Verovatni virus - manifestacija na browser-ima

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 19 Nov 2013 19:17

U zadjnih 10-ak dana, javlja mi se problem kod browser-a i to tako da se na bilo kojoj web stranici pojavljuju nasumično podvučene reči (zeleni underline), a kada se klikne na njih, otvara se novu mali prozor sa reklamom. Obzirom da toga nije bilo na sajtovima koje sam redovno posećivala a sada ima i to ne samo na njima nego na SVIM (pa i na vašem), cenim da imam neki problem sa virusom.
Prvi put se desilo posleo neopreznog "klika" na neki link na FB-u. U prilogu osim potrebnih log-ova, "kačim" i jedan screenshot

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.13.2
Run by Ognjen at 18:59:16 on 2013-11-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.747 [GMT 1:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Ognjen\Application Data\SkypEmoticons\SE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.msn.com
mStart Page = hxxp://www.google.com
uProxyOverride = localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: {511131f1-4629-4254-a85f-ed7b6d75dd3c} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: surf and keep: {1129363E-5938-2B86-0E34-809CB89D3A60} - c:\program files\surf and keep\tGY.dll
BHO: YoutubeAdblocker: {2C5865E8-79E4-0070-50C2-BC918E05FF7E} - c:\program files\youtubeadblocker\yCTi.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live pomagac za prijavljivanje: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE
uRun: [se] "c:\documents and settings\ognjen\application data\skypemoticons\SE.exe" /minimized
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\d-link\bluetooth software\btsendto_ie_ctx.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\d-link\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3256EC60-9BCA-4B65-A2E3-8F611CD8F037} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\progra~1\websea~1\sprote~1.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-10-13 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-10-13 177864]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-12-6 35328]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-8-6 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-6-20 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-6-20 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-6-20 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-13 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-6-20 46808]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-7-7 21992]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 S3chipid;S3chipid;\??\c:\docume~1\ognjen\locals~1\temp\{2b43252c-a1e3-4c47-927c-9f2c276d3515}\s3chipid.sys --> c:\docume~1\ognjen\locals~1\temp\{2b43252c-a1e3-4c47-927c-9f2c276d3515}\S3chipid.sys [?]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-9-16 3273088]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
.
=============== File Associations ===============
.
FileExt: .reg: regfile="regedit.exe" "%1"
.
=============== Created Last 30 ================
.
2013-11-07 19:46:11 -------- d-----w- c:\documents and settings\ognjen\application data\SkypEmoticons
2013-11-07 19:46:10 -------- d-----w- c:\documents and settings\all users\application data\WinterSoft
2013-11-07 19:43:46 -------- d-----w- c:\program files\YoutubeAdblocker
2013-11-07 19:43:46 -------- d-----w- c:\documents and settings\all users\application data\YoutubeAdblocker
2013-11-07 19:42:58 -------- d-----w- c:\documents and settings\ognjen\AppData
2013-11-07 19:42:58 -------- d-----w- c:\documents and settings\all users\application data\surf and keep
2013-11-07 19:42:58 -------- d-----w- c:\documents and settings\all users\application data\93aaf6454166ffe5
2013-11-07 19:42:57 -------- d-----w- c:\program files\surf and keep
2013-11-07 19:42:27 -------- d-----w- c:\windows\system32\X86
2013-11-07 19:42:27 -------- d-----w- c:\windows\system32\AMD64
2013-11-07 19:41:50 -------- d-----w- c:\documents and settings\all users\application data\InstallMate
2013-10-25 15:22:12 -------- d-----w- c:\windows\system32\MRT
2013-10-22 15:39:03 -------- d-----w- c:\documents and settings\ognjen\local settings\application data\NVIDIA
.
==================== Find3M ====================
.
2013-10-13 12:45:31 1114168 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-10-13 12:45:31 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-10-13 12:45:24 1114168 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:25:08 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-13 07:25:02 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:24:17 18944 ------w- c:\windows\system32\corpol.dll
2013-10-13 06:57:59 385024 ------w- c:\windows\system32\html.iec
2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-10 14:28:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-10 14:28:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:14:01 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-12 08:42:44 893728 ----a-w- c:\windows\system32\nvdispgenco3232723.dll
2013-09-12 08:42:44 7700480 ----a-w- c:\windows\system32\nvcuda.dll
2013-09-12 08:42:44 6324224 ----a-w- c:\windows\system32\nvopencl.dll
2013-09-12 08:42:44 57344 ----a-w- c:\windows\system32\OpenCL.dll
2013-09-12 08:42:44 3993088 ----a-w- c:\windows\system32\nv4_disp.dll
2013-09-12 08:42:44 2794272 ----a-w- c:\windows\system32\nvcuvid.dll
2013-09-12 08:42:44 2568704 ----a-w- c:\windows\system32\nvapi.dll
2013-09-12 08:42:44 21372928 ----a-w- c:\windows\system32\nvoglnt.dll
2013-09-12 08:42:44 2007328 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-09-12 08:42:44 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-09-12 08:42:44 11059872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-09-12 08:42:44 1049376 ----a-w- c:\windows\system32\nvdispco3232723.dll
2013-09-12 06:17:37 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-09-12 06:17:36 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-09-12 06:17:36 15693600 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 06:17:35 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-12 06:17:35 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-08-30 07:48:13 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48:12 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48:11 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47:40 41664 ----a-w- c:\windows\avastSS.scr
2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 19:00:09.56 ===============



