MyCity » Ambulanta -> Arhiva Ambulante » Provera

Provera

Napisano na dan: 24.6.2015
3

Provera
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 27 Jun 2015 16:05
Idi na vrh
offline
  • Pridružio: 12 Okt 2010
  • Poruke: 10910

Identično...



Poslao: 27 Jun 2015 19:04
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.



Poslao: 27 Jun 2015 22:43
Idi na vrh
offline
  • Pridružio: 12 Okt 2010
  • Poruke: 10910

Napisano: 27 Jun 2015 22:35

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
[Link mogu videti samo ulogovani korisnici]

Database version:
main: v2015.06.27.04
rootkit: v2015.06.26.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17842
mpman :: MPMAN-PC [administrator]

6/27/2015 9:44:11 PM
mbar-log-2015-06-27 (21-44-11).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 453990
Time elapsed: 50 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)



[Link mogu videti samo ulogovani korisnici]

Dopuna: 27 Jun 2015 22:39

Upravo se iz čista mira desilo nešto neobično.
Iskočilo je obaveštenje da je Windows Defender detektovao malware Shocked
Otkud sad on? Confused

Dopuna: 27 Jun 2015 22:43

Što li se defender uključio?

Poslao: 28 Jun 2015 00:47
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Prevuci slider dole pa mi uslikaj putanju gdje se nalazio taj fajl.

Poslao: 28 Jun 2015 10:26
Idi na vrh
offline
  • Pridružio: 12 Okt 2010
  • Poruke: 10910

Poslao: 28 Jun 2015 11:41
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da li ti je I:\ USB disk ili eksterni hard disk? Na njemu je detektovan malware. 'Ajd mi opet pošalji FRST izvještaje da budem siguran da si čist.

Poslao: 28 Jun 2015 11:50
Idi na vrh
offline
  • Pridružio: 12 Okt 2010
  • Poruke: 10910

USB. Ali, to se pojavilo tek posle formatiranja, čak mislim i nakon vađenja fleške.


Evo izveštaja:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by mpman (administrator) on MPMAN-PC on 28-06-2015 11:46:14
Running from C:\Users\mpman\Desktop
Loaded Profiles: mpman (Available Profiles: mpman)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Subsonic\subsonic-service.exe
() C:\Program Files (x86)\Subsonic\subsonic-service.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(BitTorrent Inc.) C:\Users\mpman\AppData\Roaming\BitTorrent\BitTorrent.exe
() C:\Program Files (x86)\qBittorrent\qbittorrent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DVBTAP.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Moonchild Productions) C:\Program Files\Pale Moon\palemoon.exe
(Freemake) C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(mozilla.org) C:\Program Files (x86)\SeaMonkey\seamonkey.exe
(Freemake) C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2013-05-26] (Realtek Semiconductor)
HKLM\...\Run: [BoxSync] => c:\Program Files\Box\Box Sync\BoxSync.exe [12920496 2014-01-14] (Box, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [101888 2012-09-10] (Leadtek Research Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [EmailTray Activator] => C:\Program Files (x86)\EmailTray\bin\etactivator.exe [520744 2014-10-28] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2014-12-08] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Standby] => c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe [105632 2010-06-26] (Corel)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49968 2014-07-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-24] (Avast Software s.r.o.)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2916352 2012-08-29] (Leadtek Research Inc.)
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [BitTorrent] => C:\Users\mpman\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [15377920 2014-04-29] ()
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe [1531272 2011-12-12] (ashampoo GmbH & Co. KG)
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [] => [X]
HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-12-08]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk [2015-03-17]
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Subsonic.lnk [2015-02-17]
ShortcutTarget: Subsonic.lnk -> C:\Program Files (x86)\Subsonic\subsonic-agent.exe ()
Startup: C:\Users\mpman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-09-22]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: [0000BoxSyncFileLocked] -> {1b9c95e1-ce36-3737-81c8-1ec9807f03c1} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [0000BoxSyncNotSynced] -> {e22ccf16-2db6-3de8-9a2c-acb66b571b69} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [0000BoxSyncProblem] -> {84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [0000BoxSyncSynced] -> {01fcd170-7f0a-3b6a-b992-66a7a20289b5} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-24] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2011-02-03] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1280105376-3603542877-3960758940-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
URLSearchHook: HKLM-x32 - (No Name) - {77e8143b-6759-416e-b521-82cfed75150b} - No File
URLSearchHook: HKU\S-1-5-21-1280105376-3603542877-3960758940-1001 - (No Name) - {77e8143b-6759-416e-b521-82cfed75150b} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1280105376-3603542877-3960758940-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-1280105376-3603542877-3960758940-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-27] (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-24] (Avast Software s.r.o.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-24] (Avast Software s.r.o.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-06-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-02] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
DPF: HKLM-x32 {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} [Link mogu videti samo ulogovani korisnici](x86)/AutoCAD%202002/AcDcToday.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553530000} [Link mogu videti samo ulogovani korisnici]
DPF: HKLM-x32 {F281A59C-7B65-11D3-8617-0010830243BD} [Link mogu videti samo ulogovani korisnici](x86)/AutoCAD%202002/AcPreview.ocx
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-06-25] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-06-25] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-06-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-06-25] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-06-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-06-25] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-06-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-06-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50

