MyCity » Ambulanta -> Arhiva Ambulante » Sporije radi ponekad.

Sporije radi ponekad.

Napisano na dan: 10.12.2013

Strana:
1
2

Sporije radi ponekad.

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Rorschach Poslao: 10 Dec 2013 21:28 Idi na vrh
offline Rorschach Građanin Walter Joseph Kovacs. Pridružio: 22 Nov 2013 Poruke: 137 Gde živiš: Beograd.	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: - Kada udjem u youtube nista mi ne radi lepo sve živo koči, a nedaj Bože da udjem na drugi tab onda sam tek u problemu I kada pritisnem desni klik na neki program odma izleti windows explorer stopped working, a kad idem desni klik na folder onda sve normalno, i izbacuje me iz nekih programa ponekad... - Problem je počeo od od prilike nedelju dana. - Detektovao je Microsoft Security Essentials neke Trojance, i to sam obrisao. - Pokušao sam rešiti problem pomocu gore navedenog antivirusa I ''sredio sam malo komp'' obrisao dosta igrica i programa, radi sad brže, ali isti problemi i dalje... - Uff za net tačno ne znam... - Sve sam rekao, čitao sam da je google upropastio yt, i da yt ne radi dobro na chrome-u, mada je meni isto i na mozili... DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.25.2 Run by User at 21:24:37 on 2013-12-10 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2047.798 [GMT 1:00] . AV: Microsoft Security Essentials Enabled/Updated {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials Enabled/Updated {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Users\User\AppData\Local\Skillbrains\lightshot\4.3.0.0\LightShot.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Windows\SysWOW64\nlssrv32.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.search.ask.com/?tpid=SHD-V7&o=APN10115&pf=V7&trgb=CR&p2=%5EAYE%5Ezzz013%5EYY%5ERS&gct=hp&apn_ptnrs=%5EAYE&apn_dtid=%5Ezzz013%5EYY%5ERS&apn_dbr=cr_31.0.1650.57&apn_uid=263AD458-2C10-453F-B206-864A0A068A7A&itbv=12.7.0.2394&doi=2013-11-29&psv= uDefault_Search_URL = hxxp://www.google.com mSearch Bar = hxxp://www.google.com mSearch Page = hxxp://www.google.com mDefault_Search_URL = hxxp://www.google.com BHO: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: DownTango Launcher: {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - uRun: [AdobeBridge] <no file> mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {2d8ee268-8d7a-4996-b80b-8999ce8c7fe2} - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 89.216.1.30 89.216.1.50 TCP: Interfaces\{b5734d9b-b213-4f56-a0dd-44d887a229ac} : DHCPNameServer = 89.216.1.30 89.216.1.50 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sz6idpkb.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&CUI=UN29909847172946329&UM=2&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - SweetTunes1 Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3282698&CUI=UN29909847172946329&UM=2&SearchSource=13 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-1-15 55856] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-26 30568] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-8-18 283200] R2 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2012-9-6 80472] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616] R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2012-1-31 66560] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-6-21 413472] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-7-18 366600] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-8 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe --> C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [?] S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?] S2 MySQL5;MySQL5;"C:\Program Files\Web Settings\MySQL\MySQL Server 4.1\bin\mysqld" --defaults-file="C:\Program Files\Web Settings\MySQL\MySQL Server 4.1\my.ini" MySQL5 --> C:\Program Files\Web Settings\MySQL\MySQL Server 4.1\bin\mysqld [?] S2 XAMPP;XAMPP Service;C:\xampp\service.exe [2013-11-17 60928] S3 dfmirage;dfmirage;C:\Windows\System32\drivers\dfmirage.sys [2008-3-26 36432] S3 DfSdkS;Defragmentacija-Usluga;D:\ATiLiUS\Programi\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe --> D:\ATiLiUS\Programi\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe [?] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-9-3 31800] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TipCtrl;TipCtrl;"D:\Pavle\Programs\TC\uTIPu\TipCtrl.exe" --> D:\Pavle\Programs\TC\uTIPu\TipCtrl.exe [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-27 1255736] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880] . =============== Created Last 30 ================ . 2013-12-10 19:30:31 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BFDF07B1-8A7F-49A6-9503-5EB8B6E41487}\offreg.dll 2013-12-09 09:15:16 -------- d-----w- C:\Users\User\AppData\Local\{DD7A3428-1853-4338-9341-01CC53AF697F} 2013-12-09 06:50:07 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{050DFDED-E158-405F-BC61-3254A76D7471}\gapaengine.dll 2013-12-09 06:49:48 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BFDF07B1-8A7F-49A6-9503-5EB8B6E41487}\mpengine.dll 2013-12-03 17:24:06 -------- d-----w- C:\Users\User\AppData\Local\NVIDIA 2013-12-03 07:00:06 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-11-30 14:40:34 111928 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-11-30 14:40:23 66872 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-11-30 14:40:21 -------- d-----w- C:\Users\User\AppData\Local\PunkBuster 2013-11-30 14:39:55 -------- d-----w- C:\Users\User\AppData\Local\Activision 2013-11-30 12:17:22 -------- d-----w- C:\ProgramData\Age of Empires 3 2013-11-30 10:47:59 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft Games 2013-11-29 14:09:50 -------- d-----w- C:\Program Files (x86)\WinZip Registry Optimizer 2013-11-29 14:09:39 -------- d-----w- C:\ProgramData\APN 2013-11-29 14:09:39 -------- d-----w- C:\ProgramData\4shared Desktop 2013-11-29 11:30:16 -------- d-----w- C:\Users\User\AppData\Roaming\Wargaming.net 2013-11-22 14:29:51 -------- d-----w- C:\Users\User\AppData\Local\Avg2014 2013-11-22 14:19:35 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-11-22 14:18:47 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro 2013-11-18 18:42:58 -------- d-----w- C:\ProgramData\IDMComp 2013-11-18 18:38:35 -------- d-----w- C:\Users\User\AppData\Local\Downloaded Installations 2013-11-17 18:18:41 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2013-11-17 16:34:01 -------- d-----w- C:\Users\User\AppData\Local\Adobe 2013-11-17 13:33:43 -------- d-----w- C:\Users\User\AppData\Local\FontCreator 2013-11-17 13:25:20 -------- d-----w- C:\Users\User\AppData\Roaming\FontCreator . ==================== Find3M ==================== . 2013-11-03 15:14:34 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll 2013-10-09 12:02:43 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-09 12:02:43 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe . ============= FINISH: 21:26:17,18 =============== mycity.rs/must-login.png

Profil

Sass Drake Poslao: 10 Dec 2013 23:14 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt Korak 2 Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32-bit. i 64-bitna verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na Disclaimer prozor; pod Optional Scan sekciji, označi List BCD i Driver MD5 polja; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