mycity.rs/must-login.png

Dopuna: 19 Nov 2013 19:39

Samo da dodam da sam u međuvremenu skinula i pokrenula program AVG Removal Tool i nadam se da sam na taj način potpuno deinstalirala AVG. Druga stvar koju sam uradila je da sam skinula i instalirala MCShield

• 1Ovo se svidja korisniku: svetligoga
  
  Registruj se da bi pohvalio/la poruku!

Korak 1

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[0].txt



Korak 2

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nisi postavio AdwCleaner izvještaj iz prvog koraka.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Korak 1

Prikači uz poruku izvještaj koji se nalazi na sljedećoj putanji:

C:\AdwCleaner[S0].txt



Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

• 1Ovo se svidja korisniku: svetligoga
  
  Registruj se da bi pohvalio/la poruku!

Pročitaj opet pažljivo uputstvo koje sam ti dao maloprije.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 20 Nov 2013 17:35

mycity.rs/must-login.png

Dopuna: 20 Nov 2013 17:36

mycity.rs/must-login.png

Dopuna: 20 Nov 2013 17:37

Zoek.exe Version 4.0.0.5 Updated 14-November-2013
Tool run by Ognjen on Wed 11/20/2013 at 17:22:46.42.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\DOCUME~1\Ognjen\LOCALS~1\Temp\Rar$DI01.375\zoek.scr [Script inserted]

