OTL logfile created on: 4.7.2015. 8:34:38 - Run 1OTL by OldTimer - Version 3.2

1. OTL logfile created on: 4.7.2015. 8:34:38 - Run 1
2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Korisnik\Desktop
3. Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
4. Internet Explorer (Version = 9.11.9600.17843)
5. Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.
6.  
7. 3,25 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 48,31% Memory free
8. 6,50 Gb Paging File | 4,44 Gb Available in Paging File | 68,34% Paging File free
9. Paging file location(s): ?:\pagefile.sys [binary data]
10.  
11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
12. Drive C: | 78,03 Gb Total Space | 21,52 Gb Free Space | 27,57% Space Free | Partition Type: NTFS
13. Drive D: | 387,62 Gb Total Space | 198,54 Gb Free Space | 51,22% Space Free | Partition Type: NTFS
14.  
15. Computer Name: KORISNIK-PC | User Name: Korisnik | Logged in as Administrator.
16. Boot Mode: Normal | Scan Mode: Current user | Quick Scan
17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
18.  
19. [color=#E56717]========== Processes (SafeList) ==========[/color]
20.  
21. PRC - [2015.07.04 08:32:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Korisnik\Desktop\OTL.exe
22. PRC - [2015.07.03 23:22:37 | 000,244,040 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
23. PRC - [2015.07.03 08:52:42 | 008,766,544 | ---- | M] (Innovative Solutions) -- D:\Program Files\Advanced Uninstaller PRO\healthcheck.exe
24. PRC - [2015.07.03 08:52:42 | 003,212,368 | ---- | M] (Innovative Solutions) -- D:\Program Files\Advanced Uninstaller PRO\uninstaller.exe
25. PRC - [2015.07.03 08:13:53 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
26. PRC - [2015.06.29 12:03:39 | 000,695,976 | ---- | M] (DTools LIMITED) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
27. PRC - [2015.06.20 12:05:41 | 000,127,680 | ---- | M] (Mobogenie.com) -- C:\Program Files\Mobogenie3\MobogenieService.exe
28. PRC - [2015.06.20 12:05:31 | 000,105,152 | ---- | M] () -- C:\Program Files\Mobogenie3\MoboGenieHelper.exe
29. PRC - [2015.06.19 20:17:39 | 000,244,392 | ---- | M] (Foxit Software Inc.) -- D:\Program Files\Foxit Reader\Foxit Cloud\FCUpdateService.exe
30. PRC - [2015.06.19 00:01:24 | 006,369,048 | ---- | M] (Piriform Ltd) -- D:\Program Files\CCleaner\CCleaner.exe
31. PRC - [2015.06.12 09:25:00 | 000,082,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
32. PRC - [2015.06.11 08:45:25 | 000,455,360 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
33. PRC - [2015.06.11 08:45:00 | 001,361,088 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
34. PRC - [2015.06.11 08:44:59 | 007,695,040 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cis.exe
35. PRC - [2015.06.11 08:44:56 | 004,352,816 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
36. PRC - [2015.06.10 09:50:11 | 080,035,536 | ---- | M] () -- C:\Users\Korisnik\AppData\Local\Viber\Viber.exe
37. PRC - [2015.05.21 21:37:09 | 001,994,592 | ---- | M] (BitTorrent Inc.) -- C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe
38. PRC - [2015.04.27 23:30:33 | 001,408,512 | ---- | M] (Lid) -- C:\Program Files\App Lid\16e67b36-fee4-4153-b81a-31a7d85437ff-1-6.exe
39. PRC - [2015.04.27 23:29:47 | 001,352,192 | ---- | M] (Lid) -- C:\Program Files\App Lid\16e67b36-fee4-4153-b81a-31a7d85437ff-10.exe
40. PRC - [2015.04.27 23:26:43 | 001,359,360 | ---- | M] (DiscountFrenzy) -- C:\Program Files\Discount_Frenzy\06f41971-6e69-4186-a92c-ed85ca7b52f3-10.exe
41. PRC - [2015.03.12 01:22:04 | 000,277,360 | ---- | M] (arvato digital services llc) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
42. PRC - [2014.10.08 13:26:57 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
43. PRC - [2014.10.08 13:26:57 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
44. PRC - [2014.04.17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Korisnik\AppData\Local\Akamai\netsession_win.exe
45. PRC - [2013.12.17 12:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
46. PRC - [2013.08.14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
47. PRC - [2012.07.31 12:39:14 | 000,658,632 | ---- | M] (Zbshareware Lab) -- D:\Program Files\USB Disk Security\USBGuard.exe
48. PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
49. PRC - [2011.01.08 05:08:28 | 000,038,400 | ---- | M] (Dassault Systemes) -- D:\Program Files\CATIA 21\intel_a\code\bin\CATSysDemon.exe
50. PRC - [2010.11.20 23:29:12 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
51. PRC - [2009.07.14 03:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
52. PRC - [2009.07.14 03:14:21 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\inetinfo.exe
53.  
54.  
55. [color=#E56717]========== Modules (No Company Name) ==========[/color]
56.  
57. MOD - [2015.07.03 08:52:43 | 000,565,827 | ---- | M] () -- D:\Program Files\Advanced Uninstaller PRO\sqlite3.dll
58. MOD - [2015.06.20 12:05:31 | 000,105,152 | ---- | M] () -- C:\Program Files\Mobogenie3\MoboGenieHelper.exe
59. MOD - [2015.06.10 09:50:11 | 080,035,536 | ---- | M] () -- C:\Users\Korisnik\AppData\Local\Viber\Viber.exe
60. MOD - [2015.06.10 09:19:48 | 000,100,864 | ---- | M] () -- C:\Users\Korisnik\AppData\Local\Viber\qfacebook.dll
61. MOD - [2015.06.10 09:19:37 | 000,171,008 | ---- | M] () -- C:\Users\Korisnik\AppData\Local\Viber\exif.dll
62. MOD - [2015.02.25 09:36:36 | 000,010,240 | ---- | M] () -- C:\Users\Korisnik\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll
63. MOD - [2015.02.25 09:21:22 | 000,063,488 | ---- | M] () -- C:\Users\Korisnik\AppData\Local\Viber\libEGL.dll
64. MOD - [2015.02.25 09:21:13 | 001,507,328 | ---- | M] () -- C:\Users\Korisnik\AppData\Local\Viber\libGLESv2.dll
65. MOD - [2010.03.24 21:17:36 | 008,794,464 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
66. MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
67.  
68.  
69. [color=#E56717]========== Services (SafeList) ==========[/color]
70.  
71. SRV - File not found [On_Demand | Stopped] -- %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
72. SRV - File not found [Auto | Stopped] -- -- (Util Flying Deals)
73. SRV - File not found [Auto | Stopped] -- -- (Update Flying Deals)
74. SRV - File not found [Auto | Stopped] -- -- (SearchProtectionService)
75. SRV - File not found [On_Demand | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
76. SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
77. SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
78. SRV - File not found [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
79. SRV - File not found [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe /service msvsmon80 -- (msvsmon80)
80. SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
81. SRV - File not found [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
82. SRV - File not found [Disabled | Stopped] -- C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe -- (LavasoftTcpService)
83. SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
84. SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
85. SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
86. SRV - File not found [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
87. SRV - File not found [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe -- (AVP)
88. SRV - File not found [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
89. SRV - File not found [Auto | Stopped] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
90. SRV - File not found [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
91. SRV - File not found [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
92. SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe -- (AdAppMgrSvc)
93. SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
94. SRV - [2015.06.29 12:03:39 | 000,695,976 | ---- | M] (DTools LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect)
95. SRV - [2015.06.23 12:31:04 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
96. SRV - [2015.06.20 12:05:41 | 000,127,680 | ---- | M] (Mobogenie.com) [Auto | Running] -- C:\Program Files\Mobogenie3\MobogenieService.exe -- (MobogenieService)
97. SRV - [2015.06.19 20:17:39 | 000,244,392 | ---- | M] (Foxit Software Inc.) [Auto | Running] -- D:\Program Files\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
98. SRV - [2015.06.12 09:25:00 | 000,082,112 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
99. SRV - [2015.06.11 08:44:56 | 004,352,816 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
100. SRV - [2015.06.11 07:31:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
101. SRV - [2015.06.10 07:57:37 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
102. SRV - [2015.06.03 21:39:37 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
103. SRV - [2015.03.12 01:22:04 | 000,277,360 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
104. SRV - [2015.02.18 20:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
105. SRV - [2014.10.08 13:26:57 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
106. SRV - [2013.12.17 12:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
107. SRV - [2013.10.30 01:47:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
108. SRV - [2013.08.14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
109. SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
110. SRV - [2011.01.08 05:08:28 | 000,038,400 | ---- | M] (Dassault Systemes) [Auto | Running] -- D:\Program Files\CATIA 21\intel_a\code\bin\CATSysDemon.exe -- (BBDemon)
111. SRV - [2010.12.28 22:01:10 | 000,238,952 | ---- | M] (Teruten) [Disabled | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
112. SRV - [2010.11.20 23:29:25 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
113. SRV - [2010.11.20 23:29:25 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
114. SRV - [2010.11.20 23:29:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
115. SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
116. SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
117. SRV - [2009.07.14 03:15:36 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
118. SRV - [2009.07.14 03:14:48 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSVC)
119. SRV - [2009.07.14 03:14:21 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
120.  