Rorschach Poslao: 11 Dec 2013 09:56 Idi na vrh
offline Rorschach Građanin Walter Joseph Kovacs. Pridružio: 22 Nov 2013 Poruke: 137 Gde živiš: Beograd.	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ADW cleaner: mycity.rs/must-login.png FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01 Ran by User (administrator) on USER-PC on 11-12-2013 09:51:35 Running from C:\Users\User\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Skillbrains) C:\Users\User\AppData\Local\Skillbrains\lightshot\4.3.0.0\Lightshot.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation) HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION HKCU\...\Run: [AdobeBridge] - [x] HKCU\...\Run: [LightShot] - C:\Users\User\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-05-27] () HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [805208 2013-09-02] (BitTorrent Inc.) HKCU\...\Run: [RocketDock] - "C:\Program Files (x86)\RocketDock\RocketDock.exe" HKCU\...\Run: [Apps Hat] - C:\Users\User\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) AlternateShell: ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {1FB68A17-E06E-41D3-927F-39A08B724D86} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN20028815371273412&UM=2 SearchScopes: HKCU - {2887B56C-C3ED-4FF4-ACF2-AC466082B436} URL = search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms} SearchScopes: HKCU - {79BE154B-F9B6-4AC3-B253-6186B795383E} URL = mysearchresults.com/search?&c=3501&t=07&q={searchTerms} SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKCU - {A97A5BCC-CCCD-4F46-8F71-30F95E5E53B2} URL = websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=kw&q={searchTerms}&locale=&apn_ptnrs=NY&apn_dtid=YYYYYYYYRS&apn_uid=05DD3F57-1438-4EE0-B562-8440CD53DD3C&apn_sauid=F3608DC4-C00B-46E8-AF86-0D85765215C3& SearchScopes: HKCU - {D7B2557E-9609-45D6-A8AD-44727BF6C3EC} URL = t1.search.com/search?q={searchTerms} BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sz6idpkb.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ Chrome: ======= CHR HomePage: google.rs/ CHR RestoreOnStartup: "https://www.google.rs/" CHR DefaultSearchKeyword: google.rs CHR DefaultSearchProvider: Google CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Ancient Map) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcjaemihddenoopkkhaamlcoliiiain\1.4_0 CHR Extension: (3D Solar System Web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.82_0 CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\User\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx CHR HKLM-x32\...\Chrome\Extension: [cpcidiiiodpbjdkbhldlebfbnidpgaih] - C:\Users\User\AppData\Local\CRE\cpcidiiiodpbjdkbhldlebfbnidpgaih.crx CHR HKLM-x32\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx CHR HKLM-x32\...\Chrome\Extension: [gladcbhcbkdeddbidiblppadjdjalidb] - C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\User\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx CHR HKLM-x32\...\Chrome\Extension: [pmcmflmkceipgecmhoddphflfndnfbbe] - C:\Users\User\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2012-06-27] () S2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-11-30] () S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation) S2 XAMPP; C:\xampp\service.exe [60928 2013-03-30] () S3 DfSdkS; D:\ATiLiUS\Programi\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe [x] S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [x] S2 MySQL5; "C:\Program Files\Web Settings\MySQL\MySQL Server 4.1\bin\mysqld" --defaults-file="C:\Program Files\Web Settings\MySQL\MySQL Server 4.1\my.ini" MySQL5 S3 TipCtrl; "D:\Pavle\Programs\TC\uTIPu\TipCtrl.exe" [x] ==================== Drivers (Whitelisted) ==================== S3 ASAPIW2K; C:\Windows\SysWow64\ASAPI64.sys [10752 2005-07-13] (Pinnacle Systems GmbH) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-07-04] () R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-10-26] (AVG Technologies) S3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2008-03-26] (DemoForge, LLC) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-18] (DT Soft Ltd) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-07-04] () R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [x] S2 UI5IFS; \??\D:\ATiLiUS\Programi\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\amdk8.sys ==> MD5 is legit C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Windows\SysWow64\ASAPI64.sys E82656EBABE84D08BE01A0016A43DCAF C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\atksgt.sys FC0E8778C000291CAF60EB88C011E931 C:\Windows\system32\drivers\avgtpx64.sys BFD698CC6E1DE2E0D23155DECC513D2F C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dfmirage.sys 178A6E9A0DCE42959FC5AD129F60CBA9 C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415 C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8 C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\System32\drivers\RTKVHD64.sys F2744FD54BE1580BE05916D1C755C92A C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4 C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07 C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lirsgt.sys 156AB2E56DC3CA0B582E3362E07CDED7 C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\MpFilter.sys FC1D590039EF06A381768710E6C07E75 C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ASACPI.sys 19B006B181E3875FD254F7B67ACF1E7C C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\NisDrvWFP.sys 8FB3C853E886E1E4D57271672486111C C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040 C:\Windows\System32\DRIVERS\nvlddmkm.sys EE6B7B6A54BCAFF516E30B1C15467495 C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1 C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\revoflt.sys 9C3AC71A9934B884FAC567A8807E9C4D C:\Windows\System32\DRIVERS\RsFx0103.sys CD553B8633466A6D1C115812F2619F1F C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\System32\DRIVERS\sscdbus.sys ED161B91FDF7EAA39469D72D463D5F4E C:\Windows\System32\DRIVERS\sscdmdfl.sys 4CB09E77593DBD8D7AF33B37375CA715 C:\Windows\System32\DRIVERS\sscdmdm.sys C7B4CF53497A6E5363F3439427663882 C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\drivers\tcpip.sys B62A953F2BF3922C8764A29C34A22899 C:\Windows\System32\DRIVERS\tcpip.sys B62A953F2BF3922C8764A29C34A22899 C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24 C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31 C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit C:\Windows\System32\drivers\usbser.sys 4ACEE387FA8FD39F83564FCD2FC234F2 C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29 C:\Windows\System32\DRIVERS\VBoxNetAdp.sys 7FFC48B516856FD40B9F55687C8D70A2 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-11 09:51 - 2013-12-11 09:51 - 00020962 _____ C:\Users\User\Desktop\AdwCleaner[S0].txt 2013-12-11 09:32 - 2013-12-11 09:52 - 00033945 _____ C:\Users\User\Downloads\FRST.txt 2013-12-11 09:31 - 2013-12-11 09:31 - 00000000 ____D C:\FRST 2013-12-11 09:30 - 2013-12-11 09:31 - 01928212 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2013-12-11 08:22 - 2013-12-11 08:22 - 00014622 _____ C:\Users\User\Desktop\mostnazepi.txt 2013-12-11 07:52 - 2013-12-11 09:45 - 00000000 ____D C:\AdwCleaner 2013-12-11 07:52 - 2013-12-11 07:51 - 01226802 _____ C:\Users\User\Desktop\AdwCleaner.exe 2013-12-11 07:50 - 2013-12-11 07:51 - 01226802 _____ C:\Users\User\Downloads\AdwCleaner.exe 2013-12-10 21:59 - 2013-12-10 21:59 - 00377856 _____ C:\Users\User\Downloads\1zq59q40.exe 2013-12-10 21:14 - 2013-12-10 21:14 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds.scr 2013-12-10 20:55 - 2013-12-10 20:55 - 01927709 _____ C:\Users\User\Downloads\samp03x_svr_R2_win32.zip 2013-12-10 18:33 - 2013-12-10 20:51 - 00156280 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT 2013-12-09 10:15 - 2013-12-09 10:15 - 00000000 ____D C:\Users\User\AppData\Local\{DD7A3428-1853-4338-9341-01CC53AF697F} 2013-12-09 08:16 - 2013-12-09 08:18 - 00000000 ____D C:\Users\User\Desktop\Jamaica Role Play 2013-12-06 19:16 - 2013-12-06 19:16 - 00001092 _____ C:\Users\User\Documents\Documents - Shortcut.lnk 2013-12-03 18:24 - 2013-12-03 18:24 - 00000000 ____D C:\Users\User\AppData\Local\NVIDIA 2013-11-30 19:06 - 2013-11-30 19:06 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-11-30 15:40 - 2013-12-02 16:57 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-11-30 15:40 - 2013-11-30 15:40 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-11-30 15:40 - 2013-11-30 15:40 - 00000000 ____D C:\Users\User\AppData\Local\PunkBuster 2013-11-30 15:39 - 2013-11-30 15:39 - 00000000 ____D C:\Users\User\AppData\Local\Activision 2013-11-30 13:17 - 2013-12-10 20:45 - 00000000 ____D C:\Users\User\Documents\My Games 2013-11-30 13:17 - 2013-11-30 13:17 - 00000000 ____D C:\ProgramData\Age of Empires 3 2013-11-29 23:07 - 2013-11-29 23:07 - 00000626 _____ C:\Users\UpdatusUser\Desktop\Heroes of Newerth.lnk 2013-11-29 23:07 - 2013-11-29 23:07 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth 2013-11-29 12:30 - 2013-11-29 12:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Wargaming.net 2013-11-22 15:29 - 2013-11-22 15:29 - 00000000 ____D C:\Users\User\AppData\Local\Avg2014 2013-11-22 15:19 - 2013-11-22 15:19 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-11-22 15:18 - 2013-11-22 15:19 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro 2013-11-18 19:42 - 2013-11-29 18:41 - 00000000 ____D C:\Users\User\AppData\Roaming\IDMComp 2013-11-18 19:42 - 2013-11-29 18:41 - 00000000 ____D C:\ProgramData\IDMComp 2013-11-18 19:38 - 2013-12-10 20:36 - 00000000 ____D C:\Users\User\AppData\Local\Downloaded Installations 2013-11-17 19:18 - 2013-11-17 19:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2013-11-17 19:01 - 2013-12-11 07:47 - 00156280 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2013-11-17 17:34 - 2013-12-11 09:49 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2013-11-17 14:33 - 2013-11-17 14:33 - 00000000 ____D C:\Users\User\AppData\Local\FontCreator 2013-11-17 14:25 - 2013-11-17 14:38 - 00000000 ____D C:\Users\User\AppData\Roaming\FontCreator 2013-11-17 14:16 - 2013-11-27 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-12-11 09:52 - 2013-12-11 09:32 - 00033945 _____ C:\Users\User\Downloads\FRST.txt 2013-12-11 09:51 - 2013-12-11 09:51 - 00020962 _____ C:\Users\User\Desktop\AdwCleaner[S0].txt 2013-12-11 09:49 - 2013-11-17 17:34 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2013-12-11 09:48 - 2013-02-28 17:29 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-11 09:48 - 2012-06-27 11:45 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent 2013-12-11 09:47 - 2012-06-27 11:39 - 00000000 ____D C:\ProgramData\NVIDIA 2013-12-11 09:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-11 09:47 - 2009-07-14 05:51 - 00146724 _____ C:\Windows\setupact.log 2013-12-11 09:45 - 2013-12-11 07:52 - 00000000 ____D C:\AdwCleaner 2013-12-11 09:45 - 2012-06-27 11:25 - 01363262 _____ C:\Windows\WindowsUpdate.log 2013-12-11 09:31 - 2013-12-11 09:31 - 00000000 ____D C:\FRST 2013-12-11 09:31 - 2013-12-11 09:30 - 01928212 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2013-12-11 09:02 - 2012-06-28 18:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-11 08:58 - 2013-02-28 17:29 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-11 08:22 - 2013-12-11 08:22 - 00014622 _____ C:\Users\User\Desktop\mostnazepi.txt 2013-12-11 07:51 - 2013-12-11 07:52 - 01226802 _____ C:\Users\User\Desktop\AdwCleaner.exe 2013-12-11 07:51 - 2013-12-11 07:50 - 01226802 _____ C:\Users\User\Downloads\AdwCleaner.exe 2013-12-11 07:47 - 2013-11-17 19:01 - 00156280 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2013-12-11 07:47 - 2010-11-21 04:47 - 00794052 _____ C:\Windows\PFRO.log 2013-12-11 07:47 - 2009-07-14 05:45 - 05408664 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-10 21:59 - 2013-12-10 21:59 - 00377856 _____ C:\Users\User\Downloads\1zq59q40.exe 2013-12-10 21:14 - 2013-12-10 21:14 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds.scr 2013-12-10 20:55 - 2013-12-10 20:55 - 01927709 _____ C:\Users\User\Downloads\samp03x_svr_R2_win32.zip 2013-12-10 20:51 - 2013-12-10 18:33 - 00156280 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT 2013-12-10 20:45 - 2013-11-30 13:17 - 00000000 ____D C:\Users\User\Documents\My Games 2013-12-10 20:40 - 2012-06-30 13:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-10 20:39 - 2013-07-20 13:15 - 00000000 ____D C:\Program Files (x86)\MySQL 2013-12-10 20:39 - 2013-02-09 18:27 - 00000000 ____D C:\ProgramData\MySQL 2013-12-10 20:36 - 2013-11-18 19:38 - 00000000 ____D C:\Users\User\AppData\Local\Downloaded Installations 2013-12-10 20:32 - 2013-11-03 09:37 - 00000000 ____D C:\Program Files (x86)\MTA San Andreas 1.3 2013-12-10 20:32 - 2013-08-30 16:02 - 00000000 ____D C:\ProgramData\MTA San Andreas All 2013-12-10 18:32 - 2012-06-27 12:07 - 00008224 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-09 10:15 - 2013-12-09 10:15 - 00000000 ____D C:\Users\User\AppData\Local\{DD7A3428-1853-4338-9341-01CC53AF697F} 2013-12-09 08:18 - 2013-12-09 08:16 - 00000000 ____D C:\Users\User\Desktop\Jamaica Role Play 2013-12-08 21:45 - 2013-03-24 18:19 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla 2013-12-08 21:33 - 2012-12-21 15:34 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe PNG Format CS6 Prefs 2013-12-08 07:39 - 2009-07-14 06:08 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-12-07 07:53 - 2013-02-28 17:29 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-07 07:53 - 2013-02-28 17:29 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-06 19:16 - 2013-12-06 19:16 - 00001092 _____ C:\Users\User\Documents\Documents - Shortcut.lnk 2013-12-03 22:49 - 2009-07-14 05:45 - 00020656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-03 22:49 - 2009-07-14 05:45 - 00020656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-03 18:24 - 2013-12-03 18:24 - 00000000 ____D C:\Users\User\AppData\Local\NVIDIA 2013-12-03 15:30 - 2012-06-27 11:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-12-02 16:57 - 2013-11-30 15:40 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-11-30 19:06 - 2013-11-30 19:06 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-11-30 15:40 - 2013-11-30 15:40 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-11-30 15:40 - 2013-11-30 15:40 - 00000000 ____D C:\Users\User\AppData\Local\PunkBuster 2013-11-30 15:39 - 2013-11-30 15:39 - 00000000 ____D C:\Users\User\AppData\Local\Activision 2013-11-30 15:38 - 2012-06-29 08:25 - 00312387 _____ C:\Windows\DirectX.log 2013-11-30 13:17 - 2013-11-30 13:17 - 00000000 ____D C:\ProgramData\Age of Empires 3 2013-11-30 12:16 - 2013-10-23 09:17 - 00000000 ____D C:\ProgramData\Adobe 2013-11-29 23:07 - 2013-11-29 23:07 - 00000626 _____ C:\Users\UpdatusUser\Desktop\Heroes of Newerth.lnk 2013-11-29 23:07 - 2013-11-29 23:07 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth 2013-11-29 18:41 - 2013-11-18 19:42 - 00000000 ____D C:\Users\User\AppData\Roaming\IDMComp 2013-11-29 18:41 - 2013-11-18 19:42 - 00000000 ____D C:\ProgramData\IDMComp 2013-11-29 18:40 - 2013-08-15 11:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Nico Mak Computing 2013-11-29 12:30 - 2013-11-29 12:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Wargaming.net 2013-11-29 10:14 - 2012-07-07 07:20 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-11-28 07:44 - 2013-07-13 15:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-27 20:21 - 2013-11-17 14:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-26 07:29 - 2009-07-14 06:13 - 00006870 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-24 11:08 - 2012-07-29 16:19 - 00000000 ____D C:\Users\User\AppData\Roaming\BSplayer 2013-11-23 08:59 - 2012-08-13 14:15 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-11-22 15:29 - 2013-11-22 15:29 - 00000000 ____D C:\Users\User\AppData\Local\Avg2014 2013-11-22 15:23 - 2012-08-13 14:23 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro 2013-11-22 15:21 - 2012-08-13 14:16 - 00000000 ____D C:\Users\User\AppData\Roaming\TuneUp Software 2013-11-22 15:19 - 2013-11-22 15:19 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-11-22 15:19 - 2013-11-22 15:18 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro 2013-11-20 17:40 - 2013-10-23 15:28 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe 2013-11-20 16:26 - 2013-09-23 17:07 - 00000000 ____D C:\Users\User\Documents\Sports Interactive 2013-11-20 16:26 - 2013-09-23 17:07 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive 2013-11-20 16:26 - 2012-07-08 14:52 - 00000000 ____D C:\Users\User\AppData\Local\Sports Interactive 2013-11-18 19:54 - 2013-10-15 16:07 - 00000000 ____D C:\Program Files\Image-Line 2013-11-18 19:54 - 2013-06-20 13:07 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2013-11-17 19:18 - 2013-11-17 19:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2013-11-17 17:07 - 2013-10-05 08:33 - 00000000 ____D C:\xampp 2013-11-17 14:38 - 2013-11-17 14:25 - 00000000 ____D C:\Users\User\AppData\Roaming\FontCreator 2013-11-17 14:33 - 2013-11-17 14:33 - 00000000 ____D C:\Users\User\AppData\Local\FontCreator 2013-11-17 14:19 - 2013-07-21 17:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Dev-Cpp 2013-11-17 14:18 - 2013-07-30 12:31 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2013-11-17 14:10 - 2013-07-14 07:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++ 2013-11-17 14:10 - 2013-07-14 07:59 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2013-11-17 13:57 - 2013-01-05 16:50 - 00000000 ____D C:\ProgramData\Skype 2013-11-16 18:27 - 2013-01-01 01:56 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe GIF Format CS6 Prefs Files to move or delete: ==================== C:\ProgramData\sysqcl1129139270.dat Some content of TEMP: ==================== C:\Users\User\AppData\Local\Temp\aoe3-114-english.exe C:\Users\User\AppData\Local\Temp\appshat-distribution.exe C:\Users\User\AppData\Local\Temp\A~NSISu_.exe C:\Users\User\AppData\Local\Temp\bitool.dll C:\Users\User\AppData\Local\Temp\dsp_ipp.dll C:\Users\User\AppData\Local\Temp\fam-installer.exe C:\Users\User\AppData\Local\Temp\pyl11AC.tmp.exe C:\Users\User\AppData\Local\Temp\pyl31DE.tmp.exe C:\Users\User\AppData\Local\Temp\pyl6C5E.tmp.exe C:\Users\User\AppData\Local\Temp\pyl730D.tmp.exe C:\Users\User\AppData\Local\Temp\pyl7539.tmp.exe C:\Users\User\AppData\Local\Temp\pyl9DF.tmp.exe C:\Users\User\AppData\Local\Temp\Quarantine.exe C:\Users\User\AppData\Local\Temp\standalonepatcher.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale sr-CYRL-CS inherit {globalsettings} default {current} resumeobject {60fb9604-cd08-11e0-a573-921cd209a34b} displayorder {current} toolsdisplayorder {memdiag} timeout 10 Windows Boot Loader ------------------- identifier {60fb9602-cd08-11e0-a573-921cd209a34b} device ramdisk=[C:]\Recovery\60fb9602-cd08-11e0-a573-921cd209a34b\Winre.wim,{60fb9603-cd08-11e0-a573-921cd209a34b} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\60fb9602-cd08-11e0-a573-921cd209a34b\Winre.wim,{60fb9603-cd08-11e0-a573-921cd209a34b} systemroot \windows nx OptIn winpe Yes Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale sr-CYRL-CS inherit {bootloadersettings} recoverysequence {60fb9606-cd08-11e0-a573-921cd209a34b} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {60fb9604-cd08-11e0-a573-921cd209a34b} nx OptOut Windows Boot Loader ------------------- identifier {60fb9606-cd08-11e0-a573-921cd209a34b} device ramdisk=[C:]\Recovery\60fb9606-cd08-11e0-a573-921cd209a34b\Winre.wim,{60fb9607-cd08-11e0-a573-921cd209a34b} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\60fb9606-cd08-11e0-a573-921cd209a34b\Winre.wim,{60fb9607-cd08-11e0-a573-921cd209a34b} systemroot \windows nx OptIn winpe Yes Resume from Hibernate --------------------- identifier {60fb9604-cd08-11e0-a573-921cd209a34b} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale sr-CYRL-CS inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Windows Memory Diagnostic locale sr-CYRL-CS inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems Yes Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {60fb9603-cd08-11e0-a573-921cd209a34b} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\60fb9602-cd08-11e0-a573-921cd209a34b\boot.sdi Device options -------------- identifier {60fb9607-cd08-11e0-a573-921cd209a34b} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\60fb9606-cd08-11e0-a573-921cd209a34b\boot.sdi LastRegBack: 2013-11-05 21:04 ==================== End Of Log ============================ Addition: mycity.rs/must-login.png