==== System Restore Info ======================

11/20/2013 5:25:22 PM Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\DOCUME~1\Ognjen\LOCALS~1\Temp ====
2013-11-19 17:37:20 9AD1ABCD0CDC3C840EE7BFE3E4ED3830 33568 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NvVAD\nvvad32v.sys
2013-11-19 17:37:20 31B16657118E439B77B0A527F7EA66CB 39200 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NvVAD\nvvad64v.sys
2013-11-19 17:37:19 D2447D2E5EA215A911D429A9C6638B83 48928 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\System.Windows.Interactivity.dll
2013-11-19 17:37:19 D1DDC7FC42CD7BE4786569256B505B87 1202464 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\UpdateExt.dll
2013-11-19 17:37:19 CCD724AB2B10A7781FBD6A655C5313D0 18720 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\System.Reactive.Runtime.Remoting.dll
2013-11-19 17:37:19 98E2F332A8E355AB241BDBFF18A56B8C 21792 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\System.Reactive.Windows.Threading.dll
2013-11-19 17:37:18 A80D7CD2CD384334307FECC5CAC018EA 675616 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\System.Reactive.Linq.dll
2013-11-19 17:37:18 81A1D0433B4D25B2A56357D08C869164 17184 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\System.Reactive.Interfaces.dll
2013-11-19 17:37:18 7CBCABE7CA264E44AB4E5F5CF6C2B9C9 248608 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\System.Reactive.Providers.dll
2013-11-19 17:37:18 58D3D8EAD63A2A0B7367CFE5C7AB62FE 30496 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\System.Reactive.PlatformServices.dll
2013-11-19 17:37:17 FAD55C84442BC49BE6B17AC00C5863E3 106272 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\steam_api.dll
2013-11-19 17:37:17 E8AB7A3BBBFEB23D1D0006E2CEE374AB 121120 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\steam_api64.dll
2013-11-19 17:37:17 9ACCDC16D8369572D417720B25ABD177 97056 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\System.Reactive.Core.dll
2013-11-19 17:37:17 4206743334129635581DA754850FC495 184608 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\swscale-0.dll
2013-11-19 17:37:16 C5D4A07C376B2A27ECDD5AB67DDE916A 774432 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\ShadowPlay\ShadowPlayExt.dll
2013-11-19 17:37:16 B2A92E7A6C76897D36D058F383D07A16 147744 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\rxinput.dll
2013-11-19 17:37:16 8D8E708CF244CE4F293E36D80C0A47A1 150304 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\ShadowPlay.dll
2013-11-19 17:37:15 A7BAD6E8C26E6B9D220D646F70D07242 177440 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\rxinput.dll
2013-11-19 17:37:15 5CA716F60F964D4B0DD5EA2268180124 760608 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NVI2\ReleaseHighlights.dll
2013-11-19 17:37:15 2910EBDE6B406A19A834524E2C633528 192800 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\protobuf-net.dll
2013-11-19 17:37:14 EC5D7F8FDADEDDB82FC8918DF7BB6F06 1202464 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Optimus\OptimusExt.dll
2013-11-19 17:37:14 35F2B08BB752A412277FDD8FB1D2435F 176928 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\oaremote_plugin.dll
2013-11-19 17:37:12 8DD05499B7881ACA077F2C02B00A8F1D 11600672 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\nvwinstreamc.dll
2013-11-19 17:37:11 69E9B7EE172F34C344B94F4744F83910 4268320 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\nvupdtXP64.dll
2013-11-19 17:37:10 AA253A9891458F18A6392C75A207DBD0 3610912 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\nvupdtXP32.dll
2013-11-19 17:37:09 805EE418180F6C2FCA3528F489C1A4A7 1662240 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\nvupdtrXP32.dll
2013-11-19 17:37:09 67E89258E770BB1A0B19593AF8224CBA 1662240 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\nvupdtrXP64.dll
2013-11-19 17:37:08 B7C9C027BE785F780502705CD3059BAF 1662240 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\nvupdtr64.dll
2013-11-19 17:37:08 335D727E598C9ECB2CF19C60E2F12B23 1662240 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\nvupdtr32.dll
2013-11-19 17:37:07 05B81E0F2B94D6510502BC3CAEE6AA00 4865312 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\nvupdt64.dll
2013-11-19 17:37:06 FF1DD4C12569E533295C0605CE5C1B06 791328 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\NvStreamCExt.dll
2013-11-19 17:37:06 ADD2C13E830468040948CECE96A632A5 3943200 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\nvupdt32.dll
2013-11-19 17:37:05 D79A0B2B780AF399A7927A985168ADF9 1054496 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\nvsteamsupport.dll
2013-11-19 17:37:05 36C1AC1BB3E41180E135B497097152F5 1323808 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\nvsteamsupport.dll
2013-11-19 17:37:04 AD6D008E059FF1EAC98EB7602D456111 1064224 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\ShadowPlay\nvspcap64.dll
2013-11-19 17:37:04 1A6AE00D41F7B32341188E47E883B67B 955168 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\ShadowPlay\nvspcap.dll
2013-11-19 17:37:03 B4CDBF856DF9ACC51BA3FE0F6C4E13EB 19456 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\zh-CHS\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:03 7935C6328AC947AD65F313113024CC93 836384 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NVI2\NVPrxy32.dll
2013-11-19 17:37:03 31D80C06BF00BD115F34917548AA84DA 1429280 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NVI2\NVPrxy64.dll
2013-11-19 17:37:03 0A490CE1E15576A7CF67527ABC7B73EF 19456 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\zh-CHT\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:02 9AEDF6D7E7AF7631E8809C2EF32FF264 25600 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\th-TH\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:02 97AE100D61E7B20835CCE861D1741268 19968 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\sv-SE\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:02 37A367FB12D57845BF3BEBBC9750517A 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\tr-TR\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:01 836511CA87AD3E2FF58C3BEBCB41577D 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\sk-SK\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:01 6527D047C0591EED1D207D08C3ECA6D6 23040 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\ru-RU\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:01 2EB8017B9428CF14583629B7159A7831 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\sl-SI\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:00 B9A9424F64D613D4497C890449D6AC6B 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\pl-PL\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:00 6A5E856884A1D9299929B6433763F470 19968 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\pt-BR\NvLedVisualizerControl.resources.dll
