MyCity » Ambulanta -> Arhiva Ambulante » lol IMG_00234.zip

lol IMG_00234.zip

Napisano na dan: 16.3.2014
1

lol IMG_00234.zip
Sledeća strana Pagination

Idi na vrh

Poslao: 16 Mar 2014 09:53
Idi na vrh
offline
  • Pridružio: 16 Mar 2014
  • Poruke: 11

Sa FB saljem prijateljima vec 2 dana ovaj fajl iz naslova (brojka ispred .zip varira od poruke do poruke). I sam sam kliknuo na identicnu poruku pre mesec dana.. Koristim AVG free i on mi nije uklonio ovo cudo jer ga ni ne nalazi, instalirao sam i Aviru koja takodje nije nasla resenje. Spybot nije nasao.. Zone alarm me i ovako nervira.. Citao sam nekoliko problema ovde u ambulanti i slicni su ali ne i identicni.. ( ja mogu da udjem na FB normalno, ne restartuje mi se komp.. ).. Imam instaliran XP i Win 7 na 2 razlicite particije ofc, i 2 particije na kojima instaliram programe koji mi trebaju ( zavisi od OS korisitm jednu ili drugu ).. i jos 4 particije za DATA.. imam box4 paket i mislim da je brzina ADSL 6mb/s. Skinuo sam, pre obracanja vama, Malwarebytes Anti-Malware koji nije nasao nista i ComboFix koji, kada se raspakuje , ja ne vidim ( ili ne znam da koristim ).. Sada se obracam vama kako bi ovu neman izbacio iz kompa.. Skinuo sam dds i uradio je sken.. DDS Kopiran:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2
Run by NIKICA at 9:32:09 on 2014-03-16
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.2047.743 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
F:\PROGRA~2\AVG\AVG2014\avgrsa.exe
F:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
F:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
F:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
F:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
F:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
F:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
F:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
C:\Windows\system32\wuauclt.exe
F:\Program Files (x86)\Mozilla Firefox\firefox.exe
F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe
BHO: {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
uRun: [DAEMON Tools Lite] "F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] 1
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [AvastUI.exe] "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [AVG_UI] "F:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [ACPW07EN] "F:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - E:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - F:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} - hxxp://agropromet.cpplusddns.com/webrec.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{DA60D38D-A338-4957-9772-6ADC3A05C9E2} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - <orphaned>
x64-BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
x64-Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\
FF - prefs.js: browser.search.selectedEngine - Поиск@Mail.Ru
FF - prefs.js: browser.startup.homepage - hxxp://www.mail.ru/cnt/5087
FF - prefs.js: keyword.URL - hxxp://go.mail.ru/search?fr=fftb&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
FF - ExtSQL: 2014-01-30 19:27; adsremoval@adsremoval.net; C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\extensions\adsremoval@adsremoval.net
FF - ExtSQL: 2014-02-07 20:42; wrc@avast.com; F:\PROGRA~1\AVASTS~1\Avast\WebRep\FF
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.zonealarm.hpOld0 -
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src=tb&tbid=base2013&Lan={dfltLng}&gu=4e6a3b491f724166b1b8f964862e345f&tu=10G90006o2B000v&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - 08cbb894000000000000001a92cf99b5
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15762
FF - user.js: extensions.zonealarm.vrsn - 1.8.11.6
FF - user.js: extensions.zonealarm.vrsni - 1.8.11.6
FF - user.js: extensions.zonealarm.vrsnTs - 1.8.11.613:20:03
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN116985963651523-1001
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.ffxUnstlRst - false
FF - user.js: extensions.zonealarm.admin - false
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm.rvrt - false
FF - user.js: extensions.zonealarm.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=4e6a3b491f724166b1b8f964862e345f&tu=10G90006o2B000v&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbid=base2013&Lan=en&gu=4e6a3b491f724166b1b8f964862e345f&tu=10G90006o2B000v&sku=&tstsId=&ver=&
.
.
.
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-6 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-4-6 207904]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-12-7 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2012-12-7 422216]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-25 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2014-3-12 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2014-3-5 283200]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-1 878368]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-3-12 440400]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-3-12 440400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-12-7 78648]
R2 AVGIDSAgent;AVGIDSAgent;F:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-1-22 3788816]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2014-3-12 108440]
R2 avgwd;AVG WatchDog;F:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2012-11-22 828072]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-1 2151200]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\Windows\System32\drivers\l160x64.sys [2009-10-13 61440]
R3 LgBttPort;LGE Bluetooth TransPort;C:\Windows\System32\drivers\lgbtpt64.sys [2009-9-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator;C:\Windows\System32\drivers\lgbtbs64.sys [2009-9-29 14848]
R3 LGVMODEM;LGE Virtual Modem;C:\Windows\System32\drivers\lgvmdm64.sys [2009-9-29 17408]
R3 PAC207;i-Look 111;C:\Windows\System32\drivers\PFC027.SYS [2007-6-29 677376]
R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);C:\Windows\System32\drivers\wfeaglxt.sys [2009-10-21 474240]
S2 avast! Antivirus;avast! Antivirus;"E:\Program Files\AVAST Software\Avast\AvastSvc.exe" --> E:\Program Files\AVAST Software\Avast\AvastSvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 OS Selector;Acronis OS Selector activator;"E:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe" --> E:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [?]