Profil

ivance95 Poslao: 11 Dec 2013 19:00 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sledeći tekst koji se nalazi unutar osenčenog prostora. SearchScopes: HKCU - {1FB68A17-E06E-41D3-927F-39A08B724D86} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN20028815371273412&UM=2 SearchScopes: HKCU - {2887B56C-C3ED-4FF4-ACF2-AC466082B436} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms} SearchScopes: HKCU - {79BE154B-F9B6-4AC3-B253-6186B795383E} URL = http://www.mysearchresults.com/search?&c=3501&t=07&q={searchTerms} SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKCU - {A97A5BCC-CCCD-4F46-8F71-30F95E5E53B2} URL = http://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=kw&q={searchTerms}&locale=&apn_ptnrs=NY&apn_dtid=YYYYYYYYRS&apn_uid=05DD3F57-1438-4EE0-B562-8440CD53DD3C&apn_sauid=F3608DC4-C00B-46E8-AF86-0D85765215C3& SearchScopes: HKCU - {D7B2557E-9609-45D6-A8AD-44727BF6C3EC} URL = http://t1.search.com/search?q={searchTerms} CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\User\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx C:\Users\User\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx CHR HKLM-x32\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx CHR HKLM-x32\...\Chrome\Extension: [gladcbhcbkdeddbidiblppadjdjalidb] - C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx CHR HKLM-x32\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\User\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx C:\Users\User\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx CHR HKLM-x32\...\Chrome\Extension: [pmcmflmkceipgecmhoddphflfndnfbbe] - C:\Users\User\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx C:\Users\User\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION C:\Users\User\AppData\Local\Temp AlternateDataStreams: C:\ProgramData:NT AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\All Users:NT AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:eV9coO8QMGD8xnzlpr7Mp0P AlternateDataStreams: C:\Program Files\Common Files\System:jN0Lu03xt2r0k7jQR AlternateDataStreams: C:\Program Files\Common Files\System:vlPGyrmanaQ0TMENNULb05 AlternateDataStreams: C:\ProgramData\Application Data:NT AlternateDataStreams: C:\ProgramData\Microsoft:bGvJnX1f4KBeYMi3rQkK AlternateDataStreams: C:\ProgramData\Microsoft:H1fYRAnEGkmUo5xOi9MyASy8m1I AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT AlternateDataStreams: C:\ProgramData\TEMP:1B389835 AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:96D0C06F AlternateDataStreams: C:\ProgramData\TEMP:AD022376 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\Users\User\Application Data:NT AlternateDataStreams: C:\Users\User\Local Settings:Raqs69Dw25wIIMdoSROpnxsOgf AlternateDataStreams: C:\Users\User\AppData\Local:Raqs69Dw25wIIMdoSROpnxsOgf AlternateDataStreams: C:\Users\User\AppData\Roaming:NT AlternateDataStreams: C:\Users\User\AppData\Local\Application Data:Raqs69Dw25wIIMdoSROpnxsOgf U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da fixlog.txt kopiras na forum Ponovo pokreni FRST i postavi mi svež log. Na kompjuteru imaš ostatke ComboFix-a. ComboFix nikada ne pokreći na svoju ruku. U pitanju je ozbilan alat, koji može da ti uništi sistem ako ne znaš kako se rukuje sa njim. Prikači u poruku i log koji se nalazi na sledećoj lokaciji: C:\ComboFix.txt