2013-11-19 17:37:00 0CEC13E8A3A35197CFF8D1C956E07F04 19968 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\pt-PT\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:59 E3D641AE011923EC1C26EA9F80379E31 19968 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\nl-NL\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:59 8AB88FEE011CBFF060EAE75D3C8D76CD 19968 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\nb-NO\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:59 7A41E62F65D860844954BC0320343069 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\ko-KR\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:58 BE0185AD0A526A1FDB915237141AD429 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\hu-HU\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:58 77A035C638BE13ED6412F8294B6412DC 20992 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\he-IL\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:58 418E9C100F924BA9877E0606BFE3A215 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\it-IT\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:58 14EC5A1CD9A507046A5BD1AAF19F814C 21504 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\ja-JP\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:57 F0B4DC7A069F3C9C583023457F5ECC27 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\fi-FI\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:57 CCC78F1D83317ED79998DDB48EC897B6 20992 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\fr-FR\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:57 2FD81A8E5EEEAC50E052AFA781E3B727 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\es-MX\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:56 F2BA707C19C752ADE233EDA10606B496 27136 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\en-US\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:56 D11A229DDD0646FF55051714C9E5C90F 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\es-ES\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:56 9A61F6AAC660FFCB89175C856B7CAC89 19456 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\en-GB\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:56 8B022DFEB154394C2F8502CC1A127D22 23040 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\el-GR\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:55 D4F546E94EF188E79638B1B9A6E5BDD8 20480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\de-DE\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:55 B6632737B0CCE464FE6E4C1E96174B99 19744 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\NvLedVisualizerControl.dll
2013-11-19 17:36:55 7CBD8E5131DED052F32209AD3F25758A 22016 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\ar-SA\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:55 395FB32346945395C32AC3D5093AA6B9 19968 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\da-DK\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:55 1085971AF498A2F6AC30FA0AE9E352D9 19968 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\cs-CZ\NvLedVisualizerControl.resources.dll
2013-11-19 17:36:54 A5889754B5DE18FF2CA831BA1A44DD54 615424 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\en-US\NvLedVisualizer.resources.dll
2013-11-19 17:36:54 5708C4DE8A639D1A9CAF4A3F43548076 41760 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\NvLedServiceLib.dll
2013-11-19 17:36:54 10082435B8BDCAA7AC4E023BFE47BD65 30496 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\NVIDIA.UpdateService.dll
2013-11-19 17:36:54 0D760D9AB74AF6234D4B49E25AFEB576 76064 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\NVIDIA.Win32Api.dll
2013-11-19 17:36:53 FF14730968B4613E275AB852EB0F1871 23328 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\NVIDIA.Settings.Properties.dll
2013-11-19 17:36:53 D3478D621A636D7A308EE05AC218CDE6 43296 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\NVIDIA.Settings.dll
2013-11-19 17:36:53 854E933178D4347A7DFF1C713D3E9E18 1424672 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NVI2\NVI2UI.dll
2013-11-19 17:36:51 55CC30A41E1F3F5E35AB1887B551C827 622368 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\NvGpuInterface.dll
2013-11-19 17:36:51 3777A4626954960FC82351A0D81778C3 410400 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\NvGfeServiceBridge.dll
2013-11-19 17:36:51 36F404458204CC675F05732600504C30 4101920 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NVI2\NVI2.dll
2013-11-19 17:36:50 FC89A1946640BCD7ABA8A845468F0DAF 687904 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\NvGfeServiceBridge.dll
2013-11-19 17:36:50 F7EC0556C063B740F8767A7354333CF2 893728 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NvVAD\nvgenco32.dll
2013-11-19 17:36:50 B56D9A7107337EB5C9AF450CD91A4BCC 1511712 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NvVAD\nvgenco64.dll
2013-11-19 17:36:49 E4BBF37ABC361FCBC2884E573D46D8F1 85792 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\nvFBC.dll
2013-11-19 17:36:49 ACB4317E6C7B0B891FC409386B9499F9 98080 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\nvFBC.dll
2013-11-19 17:36:48 EEA052782AC0F6ECA52FD522F76BCD80 29984 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NvVAD\nvaudcap64v.dll
2013-11-19 17:36:48 C164209202D32473A3E7EAC0CF9E9C66 28960 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NvVAD\nvaudcap32v.dll
2013-11-19 17:36:48 34DD8B33701DCA322C26CCD8BAD36666 24352 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\NvDashBoardControls.dll
2013-11-19 17:36:47 90203EEA60588822A57181BF262791C5 839968 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\MS.NET\MSNetExt.dll
2013-11-19 17:36:47 32E390954B2C6B1583A969ED0E7C8A9D 421200 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\msvcp100.dll
2013-11-19 17:36:47 2B92A88E329F4845D31941967A3BAA90 768848 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\msvcr100.dll
2013-11-19 17:36:46 E025008C2ADD680C298D1681ABB56007 551712 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\Microsoft.WindowsAPICodePack.Shell.dll
2013-11-19 17:36:46 AA3C20EEE0206D55442788D203DBC21C 29472 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\Microsoft.Practices.ServiceLocation.dll
2013-11-19 17:36:46 7487DB8B42AE7EFB6AB3DA89B8DC6F5E 114976 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\Microsoft.WindowsAPICodePack.dll
2013-11-19 17:36:45 EC1A2D2C802AF571328F911D1698A0A4 81696 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\GridService.dll
2013-11-19 17:36:45 D58F9D37F354D254CBC810C96CE5A5C8 31008 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\InstallerUIExtension.dll
2013-11-19 17:36:45 7640DF353A016533C490B7717DC02608 20768 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\InstallerService.dll
2013-11-19 17:36:44 41611DA627E8A3BB9E10D0728E712D17 168224 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\zh-CHT\GFExperienceControls.resources.dll
2013-11-19 17:36:44 2FD88B751B3876FFDBD6E344F66B4F44 120096 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\GFExperienceCore.dll
2013-11-19 17:36:44 1E711F7B05164BBE155422AB612A152A 1196320 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\GFExperienceExt.dll
2013-11-19 17:36:43 9F83089B05C25179CC461E6B5DC9622F 170784 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\tr-TR\GFExperienceControls.resources.dll
2013-11-19 17:36:43 88C4DD2C8B7218E9529FA71DD1522F95 167712 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\zh-CHS\GFExperienceControls.resources.dll
2013-11-19 17:36:43 3F3DB5FAAD5968BB99148C9E59A6A8D9 193824 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\th-TH\GFExperienceControls.resources.dll
2013-11-19 17:36:42 7B80DBDBF1232DFB9366E096E8F73E44 170272 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\sv-SE\GFExperienceControls.resources.dll
2013-11-19 17:36:42 6A3BAB9AAC8C69C9F47029096D535811 172320 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\sk-SK\GFExperienceControls.resources.dll
2013-11-19 17:36:42 08D0E4A250C6803CC573B6CBEF4E8198 170784 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\sl-SI\GFExperienceControls.resources.dll
2013-11-19 17:36:41 F46F78813A67C74C081587C1FA25CA0E 171808 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\pt-PT\GFExperienceControls.resources.dll
2013-11-19 17:36:41 8166455514DBC6D0014D01C3340BAA5A 183584 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\ru-RU\GFExperienceControls.resources.dll
2013-11-19 17:36:41 4CDB17CA991DB1B40BD4F9962235BF11 171296 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\pt-BR\GFExperienceControls.resources.dll
2013-11-19 17:36:40 FE9B7BA1FECF6EA17439367622F9213D 170784 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\nl-NL\GFExperienceControls.resources.dll
2013-11-19 17:36:40 608845A1472F01D4B508899C9F5A2CA4 171808 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\pl-PL\GFExperienceControls.resources.dll
2013-11-19 17:36:40 2D3D70790B3620A90E9EF59557D2FF17 169760 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\nb-NO\GFExperienceControls.resources.dll
