virtualna memorija + zvuk

1

virtualna memorija + zvuk

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 22

prvi put mi se desilo da mi zakuca virtualna memorija i blokira mi stranica na browseru

pretpostavljao sam da je do nekih "virusa" jer ga nisam cistio dugo...


posle ciscenja klinerima, kao malo bolje radi

ali dosta mi vuce procesa kad otvorim browser





posle toga mi se sjebo i zvuk verovatno mi obrisalo nesto od drajvera...nemam zvuk sad

kako da sredim zvuk i da imam sto manje processes?

hvala unapred na pomoci

mycity.rs/must-login.png

mycity.rs/must-login.png




Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2014 01
Ran by Administrator (administrator) on WOLF on 24-08-2014 13:12:43
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Innovative Solutions) C:\Program Files\Innovative Solutions\DriverMax\innostp.exe
(Innovative Solutions) C:\Program Files\Innovative Solutions\NeoSetup Updater\innostp.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(PixArt Imaging Incorporation) C:\WINDOWS\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Skillbrains) C:\Documents and Settings\Administrator\Local Settings\Application Data\Skillbrains\lightshot\5.1.2.5\Lightshot.exe
(Stripf Software) C:\Program Files\HLSW\hlsw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Avanquest Software) C:\Program Files\Smart Driver Updater\SDUTray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google) C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2219184 2011-01-12] (ESET)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2548040 2011-01-11] (COMODO)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [] => [X]
HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-03-09] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKU\.DEFAULT\...\RunOnce: [adaware] => reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
HKU\.DEFAULT\...\RunOnce: [adaware_XP] => reg.exe delete "HKCU\Software\adaware" /f
HKU\S-1-5-21-1715567821-1844237615-682003330-500\...\Run: [Google Update] => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-04-02] (Google Inc.)
HKU\S-1-5-21-1715567821-1844237615-682003330-500\...\Run: [LightShot] => C:\Documents and Settings\Administrator\Local Settings\Application Data\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-06] ()
HKU\S-1-5-21-1715567821-1844237615-682003330-500\...\Run: [DriverMax] => C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [8790904 2014-08-19] (Innovative Solutions)
HKU\S-1-5-21-1715567821-1844237615-682003330-500\...\Run: [DriverMax_RESTART] => C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [8790904 2014-08-19] (Innovative Solutions)
HKU\S-1-5-21-1715567821-1844237615-682003330-500\...\Run: [Smart Driver Updater] => C:\Program Files\Smart Driver Updater\SDUTray.exe [1654072 2014-06-27] (Avanquest Software)
AppInit_DLLs: C:\WINDOWS\system32\guard32.dll => C:\WINDOWS\system32\guard32.dll [285480 2011-01-11] (COMODO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.ask.com/?tpid=NDV-V7&o=APN10.....5&psv=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6C479535ED43CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKCU - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
SearchScopes: HKCU - {BF7E1661-0A9B-47B4-8ED3-A10B5DE7B390} URL = search.ask.com/web?tpid=NDV-V7&o=AP.....=CR&q={searchTerms}&psv=
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {b52d0735-ec19-448a-abde-e01b5bd275d2} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
Toolbar: HKCU - No Name - {4E44562D-5637-006A-76A7-7A786E7484D7} - No File
DPF: {5ED7F9D0-90D3-4001-A768-7E95C1768821} e-banking.piraeusbank.rs/RetailDLL/FSINT8.dll
DPF: {73848533-39E1-49F1-9363-28054268C094} rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {A42DDE4E-DF36-4592-83B6-CCA28E770ABD} e-bank.piraeusbank.rs/DLL/EbankingWWW.dll
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E772C6B1-C3D6-4251-990B-1511D7822722} e-bank.piraeusbank.rs/DLL/EBCSCC2b.dll
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Administrator\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Administrator\Application Data\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\searchplugins\bingp.xml
FF Extension: Microsoft Choice Guard - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\ChoiceGuard@Microsoft [2011-07-17]
FF Extension: Ask Toolbar - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\toolbar@ask.com [2013-06-16]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-09-27]