S2 SBSDWSCService;SBSD Security Center Service;E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe --> E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TeamViewer8;TeamViewer 8;"e:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe" --> e:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [?]
S3 andnetadb;ADB Interface DriverNet;C:\Windows\System32\drivers\lgandnetadb.sys [2011-9-6 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2011-9-6 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2011-9-6 35840]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-3 79672]
S3 cxbu0x64;OMNIKEY 3x21;C:\Windows\System32\drivers\cxbu0x64.sys [2011-9-6 177920]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-12 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-19 19456]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-20 56832]
S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-3-12 1017424]
.
=============== File Associations ===============
.
FileExt: .js: jsfile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
.
=============== Created Last 30 ================
.
2014-03-16 06:56:00 -------- d-----w- C:\Users\NIKICA\AppData\Roaming\Malwarebytes
2014-03-16 06:55:02 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-16 06:54:59 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-03-14 10:33:59 -------- d-----w- C:\Users\NIKICA\AppData\Local\Mail.Ru
2014-03-14 10:29:20 -------- d-----w- C:\Users\NIKICA\AppData\Roaming\Obnovi Soft
2014-03-14 10:28:48 -------- d-----w- C:\Program Files (x86)\Obnovi Soft
2014-03-14 10:11:09 -------- d-----w- C:\Users\NIKICA\AppData\Local\ACD Systems
2014-03-14 10:11:08 -------- d-----w- C:\Users\NIKICA\AppData\Roaming\ACD Systems
2014-03-14 10:09:57 -------- d-----w- C:\ProgramData\ACD Systems
2014-03-14 10:09:39 -------- d-----w- C:\Program Files (x86)\Common Files\ACD Systems
2014-03-14 09:51:30 -------- d-----w- C:\Users\NIKICA\AppData\Local\Downloaded Installations
2014-03-13 15:55:39 84720 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2014-03-12 18:45:57 -------- d-----w- C:\Users\NIKICA\AppData\Roaming\Avira
2014-03-12 18:37:43 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2014-03-12 18:37:42 108440 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2014-03-12 18:27:40 -------- d-----w- C:\Program Files (x86)\Avira
2014-03-12 18:27:38 -------- d-----w- C:\ProgramData\Avira
2014-03-12 16:42:18 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-12 16:42:18 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-12 16:42:17 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-12 16:42:17 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-06 21:53:38 -------- d---a-w- C:\temp
2014-03-05 19:59:19 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2014-03-05 16:38:29 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CAA36BCA-1846-4611-8EDD-E75027E44294}\mpengine.dll
2014-02-26 20:37:49 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-26 20:34:20 -------- d-----w- C:\Program Files (x86)\HID Global
2014-02-26 18:44:33 -------- d-----w- C:\111
2014-02-26 16:54:09 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-02-26 16:54:09 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-02-23 01:07:08 -------- d-----w- C:\Users\NIKICA\AppData\Local\SkinSoft
2014-02-23 01:02:19 -------- d-----w- C:\Users\NIKICA\AppData\Roaming\convertaudiofree
2014-02-23 01:01:54 -------- d-----w- C:\Users\NIKICA\.android
2014-02-23 01:01:50 -------- d-----w- C:\Users\NIKICA\AppData\Local\cache
2014-02-23 01:01:46 -------- d-----w- C:\Users\NIKICA\AppData\Local\genienext
2014-02-23 01:01:45 -------- d-----w- C:\Users\NIKICA\AppData\Local\Mobogenie
2014-02-23 01:01:27 -------- d-----w- C:\Program Files (x86)\Mobogenie
2014-02-23 00:57:01 -------- d-----w- C:\Users\NIKICA\AppData\Local\WMTools Downloaded Files
2014-02-23 00:55:56 -------- d-----w- C:\Program Files (x86)\Movie Maker 2.6
2014-02-20 19:27:28 -------- d-----w- C:\Windows\System32\MRT
2014-02-20 19:10:53 -------- d-----w- C:\Windows\Migration
2014-02-20 18:58:04 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2014-02-20 18:58:01 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2014-02-20 18:41:44 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-02-20 18:41:44 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-02-16 17:48:51 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-02-16 17:48:49 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-02-16 17:48:49 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-02-16 17:48:48 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
.
==================== Find3M ====================
.
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-26 16:44:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-26 16:44:25 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-01-23 18:56:20 82920 ----a-w- C:\Windows\SysWow64\mslvddsfilter2.ax
2014-01-23 12:08:57 123704 ----a-w- C:\Windows\System32\drivers\jraid.sys
2014-01-15 20:12:17 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-08 14:54:02 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2014-01-03 18:51:20 79672 ------w- C:\Windows\System32\drivers\aswstm.sys
2014-01-03 18:50:46 78648 ------w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-01-03 18:50:46 207904 ------w- C:\Windows\System32\drivers\aswVmm.sys
2014-01-03 18:50:46 1034464 ------w- C:\Windows\System32\drivers\aswSnx.sys
2014-01-03 18:50:43 43152 ------w- C:\Windows\avastSS.scr
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-18 05:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 9:33:37,52 ===============


mycity.rs/must-login.png

Poslao: 16 Mar 2014 11:30
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Imaš nekoliko AV programa instalirano na računaru. Odluči se da li ćeš zadržati Aviru ili AVG, a onaj koji ne namjeravaš koristiti deinstaliraj u Control Panel -> Programs and Features. Nakon toga deinstaliraj ZoneAlarm (za koji kažeš da te nervira) i sljedeće aplikacije:

Advanced SystemCare 7
Driver Booster

Aplikacije te vrste mogu da naprave više štete nego koristi.



Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Arrow Korak 3

Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32-bit. i 64-bitna verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.

dvoklikom pokreni program, kada se alat pokrene klikni Yes na Disclaimer prozor;
pod Optional Scan sekciji, označi List BCD i Driver MD5 polja;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Poslao: 16 Mar 2014 13:34
Idi na vrh
offline
  • Pridružio: 16 Mar 2014
  • Poruke: 11

Napisano: 16 Mar 2014 13:29

mycity.rs/must-login.png
mycity.rs/must-login.png


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by NIKICA (administrator) on NIKICA-PC on 16-03-2014 13:22:56
Running from C:\Users\NIKICA\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) F:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) F:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(AVG Technologies CZ, s.r.o.) F:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) F:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(AVG Technologies CZ, s.r.o.) F:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ACD Systems) F:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) F:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) F:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Mozilla Corporation) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
(IObit) C:\Users\NIKICA\AppData\Local\Temp\promote-upx.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ISW] - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [1127592 2012-11-22] (Check Point Software Technologies)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-01-29] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [AvastUI.exe] - "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM-x32\...\Run: [AVG_UI] - F:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ACPW07EN] - F:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1414984 2013-09-25] (ACD Systems)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-1554415368-2939018819-765593907-1000\...\Run: [DAEMON Tools Lite] - F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-1554415368-2939018819-765593907-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] - 1
HKU\S-1-5-21-1554415368-2939018819-765593907-1000\...\MountPoints2: {54e5124e-c82d-11e2-aeab-001a92cf99b5} - E:\LGAutoRun.exe
HKU\S-1-5-21-1554415368-2939018819-765593907-1000\...\MountPoints2: {8cbc29bc-a482-11e3-bfe8-001a92cf99b5} - E:\setup.exe
HKU\S-1-5-21-1554415368-2939018819-765593907-1000\...\MountPoints2: {f2d2a4f2-97c1-11e2-9d1b-001a92cf99b5} - N:\iLinker.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF5BB0B00C7DECD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-Latn-ME
SearchScopes: HKCU - {B716678C-489D-4DC8-88D6-BC991BAC8216} URL = search.yahoo.com/search?fr=chr-greentree_ie.....=302398&p={searchTerms}
BHO: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {53707962-6F74-2D53-2644-206D7942484F} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} agropromet.cpplusddns.com/webrec.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default
FF DefaultSearchEngine: Поиск@Mail.Ru
FF SelectedSearchEngine: Поиск@Mail.Ru
FF Homepage: about:home
FF Keyword.URL: hxxp://go.mail.ru/search?fr=fftb&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\cnet-downloads.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\filestube.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\googletranslate.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\kickassto.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\thepiratebayorg.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\torrent-freedom.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\torrent.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\torrents-search.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\torrentz.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\searchplugins\youtube.xml
FF Extension: WebRank SEO Toolbar - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\webrank-toolbar@probcomp.com [2013-12-02]
FF Extension: Site Launcher - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{20291fcc-1471-46c8-8213-5911f5ce6d67} [2013-11-06]
FF Extension: ColorZilla - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012-12-07]
FF Extension: Make Address Bar Font Size Bigger - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\addressBarFontSizeBigger@papafresh.com.xpi [2012-12-07]
FF Extension: FabTabs - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\fabtab@captaincaveman.nl.xpi [2012-12-07]
FF Extension: Open Bookmarks in New Tab - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\openbookmarkintab@piro.sakura.ne.jp.xpi [2012-12-07]
FF Extension: Open Link in New Tab - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\openlinkintab@piro.sakura.ne.jp.xpi [2012-12-07]
FF Extension: Tab Scope - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\tabscope@xuldev.org.xpi [2012-12-07]
FF Extension: Undo Closed Tabs Button - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2012-12-07]
FF Extension: RSS Ticker - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}.xpi [2012-12-07]
FF Extension: X-notifier - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2012-12-07]
FF Extension: HeadlinesTicker - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{64B67E1B-DD4B-4050-81EE-3BC7AEE6060E}.xpi [2012-12-08]
FF Extension: MeasureIt - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2012-12-07]
FF Extension: Search by Image for Google - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2012-12-07]
FF Extension: Smartest Bookmarks Bar - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi [2012-12-08]
FF Extension: Shine Bright Skin Aero - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-12-08]
FF Extension: Show my Password - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2012-12-07]
FF Extension: Download Statusbar - C:\Users\NIKICA\AppData\Roaming\Mozilla\Firefox\Profiles\ond4zb69.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-01-12]
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2013-02-26]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013-02-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - F:\PROGRA~1\AVASTS~1\Avast\WebRep\FF
FF StartMenuInternet: FIREFOX.EXE - F:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Extension: (Google Drive) - C:\Users\NIKICA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-12]
CHR Extension: (No Name) - C:\Users\NIKICA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2014-02-16]
CHR Extension: (Google Wallet) - C:\Users\NIKICA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\NIKICA\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - F:\PROGRA~1\AVASTS~1\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-09]