FireFox:
========
FF ProfilePath: C:\Users\mpman\AppData\Roaming\Mozilla\Firefox\Profiles\fgizqv0d.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: [Link mogu videti samo ulogovani korisnici]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-11-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-06-25] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2013-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-06-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-12-08] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-12-08] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-05-26]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-07-28]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-07-28]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-24]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
FF Extension: No Name - F:\mpman's folder\Portable Software\Waterfox 16.0.1 Portable\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-07-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-24]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-05-26]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\mpman\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2013-11-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-09-22] (Adobe Systems) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.)
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2665144 2015-06-20] (Microsoft Corporation)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-27] (Ellora Assets Corp.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-02] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-06-04] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-12-08] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 Subsonic; C:\Program Files (x86)\Subsonic\subsonic-service.exe [259584 2015-01-27] () [File not signed]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-24] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S2 ASInsHelp; \??\C:\WINDOWS\SysWow64\drivers\AsInsHelp64.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 11:46 - 2015-06-28 11:47 - 00028587 _____ C:\Users\mpman\Desktop\FRST.txt
2015-06-28 10:57 - 2015-06-28 10:57 - 00064379 _____ C:\WINDOWS\SysWOW64\rsslogs.20150628105637
2015-06-27 21:43 - 2015-06-27 22:34 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-27 19:33 - 2015-06-27 22:34 - 00000000 ____D C:\Users\mpman\Desktop\mbar
2015-06-27 19:33 - 2015-06-27 19:33 - 16502728 _____ (Malwarebytes Corp.) C:\Users\mpman\Desktop\mbar-1.09.1.1004.exe.part
2015-06-27 16:16 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-06-27 11:58 - 2015-06-28 10:57 - 00815333 _____ C:\WINDOWS\SysWOW64\rsslogs.20150627115726
2015-06-27 10:27 - 2015-06-27 10:48 - 00000000 ____D C:\Users\mpman\Downloads\Čtyři vraždy stačí drahoušku ČSSR,1970
2015-06-27 10:07 - 2015-06-27 10:07 - 00137627 _____ C:\WINDOWS\SysWOW64\rsslogs.20150627100655
2015-06-27 09:58 - 2015-06-27 09:20 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-06-27 09:27 - 2015-06-27 10:07 - 00009444 _____ C:\zoek-results.log
2015-06-27 09:20 - 2015-06-27 09:49 - 00000000 ____D C:\zoek_backup
2015-06-27 09:19 - 2015-06-27 09:19 - 01308672 _____ C:\Users\mpman\Desktop\zoek.exe
2015-06-27 09:15 - 2015-06-27 09:15 - 00064410 _____ C:\WINDOWS\SysWOW64\rsslogs.20150627091456
2015-06-26 17:28 - 2015-06-26 17:28 - 00935162 _____ C:\WINDOWS\SysWOW64\rsslogs.20150626172733
2015-06-26 12:26 - 2015-06-26 12:31 - 00000000 ____D C:\Users\mpman\Downloads\«Le sang des bêtes»
2015-06-26 12:26 - 2015-06-26 12:27 - 00000000 ____D C:\Users\mpman\Downloads\Le Sang des bêtes (Blood of the Beasts)
2015-06-26 12:23 - 2015-06-26 12:23 - 00000000 ____D C:\Users\mpman\Downloads\Le Sang Des Betes - Georges Franju - 1949
2015-06-26 10:18 - 2015-06-26 10:18 - 01941744 _____ C:\Users\mpman\Desktop\winrar-x64-521.exe
2015-06-26 10:18 - 2015-06-26 10:18 - 00000000 ____D C:\Users\mpman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-26 10:18 - 2015-06-26 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-26 10:18 - 2015-06-26 10:18 - 00000000 ____D C:\Program Files\WinRAR
2015-06-26 10:00 - 2015-06-26 10:00 - 00525024 _____ C:\WINDOWS\SysWOW64\rsslogs.20150626095911
2015-06-25 22:57 - 2015-06-25 22:57 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-06-25 22:52 - 2015-06-25 22:58 - 00000000 ____D C:\Users\mpman\Downloads\L'Ordre (1973) - Jean Daniel Pollet
2015-06-25 22:47 - 2015-06-25 22:57 - 00000000 ____D C:\Users\mpman\Downloads\Wir (1982)
2015-06-25 22:22 - 2015-06-25 22:22 - 00566656 _____ C:\WINDOWS\SysWOW64\rsslogs.20150625222129