FF Extension: DownTango Launcher - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\{890a3e16-521d-4d00-bdf9-e07218d09c8d} [2012-10-20]
FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010-02-10]
FF Extension: Facemoods - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\ffxtlbr@Facemoods.com.xpi [2011-08-18]
FF Extension: Collusion - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2012-09-26]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-02-10]
FF HKLM\...\Firefox\Extensions: [{1DA0528B-1DD8-4167-BFAF-E0EF94939F93}] - C:\Program Files\Comodo\HopSurfToolbar\hopsurfext_ff3_5
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-07-08]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync [2013-02-23]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-13]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-08-07]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google документи) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-05]
CHR Extension: (Google диск) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-05]
CHR Extension: (Google претрага) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-05]
CHR Extension: (Gmail ван мреже) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-03-06]
CHR Extension: (Google календар) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-03-06]
CHR Extension: (avast! SafePrice) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-07-22]
CHR Extension: (AdBlock) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-01]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-06]
CHR Extension: (Спеед Тест) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hlhbmnfdcklajeaeikfinieljfegamko [2014-03-06]
CHR Extension: (Allow Right-Click) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo [2014-03-06]
CHR Extension: (Google новчаник) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-05]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-05]
CHR Extension: (GCH Временска прогноза.) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pobcbokjdifiefbdkmnhfbjnmbleiofa [2014-03-06]
CHR CustomProfile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3
CHR Extension: (Docs) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-10]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-10]
CHR Extension: (Weather (extension)) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2013-05-10]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-10]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-10]
CHR Extension: (Notepad) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\efgpgbcidmnhkoeceikdacelidndbfgl [2013-05-10]
CHR Extension: (Gmail Offline) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-05-10]
CHR Extension: (Google Calendar) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-12-18]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-07]
CHR Extension: (Speed Test) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\hlhbmnfdcklajeaeikfinieljfegamko [2013-11-06]
CHR Extension: (Allow Right-Click) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo [2013-05-10]
CHR Extension: (Streamus™ (Beta!)) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd [2014-02-03]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Calendar Checker) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\ookhcbgokankfmjafalglpofmolfopek [2013-05-10]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-10]
CHR Extension: (GCH Weather Forecast.) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\pobcbokjdifiefbdkmnhfbjnmbleiofa [2013-12-18]
CHR HKLM\...\Chrome\Extension: [aaaaaakfopmidbfddimafofbdngbkidf] - C:\Documents and Settings\Administrator\Local Settings\Application Data\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.13.0.0.crx [2013-06-16]
CHR HKLM\...\Chrome\Extension: [bdfnefeleaelcjifkbdfbfnhdbdlhmlk] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bdfnefeleaelcjifkbdfbfnhdbdlhmlk.crx [2013-06-16]
CHR HKLM\...\Chrome\Extension: [ejdabpabkmacjiiooccecnpakonoibah] - C:\Program Files\DownTangoLauncherToolbar\chrome\DownTangoLauncherToolbar.crx [2013-06-16]
CHR HKLM\...\Chrome\Extension: [ggagiiobgjmfpdadhecbofeoelcpidec] - C:\Documents and Settings\Administrator\Local Settings\Application Data\CRE\ggagiiobgjmfpdadhecbofeoelcpidec.crx [2012-09-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\crx2871.tmp [2013-10-09]
