Hi,
I recently removed win32.downloader.gen with Spybot and I still have problems with Firefox. It freezes and I usually can't close it--if I do close it, my computer eventually freezes too and I have to manually shut it down. I thought it was because I had too many add-ons, so I completely reset my browser, but there are still problems. Except for freezing, some random pages can't open, and when I click refresh they open. Also, sometimes a download dialog box opens when I know I didn't click anything--I also noticed this in my other browser.
None of my anti-malware programs find anything, including Spybot.
I have problems with ERUNT--when I install it, every time I start my computer it opens an error message and can't backup the registry.
Ok, here are my scans, and thank you VERY much in advance ...
DDS.txt
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17207
Run by Korisnik at 15:06:34 on 2014-07-12
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.385.1033.18.1935.882 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
C:\Program Files\GNU\GnuPG\dirmngr.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://net.pbz.hr/netBanking/
uSearchURL,(Default) = about:blank
BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: PrivDog Extension: {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - c:\program files\adtrustmedia\privdog\2.2.0.14\trustedads.dll
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
uRun: [OV3_Monitor] "c:\program files\olympus\olympus viewer 3\OV3Monitor.exe" -NoStart
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Wipe Maintance] "c:\program files\net1-wipe\net1.exe" windowsStartup
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtkNGUI.exe -s
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\iastoriconlaunch.exe "c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe" 60
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [PrivDogService] "c:\program files\adtrustmedia\privdog\2.2.0.14\trustedadssvc.exe"
mRun: [ComodoFSChrome] "c:\program files\adtrustmedia\privdog\FinalizeSetup.exe" /c
mRun: [OV3_Monitor] "c:\program files\olympus\olympus viewer 3\FirstStart.exe" /OS
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\codeme~1.lnk - c:\program files\codemeter\runtime\bin\CodeMeterCC.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:\program files\adtrustmedia\privdog\2.2.0.14\trustedads.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3D321B9E-A8C6-4146-B8E1-6E10720FA1A7} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{51B6D1B9-5D8C-40A3-95A5-1B3BC0948BB7}\651434F4D40244E2F4E2F4E2 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\w75gd529.default-1405094361813\
FF - prefs.js: browser.search.selectedEngine - GoodSearch
FF - prefs.js: browser.startup.homepage - hxxps://startpage.com/hr/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwdplugin821.dll
FF - plugin: c:\program files\sumatrapdf\npPdfViewer.dll
FF - plugin: c:\users\korisnik\appdata\local\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\users\korisnik\appdata\roaming\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1210150.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-5-21 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-5-21 192352]
R0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys [2012-9-1 532536]
R0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys [2012-9-1 25656]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2013-5-21 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2013-5-21 414520]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-10-11 120088]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2013-5-21 87968]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-4-26 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-5-21 67824]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2013-12-17 71944]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-7-5 50344]
R2 BoxSyncUpdateService;Box Sync Update Service;c:\program files\box\box sync\SyncUpdaterService.exe [2013-12-26 20992]
R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2012-11-21 2571704]
R2 DirMngr;DirMngr;c:\program files\gnu\gnupg\dirmngr.exe [2013-10-7 218112]
R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2014-5-21 2135232]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2013-5-21 14904]
R2 IconMan_R;IconMan_R;c:\program files\realtek\realtek pcie card reader\RIconMan.exe [2013-5-21 1830544]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2013-7-21 1153368]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2013-11-4 660184]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files\checkpoint\zonealarm\ZAPrivacyService.exe [2014-5-29 90936]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-26 23256]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-7-17 55104]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\drivers\RtsP2Stor.sys [2013-5-21 209552]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2013-3-14 552080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-7-11 860472]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2013-2-28 110408]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2013-2-28 331080]
S3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiagx.sys [2013-3-14 75816]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BFN7x86;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x86.sys [2013-3-14 130152]
S3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys [2013-3-14 150568]
S3 bxois;bxois;c:\windows\system32\drivers\bxois.sys [2013-3-14 435240]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-12 62464]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2013-2-27 65152]
S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\system32\drivers\EtronSTOR.sys [2013-2-27 32512]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2013-2-27 88832]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-7-9 108032]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2013-2-27 351288]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2013-2-27 796216]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-7-11 51928]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2013-2-27 73984]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2013-2-27 165120]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-11-4 16024]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-3-23 14848]
S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2013-11-4 1228504]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2011-4-12 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-3-23 24064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-3-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-3-23 27136]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-4-12 112640]
S3 WatAdminSvc;Servis Tehnologije aktivacije sustava Windows;c:\windows\system32\wat\WatAdminSvc.exe [2013-12-31 1343400]
S4 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-7-11 1809720]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-07-11 23:49:27 -------- d-----w- c:\users\korisnik\appdata\local\AlawarWrapper
2014-07-11 23:49:27 -------- d-----w- c:\program files\Trymedia
2014-07-11 23:49:26 -------- d-----w- c:\programdata\AlawarWrapper
2014-07-11 23:49:26 -------- d-----w- c:\program files\NCH Software
2014-07-11 23:04:33 -------- d-----w- c:\program files\Reason
2014-07-11 22:28:31 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-07-11 20:53:22 -------- d-----w- C:\AdwCleaner
2014-07-11 10:31:20 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-11 10:30:15 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-11 10:30:15 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-11 10:30:14 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-07-11 10:24:21 8140904 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{eacac718-5510-4c4d-90cb-9223aa8458ea}\mpengine.dll
2014-07-10 18:10:20 -------- d-----w- c:\program files\Todoist
2014-07-09 15:47:37 5659136 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-07-09 13:57:48 868864 ----a-w- c:\program files\common files\microsoft shared\ink\tipskins.dll
2014-07-09 13:56:53 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-05 11:42:33 43152 ----a-w- c:\windows\avastSS.scr
2014-06-30 08:09:54 -------- d-----w- c:\program files\ESET
2014-06-26 23:13:30 -------- d-----w- c:\program files\CheckPoint
2014-06-26 15:15:51 -------- d-----w- c:\users\korisnik\appdata\local\Amazon
2014-06-16 16:03:51 -------- d-----w- c:\users\korisnik\appdata\roaming\MPC-HC
2014-06-16 15:22:18 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-06-12 15:24:48 1389056 ----a-w- c:\windows\system32\msxml6.dll
2014-06-12 15:24:48 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-06-12 15:24:47 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-06-12 15:24:47 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-06-12 15:24:39 187840 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-12 15:24:39 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-12 15:24:13 626688 ----a-w- c:\windows\system32\usp10.dll
.