2013-11-19 17:36:39 AC5E36BDCF0AF75AAE4B6A756B362B66 171296 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\it-IT\GFExperienceControls.resources.dll
2013-11-19 17:36:39 537926BB75DFA3BD365DB06DBAB52714 171808 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\ko-KR\GFExperienceControls.resources.dll
2013-11-19 17:36:39 52438509D59ED04E637D0ABB6E4B0057 176928 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\ja-JP\GFExperienceControls.resources.dll
2013-11-19 17:36:38 5C302F89C3BEE08F2ED7ABC401254DEC 176928 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\he-IL\GFExperienceControls.resources.dll
2013-11-19 17:36:38 2412F5AB9B739A541E3EF51CD345415F 172320 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\hu-HU\GFExperienceControls.resources.dll
2013-11-19 17:36:37 C92B19F8D9C92AF3F7B8B068BE9D81B3 171808 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\es-MX\GFExperienceControls.resources.dll
2013-11-19 17:36:37 89B673BC3856E7F81DEF438193265562 170272 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\fi-FI\GFExperienceControls.resources.dll
2013-11-19 17:36:37 41D5CE84E7F505EA2FF3E999F25F1CB7 172832 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\fr-FR\GFExperienceControls.resources.dll
2013-11-19 17:36:36 DE5743C6D4F0C1C6CD6BA7B3CD8EFF48 187168 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\el-GR\GFExperienceControls.resources.dll
2013-11-19 17:36:36 910AD58B2EE3623F9CA6006115996DC6 168224 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\en-GB\GFExperienceControls.resources.dll
2013-11-19 17:36:36 6C0C2EAF85F0C4E03A8BCA900F1EFE3C 183072 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\en-US\GFExperienceControls.resources.dll
2013-11-19 17:36:36 5BDDD2D8E2D4B29D7D968364637883C5 171808 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\es-ES\GFExperienceControls.resources.dll
2013-11-19 17:36:35 FB0D35DAA75249F6D971722BB206095E 172320 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\de-DE\GFExperienceControls.resources.dll
2013-11-19 17:36:35 BF032214A98A2044E851040670E4F137 171296 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\cs-CZ\GFExperienceControls.resources.dll
2013-11-19 17:36:35 8C694A208CFF66D14B2C092B0A08119C 169760 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\da-DK\GFExperienceControls.resources.dll
2013-11-19 17:36:34 A67A995A120C11E7092BB56D83E92CC7 177952 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\ar-AE\GFExperienceControls.resources.dll
2013-11-19 17:36:34 0D473B4B59BC1F4228D5DCD1006CAFB6 154912 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\GFExperienceControls.dll
2013-11-19 17:36:33 E43A7B50BCDD56E875A29022187D40F1 37152 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\GalaSoft.MvvmLight.WPF4.dll
2013-11-19 17:36:33 1CCF0BD937DE187CBD8D5D103A1ADCFB 2709280 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\en-US\GFExperience.resources.dll
2013-11-19 17:36:33 0CA5D3B6C1A8940D7A43784068002455 33568 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\GalaSoft.MvvmLight.Extras.WPF4.dll
2013-11-19 17:36:32 7144AC2897208F149F74167A33A7DB7B 1168672 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\ExtensionLoader.dll
2013-11-19 17:36:31 F930086A193B89D10232E81929D7DA1A 861984 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\easyDaemonAPIU32.dll
2013-11-19 17:36:31 E9C248EA8DE152293C20553992FE4B40 1190176 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\easyDaemonAPIU64.dll
2013-11-19 17:36:30 AD754886ECC3032673F5BD478D2A3CDC 1015072 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\DisplayCplExt.dll
2013-11-19 17:36:30 97677EAC6E615AD59CEE7F335E1138F1 13088 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\detoured.dll
2013-11-19 17:36:30 936A4054CA34A1E9AE9251F9354645FF 13088 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\detoured.dll
2013-11-19 17:36:29 EB94A77F5BC0AA7CE3AB8E859D2C0D81 431392 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\cudart32_41_0.dll
2013-11-19 17:36:28 D43AE6C888A84084C1401B54F84FB0F5 663840 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\avformat-52.dll
2013-11-19 17:36:28 8DEE6C92A98FB7235DB3469621CB1BF1 18208 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\avdevice-52.dll
2013-11-19 17:36:28 74E7C1506E44EDB1C14664D42CAD422D 1906976 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\Bifrost.dll
2013-11-19 17:36:28 4253B4737DD226C6FFAD2A1E7DF80F2A 70944 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\avutil-49.dll
2013-11-19 17:36:26 C811B825A1B490DFC724E0BD7E6ABB83 412960 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\setup.exe
2013-11-19 17:36:26 7211080936063C9476FC98A1EAEB7874 190752 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\WLMerger.exe
2013-11-19 17:36:26 1B028BF0FEBBB7B987D3BD2FCE716BA5 8636704 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamC\avcodec-52.dll
2013-11-19 17:36:25 588BEEE7B106E6520F550A45897D00B2 1028384 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\nvtmru.exe
2013-11-19 17:36:23 75AE5C92320E39EEE998843473D53EEF 14652704 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2013-11-19 17:36:21 F0AD6B3A2352EFADC223A9587693A51A 15125280 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2013-11-19 17:36:20 BF3CEE788116B6ECAB3EA504754CECAC 3010336 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2013-11-19 17:36:19 A5716BADD32602925ED0CF493195B988 3894560 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2013-11-19 17:36:18 420C49039906BF5399C703A8D78FA236 1368864 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\ShadowPlay\nvspcaps.exe
2013-11-19 17:36:18 358215A945C3E962B969233992E5230F 1588512 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\ShadowPlay\nvspcaps64.exe
2013-11-19 17:36:17 90834ADAD2C9CA584130ECB392662923 629760 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2013-11-19 17:36:17 7499DE42A69950F532F4B49D6161A1ED 87328 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\NvLedServiceHost.exe
2013-11-19 17:36:17 4EE8FBE4C969EE0D790F33281BA33100 125728 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\NvLedVisualizer.exe
2013-11-19 17:36:16 41A5FCB960F252B8DC589B790D2A6C0B 810784 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\GFExperience.exe
2013-11-19 17:36:15 F313FFEA01C3DFF4E7E763DA29B0FF36 1914656 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\daemonu.exe
2013-11-19 17:36:15 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\MS.NET\dotNetFx40_Full_setup.exe
2013-11-19 17:36:14 9B684DCE80A28C5AE0FF5CC6E1030BAF 1224480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\ComUpdatus.exe
2013-11-19 17:36:14 5A297A8A3CA84822483E8FF3B59D7E81 596768 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\7z.exe
2013-11-07 19:46:03 EF7D5227360E42058D25F27D9DB95DE0 648472 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\sSetup-se.exe
====== Java Cache =====
====== C:\WINDOWS\system32 =====
====== C:\WINDOWS\system32\drivers =====
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-11-19 18:25:04 -------- d-----w- C:\Program Files\MCShield
2013-11-07 19:43:46 -------- d-----w- C:\Program Files\YoutubeAdblocker
2013-11-07 19:42:57 -------- d-----w- C:\Program Files\surf and keep
======= C: =====
====== C:\Documents and Settings\Ognjen\Application Data ======
2013-11-19 17:59:16 -------- d-----r- C:\Documents and Settings\Ognjen\Start Menu\Programs\Administrative Tools
2013-11-07 19:46:11 -------- d-----w- C:\Documents and Settings\Ognjen\Application Data\SkypEmoticons
2013-10-22 15:39:03 -------- d-----w- C:\Documents and Settings\Ognjen\Local Settings\Application Data\NVIDIA
====== C:\Documents and Settings\Ognjen ======
2013-11-19 18:41:11 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Documents and Settings\Ognjen\Desktop\y1mfs1r6.exe
2013-11-07 19:42:58 -------- d-----w- C:\Documents and Settings\Ognjen\AppData