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; F:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; F:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [828072 2012-11-22] (Check Point Software Technologies)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
S3 Microsoft Office Groove Audit Service; F:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-01-29] (Check Point Software Technologies LTD)
S2 avast! Antivirus; "E:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S3 NBService; E:\Program Files\NERO\Nero 7\Nero BackItUp\NBService.exe [X]
S2 OS Selector; "E:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe" [X]
S2 SBSDWSCService; E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [X]
S2 TeamViewer8; "e:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe" [X]
S3 wampapache; "e:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" -k runservice [X]
S3 wampmysqld; e:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe wampmysqld [X]

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2011-09-06] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2011-09-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [35840 2011-09-06] (LG Electronics Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-03] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-03] ()
R3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [61440 2009-10-13] (Atheros Communications, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [177920 2011-09-06] (HID Global Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-03-05] (DT Soft Ltd)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33712 2012-11-22] (Check Point Software Technologies)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [677376 2007-06-29] (PixArt Imaging Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 AndNetGps; system32\DRIVERS\lgandnetgps64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 androidusb; System32\Drivers\lgandadb.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\Drivers\lgandnetadb.sys FCD37C63B42352BFABC17D593745B460
C:\Windows\System32\DRIVERS\lgandnetdiag64.sys 931413CA03A57D147BB8795D22688B1A
C:\Windows\System32\DRIVERS\lgandnetmodem64.sys AD078CDEE678BA96857056CBA5968A92
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswMonFlt.sys 9C2BEA3957EFFD45F352F0938DFB3721
C:\Windows\system32\drivers\aswRdr2.sys 679712B7A353EE665B9301592164A172
C:\Windows\System32\Drivers\aswRvrt.sys C04F7B373881009D7994D9BF55D24AB4
C:\Windows\system32\drivers\aswSnx.sys 52B5F8FAF7E78C02D26B0B6E3A05F596
C:\Windows\system32\drivers\aswSP.sys 251360C2FCA22BAFE0583314B3262F98
C:\Windows\system32\drivers\aswStm.sys AAB5F5336EDBB5D99CC7E1A9F4D8F63F
C:\Windows\System32\Drivers\aswVmm.sys 90399625F341AB76BA4B85A5E860EB1F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\l160x64.sys 940E5B876251E04FFFE058AD71FE0F1C
C:\Windows\system32\drivers\atikmdag.sys 3EFD964D52221360AF0673CD61C2F4F5
C:\Windows\System32\DRIVERS\avgdiska.sys BE5047191368D2C014202AB2775768B7
C:\Windows\System32\DRIVERS\avgidsdrivera.sys EE48CA8AB25E2B0EE3D3E5A463C5A37E
C:\Windows\System32\DRIVERS\avgidsha.sys 494D668B4CB866A1D6835E5F01B13EF1
C:\Windows\System32\DRIVERS\avgldx64.sys 4BE8BB177B4C2BC3564845EF6D1073F1
C:\Windows\System32\DRIVERS\avgloga.sys D3772CC086FB81F76B5A82C85E1C7C8E
C:\Windows\System32\DRIVERS\avgmfx64.sys A0BCE5DC2C1F1EE5C1CA19A33375AC23
C:\Windows\System32\DRIVERS\avgrkx64.sys 12FAAF366975B2BF2E93F1866C0E480D
C:\Windows\System32\DRIVERS\avgtdia.sys 4E364FABBD147F59E5D524C9EA86D772
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cxbu0x64.sys BD99D714062029904E11E3BCC32D1E35
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys BE72D2B3A99615F84E270C80F0A18448
C:\Windows\System32\DRIVERS\jraid.sys 73A968D4A85BB2552DDCF72CB15F06D2
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lgbtpt64.sys 174803F2EEA3B22165DFE0E5A1F20685
C:\Windows\System32\DRIVERS\lgbtbs64.sys 565F93BB7C0361E61B3DAEA670C354D6
C:\Windows\System32\DRIVERS\lgvmdm64.sys ABF477857B7CED873362EC92C6CE10A7
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 03B7145C889603537E9FFEABB1AD1089
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PFC027.SYS AD930193F413316F2B713B90F12AE767
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\snapman.sys B2AA7562BA5858633FCDCD246E8D6730
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vsdatant.sys 1065A957523ED51AAFFF737CC63010A6
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\drivers\wfeaglxt.sys 4C47C55502806F8FEC5B523F24E8DC22
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-16 13:22 - 2014-03-16 13:23 - 00036798 _____ () C:\Users\NIKICA\Desktop\FRST.txt
2014-03-16 13:22 - 2014-03-16 13:22 - 00000000 ____D () C:\FRST
2014-03-16 13:21 - 2014-03-16 13:21 - 00004490 _____ () C:\Users\NIKICA\Desktop\AdwCleaner[S0].txt
2014-03-16 13:06 - 2014-03-16 13:06 - 02157056 _____ (Farbar) C:\Users\NIKICA\Desktop\FRST64.exe
2014-03-16 13:05 - 2014-03-16 13:15 - 00000000 ____D () C:\AdwCleaner
2014-03-16 13:04 - 2014-03-16 13:04 - 01950720 _____ () C:\Users\NIKICA\Desktop\AdwCleaner.exe
2014-03-16 13:03 - 2014-03-16 13:03 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-03-16 09:33 - 2014-03-16 09:33 - 00023496 _____ () C:\Users\NIKICA\Desktop\dds.txt
2014-03-16 09:33 - 2014-03-16 09:33 - 00009187 _____ () C:\Users\NIKICA\Desktop\attach.txt
2014-03-16 09:31 - 2014-03-16 09:31 - 00688992 ____R (Swearware) C:\Users\NIKICA\Desktop\dds.scr
2014-03-16 08:27 - 2014-03-16 08:53 - 00000000 ___SD () C:\32788R22FWJFW
2014-03-16 08:27 - 2014-03-16 08:27 - 00000000 ____D () C:\Windows\erdnt
2014-03-16 08:24 - 2014-03-16 08:24 - 05190279 ____R (Swearware) C:\Users\NIKICA\Desktop\ComboFix.exe
2014-03-16 07:56 - 2014-03-16 07:56 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Malwarebytes
2014-03-16 07:55 - 2014-03-16 07:55 - 00000799 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-16 07:55 - 2014-03-16 07:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 07:54 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-15 14:45 - 2014-03-15 14:49 - 00000923 _____ () C:\Users\NIKICA\Desktop\Windows Boot Genius.lnk
2014-03-15 14:45 - 2014-03-15 14:46 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Boot Genius
2014-03-14 12:10 - 2014-03-14 12:11 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB
2014-03-14 12:10 - 2014-03-14 12:11 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GRAFIKA
2014-03-14 12:09 - 2014-03-16 13:11 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BEZBEDNOST
2014-03-14 12:09 - 2014-03-14 12:09 - 00001591 _____ () C:\Users\NIKICA\Desktop\Programs - Shortcut.lnk
2014-03-14 11:29 - 2014-03-14 11:32 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Obnovi Soft
2014-03-14 11:28 - 2014-03-14 11:39 - 00000000 ____D () C:\Program Files (x86)\Obnovi Soft
2014-03-14 11:11 - 2014-03-14 11:14 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\ACD Systems
2014-03-14 11:11 - 2014-03-14 11:11 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\ACD Systems
2014-03-14 11:09 - 2014-03-14 11:09 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-03-14 10:57 - 2014-03-14 10:58 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-14 10:51 - 2014-03-14 10:51 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\Downloaded Installations