2015-06-25 22:21 - 2015-06-25 22:21 - 00370496 _____ C:\WINDOWS\Minidump\062515-64218-01.dmp
2015-06-25 15:07 - 2015-06-25 15:07 - 00318157 _____ C:\WINDOWS\SysWOW64\rsslogs.20150625150618
2015-06-25 11:51 - 2015-06-25 11:51 - 00188051 _____ C:\WINDOWS\SysWOW64\rsslogs.20150625115050
2015-06-25 11:48 - 2013-01-04 08:37 - 00005828 _____ C:\Users\mpman\Desktop\exe_file_association_fix_win7.reg
2015-06-25 04:17 - 2015-06-25 04:17 - 00571439 _____ C:\WINDOWS\SysWOW64\rsslogs.20150625041619
2015-06-25 04:15 - 2015-06-25 04:15 - 00310104 _____ C:\WINDOWS\Minidump\062515-57734-01.dmp
2015-06-25 04:06 - 2015-06-25 04:06 - 00010106 _____ C:\WINDOWS\SysWOW64\rsslogs.20150625040513
2015-06-25 04:04 - 2015-06-25 22:21 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-25 04:04 - 2015-06-25 04:04 - 00332408 _____ C:\WINDOWS\Minidump\062515-23390-01.dmp
2015-06-25 03:52 - 2015-06-25 22:19 - 00000000 ____D C:\AdwCleaner
2015-06-25 03:51 - 2015-06-25 03:51 - 02244096 _____ C:\Users\mpman\Desktop\AdwCleaner.exe
2015-06-25 03:45 - 2015-06-25 03:45 - 00022748 _____ C:\WINDOWS\SysWOW64\rsslogs.20150625034441
2015-06-25 03:41 - 2015-06-25 03:41 - 02112512 _____ (Farbar) C:\Users\mpman\Desktop\FRST64.exe
2015-06-24 20:53 - 2015-06-24 20:53 - 00372338 _____ C:\WINDOWS\SysWOW64\rsslogs.20150624205250
2015-06-24 20:13 - 2015-06-28 11:46 - 00000000 ____D C:\FRST
2015-06-24 20:07 - 2015-06-24 20:07 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-24 20:07 - 2015-06-24 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-24 20:07 - 2015-06-24 20:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-24 20:07 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-24 20:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-24 19:21 - 2015-06-24 19:21 - 00000000 ____D C:\Users\mpman\AppData\Local\Clarus
2015-06-24 17:52 - 2015-06-24 17:52 - 00000000 ____D C:\Users\mpman\AppData\Roaming\AVAST Software
2015-06-24 17:50 - 2015-06-24 17:50 - 00227198 _____ C:\WINDOWS\SysWOW64\rsslogs.20150624174956
2015-06-24 17:45 - 2015-06-27 12:03 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-24 17:45 - 2015-06-26 17:45 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-24 17:45 - 2015-06-24 17:45 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-06-24 17:45 - 2015-06-24 17:45 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-06-24 17:45 - 2015-06-24 17:45 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-06-24 17:45 - 2015-06-24 17:45 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-06-24 17:45 - 2015-06-24 17:45 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-06-24 17:45 - 2015-06-24 17:45 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-06-24 17:45 - 2015-06-24 17:45 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-06-24 17:45 - 2015-06-24 17:45 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-24 17:45 - 2015-06-24 17:45 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-06-24 17:45 - 2015-06-24 17:45 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-24 17:45 - 2015-06-24 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-24 17:44 - 2015-06-24 17:44 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-24 17:43 - 2015-06-24 17:43 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-24 17:32 - 2015-06-24 17:32 - 00020207 _____ C:\WINDOWS\SysWOW64\rsslogs.20150624173148
2015-06-24 17:22 - 2015-06-24 17:22 - 00010112 _____ C:\WINDOWS\SysWOW64\rsslogs.20150624172152
2015-06-24 09:51 - 2015-06-24 09:51 - 00566688 _____ C:\WINDOWS\SysWOW64\rsslogs.20150624095033
2015-06-23 08:19 - 2015-06-23 08:19 - 01399321 _____ C:\WINDOWS\SysWOW64\rsslogs.20150623081840
2015-06-22 22:28 - 2015-06-22 22:28 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-22 22:28 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-22 22:28 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-22 10:22 - 2015-06-22 10:22 - 01368076 _____ C:\WINDOWS\SysWOW64\rsslogs.20150622102147
2015-06-22 10:04 - 2015-06-22 10:04 - 00016420 _____ C:\WINDOWS\SysWOW64\rsslogs.20150622100342
2015-06-21 10:58 - 2015-06-22 10:04 - 01091702 _____ C:\WINDOWS\SysWOW64\rsslogs.20150621105743
2015-06-21 09:24 - 2015-06-21 09:24 - 00103516 _____ C:\WINDOWS\SysWOW64\rsslogs.20150621092335
2015-06-19 13:14 - 2015-06-19 13:14 - 00000000 ____D C:\Users\mpman\Desktop\TEST
2015-06-18 21:56 - 2015-06-25 22:59 - 00000000 ____D C:\Users\mpman\Downloads\Film Ambition - Full Fantasy Movie _ 2014 ESA Rosetta Mission
2015-06-18 21:39 - 2015-06-18 22:51 - 00000000 ____D C:\Users\mpman\Downloads\5517964819bc3
2015-06-18 12:28 - 2015-06-18 12:31 - 00000000 ____D C:\Users\mpman\Downloads\Joe Bongiorno - Always With You