====== C: exe-files ==
2013-11-19 18:41:11 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Documents and Settings\Ognjen\Desktop\y1mfs1r6.exe
2013-11-19 18:25:10 588BED1D4EB03810A51FB96F4B01F9FA 212148 ----a-w- C:\Program Files\MCShield\MCS-uninstall.exe
2013-11-19 18:25:08 09BCBD68276670ED410936C0C1C976ED 2633042 ----a-w- C:\Documents and Settings\All Users\Application Data\MCShield\MCShield-Setup.exe
2013-11-19 17:36:26 C811B825A1B490DFC724E0BD7E6ABB83 412960 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\setup.exe
2013-11-19 17:36:26 7211080936063C9476FC98A1EAEB7874 190752 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\WLMerger.exe
2013-11-19 17:36:25 588BEEE7B106E6520F550A45897D00B2 1028384 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\nvtmru.exe
2013-11-19 17:36:23 75AE5C92320E39EEE998843473D53EEF 14652704 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2013-11-19 17:36:21 F0AD6B3A2352EFADC223A9587693A51A 15125280 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2013-11-19 17:36:20 BF3CEE788116B6ECAB3EA504754CECAC 3010336 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2013-11-19 17:36:19 A5716BADD32602925ED0CF493195B988 3894560 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2013-11-19 17:36:18 420C49039906BF5399C703A8D78FA236 1368864 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\ShadowPlay\nvspcaps.exe
2013-11-19 17:36:18 358215A945C3E962B969233992E5230F 1588512 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\ShadowPlay\nvspcaps64.exe
2013-11-19 17:36:17 90834ADAD2C9CA584130ECB392662923 629760 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2013-11-19 17:36:17 7499DE42A69950F532F4B49D6161A1ED 87328 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\NvLedServiceHost.exe
2013-11-19 17:36:17 4EE8FBE4C969EE0D790F33281BA33100 125728 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\LEDVisualizer\NvLedVisualizer.exe
2013-11-19 17:36:16 41A5FCB960F252B8DC589B790D2A6C0B 810784 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\GFExperience.exe
2013-11-19 17:36:15 F313FFEA01C3DFF4E7E763DA29B0FF36 1914656 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\daemonu.exe
2013-11-19 17:36:15 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\MS.NET\dotNetFx40_Full_setup.exe
2013-11-19 17:36:14 9B684DCE80A28C5AE0FF5CC6E1030BAF 1224480 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\Display.Update\ComUpdatus.exe
2013-11-19 17:36:14 5A297A8A3CA84822483E8FF3B59D7E81 596768 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\GFExperience\7z.exe
2013-11-17 11:06:30 1A7C91AC6F14EBB22688704A13DC8D17 12598112 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_30.0.1599.101_chrome_updater.exe
2013-11-15 19:14:04 901318D78EDD0E451EB2FCE5496BE115 2666464 ----a-w- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\Packages\00005563\dao.17298215.exe
2013-11-14 19:05:35 ACCF28D0F7C602770768E1F67FEEFF59 2644528 ----a-w- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\Packages\00005552\dao.17290614.exe
2013-11-14 19:05:18 78141AD888BA82E3ABC854D229A59F07 231288 -c----w- C:\WINDOWS\ie8updates\KB2888505-IE8\spuninst\spuninst.exe
2013-11-14 19:05:09 31EA26FF6F5F9D53994DAFEE44D455A3 174592 -c----w- C:\WINDOWS\ie8updates\KB2888505-IE8\ie4uinit.exe
=== C: other files ==
2013-11-19 17:37:20 9AD1ABCD0CDC3C840EE7BFE3E4ED3830 33568 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NvVAD\nvvad32v.sys
2013-11-19 17:37:20 31B16657118E439B77B0A527F7EA66CB 39200 ----a-w- C:\Documents and Settings\Ognjen\Local Settings\Temp\NVIDIA\GeForceExperienceSelfUpdate\9.3.21.0\NvVAD\nvvad64v.sys
2013-11-19 00:57:57 B276EB43281B1ACF301B4D277FC94DCE 31201 ----a-w- C:\Documents and Settings\Ognjen\My Documents\Downloads\Admiral.2008.O.DVDRip_INTERFILM\66783-Admiral.2008.O.DVDRip_INTERFILM.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1606980848-1767777339-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"se"="C:\Documents and Settings\Ognjen\Application Data\SkypEmoticons\SE.exe /minimized "
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"