2014-03-12 23:23 - 2014-03-12 23:23 - 00118048 _____ () C:\Users\NIKICA\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-12 23:15 - 2014-03-16 13:17 - 00001914 _____ () C:\Windows\setupact.log
2014-03-12 23:15 - 2014-03-12 23:16 - 04993104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 23:15 - 2014-03-12 23:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-12 23:14 - 2014-03-16 13:17 - 00086292 _____ () C:\Windows\PFRO.log
2014-03-12 17:43 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:43 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:43 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 17:43 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:43 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 17:43 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 17:43 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:43 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 17:43 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 17:43 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 17:43 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 17:43 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 17:43 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 17:43 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 17:43 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 17:43 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 17:43 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 17:43 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:43 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 17:43 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 17:43 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 17:43 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 17:43 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 17:43 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:43 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 17:43 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 17:43 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 17:43 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 17:43 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:43 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 17:43 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 17:43 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:43 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 17:43 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 17:43 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 17:43 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:43 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 17:43 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 17:43 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 17:43 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 17:43 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:43 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 17:43 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 17:43 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 17:42 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 17:42 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:42 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 17:42 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-07 19:31 - 2014-03-10 20:26 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Winamp
2014-03-06 15:05 - 2014-03-06 15:05 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-03-06 15:05 - 2014-03-06 15:05 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-03-05 20:59 - 2014-03-05 20:59 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-05 20:59 - 2014-03-05 20:59 - 00000866 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-26 21:49 - 2014-02-26 21:49 - 00017295 _____ () C:\Users\NIKICA\Desktop\ExecutedServicePage.aspx.htm
2014-02-26 21:42 - 2014-02-26 21:42 - 00025306 _____ () C:\Users\NIKICA\Desktop\Портал еУправа Републике Србије - Детаљи захтева.htm
2014-02-26 21:38 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-26 21:37 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-26 21:37 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-26 21:37 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-26 21:34 - 2014-02-26 21:34 - 00000000 ____D () C:\Program Files (x86)\HID Global
2014-02-26 19:44 - 2014-02-26 19:44 - 00000000 ____D () C:\111
2014-02-26 19:41 - 2014-02-26 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2014-02-26 17:54 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 17:54 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-23 02:07 - 2014-02-23 02:08 - 00000176 _____ () C:\Users\NIKICA\AppData\Roaming\settings.xml
2014-02-23 02:07 - 2014-02-23 02:07 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\SkinSoft
2014-02-23 02:02 - 2014-02-23 02:02 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\convertaudiofree
2014-02-23 02:01 - 2014-02-23 02:01 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\cache
2014-02-23 02:01 - 2014-02-23 02:01 - 00000000 ____D () C:\Users\NIKICA\.android
2014-02-23 02:01 - 2014-02-23 02:01 - 00000000 _____ () C:\Users\NIKICA\daemonprocess.txt
2014-02-23 01:57 - 2014-02-23 10:23 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\WMTools Downloaded Files
2014-02-23 01:55 - 2014-02-23 01:55 - 00000000 ____D () C:\Program Files (x86)\Movie Maker 2.6
2014-02-21 22:40 - 2014-02-21 22:40 - 00001175 _____ () C:\Users\Public\Desktop\Victoria II - A House Divided.lnk
2014-02-20 20:27 - 2014-03-16 08:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-20 20:27 - 2014-03-16 08:47 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-20 20:19 - 2014-02-20 21:26 - 00765280 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-20 19:58 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-20 19:57 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-20 19:57 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-20 19:57 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-20 19:57 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-20 19:57 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-20 19:57 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-20 19:57 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-20 19:57 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-20 19:57 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-20 19:57 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-20 19:57 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-20 19:57 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-20 19:57 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-20 19:57 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-20 19:57 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-20 19:52 - 2014-03-12 23:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-20 19:52 - 2014-03-12 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-20 19:41 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-20 19:41 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-16 20:35 - 2014-02-16 20:35 - 00001174 _____ () C:\Users\NIKICA\Desktop\MK - Shortcut.lnk
2014-02-16 18:52 - 2014-02-16 18:52 - 00001090 _____ () C:\Users\Public\Desktop\Europa Universalis III.lnk