2015-06-18 12:28 - 2015-06-18 12:29 - 00000000 ____D C:\Users\mpman\Downloads\Always Near 2014 Kevin Kern
2015-06-13 20:01 - 2015-06-24 22:24 - 00000000 ___RD C:\Users\mpman\Desktop\New Folder (2)
2015-06-13 14:53 - 2015-06-13 14:55 - 00000000 ____D C:\Users\mpman\Downloads\Waffen SS Hitler's Elite Fighting Force YouTube
2015-06-13 09:35 - 2015-06-13 09:38 - 00000000 ____D C:\Users\mpman\Downloads\Plavi Orkestar - Ako su to samo bile laži
2015-06-12 20:57 - 2015-06-12 20:58 - 00000000 ____D C:\Users\mpman\Desktop\New folder
2015-06-12 16:09 - 2015-06-12 16:12 - 00000000 ____D C:\Users\mpman\Downloads\ITV Press Centre - 19 12 2014 05-51-08 - Text Santa Downton Abbey
2015-06-11 08:04 - 2015-06-27 11:57 - 00007431 _____ C:\WINDOWS\setupact.log
2015-06-11 08:04 - 2015-06-11 08:04 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-10 03:25 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 03:25 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 03:25 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 03:25 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 03:25 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 03:25 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 03:25 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 03:25 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 03:25 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 03:25 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 03:25 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 03:25 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 03:25 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 03:25 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 03:25 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 03:25 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 03:25 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 03:25 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 03:25 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 03:25 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 03:25 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 03:25 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 03:25 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 03:25 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 03:25 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 03:25 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 03:25 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 03:25 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 03:25 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 03:25 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 03:25 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 03:25 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 03:25 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 03:25 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 03:25 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 03:25 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 03:25 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 03:25 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 03:25 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 03:25 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 03:25 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 03:25 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 03:24 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 03:24 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 03:24 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 03:24 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 03:24 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 03:24 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 03:24 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 03:24 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 03:24 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 03:24 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 03:24 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 03:24 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 03:24 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 03:24 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 03:24 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 03:24 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 03:24 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 03:24 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 03:24 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 03:24 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 03:24 