MyCity » Ambulanta -> Arhiva Ambulante » Infekcija

Infekcija

Napisano na dan: 18.6.2015

Infekcija

Sledeća strana

Pagination

Odgovori

Srki94 Poslao: 18 Jun 2015 23:53 Idi na vrh
offline Srki94 Mod u pemziji Pridružio: 14 Feb 2008 Poruke: 12403	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pokupio sam neko smeće dok sam proveravao fajl, te mi je potrebno čišćenje Primetio sam da se instalirala ekstenzija "PriiceMinuus", koju sam isključio ručno u Chrome-u. Virus total izveštaj FRST : Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015 Ran by Srdjan (administrator) on SRKI94 on 18-06-2015 23:45:41 Running from C:\Users\Srdjan\Desktop Loaded Profiles: Srdjan (Available Profiles: Srdjan) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (AMD) C:\Windows\System32\atiesrxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe () C:\Windows\SysWOW64\ASGT.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\CISVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe (Flux Software LLC) C:\Users\Srdjan\AppData\Local\FluxSoftware\Flux\flux.exe (Skillbrains) C:\Users\Srdjan\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.exe () C:\Program Files (x86)\WhatPulse2\whatpulse.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Elias Fotinis) C:\Program Files (x86)\DeskPins\DeskPins.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe () C:\Program Files (x86)\WhatPulse2\whatpulse-watchdog.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Windows\System32\Srpskey.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-05] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-31] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc) HKLM-x32\...\Run: [srpskey] => C:\WINDOWS\SYSTEM32\SRPSKEY.EXE Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X] HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [LightShot] => C:\Users\Srdjan\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] () HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [f.lux] => C:\Users\Srdjan\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3681792 2015-05-16] () HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [Google Update] => "C:\Users\Srdjan\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\MountPoints2: {7ec0afdf-6723-11e3-a8d4-94de80d5cafb} - F:\setup.exe HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2013-08-16] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe [2690560 2013-07-02] (ASUS) Startup: C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2015-02-25] ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis) ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => No File ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => No File ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => No File CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-09] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-09] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-13] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-13] (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Filter: AutorunsDisabled - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2010-02-28] (Microsoft Corporation) Filter-x32: AutorunsDisabled - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2012-10-31] (Microsoft Corporation) Hosts: 127.0.0.1 activation.cloud.techsmith.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Srdjan\AppData\Roaming\Mozilla\Firefox\Profiles\sk3rsdnk.default FF Homepage: https://mysearch.avg.com/?cid={82735412-8796-4E46-858F-B91354DAD31E}&mid=f884ffc8592047d3a4af4597c6312308-5fbc70109d56b170764e58d9e4963e23366de3e2&lang=en&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-07 15:14:12&v=4.1.0.411&pid=wtu&sg=&sap=hp FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-09] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-09] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Srdjan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-01] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: SkypePlugin -> C:\Users\Srdjan\AppData\Local\SkypePlugin\7.3.0.483\npGatewayNpapi.dll [2015-05-15] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: SkypePlugin64 -> C:\Users\Srdjan\AppData\Local\SkypePlugin\7.3.0.483\npGatewayNpapi-x64.dll [2015-05-15] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-10] () FF Extension: Video DownloadHelper - C:\Users\Srdjan\AppData\Roaming\Mozilla\Firefox\Profiles\sk3rsdnk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-23] Chrome: ======= CHR Profile: C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (No Name) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-06-18] CHR Extension: (Nimbus Screenshot) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2015-05-25] CHR Extension: (No Name) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cklbilaeedbblhpkhjfcnmaocjdodcnm [2015-06-18] CHR Extension: (Video Downloader professional) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-06-15] CHR Extension: (No Name) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbbmnbomimdgmecfpbilhoafgmmeagef [2015-06-18] CHR Extension: (No Name) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-18] CHR Extension: (No Name) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-06-18] CHR Extension: (No Name) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2015-06-18] CHR Extension: (Disable Extensions Temporarily) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfdefmogcogicollfebhgjiiakbjdje [2015-05-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-31] (Advanced Micro Devices, Inc.) [File not signed] S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-05] (AVG Technologies CZ, s.r.o.) R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-03-09] (Apple Inc.) [File not signed] S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-05-03] (BitRaider, LLC) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed] S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1743928 2015-05-26] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516792 2015-05-26] (GOG.com) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-21] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-09] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-08-28] (Razer Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH) S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-08-16] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-07] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] () R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.) S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation) S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.) S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-05-03] (BitRaider) S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation) S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-26] (Disc Soft Ltd) S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-21] (REALiX(tm)) R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-02-19] (ASUSTeK Computer Inc.) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-08-16] (Microsoft Corporation) S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-18 23:45 - 2015-06-18 23:46 - 00024158 _____ C:\Users\Srdjan\Desktop\FRST.txt 2015-06-18 23:45 - 2015-06-18 23:45 - 02109952 _____ (Farbar) C:\Users\Srdjan\Desktop\FRST64.exe 2015-06-18 23:34 - 2015-06-18 23:34 - 00000000 ____D C:\ProgramData\kjdejndofepoindbiacfhpbpdigfpgbb 2015-06-18 23:32 - 2015-06-18 23:32 - 00199880 _____ C:\Users\Srdjan\Desktop\Yamb.exe 2015-06-18 23:32 - 2015-06-18 23:32 - 00003238 _____ C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b] 2015-06-18 23:32 - 2015-06-18 23:32 - 00001307 _____ C:\Users\Srdjan\Desktop\Yamb.lnk 2015-06-18 23:32 - 2015-06-18 23:32 - 00000324 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job 2015-06-18 23:32 - 2015-06-18 23:32 - 00000000 ____D C:\ProgramData\ihlibkobelamcemfkgageopcegehhkmg 2015-06-18 23:32 - 2015-06-18 23:32 - 00000000 ____D C:\ProgramData\{9d5bcfde-da64-03e7-9d5b-bcfdeda63f7b} 2015-06-18 18:29 - 2015-06-18 18:29 - 00000846 _____ C:\Users\Public\Desktop\Hearthstone.lnk 2015-06-18 18:29 - 2015-06-18 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2015-06-15 21:22 - 2015-06-18 21:55 - 00001680 _____ C:\Windows\setupact.log 2015-06-15 21:22 - 2015-06-15 21:22 - 00000000 _____ C:\Windows\setuperr.log 2015-06-15 18:40 - 2015-06-15 18:51 - 00000000 ____D C:\Users\Srdjan\AppData\Local\SkypePlugin 2015-06-15 02:59 - 2015-06-15 02:59 - 00000000 ____D C:\ProgramData\Baidu 2015-06-14 20:41 - 2015-06-18 23:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-13 21:04 - 2015-06-13 21:04 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2015-06-13 11:14 - 2015-06-13 11:14 - 00000000 ____D C:\Users\Srdjan\AppData\Local\MercurySteam 2015-06-13 08:57 - 2015-06-13 08:57 - 00000000 ____D C:\Program Files\Common Files\AV 2015-06-13 08:32 - 2015-06-13 08:32 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\CubetractorSteam 2015-06-12 16:31 - 2015-06-18 23:45 - 00000000 ____D C:\FRST 2015-06-12 02:27 - 2015-06-12 05:34 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\XnView 2015-06-12 02:27 - 2015-06-12 02:27 - 00000000 ____D C:\Users\Srdjan\Desktop\XnView-win-full 2015-06-12 00:47 - 2015-06-12 00:47 - 02280101 _____ C:\Users\Srdjan\Documents\cpu-z_1.72.1-en.zip 2015-06-12 00:47 - 2015-06-12 00:47 - 00000000 ____D C:\Users\Srdjan\Documents\cpu-z_1.72.1-en 2015-06-11 15:16 - 2015-06-11 15:19 - 00000000 ____D C:\Users\Srdjan\Documents\Assassin's Creed Unity 2015-06-11 14:37 - 2015-06-11 14:37 - 00000908 _____ C:\Users\Srdjan\Desktop\Assassin's Creed Unity.lnk 2015-06-11 14:37 - 2015-06-11 14:37 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Assassin's Creed Unity 2015-06-11 14:15 - 2015-06-11 14:15 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\dvdcss 2015-06-10 16:00 - 2013-02-19 19:02 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys 2015-06-10 05:21 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 05:21 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-10 05:21 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 05:21 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-10 05:21 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-10 05:21 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-10 05:21 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-10 05:21 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-06-10 05:21 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-10 05:21 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-10 05:21 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-10 05:21 