==================== One Month Modified Files and Folders =======

2014-03-16 13:23 - 2014-03-16 13:22 - 00036798 _____ () C:\Users\NIKICA\Desktop\FRST.txt
2014-03-16 13:22 - 2014-03-16 13:22 - 00000000 ____D () C:\FRST
2014-03-16 13:22 - 2009-07-14 05:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 13:22 - 2009-07-14 05:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 13:21 - 2014-03-16 13:21 - 00004490 _____ () C:\Users\NIKICA\Desktop\AdwCleaner[S0].txt
2014-03-16 13:21 - 2014-01-21 14:33 - 01065666 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 13:17 - 2014-03-12 23:15 - 00001914 _____ () C:\Windows\setupact.log
2014-03-16 13:17 - 2014-03-12 23:14 - 00086292 _____ () C:\Windows\PFRO.log
2014-03-16 13:17 - 2013-02-26 13:24 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\CheckPoint
2014-03-16 13:17 - 2012-12-07 23:42 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-16 13:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 13:15 - 2014-03-16 13:05 - 00000000 ____D () C:\AdwCleaner
2014-03-16 13:11 - 2014-03-14 12:09 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BEZBEDNOST
2014-03-16 13:08 - 2013-02-21 20:34 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-16 13:06 - 2014-03-16 13:06 - 02157056 _____ (Farbar) C:\Users\NIKICA\Desktop\FRST64.exe
2014-03-16 13:04 - 2014-03-16 13:04 - 01950720 _____ () C:\Users\NIKICA\Desktop\AdwCleaner.exe
2014-03-16 13:03 - 2014-03-16 13:03 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-03-16 13:00 - 2012-12-07 23:42 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-16 13:00 - 2012-12-07 10:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 09:33 - 2014-03-16 09:33 - 00023496 _____ () C:\Users\NIKICA\Desktop\dds.txt
2014-03-16 09:33 - 2014-03-16 09:33 - 00009187 _____ () C:\Users\NIKICA\Desktop\attach.txt
2014-03-16 09:31 - 2014-03-16 09:31 - 00688992 ____R (Swearware) C:\Users\NIKICA\Desktop\dds.scr
2014-03-16 08:58 - 2014-02-20 20:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-16 08:54 - 2014-02-07 23:10 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-16 08:53 - 2014-03-16 08:27 - 00000000 ___SD () C:\32788R22FWJFW
2014-03-16 08:51 - 2012-12-29 21:25 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\uTorrent
2014-03-16 08:47 - 2014-02-20 20:27 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-16 08:35 - 2013-12-01 14:18 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-16 08:27 - 2014-03-16 08:27 - 00000000 ____D () C:\Windows\erdnt
2014-03-16 08:24 - 2014-03-16 08:24 - 05190279 ____R (Swearware) C:\Users\NIKICA\Desktop\ComboFix.exe
2014-03-16 07:56 - 2014-03-16 07:56 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Malwarebytes
2014-03-16 07:55 - 2014-03-16 07:55 - 00000799 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-16 07:55 - 2014-03-16 07:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-15 14:49 - 2014-03-15 14:45 - 00000923 _____ () C:\Users\NIKICA\Desktop\Windows Boot Genius.lnk
2014-03-15 14:46 - 2014-03-15 14:45 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Boot Genius
2014-03-15 14:44 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-14 12:11 - 2014-03-14 12:10 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB
2014-03-14 12:11 - 2014-03-14 12:10 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GRAFIKA
2014-03-14 12:09 - 2014-03-14 12:09 - 00001591 _____ () C:\Users\NIKICA\Desktop\Programs - Shortcut.lnk
2014-03-14 11:39 - 2014-03-14 11:28 - 00000000 ____D () C:\Program Files (x86)\Obnovi Soft
2014-03-14 11:32 - 2014-03-14 11:29 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Obnovi Soft
2014-03-14 11:14 - 2014-03-14 11:11 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\ACD Systems
2014-03-14 11:11 - 2014-03-14 11:11 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\ACD Systems
2014-03-14 11:09 - 2014-03-14 11:09 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-03-14 10:58 - 2014-03-14 10:57 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-14 10:51 - 2014-03-14 10:51 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\Downloaded Installations
2014-03-12 23:23 - 2014-03-12 23:23 - 00118048 _____ () C:\Users\NIKICA\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-12 23:16 - 2014-03-12 23:15 - 04993104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 23:15 - 2014-03-12 23:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-12 23:14 - 2014-02-20 19:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 23:14 - 2014-02-20 19:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 23:10 - 2012-12-07 10:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 19:13 - 2014-01-23 12:54 - 00000000 ____D () C:\Users\NIKICA\Desktop\JA
2014-03-10 22:45 - 2012-12-17 21:52 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\DAEMON Tools Lite
2014-03-10 20:26 - 2014-03-07 19:31 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Winamp
2014-03-09 12:15 - 2013-06-29 12:01 - 00000000 ___RD () C:\Users\NIKICA\Google диск
2014-03-06 15:05 - 2014-03-06 15:05 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-03-06 15:05 - 2014-03-06 15:05 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-03-05 21:43 - 2013-01-31 15:50 - 00000000 ____D () C:\Users\NIKICA\Documents\Paradox Interactive
2014-03-05 21:38 - 2013-05-30 21:03 - 00000011 _____ () C:\Users\NIKICA\AppData\Roaming\DPQuickNotes.txt
2014-03-05 20:59 - 2014-03-05 20:59 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-05 20:59 - 2014-03-05 20:59 - 00000866 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-02 23:31 - 2014-01-23 12:55 - 00000000 ____D () C:\Users\NIKICA\Desktop\BRIGADA
