAC1E5FFAF80515326F3C3BFA0935B7361E17B53774B5958F0348970FE3A963478CC79C5A2F7C91827501BE0CE8373DA938EF49E83970F5A74F5A48CF0EC2C6BDCE8D3812915B9B5C47319754FC8E6F1378AB3889B309D093D813ED782A05AC36E7330051AC97F0A3D31A7955600A807C6C3F3B8C28476F196AB3678CCFCF13D8006499CD82CA6602C0F06E95A01E382D560860E855172C44815E679205A80A93712DFABF0A336065664AD39D425F71B32BC40918E9887963D01C7519C8B8B893CB7FF0642DB2597E5221597CBC091B6315996C198B4F5A0BBF5B6B2D8BCDD650D2B01AFBC9CEDFC143530443F97C3A52EF8C12EFCFC3E691686978E232D6B37FFE796C4B32B116E9AEA32C075939E359CE0BD92144E04C12987D9FD2966AAD1E7AF7AD992CAAB272BCB800E12DE84418F7E173B9E948C9EA54ADB69705BF3B6C262D7AB571A8FE1DCA1C7EF0BC541AEE62C6674633BB35C0D0786AD13EB567EE947EC26FAF43D9"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1944)
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2014-06-20 12:33:33
ComboFix-quarantined-files.txt 2014-06-20 11:33
ComboFix2.txt 2014-06-05 18:09
.
Pre-Run: 17,422,966,784 bytes free
Post-Run: 17,408,434,176 bytes free
.
- - End Of File - - 9078A4091D4A94103DC94B7FBBED81D7
A36C5E4F47E84449FF07ED3517B43A31

mycity.rs/must-login.png

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Mnogo ti je ostecen sistem, da probamo nesto.


Klikni Start > Run > kucaj cmd

Kad se otvori command prompt kopiraj ovo i klikni enter sfc /scannow

offline
  • zdr 
  • Građanin
  • Pridružio: 01 Okt 2013
  • Poruke: 190

Eto zavrsilo je i izaslo.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

I kako je sad, jel bolje?

offline
  • zdr 
  • Građanin
  • Pridružio: 01 Okt 2013
  • Poruke: 190

Napisano: 20 Jun 2014 19:34

Sto se tice otvaranja stranica bolje je ponekad ono zastane ali sad je dobro.Ali ovo sto mi zakoci kada izlazim iz google chrome jos uvek.Za counter strike i mis nisam danas imao prilike da isprobam,isprobacu veceras pa javljam.A kako je sistem ostecen,sta sam mu radio pa sam ga ostetio posto sam ga pre 4 meseca mozda reinstaliro full hd formatiro i odma uradio i win 7 i xp.Prosli mi je bio preko 2god xp i nisam skoro nikad imao nekih vecih problema ako su neki problemi resim ih sa Malwarebyts-om i Avirom i ASC.Ovaj mi sada inace ovako radi odlicno u igricama mi sve ide kako i treba maximum sto znam da moze da izvuce izvlaci.Rad u programima Photoshop i ostalo nisam primetio neko usporavanje.I sta mi preporucujete,moze li se to popraviti onim da repair sistemske fajlove sa CD-a ili ako moze USB-a.Ili da radim ponovo sistem mozda je ovo bilo nesto do sistema koji sam skino sa torrenta,moze link na pm za neki siguran link?

Dopuna: 20 Jun 2014 19:36

full hdd* formatiro

Dopuna: 23 Jun 2014 22:17

Popravio sam otvaranje stranica skroz sada mi odma otvara tako sto sam izbrisao sve iz hosts fajla i samo default ostavio localhost Very Happy

Ko je trenutno na forumu
 

Ukupno su 1381 korisnika na forumu :: 48 registrovanih, 5 sakrivenih i 1328 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., aleksmajstor, amaterSRB, Atomski čoban, Brana01, Bubili, bufanje, Dimitrije Paunovic, Dimitrise93, draganca, dragoljub11987, Griffon vulture, havoc995, Ilija Cvorovic, Istman, JOntra, Još malo pa deda, krkalon, ladro, Leonov, loon123, Lucije Kvint, mikrimaus, milanovic, milenko crazy north, MILO-VAN, milutin134, Mixelotti, nemkea71, nick79, NoOneEver Dreams, ostoja, pacika, panonski mornar, Rakenica, Sir Budimir, Sirius, slonic_tonic, suton, Tragač, tubular, vathra, Vlad000, VP6919, wolf1, yrraf, zzapNDjuric99