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-10 05:21 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-10 05:21 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-06-10 05:21 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-06-10 05:21 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-06-10 05:21 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-06-10 05:21 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-06-10 05:21 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-06-10 05:21 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-06-10 05:21 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-06-10 05:21 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-06-10 05:21 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 05:21 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 05:21 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-06-10 05:21 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-06-10 05:21 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-10 05:21 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-06-10 05:21 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-10 05:21 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-06-10 05:21 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-10 05:21 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-10 05:21 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-10 05:21 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-10 05:21 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-06-10 05:21 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-06-10 05:21 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-06-10 05:21 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-10 05:21 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-06-10 05:21 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-10 05:21 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-06-10 05:21 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-10 05:21 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-06-10 05:21 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-10 05:21 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-10 05:21 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-10 05:21 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-10 05:21 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-10 05:21 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-06-10 05:21 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-10 05:21 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-10 05:21 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-10 05:21 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-10 05:21 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 05:21 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 05:21 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 05:21 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 05:21 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 05:21 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 05:21 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 05:21 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 05:21 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 05:21 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 05:21 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 05:21 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 05:21 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 05:21 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 05:21 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 05:21 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 05:21 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 05:21 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 05:21 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 05:21 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 05:21 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 05:21 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 05:21 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 05:21 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 05:21 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 05:21 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 05:21 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 05:21 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 05:21 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 05:21 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 05:21 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 05:21 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 05:21 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 05:21 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 05:21 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 05:21 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 05:21 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 05:21 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-06-10 05:21 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-06-10 05:21 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-06-10 05:21 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-06-10 05:21 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-06-10 05:21 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-10 05:21 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-10 05:21 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-09 19:37 - 2015-06-09 21:14 - 00000927 _____ C:\Users\Public\Desktop\Unity 5.1.0f3 (64-bit).lnk 2015-06-09 19:37 - 2015-06-09 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.0f3 (64-bit) 2015-06-01 15:01 - 2015-06-01 15:01 - 00000000 ____D C:\Users\Srdjan\AppData\Local\GWX 2015-06-01 04:12 - 2015-06-01 04:12 - 00000000 ____D C:\Users\Srdjan\Documents\Substance Painter 2015-06-01 04:12 - 2015-06-01 04:12 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Allegorithmic 2015-06-01 03:21 - 2015-06-01 03:27 - 00000000 ____D C:\Users\Srdjan\Documents\3dsMax 2015-06-01 03:21 - 2015-06-01 03:21 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Autodesk 2015-06-01 03:17 - 2015-06-01 03:20 - 00000000 ____D C:\ProgramData\FLEXnet 2015-06-01 03:17 - 2015-06-01 03:17 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Autodesk 2015-06-01 03:13 - 2015-06-01 03:32 - 00000000 ____D C:\ProgramData\Autodesk 2015-06-01 03:13 - 2015-06-01 03:14 - 00000000 ____D C:\Program Files\Autodesk 2015-06-01 03:12 - 2015-06-05 01:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-06-01 03:12 - 2015-06-01 03:12 - 00000000 ____D C:\Program Files (x86)\Autodesk 2015-05-31 22:09 - 2015-05-31 22:34 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\WizardWars 2015-05-31 00:22 - 2015-05-31 00:22 - 00002004 _____ C:\Users\Public\Desktop\FileZilla Client.lnk 2015-05-31 00:22 - 2015-05-31 00:21 - 06471520 _____ (Tim Kosse) C:\Users\Srdjan\Downloads\FileZilla_3.11.0.1_win64-setup [1].exe 2015-05-27 03:43 - 2015-05-27 03:43 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\ParadoxInteractive 2015-05-27 02:48 - 2015-05-27 02:48 - 00053346 _____ C:\Users\Srdjan\Downloads\SGPP.user.js 2015-05-26 17:43 - 2015-05-26 18:33 - 00000000 ____D C:\Users\Srdjan\Documents\The Witcher 3 2015-05-26 06:56 - 2015-05-26 06:56 - 00000000 ____D C:\Users\Srdjan\Documents\Steam Cloud 2015-05-25 02:52 - 2015-05-26 20:09 - 00000000 ____D C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0 2015-05-25 02:52 - 2015-01-14 11:28 - 03066880 _____ C:\Windows\system32\pwNative.exe 2015-05-25 02:52 - 2013-09-30 16:26 - 00019152 ____N C:\Windows\system32\pwdrvio.sys 2015-05-25 02:52 - 2013-09-30 16:26 - 00012504 ____N C:\Windows\system32\pwdspio.sys 2015-05-24 19:43 - 2015-05-24 19:43 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2013 Tools for Unity 2015-05-24 19:43 - 2015-05-24 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity 2015-05-24 17:21 - 2015-05-24 17:21 - 01169132 _____ C:\Users\Srdjan\Downloads\FVD-Video-Downloader_6_6_5 (3).crx 2015-05-24 17:20 - 2015-05-24 17:20 - 01169132 _____ C:\Users\Srdjan\Downloads\FVD-Video-Downloader_6_6_5 (2).crx 2015-05-24 16:35 - 2015-05-24 16:36 - 01169132 _____ C:\Users\Srdjan\Downloads\FVD-Video-Downloader_6_6_5.crx 2015-05-24 15:30 - 2015-06-13 08:57 - 00000965 _____ C:\Users\Public\Desktop\AVG 2015.lnk 2015-05-24 15:29 - 2015-05-24 15:29 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Avg 2015-05-24 15:27 - 2015-05-24 15:27 - 04928968 _____ (AVG Technologies) C:\Users\Srdjan\Downloads\avg_free_stb_all_5961p1_177.exe 2015-05-24 15:16 - 2015-05-24 15:16 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-24 15:15 - 2015-05-24 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-24 15:14 - 2015-06-18 23:27 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-24 15:14 - 2015-05-24 15:22 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-24 15:14 - 2015-05-24 15:22 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-24 14:32 - 2015-05-24 14:32 - 00000000 ____D C:\ProgramData\HitmanPro 2015-05-24 14:24 - 2015-05-24 14:48 - 00000000 ____D C:\AdwCleaner 2015-05-24 14:21 - 2015-05-24 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.2f1 (64-bit) 2015-05-24 06:16 - 2015-05-24 13:44 - 00000000 ____D C:\Program Files (x86)\WoorkApppp 2015-05-24 06:16 - 2015-05-24 13:44 - 00000000 ____D C:\Program Files (x86)\MyDieAlBox 2015-05-24 06:16 - 2015-05-24 13:44 - 00000000 ____D C:\Program Files (x86)\Badoo Notifications Extension 2015-05-24 06:16 - 2015-05-24 06:16 - 00000000 ____D C:\ProgramData\14093838508146067086 2015-05-24 06:15 - 2015-05-24 13:44 - 00000000 ____D C:\Program Files (x86)\ConnvertAppps 2015-05-23 15:25 - 2015-05-29 03:20 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Spoiler_Alert 2015-05-22 22:23 - 2015-05-22 22:23 - 04197379 _____ C:\Users\Srdjan\Desktop\Torba_zatvorena_1080.psd 2015-05-22 04:13 - 2015-06-14 03:44 - 00000000 ____D C:\Program Files\MyDefrag v4.3.1 2015-05-22 04:13 - 2015-05-31 04:16 - 00000907 _____ C:\Users\Public\Desktop\MyDefrag.lnk 2015-05-22 04:13 - 2015-05-22 04:13 - 00004114 _____ C:\Windows\System32\Tasks\MyDefrag v4.3.1 Monthly 2015-05-22 04:13 - 2015-05-22 04:13 - 00003434 _____ C:\Windows\System32\Tasks\MyDefrag v4.3.1 Daily 2015-05-22 04:13 - 2015-05-22 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 2015-05-22 04:13 - 2010-05-21 12:11 - 01147392 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.exe 2015-05-22 04:13 - 2010-05-21 12:11 - 00485376 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.scr 2015-05-22 03:49 - 2015-05-24 15:22 - 00000000 ____D C:\Program Files (x86)\PragmaEngine 2015-05-20 16:30 - 2015-05-20 16:30 - 00000000 ____D