Profil

Rorschach Poslao: 11 Dec 2013 21:31 Idi na vrh
offline Rorschach Građanin Walter Joseph Kovacs. Pridružio: 22 Nov 2013 Poruke: 137 Gde živiš: Beograd.	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-12-2013 Ran by User at 2013-12-11 21:13:28 Run:1 Running from C:\Users\User\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** SearchScopes: HKCU - {1FB68A17-E06E-41D3-927F-39A08B724D86} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN20028815371273412&UM=2 SearchScopes: HKCU - {2887B56C-C3ED-4FF4-ACF2-AC466082B436} URL = search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms} SearchScopes: HKCU - {79BE154B-F9B6-4AC3-B253-6186B795383E} URL = mysearchresults.com/search?&c=3501&t=07&q={searchTerms} SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKCU - {A97A5BCC-CCCD-4F46-8F71-30F95E5E53B2} URL = websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=kw&q={searchTerms}&locale=&apn_ptnrs=NY&apn_dtid=YYYYYYYYRS&apn_uid=05DD3F57-1438-4EE0-B562-8440CD53DD3C&apn_sauid=F3608DC4-C00B-46E8-AF86-0D85765215C3& SearchScopes: HKCU - {D7B2557E-9609-45D6-A8AD-44727BF6C3EC} URL = t1.search.com/search?q={searchTerms} CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\User\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx C:\Users\User\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx CHR HKLM-x32\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx CHR HKLM-x32\...\Chrome\Extension: [gladcbhcbkdeddbidiblppadjdjalidb] - C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx CHR HKLM-x32\...\Chrome\Extension: [pkmpcdbgnfjfeelcpebpkflcmbkclfho] - C:\Users\User\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx C:\Users\User\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx CHR HKLM-x32\...\Chrome\Extension: [pmcmflmkceipgecmhoddphflfndnfbbe] - C:\Users\User\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx C:\Users\User\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION C:\Users\User\AppData\Local\Temp AlternateDataStreams: C:\ProgramData:NT AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\All Users:NT AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:eV9coO8QMGD8xnzlpr7Mp0P AlternateDataStreams: C:\Program Files\Common Files\System:jN0Lu03xt2r0k7jQR AlternateDataStreams: C:\Program Files\Common Files\System:vlPGyrmanaQ0TMENNULb05 AlternateDataStreams: C:\ProgramData\Application Data:NT AlternateDataStreams: C:\ProgramData\Microsoft:bGvJnX1f4KBeYMi3rQkK AlternateDataStreams: C:\ProgramData\Microsoft:H1fYRAnEGkmUo5xOi9MyASy8m1I AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT AlternateDataStreams: C:\ProgramData\TEMP:1B389835 AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:96D0C06F AlternateDataStreams: C:\ProgramData\TEMP:AD022376 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\Users\User\Application Data:NT AlternateDataStreams: C:\Users\User\Local Settings:Raqs69Dw25wIIMdoSROpnxsOgf AlternateDataStreams: C:\Users\User\AppData\Local:Raqs69Dw25wIIMdoSROpnxsOgf AlternateDataStreams: C:\Users\User\AppData\Roaming:NT AlternateDataStreams: C:\Users\User\AppData\Local\Application Data:Raqs69Dw25wIIMdoSROpnxsOgf *************** HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1FB68A17-E06E-41D3-927F-39A08B724D86} => Key deleted successfully. HKCR\CLSID\{1FB68A17-E06E-41D3-927F-39A08B724D86} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2887B56C-C3ED-4FF4-ACF2-AC466082B436} => Key deleted successfully. HKCR\CLSID\{2887B56C-C3ED-4FF4-ACF2-AC466082B436} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{79BE154B-F9B6-4AC3-B253-6186B795383E} => Key deleted successfully. HKCR\CLSID\{79BE154B-F9B6-4AC3-B253-6186B795383E} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key deleted successfully. HKCR\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A97A5BCC-CCCD-4F46-8F71-30F95E5E53B2} => Key deleted successfully. HKCR\CLSID\{A97A5BCC-CCCD-4F46-8F71-30F95E5E53B2} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D7B2557E-9609-45D6-A8AD-44727BF6C3EC} => Key deleted successfully. HKCR\CLSID\{D7B2557E-9609-45D6-A8AD-44727BF6C3EC} => Key not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp => Key deleted successfully. "C:\Users\User\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx" => File/Directory not found. "C:\Users\User\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\giolhomkcooifelkdfpejhidfidaahlc => Key deleted successfully. C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx => Moved successfully. "C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gladcbhcbkdeddbidiblppadjdjalidb => Key deleted successfully. "C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx" => File/Directory not found. "C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho => Key deleted successfully. "C:\Users\User\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx" => File/Directory not found. "C:\Users\User\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmcmflmkceipgecmhoddphflfndnfbbe => Key deleted successfully. "C:\Users\User\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx" => File/Directory not found. "C:\Users\User\AppData\Local\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx" => File/Directory not found. HKLM => Group Policy Restriction on software restored successfully. HKLM => Group Policy Restriction on software restored successfully. HKLM => Group Policy Restriction on software restored successfully. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. "C:\Users\User\AppData\Local\Temp" directory move: C:\Users\User\AppData\Local\Temp\4696_43125072_MVM_0.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\5D613326.TMP => Moved successfully. C:\Users\User\AppData\Local\Temp\AAX8693.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\Administrator.bmp => Moved successfully. Could not move "C:\Users\User\AppData\Local\Temp\AdobeARM.log" => Scheduled to move on reboot. C:\Users\User\AppData\Local\Temp\AdobeARM_NotLocked.log => Moved successfully. C:\Users\User\AppData\Local\Temp\AdobeSFX.log => Moved successfully. C:\Users\User\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully. C:\Users\User\AppData\Local\Temp\AIBB_2192.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\AIBB_964.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\AI_ResourceCleanerLog.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\amt3.log => Moved successfully. C:\Users\User\AppData\Local\Temp\aoe3-114-english.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\appshat-distribution.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\ArmUI.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\Attach.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\AvgRep.xml => Moved successfully. C:\Users\User\AppData\Local\Temp\A~NSISu_.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\bbpress.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\bbpress1.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\bch3D38.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\bch54A2.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\bch6B40.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\bch9A9D.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\binsis142.xml => Moved successfully. C:\Users\User\AppData\Local\Temp\binsischeck654.xml => Moved successfully. C:\Users\User\AppData\Local\Temp\bitool.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_2148.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_2168.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_2248.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_2684.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_3996.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_4888.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_4960.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_5008.log => Moved successfully. C:\Users\User\AppData\Local\Temp\bitrock_installer_5072.log => Moved successfully. C:\Users\User\AppData\Local\Temp\browserinfo.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\cancel.png => Moved successfully. C:\Users\User\AppData\Local\Temp\catalina.bat.Y => Moved successfully. C:\Users\User\AppData\Local\Temp\chrome_installer.log => Moved successfully. C:\Users\User\AppData\Local\Temp\Cleaning.ico => Moved successfully. C:\Users\User\AppData\Local\Temp\CProgram Files (x86)Opera16.0.1196.62opera_autoupdate.lock => Moved successfully. C:\Users\User\AppData\Local\Temp\csxs3-PHXS.log => Moved successfully. C:\Users\User\AppData\Local\Temp\CVR5407.tmp.cvr => Moved successfully. C:\Users\User\AppData\Local\Temp\CVR9AB0.tmp.cvr => Moved successfully. C:\Users\User\AppData\Local\Temp\CVRBDE6.tmp.cvr => Moved successfully. C:\Users\User\AppData\Local\Temp\DDS.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_depcheck_VB_EXP_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_depcheck_VCS_EXP_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_depcheck_VC_EXP_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_error_vb_xcor_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_error_vcs_xcor_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_error_vc_xcor_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_install_vb_xcor_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_install_vcs_xcor_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_install_vc_xcor_100.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_SQLCEToolsForVS2007_MSI59C3.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_SSCERuntime_64_MSI54E7.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_SSCERuntime_MSI500E.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistMSI02C4.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistMSI030C.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistMSI0A71.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistMSI11A6.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistMSI1C0A.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistMSI1DD3.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistMSI289F.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistMSI704F.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistUI02C4.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistUI030C.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistUI0A71.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistUI11A6.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistUI1C0A.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistUI1DD3.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistUI289F.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\dd_vcredistUI704F.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\DelUS.bat => Moved successfully. C:\Users\User\AppData\Local\Temp\DMI7856.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\Donate.ico => Moved successfully. C:\Users\User\AppData\Local\Temp\dsp_ipp.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\e4j3406.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_BmaCRyaQZyjxtkf => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_dzgSgeMsKVDt9Ef => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_FfYWSOGovGjnaFz => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_kufRRgZygPuSf61 => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_KV4ffyPrxc60diG => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_oOg3bCgLvRVm92q => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_UbooJ1Jpyj5Qz9a => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_yc6BVFsXj4sIQdO => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_YqpddVDSTJQa8bS => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_yRTGAEyLjI5ZNkj => Moved successfully. C:\Users\User\AppData\Local\Temp\etilqs_zX3jAVMYBnDQiOF => Moved successfully. C:\Users\User\AppData\Local\Temp\Euro Truck Simulator 2 Patch Log.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\fam-installer.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\fm.DMP => Moved successfully. Could not move "C:\Users\User\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot. C:\Users\User\AppData\Local\Temp\Guest.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\image.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins26B5.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins3C38.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins53BD.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins67BA.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins785D.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins7B59.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins7F8E.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins908E.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\ins938B.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\insB675.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\insBC31.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\insE3DC.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\insEC2.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\insEE09.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\is4933.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\JavaDeployReg.log => Moved successfully. C:\Users\User\AppData\Local\Temp\main-weather-win7gadgets-com.gadget.~0000 => Moved successfully. C:\Users\User\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20131117_191155259-MSI_vc_red.msi.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20131117_191155259.html => Moved successfully. C:\Users\User\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131117_185613521-MSI_vc_red.msi.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131117_185613521.html => Moved successfully. C:\Users\User\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131117_191014861-MSI_vc_red.msi.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131117_191014861.html => Moved successfully. C:\Users\User\AppData\Local\Temp\MSI74a5e.LOG => Moved successfully. C:\Users\User\AppData\Local\Temp\MSI78453.LOG => Moved successfully. C:\Users\User\AppData\Local\Temp\MSI79b0a.LOG => Moved successfully. C:\Users\User\AppData\Local\Temp\MSI843f4.LOG => Moved successfully. C:\Users\User\AppData\Local\Temp\MSIdf23e.LOG => Moved successfully. C:\Users\User\AppData\Local\Temp\MSIf871b.LOG => Moved successfully. C:\Users\User\AppData\Local\Temp\next.png => Moved successfully. C:\Users\User\AppData\Local\Temp\nsd3113.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsdB639.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nse8CD.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nseA78C.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsg880.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsj6887.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsjA9CE.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsl98A.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsp987E.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\oobelib.log => Moved successfully. C:\Users\User\AppData\Local\Temp\opera_crashreporter.log => Moved successfully. C:\Users\User\AppData\Local\Temp\opera_installer_20130903165427.log => Moved successfully. C:\Users\User\AppData\Local\Temp\patchconfig.xml => Moved successfully. Could not move "C:\Users\User\AppData\Local\Temp\PDApp.log" => Scheduled to move on reboot. C:\Users\User\AppData\Local\Temp\preferences => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl11AC.tmp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl31DE.tmp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl6C5E.tmp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl730D.tmp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl9DF.tmp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\Report.ico => Moved successfully. C:\Users\User\AppData\Local\Temp\Scan.ico => Moved successfully. C:\Users\User\AppData\Local\Temp\set43F4.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\setB0E0.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\setCD55.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\setFFB8.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\setup.log => Moved successfully. C:\Users\User\AppData\Local\Temp\SqlSetup.log => Moved successfully. C:\Users\User\AppData\Local\Temp\standalonepatcher.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\swtag.log => Moved successfully. C:\Users\User\AppData\Local\Temp\tmpC25E.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\tmpC26F.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\tmpC270.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\tmpC271.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\tmpC282.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\tmpC292.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\tmpC293.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\tmpC3FB.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\TUInstallLogBP_2013-11-22_14-19-33.log => Moved successfully. C:\Users\User\AppData\Local\Temp\TUM6EF3.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\TUME02D.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\Uninstall.ico => Moved successfully. C:\Users\User\AppData\Local\Temp\UpdatusUser.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\User.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\users00 => Moved successfully. C:\Users\User\AppData\Local\Temp\uxeventlog.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\vorbis.acm => Moved successfully. C:\Users\User\AppData\Local\Temp\vorbisacm.inf => Moved successfully. C:\Users\User\AppData\Local\Temp\wmplog00.sqm => Moved successfully. C:\Users\User\AppData\Local\Temp\wubi-12.04.3-rev279.log => Moved successfully. C:\Users\User\AppData\Local\Temp\wubi-13.10-rev284.log => Moved successfully. C:\Users\User\AppData\Local\Temp\_iu14D2N.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\~3EC6.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\~9540.tmp => Moved successfully. C:\Users\User\AppData\Local\Temp\~DF23ACC1147DF9586D.TMP => Moved successfully. C:\Users\User\AppData\Local\Temp\~DF86F713BEF25DDAA9.TMP => Moved successfully. C:\Users\User\AppData\Local\Temp\~DF872BA8F4657406A9.TMP => Moved successfully. C:\Users\User\AppData\Local\Temp\~nsu.tmp\Au_.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{F45FE3F0-9ABA-4A5A-AEC1-F594DAD59C4F}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{F08A61C0-2E5C-46D8-9EA8-2D7CBF209BAF}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{CF2ADDBA-F904-4266-B72B-35091D32652F}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{AC76BA86-7AD7-1049-7B44-AB0000000001}\FixTransforms.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{AC76BA86-7AD7-1033-7B44-AB0000000001}\FixTransforms.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{8D7DB109-DFA3-426D-BAB9-86489300A798}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{607A6D51-EDE4-4E9D-BE05-94852D877BB2}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{4D90D53E-DC20-4FC1-8F64-D767666873EF}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{1BC5B788-D0BF-4365-85ED-9E2C418FB12C}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{14EA7E26-3B1E-440B-96D3-695382D5A145}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{11598730-0E0F-4406-8BA7-4BD6BC92C145}\setup.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\{036DCF90-A827-4B40-8F08-EB5BF0B887B8}\ISBEW64.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\_uninstall\_uninstall3296 => Moved successfully. C:\Users\User\AppData\Local\Temp\_uninstall\_uninstall4056 => Moved successfully. C:\Users\User\AppData\Local\Temp\_uninstall\_uninstall968 => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\baseline.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\BlockMSI_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\BlockWIC_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\CustomText.1033.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\deffactory.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\DeleteTemp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\dlmgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\ExpressRes.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\ExpressUI.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\gencomp.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\HtmlLite.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\IA64block_text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\License.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\locdata.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\logo.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\readme.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\setup.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\setup.sdb => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\setupres.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\Silverlight_EULA.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\Silverlight_privacy.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\SITSetup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\sqmapi.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\vs70uimgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\vsbasereqs.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\vsscenario.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\vs_setup.cab => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\vs_setup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\vs_setup.MSI => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\vs_setup.pdi => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\windowsSP_Requirements.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40577.tmp\WindowsUpdate_Required_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\baseline.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\BlockMSI_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\BlockWIC_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\CustomText.1033.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\deffactory.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\DeleteTemp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\dlmgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\ExpressRes.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\ExpressUI.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\gencomp.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\HtmlLite.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\IA64block_text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\License.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\locdata.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\logo.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\readme.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\setup.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\setup.sdb => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\setupres.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\Silverlight_EULA.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\Silverlight_privacy.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\SITSetup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\sqmapi.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\vs70uimgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\vsbasereqs.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\vsscenario.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\vs_setup.cab => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\vs_setup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\vs_setup.MSI => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\vs_setup.pdi => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\windowsSP_Requirements.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT40311.tmp\WindowsUpdate_Required_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\baseline.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\BlockMSI_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\BlockWIC_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\CustomText.1033.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\deffactory.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\DeleteTemp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\dlmgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\ExpressRes.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\ExpressUI.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\gencomp.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\HtmlLite.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\IA64block_text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\License.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\locdata.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\logo.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\readme.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\setup.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\setup.sdb => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\setupres.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\Silverlight_EULA.