Zaleđivanje sistema

Zaleđivanje sistema

offline
  • Pridružio: 23 Jul 2014
  • Poruke: 8

Da ne kopiram opis problema, evo evo sam sve objasnio šta je problem.

mycity.rs/Windows/Windows-8-1-zakucavanje.html#p1678887

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-07-2014 01
Ran by Dusan (administrator) on LAPTOP on 23-07-2014 20:46:58
Running from C:\Users\Dusan\Downloads
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
() C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Macrovision Corporation) C:\Program Files\Realtek\Audio\Drivers\HDADrv\Setup.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(BitTorrent Inc.) C:\Users\Dusan\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Users\Dusan\AppData\Local\Opera Mail\operamail.exe
(Telegram (Unofficial)) C:\Users\Dusan\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
() C:\Program Files\Opera\23.0.1522.60\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
(Piotr Pawlowski) C:\Program Files\foobar2000\foobar2000.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe
(Opera Software) C:\Program Files\Opera\23.0.1522.60\opera.exe


==================== Registry (Whitelisted) ==================

HKU\S-1-5-21-3094976491-3111175693-439719968-1001\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3094976491-3111175693-439719968-1001\...\Run: [BitTorrent] => C:\Users\Dusan\AppData\Roaming\BitTorrent\BitTorrent.exe [1267032 2014-07-02] (BitTorrent Inc.)
HKU\S-1-5-21-3094976491-3111175693-439719968-1002\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3094976491-3111175693-439719968-1002\...\Run: [BitTorrent] => C:\Users\Dusan\AppData\Roaming\BitTorrent\BitTorrent.exe [1267032 2014-07-02] (BitTorrent Inc.)
HKU\S-1-5-21-3094976491-3111175693-439719968-1002\...\MountPoints2: {75d0a3dc-f718-11e3-9716-806e6f6e6963} - "E:\start.exe"
Startup: C:\Users\Dusan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk
ShortcutTarget: Telegram.lnk -> C:\Users\Dusan\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe (Telegram (Unofficial))

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 109.122.98.116 109.122.98.117 37.0.70.18 37.0.70.19

FireFox:
========
FF ProfilePath: C:\Users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\bts4hkgd.default
FF Homepage: hxxp://www.google.rs/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\bts4hkgd.default\Extensions\staged [2014-07-20]
FF Extension: LastPass - C:\Users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\bts4hkgd.default\Extensions\support@lastpass.com [2014-06-18]
FF Extension: Thumbnail Zoom Plus - C:\Users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\bts4hkgd.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-06-18]
FF Extension: Adblock Plus - C:\Users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\bts4hkgd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-18]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Dusan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-18]
CHR Extension: (Google Drive) - C:\Users\Dusan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dusan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-18]
CHR Extension: (YouTube) - C:\Users\Dusan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-18]
CHR Extension: (Google Search) - C:\Users\Dusan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-18]
CHR Extension: (Google Wallet) - C:\Users\Dusan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-18]
CHR Extension: (Gmail) - C:\Users\Dusan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-18]