C:\Users\Srdjan\AppData\Local\chip.win32 2015-05-19 22:19 - 2015-05-19 22:19 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Fatshark 2015-05-19 09:52 - 2015-05-19 09:52 - 00287200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2015-05-19 08:47 - 2015-06-13 05:21 - 00000132 _____ C:\Users\Srdjan\AppData\Roaming\Adobe PNG Format CC Prefs ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-18 23:46 - 2015-03-24 14:33 - 00000000 ____D C:\Users\Srdjan\AppData\Local\whatpulse 2015-06-18 23:40 - 2009-07-14 06:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-18 23:40 - 2009-07-14 06:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-18 23:37 - 2013-12-16 17:24 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Skype 2015-06-18 23:36 - 2014-12-14 14:37 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Raptr 2015-06-18 23:34 - 2014-09-13 14:42 - 00000000 ____D C:\Program Files (x86)\Steam 2015-06-18 23:33 - 2014-08-07 16:21 - 171327488 _____ C:\Users\Srdjan\AppData\Local\SageThumbs.db3 2015-06-18 23:33 - 2014-04-28 14:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-06-18 23:32 - 2014-02-10 12:17 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Battle.net 2015-06-18 22:53 - 2013-12-16 17:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-18 18:20 - 2013-12-17 07:59 - 01188528 _____ C:\Windows\WindowsUpdate.log 2015-06-18 12:44 - 2013-12-17 15:46 - 00000000 ____D C:\ProgramData\MFAData 2015-06-17 23:26 - 2015-04-13 02:15 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\AIMP3 2015-06-17 03:29 - 2013-12-20 03:49 - 00000000 ____D C:\ProgramData\Unity 2015-06-17 03:01 - 2013-12-22 02:21 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\KeePass 2015-06-16 14:28 - 2013-12-17 19:44 - 00000000 ____D C:\Users\Srdjan\Documents\Euro Truck Simulator 2 2015-06-16 14:25 - 2015-01-02 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer 2015-06-16 14:25 - 2015-01-02 19:02 - 00000000 ____D C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer 2015-06-16 13:58 - 2014-05-18 12:31 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\uTorrent 2015-06-16 04:08 - 2015-03-24 21:46 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Everything 2015-06-15 06:07 - 2014-07-23 02:54 - 00000000 ____D C:\Users\Srdjan\AppData\Local\CrashDumps 2015-06-15 06:07 - 2014-01-03 19:07 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\TeamViewer 2015-06-15 06:07 - 2013-12-17 17:07 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\DAEMON Tools Lite 2015-06-15 04:44 - 2015-02-12 00:32 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\vlc 2015-06-14 23:22 - 2015-05-01 04:17 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\FarSky 2015-06-14 21:18 - 2014-06-30 03:47 - 00000000 ____D C:\Users\Srdjan\Documents\Visual Studio 2013 2015-06-14 13:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-13 08:57 - 2014-03-31 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-06-12 17:55 - 2014-01-12 05:47 - 00000125 _____ C:\Users\Srdjan\AppData\Roaming\licecap.ini 2015-06-12 15:31 - 2014-09-04 21:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-06-12 05:57 - 2015-04-17 17:39 - 00000000 ____D C:\Users\Srdjan\AppData\Local\ProjectExplore 2015-06-11 17:33 - 2014-03-09 19:43 - 00000000 ____D C:\Windows\pss 2015-06-11 14:37 - 2014-06-27 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2015-06-11 03:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-06-10 22:09 - 2014-12-04 11:16 - 00000000 __SHD C:\Users\Srdjan\AppData\Local\EmieBrowserModeList 2015-06-10 22:09 - 2014-04-29 01:26 - 00000000 __SHD C:\Users\Srdjan\AppData\Local\EmieUserList 2015-06-10 22:09 - 2014-04-29 01:26 - 00000000 __SHD C:\Users\Srdjan\AppData\Local\EmieSiteList 2015-06-10 19:07 - 2009-07-14 07:13 - 00791212 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-10 16:00 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-06-10 15:58 - 2009-07-14 06:45 - 05146600 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-10 15:56 - 2015-04-15 04:01 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-10 15:56 - 2014-05-06 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-10 15:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-10 12:13 - 2013-12-16 17:26 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-10 12:08 - 2013-12-16 17:49 - 00000000 ____D C:\Windows\system32\MRT 2015-06-10 11:57 - 2013-12-16 17:49 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-09 19:38 - 2013-12-20 01:09 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Unity 2015-06-08 20:14 - 2013-12-16 16:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-06-07 04:50 - 2015-04-29 22:37 - 00002069 _____ C:\Users\Srdjan\Desktop\Code.lnk 2015-06-07 04:50 - 2015-04-29 22:37 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2015-06-07 04:50 - 2015-04-29 22:37 - 00000000 ____D C:\Users\Srdjan\AppData\Local\SquirrelTemp 2015-06-07 04:49 - 2015-04-29 22:37 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Code 2015-06-07 03:17 - 2014-01-06 01:03 - 00000132 _____ C:\Users\Srdjan\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-06-07 00:47 - 2013-12-16 16:27 - 00119584 _____ C:\Users\Srdjan\AppData\Local\GDIPFONTCACHEV1.DAT 2015-06-06 19:52 - 2014-12-18 22:55 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-06-06 16:00 - 2013-12-16 23:04 - 00000000 ____D C:\Users\Srdjan 2015-06-05 03:17 - 2014-07-24 00:29 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\CDisplayEx 2015-06-03 22:08 - 2014-02-10 12:17 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-06-02 22:55 - 2014-08-18 16:01 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\FileZilla 2015-06-02 05:10 - 2013-12-18 06:37 - 00000000 ____D C:\Users\Srdjan\Documents\My Games 2015-06-02 05:09 - 2014-12-14 02:04 - 00000000 ____D C:\Users\Srdjan\Documents\SavedGames 2015-06-02 03:43 - 2014-03-17 02:09 - 00000022 _____ C:\Windows\GPU-Z.INI 2015-06-01 04:07 - 2013-12-16 16:28 - 00000000 ____D C:\ProgramData\Package Cache 2015-06-01 02:49 - 2013-12-16 23:08 - 00000000 ____D C:\Program Files (x86)\Google 2015-05-31 00:22 - 2014-08-18 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-05-31 00:22 - 2014-08-18 16:01 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2015-05-30 18:35 - 2014-12-25 23:33 - 00000000 ____D C:\Users\Srdjan\AppData\Local\MyCity_Facts_Generator 2015-05-30 05:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-05-29 19:32 - 2014-05-04 07:15 - 00000000 ____D C:\Users\Srdjan\.VirtualBox 2015-05-27 03:43 - 2013-12-20 04:58 - 00000000 ____D C:\ProgramData\Steam 2015-05-26 20:15 - 2015-04-21 17:56 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2015-05-26 19:07 - 2014-06-28 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-05-26 19:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-24 19:43 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-05-24 15:22 - 2013-12-16 23:09 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-24 15:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources 2015-05-24 15:15 - 2013-12-16 23:08 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Google 2015-05-24 15:14 - 2014-07-21 06:31 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Deployment 2015-05-24 14:44 - 2014-10-19 00:33 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Avg2015 2015-05-24 14:33 - 2014-12-10 12:28 - 00078104 _____ C:\Windows\SysWOW64\debug.log 2015-05-24 04:46 - 2014-08-23 14:23 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Adobe 2015-05-23 17:27 - 2014-12-24 02:51 - 00000000 ____D C:\Users\Srdjan\Documents\AirDroid 2015-05-23 14:48 - 2014-01-06 01:25 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-05-22 03:49 - 2015-02-01 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange 2015-05-21 20:38 - 2014-05-04 17:11 - 00000000 ____D C:\SharedVM 2015-05-20 23:26 - 2013-12-17 18:30 - 00000000 ____D C:\Program Files (x86)\Java 2015-05-20 23:11 - 2013-12-16 17:11 - 00000000 ____D C:\Program Files\Java 2015-05-20 16:30 - 2015-04-04 16:22 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-05-20 16:30 - 2015-04-04 16:22 - 00000000 ___SD C:\Windows\system32\GWX 2015-05-20 14:44 - 2015-03-24 14:33 - 00000000 ____D C:\Program Files (x86)\WhatPulse2 2015-05-20 14:33 - 2014-06-24 15:48 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-05-19 07:41 - 2014-01-09 03:10 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\OBS 2015-05-19 05:30 - 2014-01-01 04:51 - 00007607 _____ C:\Users\Srdjan\AppData\Local\resmon.resmoncfg ==================== Files in the root of some directories ======= 2014-04-09 13:45 - 2014-04-09 13:45 - 0000120 _____ () C:\Users\Srdjan\AppData\Roaming\03915780.dat 2015-05-19 08:47 - 2015-06-13 05:21 - 0000132 _____ () C:\Users\Srdjan\AppData\Roaming\Adobe PNG Format CC Prefs 2014-01-06 01:03 - 2015-06-07 03:17 - 0000132 _____ () C:\Users\Srdjan\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-08-07 16:24 - 2014-08-07 17:00 - 0000132 _____ () C:\Users\Srdjan\AppData\Roaming\Adobe Targa Format CS6 Prefs 2014-07-20 04:29 - 2014-07-20 04:29 - 0000099 _____ () C:\Users\Srdjan\AppData\Roaming\LauncherSettings_live.cfg 2014-01-12 05:47 - 2015-06-12 17:55 - 0000125 _____ () C:\Users\Srdjan\AppData\Roaming\licecap.ini 2014-11-06 00:13 - 2014-11-06 00:13 - 0000000 _____ () C:\Users\Srdjan\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-07-20 04:23 - 2014-07-20 04:24 - 0000040 _____ () C:\Users\Srdjan\AppData\Roaming\TheHunterSettings_steam_live.cfg 2014-08-18 14:42 - 2014-08-19 13:00 - 0004957 _____ () C:\Users\Srdjan\AppData\Roaming\wifi_speakers.dat 2014-11-29 08:48 - 2015-05-06 03:23 - 0001456 _____ () C:\Users\Srdjan\AppData\Local\Adobe Save for Web 13.0 Prefs 2014-04-29 01:34 - 2014-07-21 23:05 - 0005120 _____ () C:\Users\Srdjan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-06-16 18:21 - 2014-06-16 18:21 - 1065984 _____ () C:\Users\Srdjan\AppData\Local\file__0.localstorage 2014-01-09 04:13 - 2014-01-09 04:13 - 0000000 ___SH () C:\Users\Srdjan\AppData\Local\LumaEmu 2015-03-13 20:11 - 2015-03-13 20:11 - 0006511 _____ () C:\Users\Srdjan\AppData\Local\recently-used.xbel 2014-01-01 04:51 - 2015-05-19 05:30 - 0007607 _____ () C:\Users\Srdjan\AppData\Local\resmon.resmoncfg 2014-08-07 16:21 - 2015-06-18 23:33 - 171327488 _____ () C:\Users\Srdjan\AppData\Local\SageThumbs.db3 2013-12-17 18:43 - 2013-12-17 18:43 - 0000003 _____ () C:\Users\Srdjan\AppData\Local\updater.log 2013-12-17 18:43 - 2014-10-08 16:17 - 0000439 _____ () C:\Users\Srdjan\AppData\Local\UserProducts.xml ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-13 07:21 ==================== End of log ============================ https://www.mycity.rs/must-login.png