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\Silverlight_privacy.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\SITSetup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\sqmapi.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\vs70uimgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\vsbasereqs.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\vsscenario.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\vs_setup.cab => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\vs_setup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\vs_setup.MSI => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\vs_setup.pdi => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\windowsSP_Requirements.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT30542.tmp\WindowsUpdate_Required_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\baseline.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\BlockMSI_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\BlockWIC_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\CustomText.1033.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\deffactory.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\DeleteTemp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\dlmgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\ExpressRes.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\ExpressUI.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\gencomp.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\HtmlLite.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\IA64block_text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\License.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\locdata.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\logo.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\pidgenx.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\pkconfig.xrm-ms => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\readme.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\setup.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\setup.sdb => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\setupres.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\Silverlight_EULA.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\Silverlight_privacy.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\SITSetup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\sqmapi.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\vs70uimgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\vsbasereqs.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\vsscenario.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\vs_setup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\vs_setup.MS_ => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\vs_setup.pdi => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\windowsSP_Requirements.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT28221.tmp\WindowsUpdate_Required_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\baseline.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\BlockMSI_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\BlockWIC_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\CustomText.1033.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\deffactory.dat => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\DeleteTemp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\dlmgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\ExpressRes.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\ExpressUI.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\gencomp.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\HtmlLite.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\IA64block_text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\License.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\locdata.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\logo.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\readme.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\setup.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\setup.sdb => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\setupres.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\Silverlight_EULA.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\Silverlight_privacy.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\SITSetup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\sqmapi.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\vs70uimgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\vsbasereqs.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\vsscenario.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\vs_setup.cab => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\vs_setup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\vs_setup.MSI => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\vs_setup.pdi => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\windowsSP_Requirements.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\SIT20590.tmp\WindowsUpdate_Required_Text.htm => Moved successfully. C:\Users\User\AppData\Local\Temp\scoped_dir_3508_3055\DECODED_IMAGES => Moved successfully. C:\Users\User\AppData\Local\Temp\scoped_dir_3508_3055\DECODED_MESSAGE_CATALOGS => Moved successfully. C:\Users\User\AppData\Local\Temp\scoped_dir_3508_3055\piramides.crx => Moved successfully. C:\Users\User\AppData\Local\Temp\scoped_dir_3508_3055\CRX_INSTALL\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\scoped_dir_3508_3055\CRX_INSTALL\images\theme_frame.png => Moved successfully. C:\Users\User\AppData\Local\Temp\scoped_dir_3508_3055\CRX_INSTALL\images\theme_ntp_background.png => Moved successfully. C:\Users\User\AppData\Local\Temp\scoped_dir_3508_3055\CRX_INSTALL\images\theme_tab_background.png => Moved successfully. C:\Users\User\AppData\Local\Temp\scoped_dir_3508_3055\CRX_INSTALL\images\theme_toolbar.png => Moved successfully. C:\Users\User\AppData\Local\Temp\SC\GenericInstaller_v1.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SC\GenericInstaller_v1.zip => Moved successfully. C:\Users\User\AppData\Local\Temp\rmi\download-DTLite4471-0333.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\Rar$EXa0.433\Eula.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\Rar$EXa0.433\procexp.chm => Moved successfully. C:\Users\User\AppData\Local\Temp\Rar$EXa0.433\procexp.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\Rar$DRa0.189\pawno\pawnc.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\Rar$DRa0.189\pawno\pawncc.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\main.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\pylauncher.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\pyrun.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\python23.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\version.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\winboot\wubildr => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\winboot\wubildr-bootstrap.cfg => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\winboot\wubildr.cfg => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\winboot\wubildr.mbr => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\winboot\wubildr.tar => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\zh_TW\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\zh_HK\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\zh_CN\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\wae\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\vi\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\uz\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ur\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\uk\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\tw\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\tr\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\th\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\te\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ta\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\sv\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\sr\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\sq\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\sl\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\sk\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ru\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ro\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\pt_BR\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\pt\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\pl\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\nn\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\nl\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ne\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\nb\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\mt\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ms\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\mr\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\mo\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ml\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\mk\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\lv\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\lt\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ku\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ko\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\kn\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\kk\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\kab\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ka\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\jv\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ja\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\it\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\is\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\id\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\hu\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\hr\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\hi\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\he\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\gu\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\gl\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\fy\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\fr\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\fi\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\fa\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\eu\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\et\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\es\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\eo\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\en_GB\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\en_CA\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\en_AU\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\en\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\el\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\de\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\da\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\cy\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\csb\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\cs\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\crh\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ca\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\bs\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\br\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\bg\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ast\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\as\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\ar\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\translations\af\LC_MESSAGES\wubi.mo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\temp\info => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\calendar.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\cmd.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\codecs.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\ConfigParser.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\copy.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\copy_reg.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\datetime.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\dis.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\doctest.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\dummy_thread.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\fnmatch.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\ftplib.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\getopt.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\getpass.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\gettext.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\glob.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\gopherlib.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\gzip.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\httplib.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\inspect.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\linecache.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\locale.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\macurl2path.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\mimetools.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\mimetypes.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\ntpath.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\nturl2path.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\opcode.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\optparse.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\os.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\pdb.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\pickle.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\popen2.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\posixpath.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\pprint.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\pyexpat.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\quopri.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\random.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\re.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\repr.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\rfc822.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\select.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\shutil.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\socket.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\sre.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\sre_compile.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\sre_constants.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\sre_parse.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\stat.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\string.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\StringIO.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\stringprep.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\subprocess.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\tempfile.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\textwrap.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\threading.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\token.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\tokenize.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\traceback.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\types.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\unicodedata.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\unittest.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urllib.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urllib2.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urlparse.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\UserDict.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\uu.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\version.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\warnings.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\weakref.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\zlib.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\_ctypes.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\_socket.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\_sre.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\_ssl.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\_strptime.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\_subprocess.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\_winreg.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\__future__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\sax\expatreader.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\sax\handler.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\sax\saxutils.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\sax\xmlreader.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\sax\_exceptions.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\sax\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\parsers\expat.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\xml\parsers\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\application.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\errors.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\accessibility_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\cdboot_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\cd_finish_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\cd_menu_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\frontend.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\installation_finish_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\installation_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\progress_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\uninstallation_finish_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\uninstallation_page.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\frontends\win32\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\win32\backend.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\win32\drive.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\win32\eject.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\win32\mappings.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\win32\memory.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\win32\registry.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\win32\virtualdisk.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\win32\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\backend.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\btdownloader.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\distro.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\downloader.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\mappings.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\metalink.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\signature.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\tasklist.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\utils.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\wubi\backends\common\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\winui\defs.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\winui\ui.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\winui\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urlgrabber\byterange.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urlgrabber\grabber.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urlgrabber\keepalive.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urlgrabber\progress.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urlgrabber\sslfactory.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\urlgrabber\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\sets\sets.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\sets\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\code.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\api.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\armory.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\crypto.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\exceptions.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\list.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\text.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\util\misc.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\util\ordict.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\util\strnum.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\util\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\CompressedData.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\LiteralData.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\MPI.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\OnePassSignature.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\Packet.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\PublicKey.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\PublicKeyEncryptedSessionKey.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\S2K.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\Signature.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\SymmetricKeyEncryptedSessionKey.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\Trust.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\UserID.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\pkt\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\msg\CompressedMsg.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\msg\EncryptedMsg.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\msg\KeyMsg.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\msg\LiteralMsg.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\msg\Msg.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\msg\SignedMsg.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\openpgp\sap\msg\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\logging\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\encodings\aliases.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\encodings\ascii.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\encodings\idna.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\encodings\utf_8.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\encodings\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\ctypes\wintypes.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\ctypes\_endian.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\ctypes\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Util\number.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Util\randpool.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Util\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\PublicKey\DSA.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\PublicKey\ElGamal.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\PublicKey\pubkey.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\PublicKey\RSA.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\PublicKey\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Hash\SHA.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Hash\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Cipher\AES.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Cipher\Blowfish.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Cipher\CAST.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Cipher\DES3.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Cipher\IDEA.pyd => Moved successfully. C:\Users\User\AppData\Local\Temp\pyl7539.tmp\lib\Crypto\Cipher\__init__.pyo => Moved successfully. C:\Users\User\AppData\Local\Temp\nswA54A.tmp\webapp-uninstaller.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\nst2771.tmp\InetC.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nst2771.tmp\nsExec.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nst2771.tmp\System.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nst2771.tmp\t.txt => Moved successfully. C:\Users\User\AppData\Local\Temp\nsr5BCA.tmp\Banner.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsr5BCA.tmp\InstallOptions.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsr5BCA.tmp\ioSpecial.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nsr5BCA.tmp\modern-header.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsr5BCA.tmp\modern-wizard.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsr5BCA.tmp\System.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsr5BCA.tmp\unconfirm.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nsnF4BE.tmp\inetc.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsnF4BE.tmp\nsisunz.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsnF4BE.tmp\System.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\AccessControl.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\FindFLPath.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\ILInstallUtil.