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 03:24 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 03:24 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 03:24 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 03:24 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 03:24 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 03:24 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 03:24 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 03:24 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 03:24 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 03:24 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 03:24 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 03:24 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 03:24 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 03:24 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 03:24 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 03:24 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 03:24 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 03:24 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-08 21:58 - 2015-06-08 21:58 - 00000000 ____D C:\Users\mpman\Desktop\Stadler
2015-06-07 07:43 - 2015-06-07 07:43 - 00000000 ____D C:\Users\mpman\Desktop\OC
2015-06-07 00:15 - 2015-06-14 12:51 - 00000000 ____D C:\Users\mpman\Downloads\Mary Berry Cooks S01E06 Summer Lunch 720p WEBRip AAC2 0 H 264-iPRiP www prijevodi-online org
2015-06-06 23:19 - 2015-06-14 12:49 - 00000000 ____D C:\Users\mpman\Downloads\Mary Berry Cooks S01E05 Weekday Supper 720p WEBRip AAC2 0 H 264-iPRiP www prijevodi-online org
2015-06-06 22:51 - 2015-06-14 12:47 - 00000000 ____D C:\Users\mpman\Downloads\Mary Berry Cooks S01E04 For a Crowd 720p WEBRip AAC2 0 H 264-iPRiP www prijevodi-online org
2015-06-06 22:19 - 2015-06-14 12:45 - 00000000 ____D C:\Users\mpman\Downloads\Mary Berry Cooks S01E03 Sunday Lunch 720p WEBRip AAC2 0 H 264-iPRiP www prijevodi-online org
2015-06-06 19:02 - 2015-06-14 12:44 - 00000000 ____D C:\Users\mpman\Downloads\Mary Berry Cooks S01E02 A Dinner Party 720p WEBRip AAC2 0 H 264-iPRiP www prijevodi-online org
2015-06-06 17:06 - 2015-06-14 12:42 - 00000000 ____D C:\Users\mpman\Downloads\Mary Berry Cooks S01E01 Afternoon Tea 720p WEBRip AAC2 0 H 264-iPRiP www prijevodi-online org
2015-06-06 09:56 - 2015-06-06 10:02 - 00000000 ____D C:\Users\mpman\Desktop\D2
2015-06-05 22:24 - 2015-06-05 22:28 - 00000000 ____D C:\Users\mpman\Downloads\Clubhouse Detectives in Big Trouble [2002]
2015-06-02 12:21 - 2015-06-02 12:21 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-02 11:57 - 2015-06-23 08:17 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-06-02 11:56 - 2015-06-02 11:58 - 00000000 ____D C:\Users\mpman\Documents\Battlefield 3
2015-06-02 11:56 - 2015-06-02 11:56 - 00000649 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-06-02 11:56 - 2015-06-02 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-06-01 21:01 - 2015-06-01 21:01 - 00000000 ____D C:\Users\mpman\AppData\Local\NVIDIA Corporation
2015-06-01 20:42 - 2015-06-03 23:04 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-06-01 20:42 - 2015-06-03 23:04 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-06-01 20:42 - 2015-06-03 23:04 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-06-01 20:42 - 2015-06-03 23:04 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-06-01 20:40 - 2015-06-01 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-01 20:40 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-01 20:36 - 2015-05-19 05:14 - 00061616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-01 20:36 - 2015-04-09 02:58 - 02935416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435012.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435012.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00849552 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-06-01 20:36 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-01 20:36 - 2015-04-09 02:58 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-06-01 20:32 - 2015-06-01 20:32 - 283201840 _____ (NVIDIA Corporation) C:\Users\mpman\Downloads\350.12-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-06-01 09:41 - 2015-06-01 09:41 - 00000000 ____D C:\Users\mpman\AppData\Local\GWX
2015-05-30 12:59 - 2015-05-30 22:00 - 00000000 ____D C:\Users\mpman\Downloads\gma-all-xvid
2015-05-29 23:50 - 2015-05-30 12:58 - 00000000 ____D C:\Users\mpman\Downloads\Invasion S01E10 DVDRip XviD-TOPAZ
2015-05-29 14:58 - 2015-05-30 12:57 - 00000000 ____D C:\Users\mpman\Downloads\Invasion S01E02 DVDRip XviD-TOPAZ