Profil

argus Poslao: 19 Jun 2015 10:43 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, obrisi ga sa desktopa Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `createsrpoint; autoclean; emptyalltemp; bitsadmin /reset /allusers;b ipconfig /flushdns;b` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku. Korak 2. Ponovo pokreni Farbar i postavi nove izvestaje.

Profil

Srki94 Poslao: 19 Jun 2015 18:34 Idi na vrh
offline Srki94 Mod u pemziji Pridružio: 14 Feb 2008 Poruke: 12403	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Poz, zaspao sam tokom skeniranja pa zato kasni log. Zoek :: Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Srdjan on pet 19.06.2015 at 14:21:26,45. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Srdjan\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 19.6.2015 14:23:27 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\dumps deleted successfully C:\PROGRA~2\Origin Games deleted successfully C:\PROGRA~2\PragmaEngine deleted successfully C:\PROGRA~2\Stardock deleted successfully C:\PROGRA~3\Hi-Rez Studios deleted successfully C:\PROGRA~3\LumaEmu_SteamCloud deleted successfully C:\PROGRA~3\Solid State Networks deleted successfully C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully C:\Users\Srdjan\AppData\Roaming\BitTorrent deleted successfully C:\Users\Srdjan\AppData\Roaming\Curse Advertising deleted successfully C:\Users\Srdjan\AppData\Roaming\GHISLER deleted successfully C:\Users\Srdjan\AppData\Roaming\IonFx deleted successfully C:\Users\Srdjan\AppData\Roaming\IrfanView deleted successfully C:\Users\Srdjan\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Srdjan\AppData\Roaming\MMFApplications deleted successfully C:\Users\Srdjan\AppData\Roaming\Samsung deleted successfully C:\Users\Srdjan\AppData\Local\CrashDumps deleted successfully C:\Users\Srdjan\AppData\Local\Downloaded Installations deleted successfully C:\Users\Srdjan\AppData\Local\Dxtory Software deleted successfully C:\Users\Srdjan\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Srdjan\AppData\Local\EmieSiteList deleted successfully C:\Users\Srdjan\AppData\Local\EmieUserList deleted successfully C:\Users\Srdjan\AppData\Local\NCSOFT deleted successfully C:\Users\Srdjan\AppData\Local\PACE Anti-Piracy deleted successfully C:\Users\Srdjan\AppData\Local\Samsung deleted successfully C:\Users\Srdjan\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3012697505-3807635779-1283347855-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_USERS\S-1-5-21-3012697505-3807635779-1283347855-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D020300} deleted successfully HKEY_USERS\S-1-5-21-3012697505-3807635779-1283347855-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D020300} deleted successfully HKEY_USERS\S-1-5-21-3012697505-3807635779-1283347855-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF1FF83-D72B-46DC-AC26-DEE8D1BD8B3F} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D020300} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WtuSystemSupport deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Srdjan\AppData\Roaming\Mozilla\Firefox\Profiles\sk3rsdnk.default user.js not found ---- Lines mysearch removed from prefs.js ---- user_pref("browser.startup.homepage", "https://mysearch.avg.com/?cid={82735412-8796-4E46-858F-B91354DAD31E}&mid=f884ffc8592047d3a4af4597c6312308-5fbc7 ---- Lines extensions.sbGsz3r89cxmoecx removed from prefs.js ---- user_pref("extensions.sbGsz3r89cxmoecx.epoch", "1433101543"); user_pref("extensions.sbGsz3r89cxmoecx.url", "http://toolkitcard.in/sync2/?q=hfZ9oe84hylSBGhEAen0rja7rda7tMqLDe49CNU0kVrMCMlNhd9Fqja8rTnEqdwFrTrMBzqUo ---- FireFox user.js and prefs.js backups ---- prefs_19.06.2015_1437_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~2\dumps not found C:\PROGRA~2\Origin Games not found C:\PROGRA~2\PragmaEngine not found C:\PROGRA~2\Stardock not found C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found C:\PROGRA~2\ConnvertAppps deleted C:\PROGRA~2\WoorkApppp deleted C:\PROGRA~2\Badoo Notifications Extension deleted C:\PROGRA~2\MyDieAlBox deleted C:\Users\Srdjan\AppData\Roaming\Code deleted C:\Users\Srdjan\AppData\Roaming\livestreamer deleted C:\Users\Srdjan\AppData\Roaming\WizardWars deleted C:\PROGRA~3\ihlibkobelamcemfkgageopcegehhkmg deleted C:\PROGRA~3\kjdejndofepoindbiacfhpbpdigfpgbb deleted C:\windows\SysNative\Tasks\Bidaily Synchronize Task[973b] deleted C:\PROGRA~3\{9d5bcfde-da64-03e7-9d5b-bcfdeda63f7b} deleted C:\PROGRA~3\14093838508146067086 deleted C:\Users\Srdjan\AppData\Local\AVG Web TuneUp deleted C:\Users\Srdjan\.android deleted C:\STF3639.tmp deleted C:\STF4985.tmp deleted C:\STF88F5.tmp deleted C:\STF9B06.tmp deleted C:\STFABC6.tmp deleted C:\STFB41.tmp deleted C:\STFEEC3.tmp deleted C:\install.exe deleted C:\found.000 deleted C:\Users\Srdjan\AppData\Roaming\licecap.ini deleted C:\Users\Srdjan\AppData\Roaming\Common deleted C:\PROGRA~3\AVG Web TuneUp deleted C:\Users\Srdjan\AppData\Local\updater.log deleted C:\Users\Srdjan\AppData\Local\node-webkit deleted C:\Users\Srdjan\AppData\Local\CrashRpt deleted C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\REN1A18.tmp deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\Srdjan\AppData\Roaming\Mozilla\Firefox\Profiles\sk3rsdnk.default\jetpack deleted "C:\Users\Srdjan\AppData\Local\LumaEmu" deleted "C:\Users\Srdjan\AppData\Roaming\Roogoo\RSD.sav" deleted "C:\PROGRA~2\AVG Web TuneUp\TBAPI.dll" deleted "C:\Users\Srdjan\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.dll" deleted "C:\Users\Srdjan\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.exe" deleted "C:\Users\Srdjan\AppData\Roaming\Roogoo" deleted "C:\PROGRA~2\AVG Web TuneUp" not deleted "C:\PROGRA~3\Package Cache" deleted "C:\Users\Srdjan\AppData\Local\Skillbrains" deleted "C:\Users\Srdjan\AppData\LocalLow\AVG Web TuneUp" deleted "C:\Users\Srdjan\AppData\Local\Skillbrains\lightshot" deleted "C:\Users\Srdjan\AppData\Local\Skillbrains\lightshot\5.1.4.17" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\Srdjan\AppData\Roaming\Mozilla\Firefox\Profiles\sk3rsdnk.default - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Srdjan\AppData\Roaming\Mozilla\Firefox\Profiles\sk3rsdnk.default C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash E26F56A6E9E6E20132E53890E67C7FDC - C:\Users\Srdjan\AppData\Local\SkypePlugin\7.3.0.483\npGatewayNpapi.dll - Skype Web Plugin 60C7FDA90EB23BD3165F2AFB8DF8B456 - C:\Users\Srdjan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player F690119ACB9236A2C1A83ECA24877673 - C:\Users\Srdjan\AppData\Local\SkypePlugin\7.3.0.483\npGatewayNpapi-x64.dll - Skype Web Plugin ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.124 Nimbus Screenshot - Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj Disable Extensions Temporarily - Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfdefmogcogicollfebhgjiiakbjdje Badoo Notifications Extension - Srdjan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gngmhdpofjbdiecihebaaooakicnjjmc ==== Chromium Startpages ====================== C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Preferences /","https://.googleusercontent.com/"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"granted_permissions":{"api":["alarms","background","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["://.google.com/","://.gstatic.com/","https://.googleapis.com/","https://.googleusercontent.com/"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076989975025936","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","://.google.com/","://.gstatic.com/","https://.googleapis.com/chromenow/v1/","https://.googleapis.com/gcm/","https://.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"srki94@hotmail.com","username":"srki94@hotmail.com"}},"homepage":"","homepage_is_newtabpage":false,"pinned_tabs":[],"prefs":{"preference_reset_time":"13079136777011030"},"protection":{"macs":{"browser":{"show_home_button":"242750E5E43B596CD587AF61254FDADAB45161682FDDB0E192B4020C2CE5121C"},"default_search_provider":{"keyword":"8502EDAA246FF6B188C85C05F6080DA65076EE0A62D4EE8E39BD82FA093D73A4","name":"AA0695735AB7D8823CD47748A9EC6BB326F7A60C92606150D9296DAFEC83EE6E","search_url":"4B998657BB2032A178ED09715D63C117D1513F429B2A3DC4E97D81CCABDA307E"},"default_search_provider_data":{"template_url_data":"E59BE7E1DEF64B0C62466691BFD45ED4B6EA996D8154F55885732A76BE9BF0A8"},"extensions":{"settings":{"aegfbpchoheaflicfmggkmlmcccpjpgd":"553AFFDDE91B937E5BD3A236FF09B685AC19B94CA99D4462C65AD0F8FED865B1","ahfgeienlihckogmohjhadlkjgocpleb":"B5DD90DB4D3085E531315FDE43CFB02E4E0FD97FBE391BEE0288F128C5541BAA","bepbmhgboaologfdajaanbcjmnhjmhfn":"1DAC1988E8FFE2A013504D3AD21F06A98719856548AA2529623923AF263DFF4D","blakpkgjpemejpbmfiglncklihnhjkij":"7238E152D95CDDBA7D7AAC55356D041CF2C799B4931B5D20BB83E9C6F4C8E216","bpconcjcammlapcogcnnelfmaeghhagj":"4B4AB85E23BA11A614670B6A3C844BCC414B88AB7074619E73A082543241BB9B","cklbilaeedbblhpkhjfcnmaocjdodcnm":"A0CD786119AC4954A2C6CDB1A94A43E9A027A2FF090F68A9B9DCF00628F37927","eemcgdkfndhakfknompkggombfjjjeno":"77279870BB6A9A55675392009BBA1E68A2EFB0B5CDD4474EDB77B94A6749CF41","elicpjhcidhpjomhibiffojpinpmmpil":"6B2932CE169EE099FD89F0E9071D71409AC4C363E515CA4FF805EF17A6648197","ennkphjdgehloodpbhlhldgbnhmacadg":"05AAF4ADAB9623D6927CBEA1A0B4DA52662F5B51C3D21F5D2338FDD5747A815E","fbbmnbomimdgmecfpbilhoafgmmeagef":"18339F5714655BB857BECA41168DE6054D90E909F8FD2F951C5B7B37AEBD7AA0","fepbnnnkkadjhjahcafoaglimekefifl":"89487AF6097762CA59714CD0A9F7E0EEEBEDFB678846A62F01CD5E46D2F207E3","fploionmjgeclbkemipmkogoaohcdbig":"D4F12A0C661DAF8D67BF0E2699978870428C97F1B4660BDBAA41C9796067A0CB","gaabphjjdcjiimoakeoggokfiiganaja":"1F91E995DB98412C6030AE475AFD81FBEFB4C5660AF3C1EB3D21DF495AE63F38","gfdkimpbcpahaombhbimeihdjnejgicl":"F6E0703B4694DBC7EC51195F3AC90701AFD804D771FB539F0C1852F1D31E4442","gighmmpiobklfepjocnamgkkbiglidom":"D6E9D6BDB3926653A7F870D2C6E27342B01F966B01792406F14241A809D993C6","gkojfkhlekighikafcpjkiklfbnlmeio":"510DBD27CB08E3AFCFC893AED60AF8A68BC55F0AC296CED67BC2EE97296966EB","immpkjjlgappgfkkfieppnmlhakdmaab":"DE89A8606CAB85E1C747D39C02417BB5ABDDCF069E05F0DAB77AA0495A128176","kjdejndofepoindbiacfhpbpdigfpgbb":"73B51DBF77FCA84E8F8AF7B5D51E1E6792A4B01855569EEFF72FD7B63C1995DF","kmendfapggjehodndflmmgagdbamhnfd":"6574BC143BEEAC29D4F753A587C94B58492B0E9FF5A93C30398CC92F498226FA","lcfdefmogcogicollfebhgjiiakbjdje":"F0BEE76D5DAE04504BBA63228D76D118108578828C6FCBF8A5DC7D5152BCCE6D","lfmhcpmkbdkbgbmkjoiopeeegenkdikp":"6B8AE347B309EFF3AA51F61791A85729767A7A11F0167DBBA682683C9C445F4A","mfehgcgbbipciphmccgaenjidiccnmng":"A83CE829637E9DB7BA7500ABBE6C51DC4147CCB8417D0CA1B9FA215C311DC6D3","mfffpogegjflfpflabcdkioaeobkgjik":"386B56B6C86F95D15E8880D4419615D057F3537B8AFD485EF2CD084E16756FA5","mgndgikekgjfcpckkfioiadnlibdjbkf":"10A93142148BC9383C5FE548427CF86B809EFEF2DA73621D245E347739D708ED","mhjfbmdgcfjbbpaeojofohoefgiehjai":"85E0C72716371B0553A844829607D8B86C7091E61B401AD374019B2B51F511BA","nbpagnldghgfoolbancepceaanlmhfmd":"92D