[HKEY_USERS\S-1-5-21-1606980848-1767777339-682003330-1005\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login"
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet"
"Nvtmru"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"se"="C:\Documents and Settings\Ognjen\Application Data\SkypEmoticons\SE.exe /minimized "
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~1\\websea~1\\sprote~1.dll"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Reader_sl"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ALCMTR"
"hkey"="HKLM"
"command"="ALCMTR.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DTLite"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="FacebookUpdate"
"hkey"="HKCU"
"command"="\"C:\\Documents and Settings\\Ognjen\\Local Settings\\Application Data\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\fTalk]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Gainward]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TBPanel"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\TBPanel.exe /A"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleUpdate"
"hkey"="HKCU"
"command"="\"C:\\Documents and Settings\\Ognjen\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -k"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Language"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LDM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BackWeb-8876480"
"hkey"="HKCU"
"command"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvMcTray"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="nwiz.exe /install"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleToolbarNotifier"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Bluetooth.lnk"
"backup"="C:\\WINDOWS\\pss\\Bluetooth.lnkCommon Startup"
"command"="C:\\PROGRA~1\\D-Link\\BLUETO~1\\BTTray.exe "
"item"="Bluetooth"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Logitech Desktop Messenger.lnk"
"backup"="C:\\WINDOWS\\pss\\Logitech Desktop Messenger.lnkCommon Startup"
"command"="C:\\PROGRA~1\\Logitech\\DESKTO~1\\8876480\\Program\\LDMConf.exe /start"
"item"="Logitech Desktop Messenger"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10/10/2013 03:28 PM]
C:\WINDOWS\tasks\avast\Undetermined Task.exe []
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1606980848-1767777339-682003330-1003Core.job --a------ C:\Documents and Settings\Ognjen\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [07/11/2012 09:54 PM]
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1606980848-1767777339-682003330-1003UA.job --a------ C:\Documents and Settings\Ognjen\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [07/11/2012 09:54 PM]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03/27/2010 01:46 PM]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03/27/2010 01:46 PM]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1767777339-682003330-1003Core.job --a------ C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [06/01/2011 12:51 PM]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1767777339-682003330-1003UA.job --a------ C:\Documents and Settings\Ognjen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [06/01/2011 12:51 PM]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [10/31/2011 06:07 PM]