CHR HKCU\...\Chrome\Extension: [ggagiiobgjmfpdadhecbofeoelcpidec] - C:\Documents and Settings\Administrator\Local Settings\Application Data\CRE\ggagiiobgjmfpdadhecbofeoelcpidec.crx [2012-09-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [407072 2007-04-20] (Acronis)
S3 chromoting; C:\Program Files\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe [51016 2014-07-17] (Google Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1771288 2011-01-11] (COMODO)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144 2011-01-12] (ESET)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [67360 2010-01-25] (NOS Microsystems Ltd.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
S2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [239368 2011-01-11] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [27576 2011-01-11] (COMODO)
S3 Diag69xp; C:\WINDOWS\System32\Drivers\Diag69xp.sys [11264 2007-12-03] (Realtek Semiconductor Corporation) [File not signed]
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [141264 2010-12-21] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [115008 2010-12-21] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [94872 2010-12-21] (ESET)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [94784 2011-01-11] (COMODO)
R2 LANPkt; C:\WINDOWS\System32\DRIVERS\LANPkt.sys [8960 2007-11-20] (Realtek Semiconductor Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-24] (Malwarebytes Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 MxEFUF; C:\WINDOWS\System32\DRIVERS\MxEFUF32.sys [108544 2011-08-15] (Matrox Graphics Inc.) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 PAC7302; C:\WINDOWS\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.)
S3 RTLVLAN; C:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS [16640 2007-11-20] (Realtek Semiconductor Corporation)
S3 s0016bus; C:\WINDOWS\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\WINDOWS\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\WINDOWS\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\WINDOWS\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S4 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-02-10] (Duplex Secure Ltd.)
R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2009-04-19] (Microsoft Corporation) [File not signed]
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [563720 2014-05-28] (VIA Technologies, Inc.)
S3 Ca2001v; System32\Drivers\Ca2001v.sys [X]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X]
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [80256 2009-03-20] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-24 13:12 - 2014-08-24 13:12 - 00000000 ____D () C:\FRST
2014-08-24 12:56 - 2014-08-24 12:59 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Smart Driver Updater
2014-08-24 12:56 - 2014-08-24 12:56 - 00000000 ____D () C:\Program Files\Smart Driver Updater
2014-08-24 12:56 - 2014-08-24 12:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Smart Driver Updater
2014-08-24 12:56 - 2014-08-24 12:56 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Smart Driver Updater
2014-08-24 12:55 - 2014-08-24 12:55 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\New Folder
2014-08-24 12:52 - 2014-08-24 12:52 - 00000000 ____D () C:\Program Files\IDT
2014-08-24 12:32 - 2014-08-24 12:52 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-24 12:14 - 2011-08-15 22:34 - 00108544 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\Drivers\MxEFUF32.sys
2014-08-24 11:56 - 2014-08-24 12:52 - 00150323 _____ () C:\WINDOWS\setupapi.log
2014-08-24 11:56 - 2014-08-24 11:56 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-08-24 11:56 - 2014-05-28 12:31 - 00023048 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\VMfilt32.sys
2014-08-24 11:56 - 2014-05-08 10:02 - 02538160 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\VIAPropPageExt.dll
2014-08-24 11:56 - 2014-02-26 09:54 - 01698816 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViaMicArrayAPO.dll
2014-08-24 11:56 - 2014-02-26 06:55 - 00855040 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\VIASysFx.dll
2014-08-24 11:56 - 2013-11-01 04:20 - 01824000 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib.dll
2014-08-24 11:56 - 2013-11-01 04:20 - 00860416 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell.dll
2014-08-24 11:56 - 2013-11-01 04:20 - 00509184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-08-24 11:56 - 2013-07-22 09:40 - 00322048 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMWRP32.DLL