661243EBA38E404CEA0A5DBF0DC6338BECDDC852EF0B12AFF216A13CF4D5A","neajdppkdcdipfabeoofebfddakdcjhd":"049E9AFFFA5DC38ECCA0E319151A564F3DFAAFB0910418EE3F17E59240FD272D","nkeimhogjdpnpccoofpliimaahmaaome":"98F5EC6A18DC470FDE7FAABA2F230DDDB66B005D68EE1B817F2904C73D3CD991","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A9D2250CCE3A1B8E0D111903C146B8BCE6252ED14F0C312EFA227455042CCF99"}},"google":{"services":{"last_username":"1C65CB3B23428A442D56F02152C0C287659D2DDC61DC4565F6342618A66E523C","username":"7F510DD8DB373545804313F281E25D4386893C375089A0BC9DAD43180CE4EED6"}},"homepage":"D7C425638AAC91A0219ACD1FA111A5F07CA94023DF1043640CE3B8A737403B34","homepage_is_newtabpage":"BEBC6F2CB9B49CA4B50AFAFE8BCD8F2DF0859BF518DD5E45C9C3347DFE908169","pinned_tabs":"BF9DA4BB9029A09A89293111DAE058C80C9F70C97CA9131D305A0EDF0F741308","prefs":{"preference_reset_time":"F09B285AE5A961FE40F7B14ADE55A888B7C152C1FC595F0916E322B4C076BF53"},"profile":{"reset_prompt_memento":"B4FB997DF484B4E1EDF31D4B7CBDA2CD7F009E8EC9501505CB77EF356628AC22"},"safebrowsing":{"incidents_sent":"5D50EA9878A4211D8B32D18938357358AA1B300E2C4B723841D8773D335DCE9E"},"search_provider_overrides":"220FB47110FF83DEB1C459A86BAD9A9050F9CE59F11CAFC173841A3D8EC21201","session":{"restore_on_startup":"1023013C044699EBED84C20F4F5AE97A3E91EC1C0A227AB4296254E372206F16","startup_urls":"3448674A2BBD78A9FFDC958645E3898E273839B3372B66C6F852D070FB652356"},"software_reporter":{"prompt_reason":"B2B9B3328A36B5844B5169134B7792F2E08DAAEAF11AADD4EB25126BBEAA99A9","prompt_seed":"A688987F841FF9D080AEAB2050E4D08F82032BF2D8D7A9358B2C60335CD00F1A","prompt_version":"008B8D2386B14C4E6462724AAE28A516FF15B302269FB16A5B101E8CF8C03FD2"},"sync":{"remaining_rollback_tries":"27EB432F1F23B51AFC3DE7A984246115035335D8C7A34A6E8F9C982D5B30D324"}},"super_mac":"066895FE3068F6E391873E0F64CB9351F01B12C6D6101CC1DB53D5CE883B44AB"},"session":{"restore_on_startup":5,"startup_urls":[]},"sync":{"remaining_rollback_tries":0}} ==== Chromium Fix ====================== C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.darklyrics.com_0.localstorage deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.darklyrics.com_0.localstorage-journal deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage-journal deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_our.amplifinder.biz_0.localstorage deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_our.amplifinder.biz_0.localstorage-journal deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Srdjan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gngmhdpofjbdiecihebaaooakicnjjmc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9490A9E7-B0E9-D9EA-365C-3EE2B532055E} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1DAA6762-0F78-B6E5-EE41-AAC6A8C4B3B1} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{969FB8EF-38D0-4607-CFDE-397D08A961A3} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{471A07E9-3E75-283E-9320-32E903B10ACD} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirDroid 3 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProxyCap deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\srpskey deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6MSLV1K will be deleted at reboot C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GU5DPP2W will be deleted at reboot C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4AW37TF will be deleted at reboot C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YB9AYXSB will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Srdjan\AppData\Local\Mozilla\Firefox\Profiles\sk3rsdnk.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Srdjan\AppData\Local\Google\Chrome SxS\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1169 folders=823 4216076943 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Srdjan\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Srdjan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\AVG Web TuneUp" not found "C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6MSLV1K" not found "C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GU5DPP2W" not found "C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4AW37TF" not found "C:\Users\Srdjan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YB9AYXSB" not found ==== EOF on pet 19.06.2015 at 17:30:18,60 ====================== FRST : Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015 Ran by Srdjan (administrator) on SRKI94 on 19-06-2015 18:31:56 Running from C:\Users\Srdjan\Desktop Loaded Profiles: Srdjan (Available Profiles: Srdjan) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe () C:\Windows\SysWOW64\ASGT.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\CISVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe (Flux Software LLC) C:\Users\Srdjan\AppData\Local\FluxSoftware\Flux\flux.exe () C:\Program Files (x86)\WhatPulse2\whatpulse.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Elias Fotinis) C:\Program Files (x86)\DeskPins\DeskPins.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files (x86)\WhatPulse2\whatpulse-watchdog.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-05] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-31] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc) HKLM-x32\...\Run: [srpskey] => C:\WINDOWS\SYSTEM32\SRPSKEY.EXE Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X] HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [LightShot] => C:\Users\Srdjan\AppData\Local\Skillbrains\lightshot\Lightshot.exe HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [f.lux] => C:\Users\Srdjan\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3681792 2015-05-16] () HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [Google Update] => "C:\Users\Srdjan\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\MountPoints2: {7ec0afdf-6723-11e3-a8d4-94de80d5cafb} - F:\setup.exe HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2013-08-16] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe [2690560 2013-07-02] (ASUS) Startup: C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2015-02-25] ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis) ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => No File ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => No File ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3012697505-3807635779-1283347855-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-09] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-09] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-13] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-13] (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Filter: AutorunsDisabled - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2010-02-28] (Microsoft Corporation) Filter-x32: AutorunsDisabled - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2012-10-31] (Microsoft Corporation) Hosts: 127.0.0.1 activation.cloud.techsmith.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Srdjan\AppData\Roaming\Mozilla\Firefox\Profiles\sk3rsdnk.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-09] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-09] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Srdjan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-01] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: SkypePlugin -> C:\Users\Srdjan\AppData\Local\SkypePlugin\7.3.0.483\npGatewayNpapi.dll [2015-05-15] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: SkypePlugin64 -> C:\Users\Srdjan\AppData\Local\SkypePlugin\7.3.0.483\npGatewayNpapi-x64.dll [2015-05-15] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-10] () FF Extension: Video DownloadHelper - C:\Users\Srdjan\AppData\Roaming\Mozilla\Firefox\Profiles\sk3rsdnk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-23] Chrome: ======= CHR Profile: C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Nimbus Screenshot) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2015-05-25] CHR Extension: (Video Downloader professional) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-06-15] CHR Extension: (Disable Extensions Temporarily) - C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfdefmogcogicollfebhgjiiakbjdje [2015-05-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-31] (Advanced Micro Devices, Inc.) [File not signed] S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-05] (AVG Technologies CZ, s.r.o.) R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-03-09] (Apple Inc.) [File not signed] S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-05-03] (BitRaider, LLC) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed] S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1743928 2015-05-26] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516792 2015-05-26] (GOG.com) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-21] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-09] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-08-28] (Razer Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH) S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-08-16] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] () R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.) S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation) S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.) S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-05-03] (BitRaider) S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation) S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-26] (Disc Soft Ltd) S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-21] (REALiX(tm)) R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-02-19] (ASUSTeK Computer Inc.) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-08-16] (Microsoft Corporation) S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-19 18:31 - 2015-06-19 18:32 - 00022633 _____ C:\Users\Srdjan\Desktop\FRST.txt 2015-06-19 17:31 - 2015-06-19 17:31 - 00000000 ____D C:\Users\Srdjan\AppData\Local\CrashRpt 2015-06-19 14:52 - 2015-06-19 14:21 - 00024064 _____ C:\Windows\zoek-delete.exe 2015-06-19 14:23 - 2015-06-19 17:30 - 00023471 _____ C:\zoek-results.log 2015-06-19 14:21 - 2015-06-19 14:44 - 00000000 ____D C:\zoek_backup 2015-06-19 13:50 - 2015-06-19 17:29 - 00000704 _____ C:\Windows\PFRO.log 2015-06-18 23:45 - 2015-06-18 23:45 - 02109952 _____ (Farbar) C:\Users\Srdjan\Desktop\FRST64.exe 2015-06-18 23:32 - 2015-06-19 17:32 - 00000324 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job 2015-06-18 18:29 - 2015-06-18 18:29 - 00000846 _____ C:\Users\Public\Desktop\Hearthstone.lnk 2015-06-18 18:29 - 2015-06-18 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2015-06-15 21:22 - 2015-06-19 17:29 - 00001792 _____ C:\Windows\setupact.log 2015-06-15 21:22 - 2015-06-15 21:22 - 00000000 _____ C:\Windows\setuperr.log 2015-06-15 18:40 - 2015-06-15 18:51 - 00000000 ____D C:\Users\Srdjan\AppData\Local\SkypePlugin 2015-06-15 02:59 - 2015-06-15 02:59 - 00000000 ____D C:\ProgramData\Baidu 2015-06-14 20:41 - 2015-06-18 23:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-13 21:04 - 2015-06-13 21:04 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2015-06-13 11:14 - 2015-06-13 11:14 - 00000000 ____D C:\Users\Srdjan\AppData\Local\MercurySteam 2015-06-13 08:57 - 2015-06-13 08:57 - 00000000 ____D C:\Program Files\Common Files\AV 2015-06-13 08:32 - 2015-06-13 08:32 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\CubetractorSteam 2015-06-12 16:31 - 2015-06-19 18:31 - 00000000 ____D C:\FRST 2015-06-12 02:27 - 2015-06-12 05:34 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\XnView 2015-06-12 02:27 - 2015-06-12 02:27 - 00000000 ____D C:\Users\Srdjan\Desktop\XnView-win-full 2015-06-12 00:47 - 2015-06-12 00:47 - 02280101 _____ C:\Users\Srdjan\Documents\cpu-z_1.72.1-en.zip 2015-06-12 00:47 - 2015-06-12 00:47 - 00000000 ____D C:\Users\Srdjan\Documents\cpu-z_1.72.1-en 2015-06-11 15:16 - 2015-06-11 15:19 - 00000000 ____D C:\Users\Srdjan\Documents\Assassin's Creed Unity 2015-06-11 14:37 - 2015-06-11 14:37 - 00000908 _____ C:\Users\Srdjan\Desktop\Assassin's Creed Unity.lnk 2015-06-11 14:37 - 2015-06-11 14:37 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Assassin's Creed Unity 2015-06-11 14:15 - 2015-06-11 14:15 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\dvdcss 2015-06-10 16:00 - 2013-02-19 19:02 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys 2015-06-10 05:21 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 05:21 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-10 05:21 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 05:21 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-10 05:21 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-10 05:21 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-10 05:21 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-10 05:21 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-06-10 05:21 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-06-10 05:21 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-10 05:21 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-10 05:21 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-10 05:21 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-10 05:21 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-10 05:21 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-10 05:21 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-06-10 05:21 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-06-10 05:21 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-06-10 05:21 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-06-10 05:21 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-06-10 05:21 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-06-10 05:21 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-06-10 05:21 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-06-10 05:21 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-06-10 05:21 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-06-10 05:21 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-06-10 05:21 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 05:21 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 05:21 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-06-10 05:21 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-06-10 05:21 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 05:21 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-10 05:21 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-06-10 05:21 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-10 05:21 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-06-10 05:21 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-10 05:21 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-10 05:21 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-10 05:21 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-10 05:21 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-06-10 05:21 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-06-10 05:21 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-06-10 05:21 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-10 05:21 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-06-10 05:21 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-10 05:21 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-06-10 05:21 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-10 05:21 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-06-10 05:21 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-10 05:21 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-10 05:21 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-10 05:21 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-10 05:21 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-10 05:21 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-06-10 05:21 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-10 05:21 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-10 05:21 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-10 05:21 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-10 05:21 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 05:21 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 05:21 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 05:21 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 05:21 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 05:21 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 05:21 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 05:21 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 05:21 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 05:21 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 05:21 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 05:21 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 05:21 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 05:21 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 05:21 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 05:21 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 05:21 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 05:21 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 05:21 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 05:21 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 05:21 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 05:21 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 05:21 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 05:21 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 05:21 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 05:21 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 05:21 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 05:21 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 05:21 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 05:21 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 05:21 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 05:21 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 05:21 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 05:21 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 05:21 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 05:21 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 05:21 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 05:21 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 05:21 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-06-10 05:21 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-06-10 05:21 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-06-10 05:21 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-06-10 05:21 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-06-10 05:21 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-10 05:21 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-10 05:21 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-09 19:37 - 2015-06-09 21:14 - 00000927 _____ C:\Users\Public\Desktop\Unity 5.1.0f3 (64-bit).lnk 2015-06-09 19:37 - 2015-06-09 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.0f3 (64-bit) 2015-06-01 15:01 - 2015-06-01 15:01 - 00000000 ____D C:\Users\Srdjan\AppData\Local\GWX 2015-06-01 04:12 - 2015-06-01 04:12 - 00000000 ____D C:\Users\Srdjan\Documents\Substance Painter 2015-06-01 04:12 - 2015-06-01 04:12 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Allegorithmic 2015-06-01 03:21 - 2015-06-01 03:27 - 00000000 ____D C:\Users\Srdjan\Documents\3dsMax 2015-06-01 03:21 - 2015-06-01 03:21 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Autodesk 2015-06-01 03:17 - 2015-06-01 03:20 - 00000000 ____D C:\ProgramData\FLEXnet 2015-06-01 03:17 - 2015-06-01 03:17 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Autodesk 2015-06-01 03:13 - 2015-06-01 03:32 - 00000000 ____D C:\ProgramData\Autodesk 2015-06-01 03:13 - 2015-06-01 03:14 - 00000000 ____D C:\Program Files\Autodesk 2015-06-01 03:12 - 2015-06-05 01:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-06-01 03:12 - 2015-06-01 03:12 - 00000000 ____D C:\Program Files (x86)\Autodesk 2015-05-31 00:22 - 2015-05-31 00:22 - 00002004 _____ C:\Users\Public\Desktop\FileZilla Client.lnk 2015-05-31 00:22 - 2015-05-31 00:21 - 06471520 _____ (Tim Kosse) C:\Users\Srdjan\Downloads\FileZilla_3.11.0.1_win64-setup [1].exe 2015-05-27 03:43 - 2015-05-27 03:43 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\ParadoxInteractive 2015-05-27 02:48 - 2015-05-27 02:48 - 00053346 _____ C:\Users\Srdjan\Downloads\SGPP.user.js 2015-05-26 17:43 - 2015-05-26 18:33 - 00000000 ____D C:\Users\Srdjan\Documents\The Witcher 3 2015-05-26 06:56 - 2015-05-26 06:56 - 00000000 ____D C:\Users\Srdjan\Documents\Steam Cloud 2015-05-25 02:52 - 2015-05-26 20:09 - 00000000 ____D C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0 2015-05-25 02:52 - 2015-01-14 11:28 - 03066880 _____ C:\Windows\system32\pwNative.exe 2015-05-25 02:52 - 2013-09-30 16:26 - 00019152 ____N C:\Windows\system32\pwdrvio.sys 2015-05-25 02:52 - 2013-09-30 16:26 - 00012504 ____N C:\Windows\system32\pwdspio.sys 2015-05-24 19:43 - 2015-05-24 19:43 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2013 Tools for Unity 2015-05-24 19:43 - 2015-05-24 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity 2015-05-24 17:21 - 2015-05-24 17:21 - 01169132 _____ C:\Users\Srdjan\Downloads\FVD-Video-Downloader_6_6_5 (3).crx 2015-05-24 17:20 - 2015-05-24 17:20 - 01169132 _____ C:\Users\Srdjan\Downloads\FVD-Video-Downloader_6_6_5 (2).crx 2015-05-24 16:35 - 2015-05-24 16:36 - 01169132 _____ C:\Users\Srdjan\Downloads\FVD-Video-Downloader_6_6_5.crx 2015-05-24 15:30 - 2015-06-13 08:57 - 00000965 _____ C:\Users\Public\Desktop\AVG 2015.lnk 2015-05-24 15:29 - 2015-05-24 15:29 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Avg 2015-05-24 15:27 - 2015-05-24 15:27 - 04928968 _____ (AVG Technologies) C:\Users\Srdjan\Downloads\avg_free_stb_all_5961p1_177.exe 2015-05-24 15:16 - 2015-05-24 15:16 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-24 15:15 - 2015-05-24 