121.  
122. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
123.  
124. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (VGPU)
125. DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
126. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MotDev)
127. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (motccgp)
128. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (dgderdrv)
129. DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Korisnik\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
130. DRV - File not found [Kernel | System | Stopped] -- -- (BAPIDRV)
131. DRV - [2015.06.20 13:45:05 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
132. DRV - [2015.06.20 13:43:39 | 000,088,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
133. DRV - [2015.06.05 15:35:36 | 000,621,120 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
134. DRV - [2015.06.05 15:35:33 | 000,017,064 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
135. DRV - [2015.05.09 09:46:37 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
136. DRV - [2015.05.06 23:38:28 | 000,077,824 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
137. DRV - [2015.05.06 23:22:53 | 000,023,840 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\System32\drivers\HWiNFO32.SYS -- (HWiNFO32)
138. DRV - [2014.10.08 13:26:59 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
139. DRV - [2014.10.08 13:26:59 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
140. DRV - [2014.10.08 13:26:59 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
141. DRV - [2014.10.08 13:26:28 | 000,106,296 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
142. DRV - [2013.10.29 22:28:57 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
143. DRV - [2013.10.29 22:28:57 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
144. DRV - [2013.10.29 22:28:57 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
145. DRV - [2013.10.29 22:28:57 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
146. DRV - [2013.10.29 22:28:57 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
147. DRV - [2013.10.29 22:28:57 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
148. DRV - [2013.10.29 22:28:57 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
149. DRV - [2013.10.29 22:28:57 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
150. DRV - [2013.10.04 18:25:53 | 000,065,856 | ---- | M] (WinMount International Inc) [File_System | System | Running] -- C:\Windows\System32\drivers\WMDrive.sys -- (WMDrive)
151. DRV - [2013.06.20 14:49:15 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
152. DRV - [2013.06.20 14:49:15 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
153. DRV - [2013.06.10 13:27:56 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
154. DRV - [2013.06.08 21:18:34 | 000,574,048 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
155. DRV - [2013.06.06 18:38:20 | 000,145,120 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
156. DRV - [2013.05.14 18:34:44 | 000,045,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
157. DRV - [2013.05.07 09:00:16 | 000,035,064 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD)
158. DRV - [2013.05.06 10:22:24 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
159. DRV - [2013.05.05 23:42:10 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
160. DRV - [2013.05.05 23:42:06 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
161. DRV - [2013.04.30 10:51:09 | 000,035,088 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
162. DRV - [2013.04.12 16:34:48 | 000,014,432 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klpd.sys -- (klpd)
163. DRV - [2013.03.06 16:13:53 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
164. DRV - [2013.02.12 05:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb80236.sys -- (usbrndis6)
165. DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
166. DRV - [2012.08.23 16:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
167. DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
168. DRV - [2012.08.23 16:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
169. DRV - [2010.11.20 23:29:26 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
170. DRV - [2010.11.20 23:29:20 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
171. DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
172. DRV - [2010.11.20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
173. DRV - [2010.11.20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
174. DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
175. DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
176. DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
177. DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
178. DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
179. DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
180. DRV - [2010.10.04 10:40:18 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
181. DRV - [2009.12.30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
182. DRV - [2008.04.07 10:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cvintdrv.sys -- (cvintdrv)
183. DRV - [2007.06.05 21:57:54 | 000,016,528 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\System32\drivers\LUM.sys -- (LUM)
184. DRV - [2007.04.24 18:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\System32\drivers\LUMDriver.sys -- (LUMDriver)
185. DRV - [2006.11.02 08:57:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
186. DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
187.  
188.  
189. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
190.  
191.  
192. [color=#E56717]========== Internet Explorer ==========[/color]
193.  
194. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1435572134&z=3b52395cd666f7931a38a12g7z5c8wfw3m8o8g1oaw&from=obw&uid=ST3500631NS_9QGACZ71XXXX9QGACZ71
195. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1435572134&z=3b52395cd666f7931a38a12g7z5c8wfw3m8o8g1oaw&from=obw&uid=ST3500631NS_9QGACZ71XXXX9QGACZ71&q={searchTerms}
196. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1435572134&z=3b52395cd666f7931a38a12g7z5c8wfw3m8o8g1oaw&from=obw&uid=ST3500631NS_9QGACZ71XXXX9QGACZ71&q={searchTerms}
197. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.hotsearches.info/?pid=24437&r=2015/06/29&hid=18043186953304216546&lg=EN&cc=HR&unqvl=90
198. IE - HKLM\..\SearchScopes,DefaultScope = {BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
199. IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
200. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
201. IE - HKLM\..\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.hotsearches.info/?l=1&q={searchTerms}&pid=24437&r=2015/06/29&hid=18043186953304216546&lg=EN&cc=HR&unqvl=90
202.  
203. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1435572134&z=3b52395cd666f7931a38a12g7z5c8wfw3m8o8g1oaw&from=obw&uid=ST3500631NS_9QGACZ71XXXX9QGACZ71
204. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1435572134&z=3b52395cd666f7931a38a12g7z5c8wfw3m8o8g1oaw&from=obw&uid=ST3500631NS_9QGACZ71XXXX9QGACZ71&q={searchTerms}
205. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/MCM_WCP
206. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1435572134&z=3b52395cd666f7931a38a12g7z5c8wfw3m8o8g1oaw&from=obw&uid=ST3500631NS_9QGACZ71XXXX9QGACZ71&q={searchTerms}
207. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/en-us/?ocid=U220DHP&pc=U220
208. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
209. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
210. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4E 1B B7 D1 43 A4 CE 01 [binary data]
211. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
212. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
213. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
214. IE - HKCU\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = https://www.google.com/search?q={searchTerms}
215. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=U220DF&PC=U220&q={searchTerms}&src=IE-SearchBox
216. IE - HKCU\..\SearchScopes\{33685F5F-B92A-4921-ACC9-A152130B0478}: "URL" = https://www.google.com/search?q={searchTerms}
217. IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
218. IE - HKCU\..\SearchScopes\{B0A15A4A-0BD9-4A5C-80C0-CCEF3E48681F}: "URL" = http://search.findwide.com/serp?guid={16BA67D1-6ADA-431C-89B7-7DF0C58E6048}&action=default_search&k={searchTerms}
219. IE - HKCU\..\SearchScopes\{B69DC78B-2689-45A8-8F45-E64CCB2FF2F5}: "URL" = https://www.google.com/search?q={searchTerms}
220. IE - HKCU\..\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.hotsearches.info/?l=1&q={searchTerms}&pid=24437&r=2015/06/29&hid=18043186953304216546&lg=EN&cc=HR&unqvl=90
221. IE - HKCU\..\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: "URL" = https://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150317__yaie&p={searchTerms}
222. IE - HKCU\..\SearchScopes\{E28583A1-121F-46B7-8473-9F0FFEED85BF}: "URL" = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms}
223. IE - HKCU\..\SearchScopes\{EDA14D46-6E36-45D1-BF87-FD133BE8FF54}: "URL" = https://www.google.com/search?q={searchTerms}
224. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
225. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*
226.  
227. [color=#E56717]========== FireFox ==========[/color]
228.  
229. FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
230. FF - prefs.js..browser.startup.homepage: "http://websearch.hotsearches.info/?pid=24437&r=2015/06/29&hid=18043186953304216546&lg=EN&cc=HR&unqvl=90"
231.  
232.  
233. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll ()
234. FF - HKLM\Software\MozillaPlugins\@AudioToAudio_8i.com/Plugin: File not found
235. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp: File not found
236. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf: File not found
237. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: D:\PROGRAM FILES\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
238. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: D:\PROGRAM FILES\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
239. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: D:\PROGRAM FILES\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
240. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: D:\PROGRAM FILES\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
241. FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll File not found
242. FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.)
243. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.79.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
244. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.79.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
245. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
246. FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll File not found
247. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll File not found
248. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
249. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
250. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
251. FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: File not found
252. FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: File not found
253. FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: File not found
254. FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: File not found
255. FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: File not found
256. FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
257. FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
258. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
259. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
260. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: D:\Program Files\VLC\npvlc.dll (VideoLAN)
261. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: D:\Program Files\VLC\npvlc.dll (VideoLAN)
262. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: D:\Program Files\VLC\npvlc.dll (VideoLAN)
263. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: D:\Program Files\VLC\npvlc.dll (VideoLAN)
264. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: D:\Program Files\VLC\npvlc.dll (VideoLAN)
265. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: D:\Program Files\VLC\npvlc.dll (VideoLAN)
266. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll File not found
267. FF - HKCU\Software\MozillaPlugins\@tnt2npapi.com/Plugin: C:\Users\Korisnik\AppData\Local\TNT2\2.0.0.1895\npTNT2.dll (Freshy.com)
268. FF - HKCU\Software\MozillaPlugins\gamevenus.com/CertifiedBrowser: C:\Users\Korisnik\AppData\Roaming\GVU Technologies\Free Media Converter\npCertifiedBrowser.dll (GVU Technologies)
269.  
270. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.10.29 22:42:24 | 000,000,000 | ---D | M]
271. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchffv2@gmail.com: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\j66yhd0f.default-1391102940003\extensions\searchffv2@gmail.com
272. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sweetsearch@gmail.com: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\j66yhd0f.default-1391102940003\extensions\sweetsearch@gmail.com
273. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: D:\Program Files\plugins [2015.06.15 23:03:42 | 000,000,000 | ---D | M]
274. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components
275. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
276.  
277. [2013.08.27 13:03:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Extensions
278. [2015.07.02 20:47:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profiles\40le5owv.default-1378379078517\extensions
279. [2014.01.30 19:29:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profiles\40le5owv.default-1378379078517\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
280. [2015.07.02 20:47:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profiles\40le5owv.default-1378379078517\extensions\iobitascsurfingprotection@iobit.com
281. [2015.06.16 11:04:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profiles\40le5owv.default-1378379078517\extensions\staged
282. [2015.07.03 07:49:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profiles\j66yhd0f.default-1391102940003\extensions
283. [2013.10.29 01:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profiles40le5owv.default-1378379078517\extensions
284. [2013.10.29 01:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profiles40le5owv.default-1378379078517\extensions\staged
285. [2014.11.03 14:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profilesj66yhd0f.default-1391102940003\extensions
286. [2014.11.03 14:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profilesj66yhd0f.default-1391102940003\extensions\staged
287. [2013.08.30 22:57:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profilessb056dk1.default\extensions
288. [2013.08.30 22:57:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\Firefox\Profilessb056dk1.default\extensions\staged
289. [2014.03.21 01:49:42 | 000,271,931 | ---- | M] () (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\firefox\profiles\40le5owv.default-1378379078517\extensions\jid1-bKSXgRwy1UQeRA@jetpack.xpi
290. [2014.04.08 00:36:54 | 000,477,909 | ---- | M] () (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\firefox\profiles\40le5owv.default-1378379078517\extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi
291. [2015.02.19 15:26:14 | 000,038,626 | ---- | M] () (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\firefox\profiles\40le5owv.default-1378379078517\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi
292. [2015.06.06 22:12:43 | 000,110,399 | ---- | M] () (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\firefox\profiles\j66yhd0f.default-1391102940003\extensions\ich@maltegoetz.de.xpi
293. [2015.06.06 22:09:59 | 000,946,636 | ---- | M] () (No name found) -- C:\Users\Korisnik\AppData\Roaming\mozilla\firefox\profiles\j66yhd0f.default-1391102940003\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
294. [2015.03.22 01:52:19 | 000,000,805 | ---- | M] () -- C:\Users\Korisnik\AppData\Roaming\mozilla\firefox\profiles\40le5owv.default-1378379078517\searchplugins\yahoo_ff.xml
295. [2015.07.03 11:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
296. [2015.07.03 11:06:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
297.  
298. [color=#E56717]========== Chrome ==========[/color]
299.  
300. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
301. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe\2.0.1_0\
302. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
303. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
304.  
305. O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
306. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
307. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
308. O3:HKU - HKCU\..\Toolbar\WebBrowser: (FindWide Toolbar) - {348000A7-478F-4E80-97EA-C06AF24E9453} - C:\Program Files\TNT2\Profiles\11147\passport.dll File not found
309. O4 - HKLM..\Run: [ADSKAppManager] "C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun File not found
310. O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (COMODO)
311. O4 - HKLM..\Run: [MsmqIntCert] C:\Windows\System32\mqrt.dll (Microsoft Corporation)
312. O4 - HKLM..\Run: [USB Security] D:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab)
313. O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Korisnik\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
314. O4 - HKCU..\Run: [CCleaner Monitoring] D:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
315. O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
316. O4 - HKCU..\Run: [uTorrent] C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
317. O4 - HKCU..\Run: [Viber] C:\Users\Korisnik\AppData\Local\Viber\Viber.exe ()
318. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
319. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
320. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
321. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
322. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = 0
323. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
324. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
325. O8 - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\Korisnik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm File not found
326. O8 - Extra context menu item: Add to Anti-Banner - Reg Error: Value error. File not found
327. O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
328. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 File not found
329. O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
330. O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
331. O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 File not found
332. O9 - Extra Button: Pošalji u OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
333. O9 - Extra 'Tools' menuitem : P&ošalji u OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
334. O9 - Extra Button: Pove&zane bilješke programa OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
335. O9 - Extra 'Tools' menuitem : Pove&zane bilješke programa OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
336. O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll File not found
337. O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll File not found
338. O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
339. O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
340. O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
341. O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
342. O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
343. O13 - gopher Prefix: missing
344. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab (Java Plug-in 10.79.2)
345. O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab (Java Plug-in 1.7.0_55)
346. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab (Java Plug-in 10.79.2)
347. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.5.1
348. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAC6CBDB-ABA2-4A3D-A7DD-DD35A7D5C5E0}: DhcpNameServer = 192.168.5.1
349. O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
350. O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
351. O18 - Protocol\Handler\osf - No CLSID value found
352. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
353. O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
354. O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll File not found
355. O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll File not found
356. O18 - Protocol\Handler\WSWSVCUchrome - No CLSID value found
357. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
358. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
359. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
360. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
361. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
362. O32 - HKLM CDRom: AutoRun - 1
363. O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
364. O34 - HKLM BootExecute: (autocheck autochk *)
365. O35 - HKLM\..comfile [open] -- "%1" %*
366. O35 - HKLM\..exefile [open] -- "%1" %*
367. O37 - HKLM\...com [@ = comfile] -- "%1" %*
368. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
369. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
370. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
371. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
372.  
373. NetSvcs: FastUserSwitchingCompatibility - File not found
374. NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
375. NetSvcs: Nla - File not found
376. NetSvcs: Ntmssvc - File not found
377. NetSvcs: NWCWorkstation - File not found
378. NetSvcs: Nwsapagent - File not found
379. NetSvcs: SRService - File not found
380. NetSvcs: WmdmPmSp - File not found
381. NetSvcs: LogonHours - File not found
382. NetSvcs: PCAudit - File not found
383. NetSvcs: helpsvc - File not found
384. NetSvcs: uploadmgr - File not found
385.  
386. CREATERESTOREPOINT
387. Restore point Set: OTL Restore Point
388.  
389. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
390.  