2014-08-24 11:56 - 2012-12-11 13:00 - 00086648 _____ (VIA Technologies,Inc.) C:\WINDOWS\system32\ViaMicArrayPropPageExt.dll
2014-08-24 11:56 - 2012-12-11 13:00 - 00063096 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\VtSrdAPO.dll
2014-08-24 11:56 - 2012-12-11 12:59 - 01021560 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViaKaraokeApo.dll
2014-08-24 11:56 - 2012-12-11 12:59 - 00218232 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Dts2APO.dll
2014-08-24 11:56 - 2012-12-11 12:59 - 00112248 _____ (VIA Technologies,Inc.) C:\WINDOWS\system32\ViaKaraokePropPageExt.dll
2014-08-24 11:56 - 2012-12-11 12:59 - 00082552 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Dts2PropPageExt.dll
2014-08-24 11:56 - 2012-12-11 12:59 - 00047736 _____ (TODO: <Company name>) C:\WINDOWS\system32\PropPageExt.dll
2014-08-24 11:56 - 2012-12-11 12:59 - 00027768 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViakaraokeSrv.exe
2014-08-24 11:56 - 2012-06-28 11:55 - 00076288 _____ (QSound Labs, Inc.) C:\WINDOWS\system32\nQPropPageExt.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 07161696 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP32H.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 07161696 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP32A.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 00351072 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED32H.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 00351072 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED32A.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 00103776 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL32H.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 00088928 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA32H.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 00088928 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA32A.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 00062304 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEG32H.dll
2014-08-24 11:56 - 2011-12-15 08:16 - 00062304 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEG32A.dll
2014-08-24 11:56 - 2011-09-27 13:13 - 00739328 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMAPO32.DLL
2014-08-24 11:56 - 2011-09-27 13:13 - 00554496 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMTHX32.DLL
2014-08-24 11:56 - 2011-09-27 13:13 - 00047104 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMPPLD32.DLL
2014-08-24 11:56 - 2011-06-08 13:19 - 00073728 _____ (QSound Labs, Inc.) C:\WINDOWS\system32\nQAPO.dll
2014-08-24 11:56 - 2010-10-26 13:54 - 00044032 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMPPCN32.DLL
2014-08-24 11:55 - 2014-08-24 12:31 - 00058458 _____ () C:\WINDOWS\DPINST.LOG
2014-08-24 11:55 - 2014-04-28 10:52 - 01728280 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMAPO232.DLL
2014-08-24 11:55 - 2013-11-01 04:20 - 27372288 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA.dll
2014-08-24 11:55 - 2011-12-15 08:16 - 00103776 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL32A.dll
2014-08-24 11:46 - 2014-08-24 12:30 - 00000340 _____ () C:\WINDOWS\Tasks\NeoSetup Updater.job
2014-08-24 11:46 - 2014-08-24 12:26 - 00000322 _____ () C:\WINDOWS\Tasks\Application Starter - 149b086838448c2376287436a5ba7a97.job
2014-08-24 11:46 - 2014-08-24 11:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\NeoSetup Updater
2014-08-24 11:46 - 2014-08-24 11:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Innovative Solutions
2014-08-24 11:45 - 2014-08-24 12:26 - 00000308 _____ () C:\WINDOWS\Tasks\Application Starter - 8882161c434ab0fd43dca37f474f4351.job
2014-08-24 11:45 - 2014-08-24 11:46 - 00000000 ____D () C:\Program Files\Innovative Solutions
2014-08-24 11:45 - 2014-08-24 11:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DriverMax
2014-08-24 11:45 - 2014-08-24 11:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Innovative Solutions
2014-08-24 11:28 - 2014-08-24 11:28 - 00047808 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-24 11:26 - 2014-08-24 11:26 - 00216856 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-24 10:55 - 2014-08-24 10:55 - 00022188 _____ () C:\Documents and Settings\Administrator\Desktop\cc_20140824_105522.reg
2014-08-23 20:01 - 2014-08-23 20:13 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z.Z.Z.Z..ZZ
2014-08-23 19:18 - 2014-08-23 20:01 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z..ZZ......ZZ