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-24 15:14 - 2015-06-19 18:27 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-24 15:14 - 2015-05-24 15:22 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-24 15:14 - 2015-05-24 15:22 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-24 14:32 - 2015-05-24 14:32 - 00000000 ____D C:\ProgramData\HitmanPro 2015-05-24 14:24 - 2015-05-24 14:48 - 00000000 ____D C:\AdwCleaner 2015-05-24 14:21 - 2015-05-24 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.2f1 (64-bit) 2015-05-23 15:25 - 2015-05-29 03:20 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Spoiler_Alert 2015-05-22 22:23 - 2015-05-22 22:23 - 04197379 _____ C:\Users\Srdjan\Desktop\Torba_zatvorena_1080.psd 2015-05-22 04:13 - 2015-06-14 03:44 - 00000000 ____D C:\Program Files\MyDefrag v4.3.1 2015-05-22 04:13 - 2015-05-31 04:16 - 00000907 _____ C:\Users\Public\Desktop\MyDefrag.lnk 2015-05-22 04:13 - 2015-05-22 04:13 - 00004114 _____ C:\Windows\System32\Tasks\MyDefrag v4.3.1 Monthly 2015-05-22 04:13 - 2015-05-22 04:13 - 00003434 _____ C:\Windows\System32\Tasks\MyDefrag v4.3.1 Daily 2015-05-22 04:13 - 2015-05-22 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 2015-05-22 04:13 - 2010-05-21 12:11 - 01147392 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.exe 2015-05-22 04:13 - 2010-05-21 12:11 - 00485376 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.scr 2015-05-20 16:30 - 2015-05-20 16:30 - 00000000 ____D C:\Users\Srdjan\AppData\Local\chip.win32 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-19 18:32 - 2013-12-16 17:24 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Skype 2015-06-19 18:25 - 2015-03-24 14:33 - 00000000 ____D C:\Users\Srdjan\AppData\Local\whatpulse 2015-06-19 17:54 - 2013-12-17 15:46 - 00000000 ____D C:\ProgramData\MFAData 2015-06-19 17:53 - 2013-12-16 17:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-19 17:39 - 2009-07-14 06:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-19 17:39 - 2009-07-14 06:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-19 17:35 - 2013-12-17 07:59 - 01223634 _____ C:\Windows\WindowsUpdate.log 2015-06-19 17:33 - 2014-12-14 14:37 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Raptr 2015-06-19 17:30 - 2014-08-07 16:21 - 171393024 _____ C:\Users\Srdjan\AppData\Local\SageThumbs.db3 2015-06-19 17:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-19 15:32 - 2014-12-10 00:35 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-06-19 14:40 - 2013-12-16 23:04 - 00000000 ____D C:\Users\Srdjan 2015-06-19 14:40 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-06-19 13:50 - 2014-04-28 14:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-06-19 02:48 - 2014-05-04 07:15 - 00000000 ____D C:\Users\Srdjan\.VirtualBox 2015-06-19 02:22 - 2013-12-20 03:49 - 00000000 ____D C:\ProgramData\Unity 2015-06-19 01:34 - 2014-09-13 14:42 - 00000000 ____D C:\Program Files (x86)\Steam 2015-06-18 23:32 - 2014-02-10 12:17 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Battle.net 2015-06-17 23:26 - 2015-04-13 02:15 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\AIMP3 2015-06-17 03:01 - 2013-12-22 02:21 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\KeePass 2015-06-16 14:28 - 2013-12-17 19:44 - 00000000 ____D C:\Users\Srdjan\Documents\Euro Truck Simulator 2 2015-06-16 14:25 - 2015-01-02 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer 2015-06-16 14:25 - 2015-01-02 19:02 - 00000000 ____D C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer 2015-06-16 13:58 - 2014-05-18 12:31 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\uTorrent 2015-06-16 04:08 - 2015-03-24 21:46 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Everything 2015-06-15 06:07 - 2014-01-03 19:07 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\TeamViewer 2015-06-15 06:07 - 2013-12-17 17:07 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\DAEMON Tools Lite 2015-06-15 04:44 - 2015-02-12 00:32 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\vlc 2015-06-14 23:22 - 2015-05-01 04:17 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\FarSky 2015-06-14 21:18 - 2014-06-30 03:47 - 00000000 ____D C:\Users\Srdjan\Documents\Visual Studio 2013 2015-06-13 08:57 - 2014-03-31 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-06-13 05:21 - 2015-05-19 08:47 - 00000132 _____ C:\Users\Srdjan\AppData\Roaming\Adobe PNG Format CC Prefs 2015-06-12 15:31 - 2014-09-04 21:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-06-12 05:57 - 2015-04-17 17:39 - 00000000 ____D C:\Users\Srdjan\AppData\Local\ProjectExplore 2015-06-11 17:33 - 2014-03-09 19:43 - 00000000 ____D C:\Windows\pss 2015-06-11 14:37 - 2014-06-27 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2015-06-11 03:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-06-10 19:07 - 2009-07-14 07:13 - 00791212 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-10 16:00 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-06-10 15:58 - 2009-07-14 06:45 - 05146600 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-10 15:56 - 2015-04-15 04:01 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-10 15:56 - 2014-05-06 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-10 15:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-10 12:13 - 2013-12-16 17:26 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-10 12:08 - 2013-12-16 17:49 - 00000000 ____D C:\Windows\system32\MRT 2015-06-10 11:57 - 2013-12-16 17:49 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-09 19:38 - 2013-12-20 01:09 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Unity 2015-06-08 20:14 - 2013-12-16 16:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-06-07 04:50 - 2015-04-29 22:37 - 00002069 _____ C:\Users\Srdjan\Desktop\Code.lnk 2015-06-07 04:50 - 2015-04-29 22:37 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2015-06-07 04:50 - 2015-04-29 22:37 - 00000000 ____D C:\Users\Srdjan\AppData\Local\SquirrelTemp 2015-06-07 04:49 - 2015-04-29 22:37 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Code 2015-06-07 03:17 - 2014-01-06 01:03 - 00000132 _____ C:\Users\Srdjan\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-06-07 00:47 - 2013-12-16 16:27 - 00119584 _____ C:\Users\Srdjan\AppData\Local\GDIPFONTCACHEV1.DAT 2015-06-06 19:52 - 2014-12-18 22:55 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-06-05 03:17 - 2014-07-24 00:29 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\CDisplayEx 2015-06-03 22:08 - 2014-02-10 12:17 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-06-02 22:55 - 2014-08-18 16:01 - 00000000 ____D C:\Users\Srdjan\AppData\Roaming\FileZilla 2015-06-02 05:10 - 2013-12-18 06:37 - 00000000 ____D C:\Users\Srdjan\Documents\My Games 2015-06-02 05:09 - 2014-12-14 02:04 - 00000000 ____D C:\Users\Srdjan\Documents\SavedGames 2015-06-02 03:43 - 2014-03-17 02:09 - 00000022 _____ C:\Windows\GPU-Z.INI 2015-06-01 02:49 - 2013-12-16 23:08 - 00000000 ____D C:\Program Files (x86)\Google 2015-05-31 00:22 - 2014-08-18 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-05-31 00:22 - 2014-08-18 16:01 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2015-05-30 18:35 - 2014-12-25 23:33 - 00000000 ____D C:\Users\Srdjan\AppData\Local\MyCity_Facts_Generator 2015-05-30 05:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-05-27 03:43 - 2013-12-20 04:58 - 00000000 ____D C:\ProgramData\Steam 2015-05-26 20:15 - 2015-04-21 17:56 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2015-05-26 19:07 - 2014-06-28 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-05-26 19:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-24 19:43 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-05-24 15:22 - 2013-12-16 23:09 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-24 15:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources 2015-05-24 15:15 - 2013-12-16 23:08 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Google 2015-05-24 15:14 - 2014-07-21 06:31 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Deployment 2015-05-24 14:44 - 2014-10-19 00:33 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Avg2015 2015-05-24 14:33 - 2014-12-10 12:28 - 00078104 _____ C:\Windows\SysWOW64\debug.log 2015-05-24 04:46 - 2014-08-23 14:23 - 00000000 ____D C:\Users\Srdjan\AppData\Local\Adobe 2015-05-23 17:27 - 2014-12-24 02:51 - 00000000 ____D C:\Users\Srdjan\Documents\AirDroid 2015-05-23 14:48 - 2014-01-06 01:25 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-05-22 03:49 - 2015-02-01 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange 2015-05-21 20:38 - 2014-05-04 17:11 - 00000000 ____D C:\SharedVM 2015-05-20 23:26 - 2013-12-17 18:30 - 00000000 ____D C:\Program Files (x86)\Java 2015-05-20 23:11 - 2013-12-16 17:11 - 00000000 ____D C:\Program Files\Java 2015-05-20 16:30 - 2015-04-04 16:22 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-05-20 16:30 - 2015-04-04 16:22 - 00000000 ___SD C:\Windows\system32\GWX 2015-05-20 14:44 - 2015-03-24 14:33 - 00000000 ____D C:\Program Files (x86)\WhatPulse2 2015-05-20 14:33 - 2014-06-24 15:48 - 00000000 ____D C:\Program Files (x86)\Raptr ==================== Files in the root of some directories ======= 2014-04-09 13:45 - 2014-04-09 13:45 - 0000120 _____ () C:\Users\Srdjan\AppData\Roaming\03915780.dat 2015-05-19 08:47 - 2015-06-13 05:21 - 0000132 _____ () C:\Users\Srdjan\AppData\Roaming\Adobe PNG Format CC Prefs 2014-01-06 01:03 - 2015-06-07 03:17 - 0000132 _____ () C:\Users\Srdjan\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-08-07 16:24 - 2014-08-07 17:00 - 0000132 _____ () C:\Users\Srdjan\AppData\Roaming\Adobe Targa Format CS6 Prefs 2014-07-20 04:29 - 2014-07-20 04:29 - 0000099 _____ () C:\Users\Srdjan\AppData\Roaming\LauncherSettings_live.cfg 2014-11-06 00:13 - 2014-11-06 00:13 - 0000000 _____ () C:\Users\Srdjan\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-07-20 04:23 - 2014-07-20 04:24 - 0000040 _____ () C:\Users\Srdjan\AppData\Roaming\TheHunterSettings_steam_live.cfg 2014-08-18 14:42 - 2014-08-19 13:00 - 0004957 _____ () C:\Users\Srdjan\AppData\Roaming\wifi_speakers.dat 2014-11-29 08:48 - 2015-05-06 03:23 - 0001456 _____ () C:\Users\Srdjan\AppData\Local\Adobe Save for Web 13.0 Prefs 2014-04-29 01:34 - 2014-07-21 23:05 - 0005120 _____ () C:\Users\Srdjan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-06-16 18:21 - 2014-06-16 18:21 - 1065984 _____ () C:\Users\Srdjan\AppData\Local\file__0.localstorage 2015-03-13 20:11 - 2015-03-13 20:11 - 0006511 _____ () C:\Users\Srdjan\AppData\Local\recently-used.xbel 2014-01-01 04:51 - 2015-05-19 05:30 - 0007607 _____ () C:\Users\Srdjan\AppData\Local\resmon.resmoncfg 2014-08-07 16:21 - 2015-06-19 17:30 - 171393024 _____ () C:\Users\Srdjan\AppData\Local\SageThumbs.db3 2013-12-17 18:43 - 2014-10-08 16:17 - 0000439 _____ () C:\Users\Srdjan\AppData\Local\UserProducts.xml ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-13 07:21 ==================== End of log ============================ https://www.mycity.rs/must-login.png