391. [2015.07.04 08:32:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Korisnik\Desktop\OTL.exe
392. [2015.07.04 01:13:13 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
393. [2015.07.04 01:00:42 | 000,000,000 | ---D | C] -- C:\d5dce3218ee0ba4e61fc2a001241
394. [2015.07.04 01:00:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
395. [2015.07.04 00:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
396. [2015.07.03 22:57:21 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\simples-clock-win7gadgets-com
397. [2015.07.03 19:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
398. [2015.07.03 18:58:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
399. [2015.07.03 18:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft OneDrive
400. [2015.07.03 18:02:56 | 000,000,000 | R--D | C] -- C:\Users\Korisnik\OneDrive
401. [2015.07.03 18:01:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
402. [2015.07.03 12:42:56 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\Registry Mechanic
403. [2015.07.03 12:36:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
404. [2015.07.03 12:36:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
405. [2015.07.03 12:34:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Mechanic
406. [2015.07.03 12:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
407. [2015.07.03 12:20:45 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
408. [2015.07.03 12:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
409. [2015.07.03 12:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
410. [2015.07.03 10:17:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\YT Updater
411. [2015.07.03 10:17:11 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Documents\Downloads
412. [2015.07.03 10:08:00 | 000,000,000 | ---D | C] -- C:\ProgramData\TweakBit
413. [2015.07.03 10:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\TweakBit
414. [2015.07.03 09:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\epson
415. [2015.07.03 08:53:22 | 000,000,000 | ---D | C] -- C:\Windows\Fonts\AdvUninstal
416. [2015.07.03 08:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions
417. [2015.07.03 08:52:46 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Local\Innovative Solutions
418. [2015.07.03 08:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO
419. [2015.07.02 11:45:58 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\Limun torta sa belim vinom _ Kuhinjica_files
420. [2015.07.02 11:16:02 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Documents\SolidWorksComposer
421. [2015.07.02 11:05:04 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Documents\SolidWorks Downloads
422. [2015.07.02 11:04:47 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\SolidWorks
423. [2015.07.02 00:01:21 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\Kako napraviti prilagođeni Windows 7 instalacijski disk sa programima i zakrpama _ Oblak Znanja_files
424. [2015.07.01 07:59:47 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\Vrhunski recepti » Ledolina kolač – Ne trebate ni pećnicu a ni mixer_files
425. [2015.06.30 21:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
426. [2015.06.30 09:17:51 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\BitTorrent
427. [2015.06.29 12:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\cjkohkleeglmoiiajdnjghghpaoinckp
428. [2015.06.29 12:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\gmnblpdifllfddoljemfgnmjnfjipiai
429. [2015.06.29 12:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{0704e58c-3689-8421-0704-4e58c3689630}
430. [2015.06.29 12:10:21 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro
431. [2015.06.29 12:07:46 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20
432. [2015.06.29 12:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\eepjaljlcakhpfdkhnpbpdljbiplkkdp
433. [2015.06.29 12:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{19986bd1-0fad-10af-1998-86bd10faaf44}
434. [2015.06.29 12:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
435. [2015.06.27 11:27:59 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\ISSUU - Zvijer i Prorok by Udruga Betlehem_files
436. [2015.06.26 23:18:36 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\Limun kolač _ Kuhinjica_files
437. [2015.06.26 12:20:10 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\Hladna torta _ Kuhinjica_files
438. [2015.06.25 21:26:25 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\Kokos pita — Coolinarika_files
439. [2015.06.25 21:23:11 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\Mileram torta — Coolinarika_files
440. [2015.06.23 20:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.5
441. [2015.06.21 10:35:33 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\mobogenieP2sp
442. [2015.06.20 12:18:36 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\.android
443. [2015.06.20 12:06:12 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\Mobogenie
444. [2015.06.20 12:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobogenie3
445. [2015.06.20 12:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie3
446. [2015.06.20 12:05:01 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Documents\Mobogenie
447. [2015.06.20 00:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub
448. [2015.06.19 00:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
449. [2015.06.16 11:05:10 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\Run_dregol
450. [2015.06.16 11:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\{0A5BE298-5AD9-331E-EB5F-439C3BDD9012}
451. [2015.06.16 11:04:53 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\WeatherTool
452. [2015.06.16 11:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\baidu
453. [2015.06.15 23:20:04 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\Wondershare
454. [2015.06.15 23:18:21 | 000,076,288 | ---- | C] (Wondershare Software) -- C:\Windows\System32\WSMonEditor.dll
455. [2015.06.15 23:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
456. [2015.06.15 23:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\PDFelement
457. [2015.06.15 12:12:24 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\Desktop\Vini kolačići _ Kuhinjica_files
458. [2015.06.10 11:19:48 | 000,000,000 | R--D | C] -- C:\Users\Korisnik\MediaFire
459. [2015.06.07 23:47:45 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\iomatic
460. [2015.06.07 23:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Iomatic
461. [2015.06.07 21:57:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
462. [2015.06.06 22:41:08 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
463. [2015.06.06 22:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
464. [2015.06.06 10:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\{48ddcca8-e79b-066d-48dd-dcca8e7932a3}
465. [2015.06.04 23:25:43 | 004,700,384 | ---- | C] (http://www.specialuninstaller.com/ ) -- C:\Users\Korisnik\Desktop\WinUninstaller_Setup.exe
466. [2014.02.10 22:49:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Korisnik\AppData\Roaming\pcouffin.sys
467. [2014.01.11 02:24:56 | 000,024,192 | ---- | C] (Microsoft Corporation) -- C:\Users\Korisnik\usbsermptxp.sys
468. [2014.01.11 02:24:56 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Users\Korisnik\usbsermpt.sys
469. [12 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
470. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
471. [1 C:\Users\Korisnik\AppData\Local\*.tmp files -> C:\Users\Korisnik\AppData\Local\*.tmp -> ]
472.  
473. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
474.  
475. [2015.07.04 08:37:59 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
476. [2015.07.04 08:32:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Korisnik\Desktop\OTL.exe
477. [2015.07.04 08:30:00 | 000,003,104 | ---- | M] () -- C:\Windows\tasks\16e67b36-fee4-4153-b81a-31a7d85437ff-1-6.job
478. [2015.07.04 08:29:28 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
479. [2015.07.04 08:29:28 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
480. [2015.07.04 08:29:05 | 000,005,148 | ---- | M] () -- C:\Windows\tasks\16e67b36-fee4-4153-b81a-31a7d85437ff-6.job
481. [2015.07.04 08:29:00 | 000,002,078 | ---- | M] () -- C:\Windows\tasks\16e67b36-fee4-4153-b81a-31a7d85437ff-10_user.job
482. [2015.07.04 08:29:00 | 000,000,004 | ---- | M] () -- C:\Windows\System32\029B560A371F4E00AB32838EBC01B9E7
483. [2015.07.04 08:28:40 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
484. [2015.07.04 08:27:00 | 000,003,120 | ---- | M] () -- C:\Windows\tasks\06f41971-6e69-4186-a92c-ed85ca7b52f3-1-6.job
485. [2015.07.04 08:26:04 | 000,005,500 | ---- | M] () -- C:\Windows\tasks\06f41971-6e69-4186-a92c-ed85ca7b52f3-6.job
486. [2015.07.04 08:26:00 | 000,002,094 | ---- | M] () -- C:\Windows\tasks\06f41971-6e69-4186-a92c-ed85ca7b52f3-10_user.job
487. [2015.07.04 08:18:37 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
488. [2015.07.04 08:18:30 | 000,005,506 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job
489. [2015.07.04 08:18:30 | 000,005,170 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job
490. [2015.07.04 08:18:30 | 000,005,164 | ---- | M] () -- C:\Windows\tasks\06f41971-6e69-4186-a92c-ed85ca7b52f3-7.job
491. [2015.07.04 08:18:30 | 000,005,148 | ---- | M] () -- C:\Windows\tasks\16e67b36-fee4-4153-b81a-31a7d85437ff-7.job
492. [2015.07.04 08:18:30 | 000,004,804 | ---- | M] () -- C:\Windows\tasks\16e67b36-fee4-4153-b81a-31a7d85437ff-4.job
493. [2015.07.04 08:18:30 | 000,004,482 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.job
494. [2015.07.04 08:18:30 | 000,004,476 | ---- | M] () -- C:\Windows\tasks\06f41971-6e69-4186-a92c-ed85ca7b52f3-4.job
495. [2015.07.04 08:18:30 | 000,004,146 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job
496. [2015.07.04 08:18:30 | 000,003,462 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job
497. [2015.07.04 08:18:30 | 000,003,456 | ---- | M] () -- C:\Windows\tasks\06f41971-6e69-4186-a92c-ed85ca7b52f3-1-7.job
498. [2015.07.04 08:18:30 | 000,003,126 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job
499. [2015.07.04 08:18:30 | 000,003,104 | ---- | M] () -- C:\Windows\tasks\16e67b36-fee4-4153-b81a-31a7d85437ff-1-7.job
500. [2015.07.04 08:18:30 | 000,002,434 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job
501. [2015.07.04 08:18:30 | 000,002,434 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job
502. [2015.07.04 08:18:30 | 000,002,428 | ---- | M] () -- C:\Windows\tasks\06f41971-6e69-4186-a92c-ed85ca7b52f3-5_user.job
503. [2015.07.04 08:18:30 | 000,002,428 | ---- | M] () -- C:\Windows\tasks\06f41971-6e69-4186-a92c-ed85ca7b52f3-5.job