2014-08-23 19:11 - 2014-08-24 12:53 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 19:10 - 2014-08-23 19:10 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-23 19:10 - 2014-08-23 19:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-23 19:10 - 2014-08-23 19:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-23 19:10 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-18 17:30 - 2014-08-18 17:30 - 72000054 _____ () C:\Documents and Settings\Administrator\Desktop\DSC_0355-1.bmp
2014-08-18 13:20 - 2014-08-18 13:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Nikon
2014-08-17 18:50 - 2014-08-17 18:50 - 00000000 ____D () C:\Program Files\Easy2Convert Software
2014-08-17 18:50 - 2014-08-17 18:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Easy2Convert Software
2014-08-17 18:50 - 2014-08-17 18:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Easy2Convert
2014-08-17 18:44 - 2014-08-17 18:44 - 00000000 _____ () C:\WINDOWS\ViewNX2.INI
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Nikon
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Nikon
2014-08-17 18:42 - 2014-08-17 18:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Nikon Message Center 2
2014-08-17 18:41 - 2014-08-17 18:49 - 00000020 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT
2014-08-17 18:41 - 2014-08-17 18:42 - 00000000 ____D () C:\Program Files\Nikon
2014-08-17 18:41 - 2014-08-17 18:42 - 00000000 ____D () C:\Program Files\Common Files\Nikon
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\All Users\Application Data\Ambience
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\All Users\Application Data\Alerts
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\All Users\Application Data\Action Clauses
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\Administrator\Application Data\AccountTypes
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\Administrator\Application Data\Abstract
2014-08-17 18:41 - 2014-08-17 18:41 - 00000020 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT
2014-08-17 18:41 - 2014-08-17 18:41 - 00000020 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT
2014-08-17 18:41 - 2014-08-17 18:41 - 00000012 ___RH () C:\Documents and Settings\All Users\Application Data\Automatic Filter
2014-08-17 18:41 - 2014-08-17 18:41 - 00000012 ___RH () C:\Documents and Settings\All Users\Application Data\Audio Units
2014-08-17 18:41 - 2014-08-17 18:41 - 00000012 ___RH () C:\Documents and Settings\All Users\Application Data\Audio
2014-08-17 18:41 - 2014-08-17 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ViewNX 2
2014-08-17 18:41 - 2014-08-17 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Ultima_T15
2014-08-17 18:41 - 2014-08-17 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\EnterNHelp
2014-08-17 18:41 - 2014-08-17 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
2014-08-17 18:37 - 2008-04-14 05:42 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll
2014-08-17 18:37 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll
2014-08-17 18:35 - 2014-08-19 09:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\vuki6
2014-08-17 18:35 - 2014-08-17 18:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Link to Nikon
2014-08-17 18:35 - 2014-08-17 18:35 - 00000000 ____D () C:\Program Files\MSXML 6.0
2014-08-12 23:48 - 2014-08-12 23:48 - 00000000 ____D () C:\Program Files\Common Files\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-24 13:13 - 2013-11-06 18:18 - 00000424 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{1304A588-93B5-41E6-9EC4-2D4B2FAE01A1}.job
2014-08-24 13:13 - 2012-09-14 22:21 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2014-08-24 13:12 - 2014-08-24 13:12 - 00000000 ____D () C:\FRST
2014-08-24 13:05 - 2010-02-14 13:25 - 00000438 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{C15F4900-B245-4574-B003-B17CED7BCE75}.job
2014-08-24 12:59 - 2014-08-24 12:56 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Smart Driver Updater
2014-08-24 12:56 - 2014-08-24 12:56 - 00000000 ____D () C:\Program Files\Smart Driver Updater
2014-08-24 12:56 - 2014-08-24 12:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Smart Driver Updater
2014-08-24 12:56 - 2014-08-24 12:56 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Smart Driver Updater
2014-08-24 12:55 - 2014-08-24 12:55 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\New Folder