Profil

argus Poslao: 19 Jun 2015 18:58 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start CreateRestorePoint: closeprocesses: emptytemp: C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Preferences Task: {5D429AA9-11B7-4EAB-9BEA-D7329EFFB2E1} - \Bidaily Synchronize Task[973b] No Task File <==== ATTENTION Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{9d5bcfde-da64-03e7-9d5b-bcfdeda63f7b}\yamb.exe <==== ATTENTION AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:I9rXLavx15ILuWvMmS AlternateDataStreams: C:\ProgramData\Microsoft:qGENiJ0bY5bWc0EDr3FmZLSU AlternateDataStreams: C:\ProgramData\Microsoft:rHEgsE9FVEmXyBPUYdMwzI7mLC7 ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis) ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => No File ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => No File ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] RemoveProxy: Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f CMD: ipconfig /flushdns CMD: bitsadmin /reset /allusers End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

Srki94 Poslao: 19 Jun 2015 20:01 Idi na vrh
offline Srki94 Mod u pemziji Pridružio: 14 Feb 2008 Poruke: 12403	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015 Ran by Srdjan at 2015-06-19 19:45:24 Run:4 Running from C:\Users\Srdjan\Desktop Loaded Profiles: Srdjan (Available Profiles: Srdjan) Boot Mode: Normal ============================================== fixlist content: *************** Start CreateRestorePoint: closeprocesses: emptytemp: C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Preferences Task: {5D429AA9-11B7-4EAB-9BEA-D7329EFFB2E1} - \Bidaily Synchronize Task[973b] No Task File <==== ATTENTION Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{9d5bcfde-da64-03e7-9d5b-bcfdeda63f7b}\yamb.exe <==== ATTENTION AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:I9rXLavx15ILuWvMmS AlternateDataStreams: C:\ProgramData\Microsoft:qGENiJ0bY5bWc0EDr3FmZLSU AlternateDataStreams: C:\ProgramData\Microsoft:rHEgsE9FVEmXyBPUYdMwzI7mLC7 ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis) ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => No File ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => No File ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => No File ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin HKU\S-1-5-21-3012697505-3807635779-1283347855-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] RemoveProxy: Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f CMD: ipconfig /flushdns CMD: bitsadmin /reset /allusers End *************** Restore point was successfully created. Processes closed successfully. C:\Users\Srdjan\AppData\Local\Google\Chrome\User Data\Default\Preferences => moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D429AA9-11B7-4EAB-9BEA-D7329EFFB2E1}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D429AA9-11B7-4EAB-9BEA-D7329EFFB2E1}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task[973b]" => key removed successfully C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => moved successfully. C:\Program Files\Common Files\Microsoft Shared => ":I9rXLavx15ILuWvMmS" ADS removed successfully. C:\ProgramData\Microsoft => ":qGENiJ0bY5bWc0EDr3FmZLSU" ADS removed successfully. C:\ProgramData\Microsoft => ":rHEgsE9FVEmXyBPUYdMwzI7mLC7" ADS removed successfully. C:\Program Files (x86)\DeskPins\DeskPins.exe => moved successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MailRuCloudIconOverlay0" => key removed successfully HKCR\CLSID\{64A9418A-B6B1-4112-B75C-E61633C9A31F} => key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MailRuCloudIconOverlay1" => key removed successfully HKCR\CLSID\{6A2E142B-EA63-433A-AC05-5223CBD26E65} => key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MailRuCloudIconOverlay2" => key removed successfully HKCR\CLSID\{6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MailRuCloudIconOverlay0" => key removed successfully HKCR\Wow6432Node\CLSID\{64A9418A-B6B1-4112-B75C-E61633C9A31F} => key not found. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MailRuCloudIconOverlay1" => key removed successfully HKCR\Wow6432Node\CLSID\{6A2E142B-EA63-433A-AC05-5223CBD26E65} => key not found. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MailRuCloudIconOverlay2" => key removed successfully HKCR\Wow6432Node\CLSID\{6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => key not found. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully "HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0" => key removed successfully C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll not found. AODDriver4.2.0 => Service removed successfully EagleX64 => Service removed successfully gdrv => Service removed successfully VGPU => Service removed successfully xhunter1 => Service removed successfully ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-3012697505-3807635779-1283347855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {9934B271-FE6C-4409-8803-FE8E1B95B20D}. 0 out of 1 jobs canceled. ========= End of CMD: ========= EmptyTemp: => 454.9 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 19:45:52 ====

Profil

argus Poslao: 19 Jun 2015 20:03 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Srki jel sve u redu?

Profil

Srki94 Poslao: 19 Jun 2015 21:35 Idi na vrh
offline Srki94 Mod u pemziji Pridružio: 14 Feb 2008 Poruke: 12403	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! argus ::Srki jel sve u redu? Ovog puta kasnim jer sam pekao palačinke. Ima i za AMF tim, sa kremom i medom Sve izgleda OK, bar ono što mogu da vidim Plašio sam se za ono što nisam video. Hvala argus

Profil

argus Poslao: 19 Jun 2015 21:37 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) - Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix - DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

Srki94 Poslao: 19 Jun 2015 21:54 Idi na vrh
offline Srki94 Mod u pemziji Pridružio: 14 Feb 2008 Poruke: 12403	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sređeno.

Profil

argus Poslao: 19 Jun 2015 21:56 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Infekcija

Ko je trenutno na forumu

Ukupno su 781 korisnika na forumu :: 1 registrovan, 2 sakrivenih i 778 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anta

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by