504. [2015.07.04 08:18:30 | 000,002,412 | ---- | M] () -- C:\Windows\tasks\16e67b36-fee4-4153-b81a-31a7d85437ff-5_user.job
505. [2015.07.04 08:18:30 | 000,002,412 | ---- | M] () -- C:\Windows\tasks\16e67b36-fee4-4153-b81a-31a7d85437ff-5.job
506. [2015.07.04 08:18:30 | 000,002,100 | ---- | M] () -- C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job
507. [2015.07.04 08:18:30 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\Health-Check-auto.job
508. [2015.07.04 08:18:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
509. [2015.07.04 08:18:06 | 2616,582,144 | -HS- | M] () -- C:\hiberfil.sys
510. [2015.07.04 01:50:31 | 000,000,516 | ---- | M] () -- C:\Users\Korisnik\Desktop\Enable_Gadgets.reg
511. [2015.07.04 00:50:48 | 000,002,185 | ---- | M] () -- C:\Users\Korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
512. [2015.07.04 00:50:48 | 000,002,161 | ---- | M] () -- C:\Users\Korisnik\Desktop\Google Chrome.lnk
513. [2015.07.04 00:44:17 | 000,474,472 | ---- | M] () -- C:\Windows\System32\drivers\fvstore.dat
514. [2015.07.04 00:11:03 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\SteadySyncer.job
515. [2015.07.04 00:03:04 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Bidaily Synchronize Task[973b].job
516. [2015.07.04 00:02:59 | 000,717,866 | ---- | M] () -- C:\Windows\System32\perfh009.dat
517. [2015.07.04 00:02:59 | 000,144,380 | ---- | M] () -- C:\Windows\System32\perfc009.dat
518. [2015.07.03 22:25:01 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\Bidaily Synchronize Task.job
519. [2015.07.03 22:25:01 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\BrickImage.job
520. [2015.07.03 20:44:01 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\Bidaily Synchronize Task[pr].job
521. [2015.07.03 13:08:11 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Health-Check-deep.job
522. [2015.07.03 13:08:11 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\Health-Check.job
523. [2015.07.03 08:52:46 | 000,001,015 | ---- | M] () -- C:\Users\Korisnik\Desktop\Advanced Uninstaller PRO 11.lnk
524. [2015.07.03 08:52:43 | 000,042,496 | ---- | M] () -- C:\Windows\System32\AdvUninstCPL.cpl
525. [2015.07.03 08:16:47 | 000,000,024 | ---- | M] () -- C:\Users\Korisnik\AppData\Roaming\appdataFr25.bin
526. [2015.07.02 11:46:19 | 000,226,878 | ---- | M] () -- C:\Users\Korisnik\Desktop\Limun torta sa belim vinom _ Kuhinjica.htm
527. [2015.07.02 00:01:23 | 000,087,177 | ---- | M] () -- C:\Users\Korisnik\Desktop\Kako napraviti prilagođeni Windows 7 instalacijski disk sa programima i zakrpama _ Oblak Znanja.htm
528. [2015.06.29 12:10:23 | 000,000,793 | ---- | M] () -- C:\Users\Korisnik\Desktop\Duplicate Cleaner Pro.lnk
529. [2015.06.29 12:07:46 | 000,000,969 | ---- | M] () -- C:\Users\Korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\SevenZip.lnk
530. [2015.06.29 12:02:33 | 000,001,362 | ---- | M] () -- C:\Users\Korisnik\Desktop\Internet Explorer.lnk
531. [2015.06.29 12:02:18 | 000,001,386 | ---- | M] () -- C:\Users\Korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
532. [2015.06.28 23:31:55 | 000,024,798 | ---- | M] () -- C:\Users\Korisnik\Desktop\kiša.jpg
533. [2015.06.27 11:28:00 | 000,068,212 | ---- | M] () -- C:\Users\Korisnik\Desktop\ISSUU - Zvijer i Prorok by Udruga Betlehem.htm
534. [2015.06.24 08:24:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
535. [2015.06.21 11:54:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
536. [2015.06.20 13:45:05 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
537. [2015.06.20 13:43:39 | 000,088,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
538. [2015.06.20 12:05:40 | 000,000,988 | ---- | M] () -- C:\Users\Korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Mobogenie3.lnk
539. [2015.06.19 22:12:13 | 000,001,086 | ---- | M] () -- C:\Users\Korisnik\Desktop\PocketDivXEncoder.lnk
540. [2015.06.15 07:15:37 | 000,000,957 | ---- | M] () -- C:\Users\Korisnik\Desktop\Viber.lnk
541. [2015.06.11 07:47:37 | 000,655,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
542. [2015.06.05 15:35:42 | 000,091,176 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
543. [2015.06.05 15:35:39 | 000,041,224 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
544. [2015.06.05 15:35:36 | 000,621,120 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
545. [2015.06.05 15:35:33 | 000,017,064 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
546. [2015.06.05 15:34:21 | 000,033,496 | ---- | M] (COMODO) -- C:\Windows\System32\cmdcsr.dll
547. [2015.06.05 15:34:18 | 000,444,448 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
548. [2015.06.05 15:31:54 | 000,288,448 | ---- | M] (COMODO) -- C:\Windows\System32\cmdvrt32.dll
549. [2015.06.05 15:31:27 | 000,040,640 | ---- | M] (COMODO) -- C:\Windows\System32\cmdkbd32.dll
550. [2015.06.04 23:25:44 | 004,700,384 | ---- | M] (http://www.specialuninstaller.com/ ) -- C:\Users\Korisnik\Desktop\WinUninstaller_Setup.exe
551. [12 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
552. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
553.  
554. [color=#E56717]========== Files Created - No Company Name ==========[/color]
555.  
556. [2015.07.04 01:50:29 | 000,000,516 | ---- | C] () -- C:\Users\Korisnik\Desktop\Enable_Gadgets.reg
557. [2015.07.03 23:24:40 | 000,002,161 | ---- | C] () -- C:\Users\Korisnik\Desktop\Google Chrome.lnk
558. [2015.07.03 23:23:12 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
559. [2015.07.03 23:23:07 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
560. [2015.07.03 18:02:56 | 000,002,149 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
561. [2015.07.03 08:53:15 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\Health-Check-auto.job
562. [2015.07.03 08:53:12 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\Health-Check-deep.job
563. [2015.07.03 08:53:07 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\Health-Check.job
564. [2015.07.03 08:52:46 | 000,001,015 | ---- | C] () -- C:\Users\Korisnik\Desktop\Advanced Uninstaller PRO 11.lnk
565. [2015.07.03 08:52:46 | 000,000,887 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO 11.lnk
566. [2015.07.03 08:52:43 | 000,042,496 | ---- | C] () -- C:\Windows\System32\AdvUninstCPL.cpl
567. [2015.07.02 11:46:19 | 000,226,878 | ---- | C] () -- C:\Users\Korisnik\Desktop\Limun torta sa belim vinom _ Kuhinjica.htm
568. [2015.07.02 00:01:21 | 000,087,177 | ---- | C] () -- C:\Users\Korisnik\Desktop\Kako napraviti prilagođeni Windows 7 instalacijski disk sa programima i zakrpama _ Oblak Znanja.htm
569. [2015.06.29 12:11:10 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\SteadySyncer.job
570. [2015.06.29 12:10:23 | 000,000,793 | ---- | C] () -- C:\Users\Korisnik\Desktop\Duplicate Cleaner Pro.lnk
571. [2015.06.29 12:07:46 | 000,000,969 | ---- | C] () -- C:\Users\Korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\SevenZip.lnk
572. [2015.06.29 12:03:50 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\Bidaily Synchronize Task[973b].job
573. [2015.06.28 23:31:54 | 000,024,798 | ---- | C] () -- C:\Users\Korisnik\Desktop\kiša.jpg
574. [2015.06.27 11:27:58 | 000,068,212 | ---- | C] () -- C:\Users\Korisnik\Desktop\ISSUU - Zvijer i Prorok by Udruga Betlehem.htm
575. [2015.06.21 13:25:34 | 000,000,024 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\appdataFr25.bin
576. [2015.06.21 11:54:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
577. [2015.06.20 12:05:40 | 000,000,988 | ---- | C] () -- C:\Users\Korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Mobogenie3.lnk
578. [2015.06.19 22:11:12 | 000,001,086 | ---- | C] () -- C:\Users\Korisnik\Desktop\PocketDivXEncoder.lnk
579. [2015.06.15 23:17:58 | 000,000,232 | ---- | C] () -- C:\Windows\System32\dllhost.exe.config
580. [2015.06.08 11:46:04 | 000,655,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
581. [2015.06.06 10:25:07 | 000,000,360 | ---- | C] () -- C:\Windows\tasks\BrickImage.job
582. [2015.05.27 20:52:34 | 000,001,672 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
583. [2015.05.22 20:20:42 | 000,000,390 | RHS- | C] () -- C:\ProgramData\ntuser.pol
584. [2015.05.06 23:32:20 | 005,804,772 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
585. [2015.05.06 23:32:11 | 001,990,874 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
586. [2015.05.06 23:31:53 | 000,087,864 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
587. [2015.04.28 16:46:54 | 000,000,165 | ---- | C] () -- C:\Windows\Reimage.ini
588. [2015.03.12 00:54:56 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
589. [2015.03.12 00:54:56 | 000,000,088 | RHS- | C] () -- C:\ProgramData\DF0909247F.sys
590. [2015.01.25 18:12:14 | 000,002,086 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\ZFGZ
591. [2015.01.25 18:12:14 | 000,002,086 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\EWYB
592. [2014.10.08 13:27:08 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
593. [2014.10.08 13:27:07 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
594. [2014.10.08 13:27:04 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
595. [2014.10.08 13:26:57 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
596. [2014.10.08 13:19:15 | 002,140,976 | ---- | C] () -- C:\Windows\System32\SStudio.dll
597. [2014.10.08 13:19:07 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
598. [2014.09.01 10:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\ITWMSTF
599. [2014.07.09 11:52:27 | 000,015,632 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\SendPost.exe
600. [2014.03.28 23:43:42 | 000,098,304 | ---- | C] () -- C:\Windows\System32\bftowdthunk.dll
601. [2014.03.21 01:25:12 | 000,901,120 | ---- | C] () -- C:\Windows\System32\ctocr32.dll
602. [2014.03.21 01:25:12 | 000,053,248 | ---- | C] () -- C:\Windows\System32\ctocrc32.dll
603. [2014.02.17 22:53:23 | 000,001,057 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\vso_ts_preview.xml
604. [2014.02.10 22:49:02 | 000,087,608 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\inst.exe
605. [2014.02.10 22:49:02 | 000,007,887 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\pcouffin.cat
606. [2014.02.10 22:49:02 | 000,001,144 | ---- | C] () -- C:\Users\Korisnik\AppData\Roaming\pcouffin.inf
607. [2014.01.26 23:45:56 | 000,000,218 | ---- | C] () -- C:\Users\Korisnik\AppData\Local\recently-used.xbel
608. [2014.01.12 23:34:56 | 000,000,120 | ---- | C] () -- C:\Windows\PbkUser.INI
609. [2014.01.12 18:26:50 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
610. [2014.01.11 02:24:56 | 000,007,195 | ---- | C] () -- C:\Users\Korisnik\USBMOT2000.INF
611. [2014.01.11 02:24:56 | 000,005,891 | ---- | C] () -- C:\Users\Korisnik\USBMOT2000XP.INF
612. [2014.01.11 02:24:56 | 000,005,877 | ---- | C] () -- C:\Users\Korisnik\USB_CMCS_2000.INF