2014-08-24 12:53 - 2014-08-23 19:11 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 12:52 - 2014-08-24 12:52 - 00000000 ____D () C:\Program Files\IDT
2014-08-24 12:52 - 2014-08-24 12:32 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-24 12:52 - 2014-08-24 11:56 - 00150323 _____ () C:\WINDOWS\setupapi.log
2014-08-24 12:52 - 2014-04-05 14:52 - 00003772 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-08-24 12:52 - 2010-02-10 19:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-24 12:52 - 2010-02-10 19:56 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-08-24 12:47 - 2010-02-10 18:24 - 01344725 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-24 12:46 - 2010-12-13 19:05 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-24 12:39 - 2011-11-17 23:14 - 00000900 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 12:38 - 2010-02-10 18:31 - 00032220 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-24 12:34 - 2012-04-04 18:35 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-24 12:31 - 2014-08-24 11:55 - 00058458 _____ () C:\WINDOWS\DPINST.LOG
2014-08-24 12:30 - 2014-08-24 11:46 - 00000340 _____ () C:\WINDOWS\Tasks\NeoSetup Updater.job
2014-08-24 12:29 - 2010-04-02 19:30 - 00001044 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1844237615-682003330-500UA.job
2014-08-24 12:28 - 2010-02-10 19:15 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-24 12:28 - 2008-04-14 17:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-24 12:26 - 2014-08-24 11:46 - 00000322 _____ () C:\WINDOWS\Tasks\Application Starter - 149b086838448c2376287436a5ba7a97.job
2014-08-24 12:26 - 2014-08-24 11:45 - 00000308 _____ () C:\WINDOWS\Tasks\Application Starter - 8882161c434ab0fd43dca37f474f4351.job
2014-08-24 12:26 - 2011-11-17 23:14 - 00000896 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 12:26 - 2010-02-10 19:15 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-08-24 12:26 - 2010-02-10 18:31 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-24 12:25 - 2010-02-10 18:31 - 00000278 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-24 11:56 - 2014-08-24 11:56 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-08-24 11:56 - 2010-02-10 19:56 - 00000000 ____D () C:\Program Files\VIA
2014-08-24 11:46 - 2014-08-24 11:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\NeoSetup Updater
2014-08-24 11:46 - 2014-08-24 11:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Innovative Solutions
2014-08-24 11:46 - 2014-08-24 11:45 - 00000000 ____D () C:\Program Files\Innovative Solutions
2014-08-24 11:45 - 2014-08-24 11:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DriverMax
2014-08-24 11:45 - 2014-08-24 11:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Innovative Solutions
2014-08-24 11:28 - 2014-08-24 11:28 - 00047808 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-24 11:26 - 2014-08-24 11:26 - 00216856 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-24 11:26 - 2010-03-27 23:24 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-08-24 11:24 - 2012-10-20 15:35 - 00000000 ____D () C:\Program Files\Red Sky
2014-08-24 10:55 - 2014-08-24 10:55 - 00022188 _____ () C:\Documents and Settings\Administrator\Desktop\cc_20140824_105522.reg
2014-08-24 10:43 - 2013-04-08 01:51 - 00000392 _____ () C:\WINDOWS\Tasks\update-sys.job
2014-08-24 10:29 - 2010-04-02 19:30 - 00000992 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1844237615-682003330-500Core.job
2014-08-24 10:05 - 2010-02-10 18:22 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-08-24 09:35 - 2010-02-13 23:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-08-24 09:35 - 2010-02-10 18:31 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-23 20:13 - 2014-08-23 20:01 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z.Z.Z.Z..ZZ
2014-08-23 20:01 - 2014-08-23 19:18 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z..ZZ......ZZ
2014-08-23 19:18 - 2010-04-07 16:48 - 00000000 ___RD () C:\Documents and Settings\Administrator\Desktop\ikonice
2014-08-23 19:10 - 2014-08-23 19:10 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-23 19:10 - 2014-08-23 19:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-23 19:10 - 2014-08-23 19:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-23 19:10 - 2010-02-24 23:30 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2014-08-23 19:10 - 2010-02-24 23:29 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-08-23 19:10 - 2010-02-24 23:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-23 17:14 - 2013-04-08 01:51 - 00000392 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-1715567821-1844237615-682003330-500.job