==== Firefox Extensions ======================

ExtDir: C:\Documents and Settings\Ognjen\Application Data\Mozilla\Firefox\Profiles\extensions
- OneClickDownloader - %ExtDir%\OneClickDownload@OneClickDownload.com
- GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi

ExtDir: C:\Documents and Settings\Ognjen\Application Data\Mozilla\Firefox\Profiles
- OneClickDownloader - %ExtDir%\extensions\OneClickDownload@OneClickDownload.com

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/16/2013 11:31 AM]

YouTube - Ognjen - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ognjen - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Fast save - Ognjen - Default\Extensions\ecpecpibgpfeeccdjmingplnpheabmfh
surf and keep - Ognjen - Default\Extensions\hphhidafiffmkdakmboemfmcfjgigdca
YoutubeAdblocker - Ognjen - Default\Extensions\janncjemdahfdmjdjgppkckbfpdggdnp
Skype for Chromium - Ognjen - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Ognjen - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Facebook Sidebar Chat Reversion - Ognjen - Default\Extensions\pfophgoebcoehkldfgeffhnlcabhhomn
Gmail - Ognjen - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"
{4164072C-3134-47D1-BDB5-A7E6895E96AC} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en"

==== EOF on Wed 11/20/2013 at 17:31:40.68 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r
"AppInit_DLLs"="";r
C:\Program Files\WebSearch;fs
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"se"=-;r
[HKEY_USERS\S-1-5-21-1606980848-1767777339-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run];r
"se"=-;r
C:\Documents and Settings\Ognjen\Application Data\SkypEmoticons;fs
OneClickDownloader;ff
C:\Documents and Settings\Ognjen\Application Data\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com;fs
ecpecpibgpfeeccdjmingplnpheabmfh;chr
hphhidafiffmkdakmboemfmcfjgigdca;chr
janncjemdahfdmjdjgppkckbfpdggdnp;chr
autoclean;
emptyclsid;
emptytemp;
startupall;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.





Kakvo je sada stanje.