613. [2014.01.11 02:24:55 | 000,117,456 | ---- | C] () -- C:\Users\Korisnik\1389399895-oem12.PNF
614. [2014.01.11 02:24:55 | 000,069,786 | ---- | C] () -- C:\Users\Korisnik\1389399895-oem12.inf
615. [2013.11.26 00:22:50 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
616. [2013.11.26 00:22:50 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
617. [2013.11.17 02:27:22 | 000,000,218 | ---- | C] () -- C:\Windows\cdplayer.ini
618. [2013.11.17 02:19:01 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
619. [2013.11.14 02:12:12 | 000,005,033 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
620. [2013.11.02 13:33:52 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
621. [2013.11.01 21:52:25 | 000,474,472 | ---- | C] () -- C:\Windows\System32\drivers\fvstore.dat
622. [2013.11.01 21:48:31 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
623. [2013.11.01 13:10:36 | 000,000,033 | ---- | C] () -- C:\Windows\Multimedia manager.INI
624. [2013.11.01 01:59:33 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
625. [2013.10.30 13:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
626. [2013.10.30 13:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
627. [2013.10.30 13:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
628. [2013.10.30 13:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
629. [2013.10.11 21:45:33 | 000,007,168 | ---- | C] () -- C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
630. [2013.08.31 15:43:37 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
631. [2013.08.30 00:55:45 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
632. [2013.08.29 23:23:00 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
633. [2013.08.29 23:22:59 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
634. [2013.08.27 12:20:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
635.  
636. [color=#E56717]========== ZeroAccess Check ==========[/color]
637.  
638. [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
639.  
640. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
641.  
642. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
643.  
644. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
645. "" = %SystemRoot%\system32\shell32.dll -- [2015.03.11 11:52:01 | 012,875,264 | ---- | M] (Microsoft Corporation)
646. "ThreadingModel" = Apartment
647.  
648. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
649. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
650. "ThreadingModel" = Free
651.  
652. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
653. "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
654. "ThreadingModel" = Both
655.  
656. [color=#E56717]========== LOP Check ==========[/color]
657.  
658. [2015.03.17 23:48:17 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\12092
659. [2014.04.12 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\2854
660. [2014.11.22 23:20:03 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\337Games
661. [2013.11.09 11:05:03 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\4shared Desktop
662. [2013.09.14 09:44:39 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\AllDup
663. [2013.10.12 00:13:48 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\AnvSoft
664. [2015.02.28 15:15:28 | 000,000,000 | -HSD | M] -- C:\Users\Korisnik\AppData\Roaming\AnyProtectEx
665. [2015.07.03 10:00:51 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Apowersoft
666. [2015.07.03 10:00:51 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Ashampoo
667. [2013.11.02 00:34:36 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Asuni
668. [2014.08.07 00:16:44 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Aura4You
669. [2014.02.19 00:35:30 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Auslogics
670. [2015.07.03 09:08:37 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Autodesk
671. [2013.10.29 22:31:24 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\AVAST Software
672. [2013.09.14 12:28:27 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Avery
673. [2014.03.28 23:44:06 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Axara
674. [2015.05.20 12:31:39 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Babylon
675. [2015.06.30 22:02:05 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\BitTorrent
676. [2013.11.18 21:05:47 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Broad Intelligence
677. [2014.09.04 10:58:15 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\BSplayer
678. [2013.08.27 12:32:16 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\BSplayer Pro
679. [2013.10.20 00:16:22 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Canneverbe Limited
680. [2013.11.14 02:12:02 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Carambis
681. [2013.11.06 00:12:49 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\CrystalButton
682. [2015.02.19 01:07:48 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\DassaultSystemes
683. [2014.01.26 23:45:56 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\deluge
684. [2015.07.02 20:47:08 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\DigitalVolcano
685. [2014.02.13 23:03:22 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Downloaded Installations
686. [2013.12.06 12:34:09 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Dropbox
687. [2015.03.01 19:00:47 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\DVDVideoSoft
688. [2013.09.04 08:07:06 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Epson
689. [2015.03.01 00:57:57 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Error Fix
690. [2014.08.10 22:43:53 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\eTeks
691. [2014.03.07 22:16:14 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\FileAdvisor
692. [2015.01.24 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Foxit Software
693. [2014.03.21 00:57:47 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\GIRDAC
694. [2013.10.29 01:38:23 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\GlarySoft
695. [2014.01.30 12:16:03 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\GVU Technologies
696. [2014.04.26 21:39:05 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\iDealshare VideoAll
697. [2014.04.26 20:20:16 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\iDealshare VideoGo 5
698. [2015.07.03 00:47:56 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\IObit
699. [2015.06.07 23:47:45 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\iomatic
700. [2015.07.01 16:10:03 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\IsolatedStorage
701. [2013.11.02 22:36:24 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Jumping Bytes
702. [2014.01.02 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\KingTranslate
703. [2013.10.31 12:46:02 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Leadertech
704. [2014.02.26 21:08:40 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\MDownloader
705. [2015.03.15 23:13:07 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\mkv2x
706. [2015.06.21 11:55:38 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Mobogenie
707. [2013.10.19 00:05:07 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\motorola
708. [2014.05.12 21:54:27 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Motorola Mobility
709. [2015.06.19 22:27:49 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\MPC-HC
710. [2013.11.12 02:13:49 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\My rosary
711. [2014.02.13 23:00:54 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Nitro
712. [2015.06.29 13:58:53 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Nokia
713. [2014.10.08 11:18:56 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Opera Software
714. [2014.04.25 20:35:38 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Oracle
715. [2013.11.01 01:21:14 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\PC Suite
716. [2015.07.03 00:47:59 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\ProductData
717. [2014.09.10 23:59:49 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\QuickScan
718. [2014.09.10 08:17:27 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\RaimaRadioPro
719. [2014.05.03 23:03:06 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Reason
720. [2014.05.06 14:15:03 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Reason Software Company Inc
721. [2015.07.03 12:42:56 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Registry Mechanic
722. [2015.03.18 00:00:39 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\RHEng
723. [2015.06.16 11:05:10 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Run_dregol
724. [2015.07.02 20:39:04 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Samsung
725. [2014.09.04 22:00:07 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Soft Solutions
726. [2014.02.12 21:49:41 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Softplicity
727. [2015.05.29 14:09:57 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Solvusoft
728. [2014.07.02 12:45:23 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\SumatraPDF
729. [2015.03.14 10:25:46 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\systweak
730. [2015.07.03 11:02:23 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\TeamViewer
731. [2014.11.07 22:55:38 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\The Word
732. [2015.02.28 12:45:06 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\TuneUp Software
733. [2015.03.12 01:23:31 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Ulead Systems
734. [2015.07.04 08:41:42 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\uTorrent
735. [2015.07.04 08:19:11 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\ViberPC
736. [2014.11.02 18:46:21 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Video DVD Maker FREE
737. [2015.07.02 21:48:13 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Vso
738. [2015.06.16 20:25:05 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\WeatherTool
739. [2013.10.09 21:49:17 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Windows Live Writer
740. [2013.10.04 18:50:19 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\WinMount
741. [2015.06.15 23:20:04 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Wondershare
742. [2015.03.01 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Wondershare Video Converter Ultimate
743. [2013.10.31 17:39:42 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Zbshareware Lab
744. [2014.11.23 09:50:02 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
745. [2015.03.01 19:45:47 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
746.  