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 11:47 - 2013-05-26 16:50 - 00000000 ____D C:\Users\mpman\AppData\Roaming\BitTorrent
2015-06-28 11:46 - 2014-12-19 14:19 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-28 11:32 - 2013-05-26 16:29 - 00000000 ____D C:\Users\mpman\AppData\Roaming\AIMP3
2015-06-28 11:24 - 2013-05-26 15:45 - 00000000 ____D C:\WinFast WorkArea
2015-06-28 11:21 - 2013-05-27 16:19 - 00000392 _____ C:\WINDOWS\Tasks\WpsUpdateTask_mpman.job
2015-06-28 11:03 - 2013-05-26 18:56 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-28 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-28 10:48 - 2013-10-18 14:57 - 01663820 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-28 09:38 - 2013-07-02 16:58 - 00003926 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9B8A70EB-E6B8-40B1-A0F4-636D70E1D59A}
2015-06-28 07:49 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-28 07:36 - 2014-12-19 14:19 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-27 22:33 - 2015-05-28 16:17 - 00000000 ____D C:\Users\mpman\AppData\Local\Popcorn-Time
2015-06-27 21:43 - 2015-03-11 18:35 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-27 21:43 - 2015-03-11 18:34 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-27 16:05 - 2015-01-05 18:39 - 00000000 ____D C:\Users\mpman\AppData\Roaming\foobar2000
2015-06-27 11:56 - 2013-10-18 14:58 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-27 11:56 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-27 10:26 - 2015-02-14 10:39 - 00000000 ____D C:\Users\mpman\AppData\Local\JDownloader 2.0
2015-06-27 10:06 - 2013-09-30 05:55 - 00411230 _____ C:\WINDOWS\PFRO.log
2015-06-27 10:05 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-27 10:02 - 2013-05-26 15:12 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1280105376-3603542877-3960758940-1001
2015-06-26 20:18 - 2013-10-18 15:03 - 00000000 ____D C:\Users\mpman
2015-06-26 10:18 - 2013-06-08 15:50 - 00000000 ____D C:\Users\mpman\AppData\Roaming\WinRAR
2015-06-25 23:01 - 2015-04-21 15:26 - 00000000 ____D C:\Users\mpman\Downloads\The Grass Harp 1995
2015-06-25 22:57 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-25 22:56 - 2015-05-13 15:53 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-24 20:07 - 2015-03-11 18:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-24 17:48 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-24 17:42 - 2013-05-27 13:12 - 00000000 ____D C:\ProgramData\Avira
2015-06-23 19:03 - 2013-05-26 18:56 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-22 22:29 - 2013-10-18 14:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-22 13:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-06-22 10:44 - 2014-07-13 01:22 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2015-06-22 10:44 - 2014-07-13 01:16 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-06-22 10:41 - 2014-05-29 09:26 - 00000000 ____D C:\ProgramData\Origin
2015-06-21 10:47 - 2013-07-02 15:06 - 00002467 ____H C:\WINDOWS\EPMBatch.ept
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-18 15:22 - 2013-10-19 14:37 - 00000000 ____D C:\Users\mpman\AppData\Roaming\vlc
2015-06-18 15:21 - 2013-06-01 19:42 - 00000000 ____D C:\Users\mpman\AppData\Roaming\dvdcss
2015-06-16 23:46 - 2014-08-12 12:06 - 00000000 ____D C:\Users\mpman\AppData\Roaming\tor
2015-06-16 10:01 - 2013-05-27 16:32 - 00007672 _____ C:\Users\mpman\AppData\Local\resmon.resmoncfg
2015-06-16 04:03 - 2013-07-16 10:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-16 03:49 - 2013-05-27 08:50 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-14 09:27 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 07:51 - 2013-08-22 16:44 - 00610184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-13 04:01 - 2015-04-16 01:26 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-13 04:01 - 2015-03-05 10:33 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-13 04:01 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 04:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-12 10:37 - 2014-07-13 01:16 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-06-10 16:01 - 2013-05-26 18:53 - 00000000 ____D C:\Program Files\Pale Moon
2015-06-04 10:39 - 2013-05-27 13:25 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-06-04 10:39 - 2013-05-26 15:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-04 10:22 - 2014-07-13 01:16 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-06-02 11:55 - 2013-07-17 11:22 - 00592644 _____ C:\WINDOWS\DirectX.log
2015-06-02 10:44 - 2014-05-29 09:28 - 00000000 ____D C:\Users\mpman\AppData\Roaming\Origin
2015-06-02 10:43 - 2014-05-29 09:26 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-01 21:01 - 2013-07-01 18:38 - 00000000 ____D C:\Users\mpman\AppData\Local\NVIDIA
2015-06-01 20:42 - 2013-10-18 14:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-01 20:42 - 2013-10-18 14:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-05-31 15:35 - 2013-09-02 18:43 - 00000000 ____D C:\Program Files (x86)\Steam