==================== Find3M ====================
.
2014-07-09 16:31:35 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-09 16:31:34 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-05 11:42:39 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-05 11:42:39 71944 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-05 11:42:39 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-05 11:42:39 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-05 11:42:39 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-05 11:42:38 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-05 11:42:38 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-06-18 23:56:37 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-18 23:56:03 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-06-18 23:38:40 455168 ----a-w- c:\windows\system32\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-06-18 23:23:27 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-06-18 23:23:24 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-06-18 23:22:40 592896 ----a-w- c:\windows\system32\jscript9diag.dll
2014-06-18 23:16:33 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-18 23:06:10 32256 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 22:52:18 4254720 ----a-w- c:\windows\system32\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- c:\windows\system32\wininet.dll
2014-06-18 01:51:32 646144 ----a-w- c:\windows\system32\osk.exe
2014-06-18 00:52:00 2350080 ----a-w- c:\windows\system32\win32k.sys
2014-06-06 09:44:17 509440 ----a-w- c:\windows\system32\qedit.dll
2014-05-30 07:52:51 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 06:36:07 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-05-30 00:35:18 456088 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2014-05-29 08:48:06 48392 ----a-w- c:\windows\system32\certsentry.dll
2014-05-12 05:25:54 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-09 07:06:23 369664 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 07:04:12 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-05-08 09:06:54 2742784 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:06:54 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-26 10:23:38 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1400156905341
2014-04-26 10:23:38 411552 ----a-w- c:\windows\system32\drivers\aswsp.sys.1400156905341
2014-04-25 15:28:14 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
============= FINISH: 15:07:46,91 ===============
aswMBR.txt
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-12 15:13:53
-----------------------------
15:13:53.253 OS Version: Windows 6.1.7601 Service Pack 1
15:13:53.253 Number of processors: 2 586 0x2A07
15:13:53.253 ComputerName: KORISNIK-PC UserName: Korisnik
15:14:01.755 Initialize success
15:14:01.755 VM: initialized successfully
15:14:01.787 VM: Intel CPU BiosDisabled
15:15:37.440 VM: disk I/O iaStorA.sys
15:15:41.044 AVAST engine defs: 14071200
15:15:47.580 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006d
15:15:47.580 Disk 0 Vendor: ATA_____ A60W Size: 305245MB BusType: 11
15:15:47.720 Disk 0 MBR read successfully
15:15:47.736 Disk 0 MBR scan
15:15:47.736 Disk 0 Windows 7 default MBR code
15:15:47.752 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:15:47.752 Disk 0 Boot: NTFS code=2
15:15:47.767 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 154900 MB offset 206848
15:15:47.798 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 150243 MB offset 317442048
15:15:47.798 Disk 0 scanning sectors +625139712
15:15:47.923 Disk 0 scanning C:\Windows\system32\drivers
15:15:58.860 Service scanning
15:16:53.288 Modules scanning
15:17:18.982 Disk 0 trace - called modules:
15:17:19.013 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys halmacpi.dll iaStorA.sys
15:17:19.028 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87978ac8]
15:17:19.028 3 CLASSPNP.SYS[8939759e] -> nt!IofCallDriver -> [0x87978020]
15:17:19.028 5 iaStorF.sys[89411138] -> nt!IofCallDriver -> \Device\0000006d[0x85938c68]
15:17:20.370 AVAST engine scan C:\Windows
15:17:22.164 AVAST engine scan C:\Windows\system32
15:19:57.993 AVAST engine scan C:\Windows\system32\drivers
15:20:13.265 AVAST engine scan C:\Users\Korisnik
15:40:51.243 AVAST engine scan C:\ProgramData
15:43:39.755 Scan finished successfully
15:44:06.634 Disk 0 MBR has been saved successfully to "C:\Users\Korisnik\Desktop\MBR.dat"
15:44:06.634 The log file has been saved successfully to "C:\Users\Korisnik\Desktop\aswMBR.txt"