2014-08-22 20:04 - 2010-02-10 20:51 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Skype
2014-08-22 13:25 - 2014-02-06 17:18 - 00002265 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-08-19 09:14 - 2014-08-17 18:35 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\vuki6
2014-08-19 00:58 - 2010-02-11 18:16 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\HLSW
2014-08-18 17:30 - 2014-08-18 17:30 - 72000054 _____ () C:\Documents and Settings\Administrator\Desktop\DSC_0355-1.bmp
2014-08-18 13:20 - 2014-08-18 13:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Nikon
2014-08-17 18:50 - 2014-08-17 18:50 - 00000000 ____D () C:\Program Files\Easy2Convert Software
2014-08-17 18:50 - 2014-08-17 18:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Easy2Convert Software
2014-08-17 18:50 - 2014-08-17 18:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Easy2Convert
2014-08-17 18:49 - 2014-08-17 18:41 - 00000020 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT
2014-08-17 18:48 - 2010-02-10 20:33 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Ahead
2014-08-17 18:44 - 2014-08-17 18:44 - 00000000 _____ () C:\WINDOWS\ViewNX2.INI
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Nikon
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Nikon
2014-08-17 18:42 - 2014-08-17 18:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Nikon Message Center 2
2014-08-17 18:42 - 2014-08-17 18:41 - 00000000 ____D () C:\Program Files\Nikon
2014-08-17 18:42 - 2014-08-17 18:41 - 00000000 ____D () C:\Program Files\Common Files\Nikon
2014-08-17 18:42 - 2010-04-03 23:36 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Downloaded Installations
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\All Users\Application Data\Ambience
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\All Users\Application Data\Alerts
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\All Users\Application Data\Action Clauses
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\Administrator\Application Data\AccountTypes
2014-08-17 18:41 - 2014-08-17 18:41 - 00000268 ___RH () C:\Documents and Settings\Administrator\Application Data\Abstract
2014-08-17 18:41 - 2014-08-17 18:41 - 00000020 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT
2014-08-17 18:41 - 2014-08-17 18:41 - 00000020 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT
2014-08-17 18:41 - 2014-08-17 18:41 - 00000012 ___RH () C:\Documents and Settings\All Users\Application Data\Automatic Filter
2014-08-17 18:41 - 2014-08-17 18:41 - 00000012 ___RH () C:\Documents and Settings\All Users\Application Data\Audio Units
2014-08-17 18:41 - 2014-08-17 18:41 - 00000012 ___RH () C:\Documents and Settings\All Users\Application Data\Audio
2014-08-17 18:41 - 2014-08-17 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ViewNX 2
2014-08-17 18:41 - 2014-08-17 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Ultima_T15
2014-08-17 18:41 - 2014-08-17 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\EnterNHelp
2014-08-17 18:41 - 2014-08-17 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
2014-08-17 18:41 - 2010-10-25 15:13 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ATL71.DLL
2014-08-17 18:40 - 2014-08-17 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Link to Nikon
2014-08-17 18:35 - 2014-08-17 18:35 - 00000000 ____D () C:\Program Files\MSXML 6.0
2014-08-16 16:08 - 2010-02-10 20:24 - 00004199 _____ () C:\WINDOWS\wincmd.ini
2014-08-16 16:06 - 2010-02-11 22:57 - 00002918 _____ () C:\WINDOWS\wcx_ftp.ini
2014-08-13 23:08 - 2013-08-13 23:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-13 23:00 - 2009-04-06 10:57 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-12 23:48 - 2014-08-12 23:48 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-12 23:48 - 2010-02-10 20:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-08-08 10:40 - 2011-11-17 23:14 - 00000000 ____D () C:\Program Files\Google
2014-08-06 18:20 - 2014-06-20 21:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\new
2014-08-06 18:19 - 2013-07-22 11:59 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\SBB
2014-07-27 23:03 - 2010-02-11 18:35 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2014-07-25 08:32 - 2010-02-10 18:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