747. [color=#E56717]========== Purity Check ==========[/color]
748.  
749.  
750.  
751. [color=#E56717]========== Custom Scans ==========[/color]
752.  
753. [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
754.  
755. [color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
756. [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
757. [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
758. [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
759.  
760. [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
761. [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
762. [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
763. [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
764. [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
765. [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
766. [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
767.  
768. [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
769. [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
770. [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
771.  
772. [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
773. [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
774. [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
775. [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
776. [2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
777. [2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
778. [2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
779.  
780. [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
781. [2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
782. [2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
783.  
784. [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
785. [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
786. [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
787. [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
788. [2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
789. [2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
790. [2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
791.  
792. [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
793. [2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
794. [2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
795.  
796. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
797.  
798. [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
799. [12 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
800.  
801. [color=#E56717]========== Alternate Data Streams ==========[/color]
802.  
803. @Alternate Data Stream - 64 bytes -> D:\Program Files\CCleaner\CCleaner.exe:$CmdTcID
804. @Alternate Data Stream - 64 bytes -> C:\Windows\UnDeployV.exe:$CmdTcID
805. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xinput1_3.dll:$CmdTcID
806. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xinput1_2.dll:$CmdTcID
807. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_9.dll:$CmdTcID
808. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_8.dll:$CmdTcID
809. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_7.dll:$CmdTcID
810. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_6.dll:$CmdTcID
811. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_5.dll:$CmdTcID
812. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_4.dll:$CmdTcID
813. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_3.dll:$CmdTcID
814. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_2.dll:$CmdTcID
815. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_10.dll:$CmdTcID
816. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\xactengine2_0.dll:$CmdTcID
817. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\X3DAudio1_2.dll:$CmdTcID
818. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\x3daudio1_1.dll:$CmdTcID
819. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wuwebv.dll:$CmdTcID
820. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wups2.dll:$CmdTcID
821. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wups.dll:$CmdTcID
822. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wudriver.dll:$CmdTcID
823. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wucltux.dll:$CmdTcID
824. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wuaueng.dll:$CmdTcID
825. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wuauclt.exe:$CmdTcID
826. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wuapp.exe:$CmdTcID
827. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wuapi.dll:$CmdTcID
828. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wu.upgrade.ps.dll:$CmdTcID
829. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wpdshext.dll:$CmdTcID
830. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wmploc.DLL:$CmdTcID
831. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\WMPhoto.dll:$CmdTcID
832. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wmp.dll:$CmdTcID
833. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wmdrmsdk.dll:$CmdTcID
834. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wksprtPS.dll:$CmdTcID
835. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wksprt.exe:$CmdTcID
836. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\WinUSBCoInstaller.dll:$CmdTcID
837. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wintrust.dll:$CmdTcID
838. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\winsrv.dll:$CmdTcID
839. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\WinSetupUI.dll:$CmdTcID
840. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\winload.exe:$CmdTcID
841. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wininet.dll:$CmdTcID
842. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\WindowsCodecs.dll:$CmdTcID
843. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\win32k.sys:$CmdTcID
844. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wdigest.dll:$CmdTcID
845. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\wdi.dll:$CmdTcID
846. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\vbscript.dll:$CmdTcID
847. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\UtcResources.dll:$CmdTcID
848. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\urlmon.dll:$CmdTcID
849. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ubpm.dll:$CmdTcID
850. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\typeperf.exe:$CmdTcID
851. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID
852. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID
853. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\TsUsbGDCoInstaller.dll:$CmdTcID
854. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\tspkg.dll:$CmdTcID
855. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\tsgqec.dll:$CmdTcID
856. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\tracerpt.exe:$CmdTcID
857. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\tossaemaxapo32.dll:$CmdTcID
858. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\tdh.dll:$CmdTcID
859. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\tadefxapo2.dll:$CmdTcID
860. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\sspisrv.dll:$CmdTcID
861. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\sspicli.dll:$CmdTcID
862. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\SRRPTR.dll:$CmdTcID
863. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\srcore.dll:$CmdTcID
864. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\SRCOM.dll:$CmdTcID
865. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\srclient.dll:$CmdTcID
866. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\SRAPO.dll:$CmdTcID
867. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\spwmp.dll:$CmdTcID
868. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\smss.exe:$CmdTcID
869. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\SmartDefragBootTime.exe:$CmdTcID
870. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\sltech32.dll:$CmdTcID
871. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\slprp32.dll:$CmdTcID
872. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\slcnt32.dll:$CmdTcID
873. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\sl3apo32.dll:$CmdTcID
874. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\shimeng.dll:$CmdTcID
875. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\shell32.dll:$CmdTcID
876. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\setbcdlocale.dll:$CmdTcID
877. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\SEHDRA32.dll:$CmdTcID
878. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\secur32.dll:$CmdTcID
879. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\SECOMN32.dll:$CmdTcID
880. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\sechost.dll:$CmdTcID
881. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\SEAPO32.dll:$CmdTcID
882. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\sdbinst.exe:$CmdTcID
883. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\schannel.dll:$CmdTcID
884. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\RTSndMgr.cpl:$CmdTcID
885. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\RTNUninst32.dll:$CmdTcID
886. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\RtNicProp32.dll:$CmdTcID
887. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\RtkPgExt.dll:$CmdTcID
888. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\RtkCoInstII.dll:$CmdTcID
889. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\RtkApoApi.dll:$CmdTcID
890. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\rstrui.exe:$CmdTcID
891. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\rrinstaller.exe:$CmdTcID
892. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\RltkAPO.dll:$CmdTcID
893. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\relog.exe:$CmdTcID
894. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\rdvidcrl.dll:$CmdTcID
895. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\rdpudd.dll:$CmdTcID
896. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\RdpGroupPolicyExtension.dll:$CmdTcID
897. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\rdpcorets.dll:$CmdTcID
898. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\quartz.dll:$CmdTcID
899. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\qdvd.dll:$CmdTcID
900. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\profsvc.dll:$CmdTcID
901. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\powertracker.dll:$CmdTcID
902. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\poqexec.exe:$CmdTcID
903. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\perftrack.dll:$CmdTcID
904. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\pcawrk.exe:$CmdTcID
905. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\pcasvc.dll:$CmdTcID
906. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\pcalua.exe:$CmdTcID
907. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\pcaevts.dll:$CmdTcID
908. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\pcadm.dll:$CmdTcID
909. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ntoskrnl.exe:$CmdTcID
910. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ntkrnlpa.exe:$CmdTcID
911. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ntdll.dll:$CmdTcID
912. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\nlasvc.dll:$CmdTcID
913. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ncrypt.dll:$CmdTcID
914. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\NAHIMICV2apo.dll:$CmdTcID
915. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\NahimicAPONSControl.dll:$CmdTcID
916. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\NAHIMICAPOlfx.dll:$CmdTcID
917. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msvcr100.dll:$CmdTcID
918. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msvcp100.dll:$CmdTcID
919. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msv1_0.dll:$CmdTcID
920. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mstsc.exe:$CmdTcID
921. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MsSpellCheckingFacility.exe:$CmdTcID
922. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msscp.dll:$CmdTcID
923. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MsRdpWebAccess.dll:$CmdTcID
924. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msrating.dll:$CmdTcID
925. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msobjs.dll:$CmdTcID
926. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msnetobj.dll:$CmdTcID
927. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msmmsp.dll:$CmdTcID
928. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mshtmlmedia.dll:$CmdTcID
929. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mshtmled.dll:$CmdTcID
930. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MshtmlDac.dll:$CmdTcID
931. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mshtml.dll:$CmdTcID
932. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msfeeds.dll:$CmdTcID
933. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msdxm.ocx:$CmdTcID
934. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msctf.dll:$CmdTcID
935. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MSCOMCTL.OCX:$CmdTcID
936. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\msaudite.dll:$CmdTcID
937. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MRT.exe:$CmdTcID
938. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfps.dll:$CmdTcID
939. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfpmp.exe:$CmdTcID
940. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfplat.dll:$CmdTcID
941. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mferror.dll:$CmdTcID
942. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfcm100u.dll:$CmdTcID
943. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfcm100.dll:$CmdTcID
944. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100u.dll:$CmdTcID
945. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100rus.dll:$CmdTcID
946. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100kor.dll:$CmdTcID
947. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100jpn.dll:$CmdTcID
948. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100ita.dll:$CmdTcID
949. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100fra.dll:$CmdTcID
950. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100esn.dll:$CmdTcID
951. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100enu.dll:$CmdTcID
952. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100deu.dll:$CmdTcID
953. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100cht.dll:$CmdTcID
954. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100chs.dll:$CmdTcID
955. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mfc100.dll:$CmdTcID
956. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\mf.dll:$CmdTcID
957. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MaxxVoiceAPO40.dll:$CmdTcID
958. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MaxxVoiceAPO30.dll:$CmdTcID
959. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MaxxVoiceAPO20.dll:$CmdTcID
960. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MaxxAudioRealtek.dll:$CmdTcID
961. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MaxxAudioAPOShell.dll:$CmdTcID
962. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MaxxAudioAPO70.dll:$CmdTcID
963. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MaxxAudioAPO60.dll:$CmdTcID
964. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\MaxxAudioAPO50.dll:$CmdTcID
965. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\lsass.exe:$CmdTcID
966. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\lsasrv.dll:$CmdTcID
967. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\lpk.dll:$CmdTcID
968. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\logman.exe:$CmdTcID
969. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\KernelBase.dll:$CmdTcID
970. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\kernel32.dll:$CmdTcID
971. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\kerberos.dll:$CmdTcID
972. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\jsproxy.dll:$CmdTcID
973. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\jscript9diag.dll:$CmdTcID
974. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\jscript9.dll:$CmdTcID
975. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\jscript.dll:$CmdTcID
976. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\JavaScriptCollectionAgent.dll:$CmdTcID
977. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\invagent.dll:$CmdTcID
978. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\inetcpl.cpl:$CmdTcID
979. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ieUnatt.exe:$CmdTcID
980. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ieui.dll:$CmdTcID
981. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\iesetup.dll:$CmdTcID
982. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\iertutil.dll:$CmdTcID
983. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\iernonce.dll:$CmdTcID
984. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ieframe.dll:$CmdTcID
985. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ieetwproxystub.dll:$CmdTcID
986. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ieetwcollectorres.dll:$CmdTcID
987. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ieetwcollector.exe:$CmdTcID
988. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\iedkcs32.dll:$CmdTcID
989. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ieapfltr.dll:$CmdTcID
990. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ie4uinit.exe:$CmdTcID
991. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\ICEsoundAPO.dll:$CmdTcID
992. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\GPhotos.scr:$CmdTcID
993. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\generaltel.dll:$CmdTcID
994. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\fontsub.dll:$CmdTcID
995. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\FMAPO.dll:$CmdTcID
996. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\FM20.DLL:$CmdTcID
997. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\FlashPlayerApp.exe:$CmdTcID
998. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\evr.dll:$CmdTcID
999. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\EncDump.dll:$CmdTcID
1000. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\dxtrans.dll:$CmdTcID
1001. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\dxtmsft.dll:$CmdTcID
1002. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\dxmasf.dll:$CmdTcID
1003. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\dwmcore.dll:$CmdTcID
1004. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\dwmapi.dll:$CmdTcID
1005. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drmv2clt.dll:$CmdTcID
1006. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drmmgrtn.dll:$CmdTcID
1007. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\TsUsbFlt.sys:$CmdTcID
1008. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\stream.sys:$CmdTcID
1009. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\ssudmdm.sys:$CmdTcID
1010. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\ssudbus.sys:$CmdTcID
1011. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\RTKVHDA.sys:$CmdTcID
1012. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\Rt86win7.sys:$CmdTcID
1013. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\PEAuth.sys:$CmdTcID
1014. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\mrxdav.sys:$CmdTcID
1015. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\mountmgr.sys:$CmdTcID
1016. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\ksecpkg.sys:$CmdTcID
1017. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\ksecdd.sys:$CmdTcID
1018. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\cng.sys:$CmdTcID
1019. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\AtihdW73.sys:$CmdTcID
1020. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\appid.sys:$CmdTcID
1021. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\diskperf.exe:$CmdTcID
1022. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\diagtrack.dll:$CmdTcID
1023. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\devinv.dll:$CmdTcID
1024. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\DelayAPO.dll:$CmdTcID
1025. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\DDPP32A.dll:$CmdTcID
1026. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\DDPO32A.dll:$CmdTcID
1027. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\DDPD32A.dll:$CmdTcID
1028. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\DDPA32.dll:$CmdTcID
1029. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\dciman32.dll:$CmdTcID
1030. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_36.dll:$CmdTcID
1031. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_35.dll:$CmdTcID
1032. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_34.dll:$CmdTcID
1033. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_33.dll:$CmdTcID
1034. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_31.dll:$CmdTcID
1035. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_29.dll:$CmdTcID
1036. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_27.dll:$CmdTcID
1037. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_26.dll:$CmdTcID
1038. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_25.dll:$CmdTcID
1039. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx9_24.dll:$CmdTcID
1040. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx10_36.dll:$CmdTcID
1041. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx10_35.dll:$CmdTcID
1042. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx10_34.dll:$CmdTcID
1043. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx10_33.dll:$CmdTcID
1044. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\d3dx10.dll:$CmdTcID
1045. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\D3DCompiler_36.dll:$CmdTcID
1046. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\D3DCompiler_35.dll:$CmdTcID
1047. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\D3DCompiler_34.dll:$CmdTcID
1048. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\D3DCompiler_33.dll:$CmdTcID
1049. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\CX32APO.dll:$CmdTcID
1050. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\csrsrv.dll:$CmdTcID
1051. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\cryptui.dll:$CmdTcID
1052. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\cryptsvc.dll:$CmdTcID
1053. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\cryptsp.dll:$CmdTcID
1054. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\cryptnet.dll:$CmdTcID
1055. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\crypt32.dll:$CmdTcID
1056. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\credssp.dll:$CmdTcID
1057. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\conhost.exe:$CmdTcID
1058. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\comctl32.dll:$CmdTcID
1059. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\blackbox.dll:$CmdTcID
1060. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\auditpol.exe:$CmdTcID
1061. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\audiosrv.dll:$CmdTcID
1062. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\AudioSes.dll:$CmdTcID
1063. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\audioLibVc.dll:$CmdTcID
1064. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\AUDIOKSE.dll:$CmdTcID
1065. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\AudioEng.dll:$CmdTcID
1066. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\audiodg.exe:$CmdTcID
1067. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\atmlib.dll:$CmdTcID
1068. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\atmfd.dll:$CmdTcID
1069. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\atl100.dll:$CmdTcID
1070. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\appraiser.dll:$CmdTcID
1071. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\appidsvc.dll:$CmdTcID
1072. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\appidpolicyconverter.exe:$CmdTcID
1073. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\appidcertstorecheck.exe:$CmdTcID
1074. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\appidapi.dll:$CmdTcID
1075. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\apphelp.dll:$CmdTcID
1076. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\apisetschema.dll:$CmdTcID
1077. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
1078. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
1079. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
1080. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
1081. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
1082. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
1083. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
1084. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
1085. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
1086. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
1087. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
1088. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
1089. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
1090. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
1091. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
1092. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
1093. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
1094. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
1095. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
1096. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
1097. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
1098. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
1099. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
1100. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
1101. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
1102. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
1103. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
1104. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
1105. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\AERTACap.dll:$CmdTcID
1106. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\aepic.dll:$CmdTcID
1107. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\aepdu.dll:$CmdTcID
1108. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\aelupsvc.dll:$CmdTcID
1109. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\aeinv.dll:$CmdTcID
1110. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\AdvUninstCPL.cpl:$CmdTcID
1111. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\advapi32.dll:$CmdTcID
1112. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\adtschema.dll:$CmdTcID
1113. @Alternate Data Stream - 64 bytes -> C:\Windows\System32\acmigration.dll:$CmdTcID
1114. @Alternate Data Stream - 64 bytes -> C:\Users\Korisnik\Desktop\YTDSetup.exe:$CmdTcID
1115. @Alternate Data Stream - 64 bytes -> C:\Users\Korisnik\Desktop\OTL.exe:$CmdTcID
1116. @Alternate Data Stream - 64 bytes -> C:\Users\Korisnik\Desktop\Enable_Gadgets.reg:$CmdTcID
1117. @Alternate Data Stream - 64 bytes -> C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe:$CmdTcID
1118. @Alternate Data Stream - 64 bytes -> C:\Users\Korisnik\AppData\Roaming\inst.exe:$CmdTcID
1119. @Alternate Data Stream - 64 bytes -> C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe:$CmdTcID
1120. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\WinUninstaller_Setup.exe:$CmdZnID
1121. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\url.htm:$CmdZnID
1122. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\Reset_Gadgets.bat:$CmdZnID
1123. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\OTL.exe:$CmdZnID
1124. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\kiša.jpg:$CmdZnID
1125. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\Kako napraviti prilagođeni Windows 7 instalacijski disk sa programima i zakrpama _ Oblak Znanja.htm:$CmdZnID
1126. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\ISSUU - Zvijer i Prorok by Udruga Betlehem.htm:$CmdZnID
1127. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\Enable_Gadgets.reg:$CmdZnID
1128. @Alternate Data Stream - 26 bytes -> C:\Users\Korisnik\Desktop\autocad 2013 for dummies.pdf:$CmdZnID
1129. @Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
1130. @Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:07BF512B
1131. @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:7311BB85
1132. @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:AD022376
1133. @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:56E2E879
1134. @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:15D5AA51
1135. @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D1B5B4F1
1136.  
1137. < End of report >