==================== Files in the root of some directories =======

2013-08-15 21:08 - 2014-12-15 21:16 - 0008704 _____ () C:\Users\mpman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-26 11:42 - 2014-10-26 11:42 - 0005782 _____ () C:\Users\mpman\AppData\Local\recently-used.xbel
2013-05-27 16:32 - 2015-06-16 10:01 - 0007672 _____ () C:\Users\mpman\AppData\Local\resmon.resmoncfg
2015-04-16 18:57 - 2015-04-16 19:03 - 0000307 _____ () C:\ProgramData\hpzinstall.log
2014-04-09 09:11 - 2014-04-09 09:11 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\mpman\AppData\Local\Temp\NOSEventMessages.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\SIntf16.dll
C:\Windows\SysWOW64\SIntf32.dll
C:\Windows\SysWOW64\SIntfNT.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-27 10:02

==================== End of log ============================


[Link mogu videti samo ulogovani korisnici]

Antivirus idalje ne reaguje.
Namučih te ja Confused

Poslao: 28 Jun 2015 18:09
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Napisano: 28 Jun 2015 13:36

Reinstaliraj Avast.

Dopuna: 28 Jun 2015 18:09

Da li si ti instalirao ProcessHacker?

Poslao: 28 Jun 2015 18:18
Idi na vrh
offline
  • Pridružio: 12 Okt 2010
  • Poruke: 10910

Da li stam instalirao šta?

Poslao: 28 Jun 2015 18:38
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ovo [Link mogu videti samo ulogovani korisnici]

Kakvo je stanje sa antivirusom?

MyCity » Ambulanta -> Arhiva Ambulante » Provera

Ko je trenutno na forumu
 

Ukupno su 1144 korisnika na forumu :: 96 registrovanih, 11 sakrivenih i 1037 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Alexa77, antonije64, Arsenije, Asteker, Astore Vajola, Avalon015, Avangard, benne, Betty25, BLACKBIRD201284, Bobrock1, bojan581, bojcistv, Bombarder, bpvl, Centauro, Cian, coaaco, cvele130, Dare, darkkran, dearg, debeli, dejanilic, Denaya, Dovla 1980, dule10savic, Electron, feanor, FileFinder, FOX, GeoM, Georgius, Glauber, goxin, Igor Antonic, Ir, janbo, jarovitt, Khalid ibn al-Walid, kolle.the.kid, krkalon, kunktator, ljubsz, Lucije Kvint, macoromiso, Mae, mango, Mcdado, mercedesamg, Metanoja, Michellefromrezistance, mikrimaus, milenko crazy north, Milometer, milos.cbr, Milos1389, mist-mist, mocnijogurt, narandzasti, nebidrag, nebkv, niksa517, nobutado, orah, Orc, OtacMakarije, Paklenica, Parker, pein, peradetlić, PrincipL, raso76, RD84, samojednoimeznam, Sančo, Sass Drake, shlauf, Sirius, sixpac, srpskasparta, stalja, stegonosa, Stojan Mrsavi, stokssone, tenkiasta71, tmanda323, Tribal, troki1971, vidra1, Vlado82, voja64, Vojkan Petrovic, Volkhov-M, Yellow Pinky, zeo