Files to move or delete:
====================
C:\Documents and Settings\All Users\hash.dat


Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\temp\_is6.exe
C:\Documents and Settings\Administrator\Local Settings\temp\_is7.exe
C:\Documents and Settings\Administrator\Local Settings\temp\_isE.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Question Da li si možda podešavao proxy?


Arrow Idi u Start - Control Panel - Add or Remove programs i deinstaliraj:
Ask Toolbar
iLivid




Arrow
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=NDV-V7&o=APN10.....5&psv=
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKCU - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
SearchScopes: HKCU - {BF7E1661-0A9B-47B4-8ED3-A10B5DE7B390} URL = http://www.search.ask.com/web?tpid=NDV-V7&o=AP.....=CR&q={searchTerms}&psv=
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
Toolbar: HKLM - No Name - {b52d0735-ec19-448a-abde-e01b5bd275d2} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
Toolbar: HKCU - No Name - {4E44562D-5637-006A-76A7-7A786E7484D7} - No File
FF Extension: Ask Toolbar - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\toolbar@ask.com [2013-06-16]
FF Extension: DownTango Launcher - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\{890a3e16-521d-4d00-bdf9-e07218d09c8d} [2012-10-20]
FF Extension: Facemoods - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\Extensions\ffxtlbr@Facemoods.com.xpi [2011-08-18]
FF HKLM\...\Firefox\Extensions: [{1DA0528B-1DD8-4167-BFAF-E0EF94939F93}] - C:\Program Files\Comodo\HopSurfToolbar\hopsurfext_ff3_5
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0ypku1hl.default\searchplugins\bingp.xml
CHR HKLM\...\Chrome\Extension: [aaaaaakfopmidbfddimafofbdngbkidf] - C:\Documents and Settings\Administrator\Local Settings\Application Data\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.13.0.0.crx [2013-06-16]
CHR HKLM\...\Chrome\Extension: [bdfnefeleaelcjifkbdfbfnhdbdlhmlk] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bdfnefeleaelcjifkbdfbfnhdbdlhmlk.crx [2013-06-16]
CHR HKLM\...\Chrome\Extension: [ejdabpabkmacjiiooccecnpakonoibah] - C:\Program Files\DownTangoLauncherToolbar\chrome\DownTangoLauncherToolbar.crx [2013-06-16]
CHR HKLM\...\Chrome\Extension: [ggagiiobgjmfpdadhecbofeoelcpidec] - C:\Documents and Settings\Administrator\Local Settings\Application Data\CRE\ggagiiobgjmfpdadhecbofeoelcpidec.crx [2012-09-20]
CHR HKLM\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\crx2871.tmp [2013-10-09]
CHR HKCU\...\Chrome\Extension: [ggagiiobgjmfpdadhecbofeoelcpidec] - C:\Documents and Settings\Administrator\Local Settings\Application Data\CRE\ggagiiobgjmfpdadhecbofeoelcpidec.crx [2012-09-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job => C:\Program Files\Ask.com\UpdateTask.exe
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z..ZZ......ZZ:1
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z.Z.Z.Z..ZZ:1
C:\Program Files\Ask.com
2014-08-23 20:01 - 2014-08-23 20:13 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z.Z.Z.Z..ZZ
2014-08-23 19:18 - 2014-08-23 20:01 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z..ZZ......ZZ
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon"
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater"
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VNT"
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon"
C:\Program Files\AskPartnerNetwork
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.




Arrow Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 22

- nisam sad nista podesavao proxy

- deinstalirao

- Fixlog.tx

mycity.rs/must-login.png

- AdwCleaner[S0].txt

mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Nisi lepo kopirao skript, moramo još nešto da sredimo.


Arrow
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

reg: reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /f
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.




Question Reci mi kakvo je stanje sada?

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 22

mycity.rs/must-login.png

nemam zuvk

moguce da sam izbrisao nesto oko registra sa CCleanerom
mycity.rs/must-login.png

probao sam system restore ali nisam mogao da uradim backup od juce

VIA HD Audio, izbacuje mi gresku:
Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)

probao sam da obrisem u registrima UpperFilters and LowerFilters, imam samo ovaj drugi kljuc koji sam obrisao i nista .....

probao sam i drajvere da instaliram opet ali nista...VIA HD Audio Driver Version: 6.0.11.500

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Logovi su čisti, ajde još jednu proveru da izvršimo.


Arrow Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 22

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
malwarebytes.org

Database version: v2014.05.21.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: WOLF [administrator]

24.8.2014 21:54:49
mbar-log-2014-08-24 (21-54-49).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 238977
Time elapsed: 9 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)


mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Još jedna provera za slučaj da mi je nešto promaklo.
Pokreni ponovo FRST i postavi mi svež FRST.txt log.

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 22

nisam mogao da pisem jer nisam imao pristup netu na ovom racunaru

okacicu jos jednom FRST.txt log

mycity.rs/must-login.png

generalno komp radi solidno bez neki bugova

ali nikako ne mogu da namestim zvuk

+ xp update
jel za ovaj KB2481109 ne moze da se odradi update?

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

HKU\.DEFAULT\...\RunOnce: [adaware] => reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
HKU\.DEFAULT\...\RunOnce: [adaware_XP] => reg.exe delete "HKCU\Software\adaware" /f


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Ko je trenutno na forumu
 

Ukupno su 1231 korisnika na forumu :: 39 registrovanih, 5 sakrivenih i 1187 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, AK - 230, Asparagus, babaroga, ccoogg123, cifra, croato, darcaud, dragoljub11987, Duh sa sekirom, Dvojac005, Excalibur13, FOX, hooraay, Istman, krkalon, Kruger, Krusarac, Krvava Devetka, Kubovac, Marko Marković, mean_machine, mercedesamg, milanovic, milenko crazy north, naki011, nemkea71, NoOneEver Dreams, nuke92, opt1, raptorsi, sombrero, Srky Boy, vasa.93, virked, VJ, Vlad000, VP6919, zdrebac