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\InstallOptions.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\ioA.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\ioFLMobileAdd.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\ioGoToWebPage_Online.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\ioRegPage.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\ioRegPage2.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\ioSpecial.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\modern-header.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\modern-wizard.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\NSISdl.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\System.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsgA324.tmp\UserMgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nsg66C4.tmp\webapp-uninstaller.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\AccessControl.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\FindFLPath.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\FLMobileAdd.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\hokuspokus.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\ILExtra.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\ILInstallUtil.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\InstallOptions.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\ioA.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\ioFLMobileAdd.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\ioGoToWebPage_Online.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\ioRegPage.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\ioRegPage2.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\ioSpecial.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\modern-header.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\modern-wizard.bmp => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\NSISdl.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\System.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\nscC998.tmp\UserMgr.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\MSS\3.8.130.10\ftconfig.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\MSS\3.8.130.10\mcbrwsr2.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes_LD.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\MSS\3.8.130.10\McInstallerStartup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\MSS\3.8.130.10\SecurityScanner.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\MSS\3.8.130.10\uninstaller.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\ispB96B.tmp\_Setup.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\e4j3406.tmp_dir\exe4jlib.jar => Moved successfully. C:\Users\User\AppData\Local\Temp\e4j3406.tmp_dir\i4jdel.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\Byki4ExpressInstaller.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\filelist.ini => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Animals 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Colors.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Days of the Week 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Meeting and Greeting 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Meeting and Greeting 2.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Numbers_ Cardinal 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Taking a Taxi 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Taking a Taxi 2.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English Taking a Taxi 3.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English _ 01 - Quick Start!.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English _ 02 - Quick Start!.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - English _ 03 - Quick Start!.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Animals 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Colors.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Days of the Week 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Meeting and Greeting 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Meeting and Greeting 2.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Numbers_ Cardinal 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Taking a Taxi 1.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Taking a Taxi 2.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English Taking a Taxi 3.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English _ 01 - Quick Start!.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English _ 02 - Quick Start!.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\BYKI0.TMP\b4u\Russian - Transliterated - English _ 03 - Quick Start!.b4u => Moved successfully. C:\Users\User\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll => Moved successfully. C:\Users\User\AppData\Local\Temp\apn_pip_local\finish.png => Moved successfully. C:\Users\User\AppData\Local\Temp\APN-Stub\SHD-V7\Msi3c914373-570f-4127-a8ef-70ce862d1896.log => Moved successfully. C:\Users\User\AppData\Local\Temp\APN-Stub\SHD-V7\Stb3c914373-570f-4127-a8ef-70ce862d1896.log => Moved successfully. C:\Users\User\AppData\Local\Temp\AdobeDownload\DLM_Native.log => Moved successfully. C:\Users\User\AppData\Local\Temp\732_7405\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\732_7405\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\732_7405\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\672_4254\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\672_4254\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\672_4254\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\656_17867\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\656_17867\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\656_17867\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\6308_26477\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\6308_26477\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\6308_26477\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\6052_1259\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\6052_1259\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\6052_1259\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\5780_5772\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\5780_5772\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\5780_5772\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\5532_28776\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\5532_28776\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\5532_28776\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\5464_10773\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\5464_10773\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\5464_10773\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\536_13852\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\536_13852\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\536_13852\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\5260_2145\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\5260_2145\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\5260_2145\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\5244_6654\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\5244_6654\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\5244_6654\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\5184_26025\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\5184_26025\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\5184_26025\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4980_17873\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4980_17873\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4980_17873\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4884_11446\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4884_11446\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4884_11446\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4880_30623\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4880_30623\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4880_30623\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4872_15904\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4872_15904\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4872_15904\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4848_4513\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4848_4513\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4848_4513\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\480_19099\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\480_19099\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\480_19099\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4772_460\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4772_460\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4772_460\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4688_24289\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4688_24289\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4688_24289\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4580_22941\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4580_22941\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4580_22941\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4516_13039\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4516_13039\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4516_13039\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4496_18381\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4496_18381\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4496_18381\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4472_5937\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4472_5937\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4472_5937\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4440_29500\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4440_29500\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4440_29500\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4420_14052\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4420_14052\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4420_14052\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4408_260\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4408_260\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4408_260\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4356_9800\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4356_9800\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4356_9800\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4332_2690\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4332_2690\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4332_2690\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4272_15993\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4272_15993\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4272_15993\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4236_13031\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4236_13031\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4236_13031\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4220_9129\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4220_9129\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4220_9129\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4196_29504\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4196_29504\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4196_29504\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4104_26056\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4104_26056\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4104_26056\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4104_2398\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4104_2398\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4104_2398\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4092_9921\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4092_9921\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4092_9921\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4068_4800\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4068_4800\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4068_4800\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4064_31375\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4064_31375\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4064_31375\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4052_1140\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4052_1140\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4052_1140\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\4016_26751\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\4016_26751\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\4016_26751\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\400_26471\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\400_26471\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\400_26471\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3996_26932\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3996_26932\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3996_26932\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3976_11479\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3976_11479\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3976_11479\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3952_29316\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3952_29316\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3952_29316\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3944_12263\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3944_12263\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3944_12263\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3920_24220\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3920_24220\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3920_24220\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3892_9208\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3892_9208\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3892_9208\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3840_31049\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3840_31049\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3840_31049\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3828_32513\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3828_32513\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3828_32513\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3820_27640\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3820_27640\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3820_27640\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3724_12023\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3724_12023\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3724_12023\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3632_24450\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3632_24450\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3632_24450\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3600_234\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3600_234\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3600_234\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3580_24019\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3580_24019\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3580_24019\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\352_3725\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\352_3725\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\352_3725\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3528_29951\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3528_29951\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3528_29951\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3512_15710\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3512_15710\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3512_15710\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3496_2483\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3496_2483\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3496_2483\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3492_28525\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3492_28525\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3492_28525\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3460_32696\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3460_32696\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3460_32696\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3376_9099\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3376_9099\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3376_9099\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3364_1740\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3364_1740\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3364_1740\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3328_25211\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3328_25211\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3328_25211\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3220_30739\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3220_30739\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3220_30739\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3128_1453\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3128_1453\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3128_1453\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3092_7602\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3092_7602\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3092_7602\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3076_15960\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3076_15960\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3076_15960\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\3060_2696\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\3060_2696\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\3060_2696\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\30319.01\1033\VB_EXP\wcu\sse\SQLExpr_x64_enu.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\30319.01\1033\VB_EXP\wcu\ssce\SSCERuntime_x64-enu.msi => Moved successfully. C:\Users\User\AppData\Local\Temp\30319.01\1033\VB_EXP\wcu\ssce\SSCERuntime_x86-enu.msi => Moved successfully. C:\Users\User\AppData\Local\Temp\30319.01\1033\VB_EXP\wcu\ssce\SSCEVSTools-enu.msi => Moved successfully. C:\Users\User\AppData\Local\Temp\2988_6103\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2988_6103\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2988_6103\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2852_5101\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2852_5101\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2852_5101\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2824_31614\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2824_31614\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2824_31614\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2804_26087\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2804_26087\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2804_26087\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2764_28193\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2764_28193\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2764_28193\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2756_16706\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2756_16706\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2756_16706\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2668_5704\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2668_5704\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2668_5704\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2628_17818\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2628_17818\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2628_17818\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2560_13670\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2560_13670\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2560_13670\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2416_25069\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2416_25069\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2416_25069\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2412_23824\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2412_23824\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2412_23824\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2380_1952\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2380_1952\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2380_1952\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2312_15867\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2312_15867\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2312_15867\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\2160_22656\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\2160_22656\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\2160_22656\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\208_20061\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\208_20061\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\208_20061\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\204_12632\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\204_12632\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\204_12632\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\1960_5025\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\1960_5025\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\1960_5025\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\1876_5881\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\1876_5881\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\1876_5881\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\1824_10046\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\1824_10046\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\1824_10046\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\1776_22351\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\1776_22351\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\1776_22351\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\1420_30805\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\1420_30805\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\1420_30805\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\1232_12097\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\1232_12097\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\1232_12097\manifest.json => Moved successfully. C:\Users\User\AppData\Local\Temp\1008_10629\crl-set => Moved successfully. C:\Users\User\AppData\Local\Temp\1008_10629\manifest.fingerprint => Moved successfully. C:\Users\User\AppData\Local\Temp\1008_10629\manifest.json => Moved successfully. Could not move "C:\Users\User\AppData\Local\Temp" directory. => Scheduled to move on reboot. C:\ProgramData => ":NT" ADS removed successfully. "C:\Windows" => ":nlsPreferences" ADS not found. "C:\Users\All Users" => ":NT" ADS not found. C:\Program Files\Common Files\Microsoft Shared => ":eV9coO8QMGD8xnzlpr7Mp0P" ADS removed successfully. C:\Program Files\Common Files\System => ":jN0Lu03xt2r0k7jQR" ADS removed successfully. C:\Program Files\Common Files\System => ":vlPGyrmanaQ0TMENNULb05" ADS removed successfully. "C:\ProgramData\Application Data" => ":NT" ADS not found. C:\ProgramData\Microsoft => ":bGvJnX1f4KBeYMi3rQkK" ADS removed successfully. C:\ProgramData\Microsoft => ":H1fYRAnEGkmUo5xOi9MyASy8m1I" ADS removed successfully. C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully. C:\ProgramData\TEMP => ":1B389835" ADS removed successfully. C:\ProgramData\TEMP => ":373E1720" ADS removed successfully. C:\ProgramData\TEMP => ":96D0C06F" ADS removed successfully. C:\ProgramData\TEMP => ":AD022376" ADS removed successfully. C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully. "C:\Users\User\Application Data" => ":NT" ADS not found. "C:\Users\User\Local Settings" => ":Raqs69Dw25wIIMdoSROpnxsOgf" ADS not found. C:\Users\User\AppData\Local => ":Raqs69Dw25wIIMdoSROpnxsOgf" ADS removed successfully. C:\Users\User\AppData\Roaming => ":NT" ADS removed successfully. "C:\Users\User\AppData\Local\Application Data" => ":Raqs69Dw25wIIMdoSROpnxsOgf" ADS not found. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-11 21:24:08)<= "C:\Users\User\AppData\Local\Temp\AdobeARM.log" => File could not move. "C:\Users\User\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => File could not move. C:\Users\User\AppData\Local\Temp\PDApp.log => Moved successfully. "C:\Users\User\AppData\Local\Temp" => Directory could not move. ==== End of Fixlog ==== Kako misliš svež log? U C nemam Combofix.txt