2014-03-01 07:05 - 2014-03-12 17:43 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 17:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 17:43 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 17:43 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 17:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 17:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 17:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 17:43 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 17:43 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 17:43 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 17:43 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 17:43 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 17:43 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 17:43 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 17:43 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 17:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 17:43 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 17:43 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 17:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 17:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 17:43 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 17:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 17:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 17:43 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 17:43 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 17:43 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 17:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 17:43 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 17:43 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 17:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 17:43 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 17:43 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 17:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 17:43 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 17:43 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 17:43 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 17:43 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 17:43 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 17:43 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 17:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 16:51 - 2014-02-07 23:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-26 23:54 - 2014-02-13 04:15 - 00000000 ____D () C:\Windows\rescache
2014-02-26 21:49 - 2014-02-26 21:49 - 00017295 _____ () C:\Users\NIKICA\Desktop\ExecutedServicePage.aspx.htm
2014-02-26 21:42 - 2014-02-26 21:42 - 00025306 _____ () C:\Users\NIKICA\Desktop\Портал еУправа Републике Србије - Детаљи захтева.htm
2014-02-26 21:39 - 2013-09-15 14:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-26 21:37 - 2013-12-12 17:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-26 21:34 - 2014-02-26 21:34 - 00000000 ____D () C:\Program Files (x86)\HID Global
2014-02-26 19:44 - 2014-02-26 19:44 - 00000000 ____D () C:\111
2014-02-26 19:41 - 2014-02-26 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2014-02-26 17:44 - 2012-12-07 10:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-26 17:44 - 2012-12-07 10:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-26 17:44 - 2012-12-07 10:23 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-25 22:48 - 2013-12-21 18:11 - 00012799 _____ () C:\Users\NIKICA\Desktop\New Microsoft Office Excel Worksheet.xlsx
2014-02-23 10:23 - 2014-02-23 01:57 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\WMTools Downloaded Files
2014-02-23 10:07 - 2013-06-10 17:23 - 00003584 _____ () C:\Users\NIKICA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-23 02:08 - 2014-02-23 02:07 - 00000176 _____ () C:\Users\NIKICA\AppData\Roaming\settings.xml
2014-02-23 02:07 - 2014-02-23 02:07 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\SkinSoft
2014-02-23 02:06 - 2012-12-07 23:37 - 00000000 ___RD () C:\Users\NIKICA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-23 02:02 - 2014-02-23 02:02 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\convertaudiofree
2014-02-23 02:01 - 2014-02-23 02:01 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\cache
2014-02-23 02:01 - 2014-02-23 02:01 - 00000000 ____D () C:\Users\NIKICA\.android
2014-02-23 02:01 - 2014-02-23 02:01 - 00000000 _____ () C:\Users\NIKICA\daemonprocess.txt
2014-02-23 02:01 - 2012-12-07 23:37 - 00000000 ____D () C:\Users\NIKICA
2014-02-23 01:55 - 2014-02-23 01:55 - 00000000 ____D () C:\Program Files (x86)\Movie Maker 2.6
2014-02-21 22:40 - 2014-02-21 22:40 - 00001175 _____ () C:\Users\Public\Desktop\Victoria II - A House Divided.lnk
2014-02-21 12:28 - 2009-07-14 03:34 - 00000752 _____ () C:\Windows\win.ini
2014-02-20 23:58 - 2014-02-08 11:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-02-20 21:26 - 2014-02-20 20:19 - 00765280 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-20 20:40 - 2013-10-05 12:00 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\Microsoft Games
2014-02-20 19:51 - 2013-02-27 21:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-20 19:51 - 2012-12-08 00:34 - 00000000 ____D () C:\ProgramData\Skype
2014-02-16 20:35 - 2014-02-16 20:35 - 00001174 _____ () C:\Users\NIKICA\Desktop\MK - Shortcut.lnk
2014-02-16 18:52 - 2014-02-16 18:52 - 00001090 _____ () C:\Users\Public\Desktop\Europa Universalis III.lnk
2014-02-16 18:50 - 2012-12-07 23:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-16 18:35 - 2012-12-17 09:49 - 00000000 ____D () C:\Users\NIKICA\AppData\Local\Stardock
2014-02-15 16:31 - 2014-01-30 19:52 - 00000000 ____D () C:\Users\NIKICA\Documents\MK-LOL
2014-02-15 12:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-15 12:12 - 2012-12-07 23:42 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 12:12 - 2012-12-07 23:42 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 12:10 - 2012-12-08 00:34 - 00000000 ____D () C:\Users\NIKICA\AppData\Roaming\Skype