Profil

magna86 Poslao: 11 Dec 2013 21:34 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvinjavam se kolegi sto upadam u temu no da ne bi cekao ... Citat:Kako misliš svež log? Ponovo pokreni alat FRST i klikni na dugme Scan. Alat ce formirati svez FRST.txt izvestaj koji je potrebno iskopirati nazad u ovu temu na ponovni pregled.

Profil

Rorschach Poslao: 11 Dec 2013 21:36 Idi na vrh
offline Rorschach Građanin Walter Joseph Kovacs. Pridružio: 22 Nov 2013 Poruke: 137 Gde živiš: Beograd.	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Aha, evo: mycity.rs/must-login.png Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2013 Ran by User (administrator) on USER-PC on 11-12-2013 21:35:07 Running from C:\Users\User\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Skillbrains) C:\Users\User\AppData\Local\Skillbrains\lightshot\4.3.0.0\Lightshot.exe (Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (BitTorrent Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation) HKCU\...\Run: [AdobeBridge] - [x] HKCU\...\Run: [LightShot] - C:\Users\User\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-05-27] () HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [805208 2013-09-02] (BitTorrent Inc.) HKCU\...\Run: [RocketDock] - "C:\Program Files (x86)\RocketDock\RocketDock.exe" HKCU\...\Run: [Apps Hat] - C:\Users\User\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) AlternateShell: ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sz6idpkb.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ Chrome: ======= CHR HomePage: google.rs/ CHR RestoreOnStartup: "https://www.google.rs/" CHR DefaultSearchKeyword: google.rs CHR DefaultSearchProvider: Google CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Ancient Map) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcjaemihddenoopkkhaamlcoliiiain\1.4_0 CHR Extension: (3D Solar System Web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.82_0 CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR HKLM-x32\...\Chrome\Extension: [cpcidiiiodpbjdkbhldlebfbnidpgaih] - C:\Users\User\AppData\Local\CRE\cpcidiiiodpbjdkbhldlebfbnidpgaih.crx CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx ==================== Services (Whitelisted) ================= S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2012-06-27] () R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-11-30] () S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation) S2 XAMPP; C:\xampp\service.exe [60928 2013-03-30] () S3 DfSdkS; D:\ATiLiUS\Programi\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe [x] S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [x] S2 MySQL5; "C:\Program Files\Web Settings\MySQL\MySQL Server 4.1\bin\mysqld" --defaults-file="C:\Program Files\Web Settings\MySQL\MySQL Server 4.1\my.ini" MySQL5 S3 TipCtrl; "D:\Pavle\Programs\TC\uTIPu\TipCtrl.exe" [x] ==================== Drivers (Whitelisted) ==================== S3 ASAPIW2K; C:\Windows\SysWow64\ASAPI64.sys [10752 2005-07-13] (Pinnacle Systems GmbH) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-07-04] () R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-10-26] (AVG Technologies) S3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2008-03-26] (DemoForge, LLC) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-18] (DT Soft Ltd) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-07-04] () R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [x] S2 UI5IFS; \??\D:\ATiLiUS\Programi\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-11 21:35 - 2013-12-11 21:35 - 00016134 _____ C:\Users\User\Desktop\FRST.txt 2013-12-11 21:12 - 2013-12-11 21:12 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion 2013-12-11 11:59 - 2013-12-11 11:59 - 00000000 ____D C:\Users\User\Poslovna informatika 2013-12-11 09:56 - 2013-12-11 09:56 - 00020962 _____ C:\Users\User\Downloads\340009_1009968662_AdwCleaner[S0].txt 2013-12-11 09:55 - 2013-12-11 09:55 - 00033868 _____ C:\Users\User\Desktop\Addition.txt 2013-12-11 09:53 - 2013-12-11 09:53 - 00033868 _____ C:\Users\User\Downloads\Addition.txt 2013-12-11 09:51 - 2013-12-11 09:51 - 00020962 _____ C:\Users\User\Desktop\AdwCleaner[S0].txt 2013-12-11 09:32 - 2013-12-11 09:53 - 00051979 _____ C:\Users\User\Downloads\FRST.txt 2013-12-11 09:31 - 2013-12-11 21:24 - 00000000 ____D C:\FRST 2013-12-11 09:30 - 2013-12-11 21:12 - 01926944 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2013-12-11 08:22 - 2013-12-11 08:22 - 00014622 _____ C:\Users\User\Desktop\mostnazepi.txt 2013-12-11 07:52 - 2013-12-11 09:45 - 00000000 ____D C:\AdwCleaner 2013-12-11 07:52 - 2013-12-11 07:51 - 01226802 _____ C:\Users\User\Desktop\AdwCleaner.exe 2013-12-11 07:50 - 2013-12-11 07:51 - 01226802 _____ C:\Users\User\Downloads\AdwCleaner.exe 2013-12-10 21:59 - 2013-12-10 21:59 - 00377856 _____ C:\Users\User\Downloads\1zq59q40.exe 2013-12-10 21:14 - 2013-12-10 21:14 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds.scr 2013-12-10 20:55 - 2013-12-10 20:55 - 01927709 _____ C:\Users\User\Downloads\samp03x_svr_R2_win32.zip 2013-12-10 18:33 - 2013-12-10 20:51 - 00156280 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT 2013-12-09 10:15 - 2013-12-09 10:15 - 00000000 ____D C:\Users\User\AppData\Local\{DD7A3428-1853-4338-9341-01CC53AF697F} 2013-12-09 08:16 - 2013-12-09 08:18 - 00000000 ____D C:\Users\User\Desktop\Jamaica Role Play 2013-12-06 19:16 - 2013-12-06 19:16 - 00001092 _____ C:\Users\User\Documents\Documents - Shortcut.lnk 2013-12-03 18:24 - 2013-12-03 18:24 - 00000000 ____D C:\Users\User\AppData\Local\NVIDIA 2013-11-30 19:06 - 2013-11-30 19:06 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-11-30 15:40 - 2013-12-02 16:57 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-11-30 15:40 - 2013-11-30 15:40 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-11-30 15:40 - 2013-11-30 15:40 - 00000000 ____D C:\Users\User\AppData\Local\PunkBuster 2013-11-30 15:39 - 2013-11-30 15:39 - 00000000 ____D C:\Users\User\AppData\Local\Activision 2013-11-30 13:17 - 2013-12-10 20:45 - 00000000 ____D C:\Users\User\Documents\My Games 2013-11-30 13:17 - 2013-11-30 13:17 - 00000000 ____D C:\ProgramData\Age of Empires 3 2013-11-29 23:07 - 2013-11-29 23:07 - 00000626 _____ C:\Users\UpdatusUser\Desktop\Heroes of Newerth.lnk 2013-11-29 23:07 - 2013-11-29 23:07 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth 2013-11-29 12:30 - 2013-11-29 12:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Wargaming.net 2013-11-22 15:29 - 2013-11-22 15:29 - 00000000 ____D C:\Users\User\AppData\Local\Avg2014 2013-11-22 15:19 - 2013-11-22 15:19 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-11-22 15:18 - 2013-11-22 15:19 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro 2013-11-18 19:42 - 2013-11-29 18:41 - 00000000 ____D C:\Users\User\AppData\Roaming\IDMComp 2013-11-18 19:42 - 2013-11-29 18:41 - 00000000 ____D C:\ProgramData\IDMComp 2013-11-18 19:38 - 2013-12-10 20:36 - 00000000 ____D C:\Users\User\AppData\Local\Downloaded Installations 2013-11-17 19:18 - 2013-11-17 19:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2013-11-17 19:01 - 2013-12-11 07:47 - 00156280 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2013-11-17 17:34 - 2013-12-11 09:49 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2013-11-17 14:33 - 2013-11-17 14:33 - 00000000 ____D C:\Users\User\AppData\Local\FontCreator 2013-11-17 14:25 - 2013-11-17 14:38 - 00000000 ____D C:\Users\User\AppData\Roaming\FontCreator 2013-11-17 14:16 - 2013-11-27 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-12-11 21:35 - 2013-12-11 21:35 - 00016134 _____ C:\Users\User\Desktop\FRST.txt 2013-12-11 21:34 - 2012-06-27 11:45 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent 2013-12-11 21:34 - 2012-06-27 11:25 - 01424321 _____ C:\Windows\WindowsUpdate.log 2013-12-11 21:24 - 2013-12-11 09:31 - 00000000 ____D C:\FRST 2013-12-11 21:23 - 2013-02-28 17:29 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-11 21:23 - 2012-06-28 18:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-11 21:23 - 2012-06-27 11:39 - 00000000 ____D C:\ProgramData\NVIDIA 2013-12-11 21:23 - 2010-11-21 04:47 - 00795200 _____ C:\Windows\PFRO.log 2013-12-11 21:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-11 21:23 - 2009-07-14 05:51 - 00146892 _____ C:\Windows\setupact.log 2013-12-11 21:13 - 2013-09-23 16:31 - 00000000 ____D C:\Users\User\AppData\Local\CRE 2013-12-11 21:12 - 2013-12-11 21:12 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion 2013-12-11 21:12 - 2013-12-11 09:30 - 01926944 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2013-12-11 21:03 - 2012-06-28 18:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-12-11 21:03 - 2012-06-28 18:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-11 21:03 - 2012-06-28 18:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-12-11 20:58 - 2013-02-28 17:29 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-11 12:49 - 2012-06-27 11:48 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-12-11 12:16 - 2012-12-21 15:34 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe PNG Format CS6 Prefs 2013-12-11 11:59 - 2013-12-11 11:59 - 00000000 ____D C:\Users\User\Poslovna informatika 2013-12-11 09:56 - 2013-12-11 09:56 - 00020962 _____ C:\Users\User\Downloads\340009_1009968662_AdwCleaner[S0].txt 2013-12-11 09:55 - 2013-12-11 09:55 - 00033868 _____ C:\Users\User\Desktop\Addition.txt 2013-12-11 09:53 - 2013-12-11 09:53 - 00033868 _____ C:\Users\User\Downloads\Addition.txt 2013-12-11 09:53 - 2013-12-11 09:32 - 00051979 _____ C:\Users\User\Downloads\FRST.txt 2013-12-11 09:51 - 2013-12-11 09:51 - 00020962 _____ C:\Users\User\Desktop\AdwCleaner[S0].txt 2013-12-11 09:50 - 2013-09-03 11:34 - 00125797 _____ C:\Users\User\Desktop\㩃䙜卒屔畑牡湡楴敮Ȁ 2013-12-11 09:49 - 2013-11-17 17:34 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2013-12-11 09:45 - 2013-12-11 07:52 - 00000000 ____D C:\AdwCleaner 2013-12-11 08:22 - 2013-12-11 08:22 - 00014622 _____ C:\Users\User\Desktop\mostnazepi.txt 2013-12-11 07:51 - 2013-12-11 07:52 - 01226802 _____ C:\Users\User\Desktop\AdwCleaner.exe 2013-12-11 07:51 - 2013-12-11 07:50 - 01226802 _____ C:\Users\User\Downloads\AdwCleaner.exe 2013-12-11 07:47 - 2013-11-17 19:01 - 00156280 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2013-12-11 07:47 - 2009-07-14 05:45 - 05408664 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-10 21:59 - 2013-12-10 21:59 - 00377856 _____ C:\Users\User\Downloads\1zq59q40.exe 2013-12-10 21:14 - 2013-12-10 21:14 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds.scr 2013-12-10 20:55 - 2013-12-10 20:55 - 01927709 _____ C:\Users\User\Downloads\samp03x_svr_R2_win32.zip 2013-12-10 20:51 - 2013-12-10 18:33 - 00156280 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT 2013-12-10 20:45 - 2013-11-30 13:17 - 00000000 ____D C:\Users\User\Documents\My Games 2013-12-10 20:40 - 2012-06-30 13:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-10 20:39 - 2013-07-20 13:15 - 00000000 ____D C:\Program Files (x86)\MySQL 2013-12-10 20:39 - 2013-02-09 18:27 - 00000000 ____D C:\ProgramData\MySQL 2013-12-10 20:36 - 2013-11-18 19:38 - 00000000 ____D C:\Users\User\AppData\Local\Downloaded Installations 2013-12-10 20:32 - 2013-11-03 09:37 - 00000000 ____D C:\Program Files (x86)\MTA San Andreas 1.3 2013-12-10 20:32 - 2013-08-30 16:02 - 00000000 ____D C:\ProgramData\MTA San Andreas All 2013-12-10 18:32 - 2012-06-27 12:07 - 00008224 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-09 10:15 - 2013-12-09 10:15 - 00000000 ____D C:\Users\User\AppData\Local\{DD7A3428-1853-4338-9341-01CC53AF697F} 2013-12-09 08:18 - 2013-12-09 08:16 - 00000000 ____D C:\Users\User\Desktop\Jamaica Role Play 2013-12-08 21:45 - 2013-03-24 18:19 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla 2013-12-08 07:39 - 2009-07-14 06:08 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-12-07 07:53 - 2013-02-28 17:29 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-07 07:53 - 2013-02-28 17:29 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-06 19:16 - 2013-12-06 19:16 - 00001092 _____ C:\Users\User\Documents\Documents - Shortcut.lnk 2013-12-03 22:49 - 2009-07-14 05:45 - 00020656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-03 22:49 - 2009-07-14 05:45 - 00020656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-03 18:24 - 2013-12-03 18:24 - 00000000 ____D C:\Users\User\AppData\Local\NVIDIA 2013-12-03 15:30 - 2012-06-27 11:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-12-02 16:57 - 2013-11-30 15:40 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-11-30 19:06 - 2013-11-30 19:06 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-11-30 15:40 - 2013-11-30 15:40 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-11-30 15:40 - 2013-11-30 15:40 - 00000000 ____D C:\Users\User\AppData\Local\PunkBuster 2013-11-30 15:39 - 2013-11-30 15:39 - 00000000 ____D C:\Users\User\AppData\Local\Activision 2013-11-30 15:38 - 2012-06-29 08:25 - 00312387 _____ C:\Windows\DirectX.log 2013-11-30 13:17 - 2013-11-30 13:17 - 00000000 ____D C:\ProgramData\Age of Empires 3 2013-11-30 12:16 - 2013-10-23 09:17 - 00000000 ____D C:\ProgramData\Adobe 2013-11-29 23:07 - 2013-11-29 23:07 - 00000626 _____ C:\Users\UpdatusUser\Desktop\Heroes of Newerth.lnk 2013-11-29 23:07 - 2013-11-29 23:07 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth 2013-11-29 18:41 - 2013-11-18 19:42 - 00000000 ____D C:\Users\User\AppData\Roaming\IDMComp 2013-11-29 18:41 - 2013-11-18 19:42 - 00000000 ____D C:\ProgramData\IDMComp 2013-11-29 18:40 - 2013-08-15 11:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Nico Mak Computing 2013-11-29 12:30 - 2013-11-29 12:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Wargaming.net 2013-11-29 10:14 - 2012-07-07 07:20 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-11-28 07:44 - 2013-07-13 15:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-27 20:21 - 2013-11-17 14:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-26 07:29 - 2009-07-14 06:13 - 00006870 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-24 11:08 - 2012-07-29 16:19 - 00000000 ____D C:\Users\User\AppData\Roaming\BSplayer 2013-11-23 08:59 - 2012-08-13 14:15 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-11-22 15:29 - 2013-11-22 15:29 - 00000000 ____D C:\Users\User\AppData\Local\Avg2014 2013-11-22 15:23 - 2012-08-13 14:23 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro 2013-11-22 15:21 - 2012-08-13 14:16 - 00000000 ____D C:\Users\User\AppData\Roaming\TuneUp Software 2013-11-22 15:19 - 2013-11-22 15:19 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-11-22 15:19 - 2013-11-22 15:18 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro 2013-11-20 17:40 - 2013-10-23 15:28 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe 2013-11-20 16:26 - 2013-09-23 17:07 - 00000000 ____D C:\Users\User\Documents\Sports Interactive 2013-11-20 16:26 - 2013-09-23 17:07 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive 2013-11-20 16:26 - 2012-07-08 14:52 - 00000000 ____D C:\Users\User\AppData\Local\Sports Interactive 2013-11-18 19:54 - 2013-10-15 16:07 - 00000000 ____D C:\Program Files\Image-Line 2013-11-18 19:54 - 2013-06-20 13:07 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2013-11-17 19:18 - 2013-11-17 19:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2013-11-17 17:07 - 2013-10-05 08:33 - 00000000 ____D C:\xampp 2013-11-17 14:38 - 2013-11-17 14:25 - 00000000 ____D C:\Users\User\AppData\Roaming\FontCreator 2013-11-17 14:33 - 2013-11-17 14:33 - 00000000 ____D C:\Users\User\AppData\Local\FontCreator 2013-11-17 14:19 - 2013-07-21 17:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Dev-Cpp 2013-11-17 14:18 - 2013-07-30 12:31 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2013-11-17 14:10 - 2013-07-14 07:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++ 2013-11-17 14:10 - 2013-07-14 07:59 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2013-11-17 13:57 - 2013-01-05 16:50 - 00000000 ____D C:\ProgramData\Skype 2013-11-16 18:27 - 2013-01-01 01:56 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe GIF Format CS6 Prefs Files to move or delete: ==================== C:\ProgramData\sysqcl1129139270.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-05 21:04 ==================== End Of Log ============================