Some content of TEMP:
====================
C:\Users\NIKICA\AppData\Local\Temp\avgnt.exe
C:\Users\NIKICA\AppData\Local\Temp\CgFMsWsuGEDiprPKcohS.DLL
C:\Users\NIKICA\AppData\Local\Temp\driver_booster_setup.exe
C:\Users\NIKICA\AppData\Local\Temp\libcurl-4.dll
C:\Users\NIKICA\AppData\Local\Temp\mailruhomesearch.exe
C:\Users\NIKICA\AppData\Local\Temp\obnovisetup_iobit.exe
C:\Users\NIKICA\AppData\Local\Temp\ObnoviSoft.exe
C:\Users\NIKICA\AppData\Local\Temp\promote-upx.exe
C:\Users\NIKICA\AppData\Local\Temp\pthreadGC2.dll
C:\Users\NIKICA\AppData\Local\Temp\Quarantine.exe
C:\Users\NIKICA\AppData\Local\Temp\zlib1.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=D:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {d35e277d-408a-11e2-8a34-8f71afef1f84}
displayorder {ntldr}
{current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {d35e277f-408a-11e2-8a34-8f71afef1f84}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {d35e277d-408a-11e2-8a34-8f71afef1f84}
nx OptIn

Windows Boot Loader
-------------------
identifier {d35e277f-408a-11e2-8a34-8f71afef1f84}
device ramdisk=[C:]\Recovery\d35e277f-408a-11e2-8a34-8f71afef1f84\Winre.wim,{d35e2780-408a-11e2-8a34-8f71afef1f84}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\d35e277f-408a-11e2-8a34-8f71afef1f84\Winre.wim,{d35e2780-408a-11e2-8a34-8f71afef1f84}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {d35e277d-408a-11e2-8a34-8f71afef1f84}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=D:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

Windows Legacy OS Loader
------------------------
identifier {ntldr}
device partition=D:
path \ntldr
description Earlier Version of Windows

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {d35e2780-408a-11e2-8a34-8f71afef1f84}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\d35e277f-408a-11e2-8a34-8f71afef1f84\boot.sdi



LastRegBack: 2014-03-10 00:40

==================== End Of Log ============================

Dopuna: 16 Mar 2014 13:34

NAPOMENA> Nisam deinstalira zoen alarm (citajuci odgvor izmedju redova sam skontao da ne bi trebalo ).. Sa ovim poslednjim programom isam uradio FIX vec samo sken.. jos uvek mi je otvoren prozor..

Poslao: 16 Mar 2014 14:44
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Zašto si instalirao Avast i zašto prije instalacije Avasta nisi deinstalirao AVG?

Poslao: 16 Mar 2014 14:54
Idi na vrh
offline
  • Pridružio: 16 Mar 2014
  • Poruke: 11

avast je bio bre avg.. deinstalirao am ga ali se nikad nije deinstalirao.. ( ja sam uradio deinstalaciju ali nisu svi fajlovi otklonjeni.. )

Poslao: 16 Mar 2014 15:05
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi ovaj alat za uklanjanje ostataka AVG-a.
http://download.avg.com/filedir/util/support/avg_remover_stf_x64_2014_4116.exe

Pokreni ga, sačekaj da završi i dozvoli mu da restartuje računar kada završi.

Poslao: 16 Mar 2014 15:22
Idi na vrh
offline
  • Pridružio: 16 Mar 2014
  • Poruke: 11

Napisano: 16 Mar 2014 15:19

ucinjeno...

Dopuna: 16 Mar 2014 15:22

da li bi trebalo opet da skeniram sa prethodna 2 programa ?

Poslao: 16 Mar 2014 15:24
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Samo FRST, ali ovaj put nek opcije Drivers MD5 i List BCD budu isključene, a Addition.txt nek bude uključena.

Poslao: 16 Mar 2014 15:45
Idi na vrh
offline
  • Pridružio: 16 Mar 2014
  • Poruke: 11

pre toga.. samo da odskeniram ili da stisnem i onu opciju FIX nakon toga ?

Poslao: 16 Mar 2014 15:50
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nisam ti rekao da klikćeš na Fix već na Scan te prema tome drži se striktno mojih uputstava i ne pokušavaj ništa na svoju ruku.

MyCity » Ambulanta -> Arhiva Ambulante » lol IMG_00234.zip

Ko je trenutno na forumu
 

Ukupno su 945 korisnika na forumu :: 16 registrovanih, 3 sakrivenih i 926 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: brundo65, dragoljub11987, goxin, havoc995, ILGromovnik, Insan, JOntra, Koridor, kovac9mm, Krvava Devetka, kybonacci, pein, radionica1, sasa76, wizzardone, šumar bk2