Profil

ivance95 Poslao: 12 Dec 2013 19:47 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sledeći tekst koji se nalazi unutar osenčenog prostora. `CHR HKLM-x32\...\Chrome\Extension: [cpcidiiiodpbjdkbhldlebfbnidpgaih] - C:\Users\User\AppData\Local\CRE\cpcidiiiodpbjdkbhldlebfbnidpgaih.crx C:\Users\User\AppData\Local\CRE\cpcidiiiodpbjdkbhldlebfbnidpgaih.crx C:\ProgramData\sysqcl1129139270.dat Hosts: CMD: ipconfig /flushdns` U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da fixlog.txt kopiras na forum Preuzmi Malwarebytes Anti-Rootkit(MBAR) sa sledeceg linka i sacuvaj ga na Desktop. dvoklikom pokreni MBAR na ikonicu i u novom prozoru koji se otvori klikni na dugme Ok. Alat ce biti raspakovan u zaseban mbar folder na desktop-u. Ovo ce ujedno i startovati Malwarebytes Anti-Rootkit. >> Ukoliko se pojavi bilo kakav upit, klikni na dugme NO Kada se MBAR startuje... klikni na dugme Next a potom na dugme Update da bi preuzeo najsvezije definicije; klikni na dugme Next i postaraj se da pod Scan targets: budu stiklirane Drivers, Sectors i System opcije; klikni na dugme Scan i picekaj da MBAR zavrsi skeniranje; Ukoliko malware nije detektovan, klikni na dugme Exit da bi zatvorio program i postavi nam system-log.txt i mbar-log-year-month-day (sat-minuti-sekundi).txt izvestaje. Ukoliko je malware detektovan, postaraj se da je Create Restore Point opcija stiklirana i klikni na Cleanup dugme; Procedura uklanjanja malware ce biti zapoceta i ubrzo ce program zatraziti restart sistema. klikni na dugme Yes da bi dozvolio restart sistema radi ciscenja. Po zavrsetku ciscenja, otvori MBAR folder i uz poruku okaci sledece MBAR izvestaje koristeci opciju "Prikaci fajl" - system-log.txt - mbar-log-year-month-day (sat-minuti-sekundi).txt.

Profil

Rorschach Poslao: 12 Dec 2013 20:36 Idi na vrh
offline Rorschach Građanin Walter Joseph Kovacs. Pridružio: 22 Nov 2013 Poruke: 137 Gde živiš: Beograd.	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-12-2013 02 Ran by User at 2013-12-12 20:11:25 Run:2 Running from C:\Users\User\Desktop Boot Mode: Normal ============================================== Content of fixlist: *************** CHR HKLM-x32\...\Chrome\Extension: [cpcidiiiodpbjdkbhldlebfbnidpgaih] - C:\Users\User\AppData\Local\CRE\cpcidiiiodpbjdkbhldlebfbnidpgaih.crx C:\Users\User\AppData\Local\CRE\cpcidiiiodpbjdkbhldlebfbnidpgaih.crx C:\ProgramData\sysqcl1129139270.dat Hosts: CMD: ipconfig /flushdns *************** HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih => Key deleted successfully. "C:\Users\User\AppData\Local\CRE\cpcidiiiodpbjdkbhldlebfbnidpgaih.crx" => File/Directory not found. "C:\Users\User\AppData\Local\CRE\cpcidiiiodpbjdkbhldlebfbnidpgaih.crx" => File/Directory not found. C:\ProgramData\sysqcl1129139270.dat => Moved successfully. C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= mbar(bilo je 7 malwera: mycity.rs/must-login.png mycity.rs/must-login.png Malwarebytes Anti-Rootkit BETA 1.07.0.1008 malwarebytes.org Database version: v2013.12.12.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 User :: USER-PC [administrator] 12.12.2013 20:15:02 mbar-log-2013-12-12 (20-15-02).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 298858 Time elapsed: 14 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKCU\SOFTWARE\NORRIS (Backdoor.Trace) -> Delete on reboot. Registry Values Detected: 1 HKCU\SOFTWARE\NORRIS\|FirstExecution (Backdoor.Trace) -> Data: 01/09/2013 -- 20:02 -> Delete on reboot. Registry Data Items Detected: 3 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER\|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot. HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER\|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot. HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER\|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Replace on reboot. Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\win32.exe (Trojan.Agent) -> Delete on reboot. C:\Users\User\AppData\Roaming\cglogs.dat (Malware.Trace) -> Delete on reboot. Physical Sectors Detected: 0 (No malicious items detected) (end)

Profil

ivance95 Poslao: 12 Dec 2013 22:12 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje? Da li i dalje imaš problema?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Sporije radi ponekad.

Ko je trenutno na forumu

Ukupno su 1060 korisnika na forumu :: 30 registrovanih, 3 sakrivenih i 1027 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: airsuba, ajo baba, Bane san, Bobrock1, Boris90, brundo65, Djokislav, dragoljub11987, Duh sa sekirom, Džordžino, GORDI, goxin, ILGromovnik, interesujeme, JohnnyBoii, kybonacci, Lieutenant, Mercury, mgolub, mkukoleca, nebojsag, nuke92, opt1, Panter, Povratak1912, Romibrat, Viceroy, Visionary, VJ, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by