========================== Services (Whitelisted) =================

R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 SetupARService; C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe [10752 2014-07-18] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-24] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-24] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1210368 2014-04-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 athr; C:\Windows\system32\DRIVERS\athwn.sys [2795520 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2014-03-18] (Microsoft Corporation)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [108008 2013-07-02] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
S3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 KMWDFILTERx86; C:\Windows\System32\drivers\KMWDFILTER.sys [25088 2009-04-30] (Windows (R) Codename Longhorn DDK provider)
S3 LVUSBSta; C:\Windows\system32\DRIVERS\LVUSBSta.sys [41888 2007-05-09] (Logitech Inc.)
S3 pepifilter; C:\Windows\system32\DRIVERS\lv302af.sys [14112 2007-05-09] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\system32\DRIVERS\LV302V32.SYS [1276832 2007-05-09] (Logitech Inc.)
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [92504 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\BRANIS~1\AppData\Local\Temp\ALSysIO.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-23 20:45 - 2014-07-23 20:46 - 00176960 _____ () C:\Users\Dusan\Downloads\Addition.txt
2014-07-23 20:41 - 2014-07-23 20:47 - 00012094 _____ () C:\Users\Dusan\Downloads\FRST.txt
2014-07-23 20:40 - 2014-07-23 20:47 - 00000000 ____D () C:\FRST
2014-07-23 20:40 - 2014-07-23 20:40 - 01082368 _____ (Farbar) C:\Users\Dusan\Downloads\FRST.exe
2014-07-23 12:09 - 2014-07-23 12:13 - 00000000 ____D () C:\Users\Dusan\Downloads\Robert Cray Band Nothin But Love (2012)(blues)(flac)[rogercc][h33t]
2014-07-21 21:39 - 2014-07-21 21:50 - 00070656 ____H () C:\Users\Marina\Downloads\photothumb.db
2014-07-21 21:39 - 2014-07-21 21:39 - 00009216 ____H () C:\Users\Marina\Documents\photothumb.db
2014-07-21 21:38 - 2014-07-21 21:50 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\PhotoScape
2014-07-21 21:36 - 2014-07-21 21:36 - 00000000 ____D () C:\Users\Marina\AppData\Local\gegl-0.2
2014-07-21 21:36 - 2014-07-21 21:36 - 00000000 ____D () C:\Users\Marina\AppData\Local\fontconfig
2014-07-21 21:36 - 2014-07-21 21:36 - 00000000 ____D () C:\Users\Marina\.gimp-2.8
2014-07-21 12:44 - 2014-07-19 17:42 - 34284030 _____ () C:\Users\Dusan\Downloads\02. Gyongyhaju lany.flac
2014-07-20 15:22 - 2014-07-20 15:22 - 00000000 ____D () C:\Windows\LastGood
2014-07-20 12:04 - 2014-07-20 12:04 - 00000000 ____D () C:\Users\Dusan\Downloads\R529_Logo
2014-07-18 22:04 - 2014-07-18 22:04 - 00242504 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-07-18 21:45 - 2014-07-18 21:52 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-07-18 21:45 - 2009-04-14 16:32 - 01784352 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2014-07-18 21:45 - 2009-04-14 16:32 - 00551456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-07-18 21:45 - 2009-04-14 16:31 - 02529824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-07-18 21:45 - 2009-04-14 16:31 - 01123872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-07-18 21:45 - 2009-04-14 16:31 - 00326176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-07-18 21:45 - 2009-04-14 16:31 - 00055840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInst.dll
2014-07-18 21:45 - 2009-03-25 15:06 - 00142848 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-07-18 21:45 - 2009-03-09 05:32 - 00290304 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-07-18 21:45 - 2009-03-09 05:30 - 00290304 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-07-18 21:45 - 2009-02-12 16:52 - 00159232 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\FMAPO.dll
2014-07-18 21:45 - 2008-11-09 11:52 - 00159744 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-07-18 21:45 - 2008-09-25 16:52 - 00060416 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-07-18 21:45 - 2008-05-19 18:25 - 01933312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-07-18 21:45 - 2008-04-30 08:48 - 00167936 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2014-07-18 21:45 - 2007-07-30 18:26 - 00126976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2014-07-18 21:45 - 2007-07-25 09:33 - 00135168 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-07-18 21:45 - 2007-05-17 11:26 - 00185776 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2014-07-18 21:45 - 2006-12-13 10:30 - 00339968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-07-18 21:44 - 2009-04-14 16:12 - 02358560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-07-18 21:42 - 2014-07-18 21:46 - 00000000 ____D () C:\Users\Dusan\AppData\Local\SlimWare Utilities Inc
2014-07-18 21:40 - 2014-07-18 21:44 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-07-18 21:29 - 2014-07-18 21:29 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy
2014-07-18 21:29 - 2014-07-18 21:29 - 00000000 ____D () C:\Program Files\Speccy
2014-07-18 20:51 - 2014-07-18 20:51 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-18 09:49 - 2014-07-18 09:49 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Oracle
2014-07-18 09:34 - 2014-07-18 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-18 09:34 - 2014-07-18 09:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-18 09:34 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-18 09:34 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-18 09:34 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-18 09:34 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-16 13:00 - 2014-07-16 13:01 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\SumatraPDF
2014-07-16 13:00 - 2014-07-16 13:00 - 00001887 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2014-07-16 13:00 - 2014-07-16 13:00 - 00000000 ____D () C:\Program Files\SumatraPDF
2014-07-16 11:55 - 2014-07-16 11:55 - 00002003 _____ () C:\Users\Dusan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Mail.lnk
2014-07-16 11:55 - 2014-07-16 11:55 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Opera Mail
2014-07-16 11:55 - 2014-07-16 11:55 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Opera Mail
2014-07-16 10:53 - 2014-07-16 10:53 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Opera Software
2014-07-16 10:53 - 2014-07-16 10:53 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Opera Software
2014-07-16 10:52 - 2014-07-22 10:54 - 00000000 ____D () C:\Program Files\Opera
2014-07-16 10:52 - 2014-07-16 10:52 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-12 05:05 - 2014-07-18 21:57 - 00002960 _____ () C:\Windows\PFRO.log
2014-07-10 23:49 - 2014-07-20 01:18 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\foobar2000
2014-07-09 20:58 - 2014-07-09 20:58 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\TeamViewer
2014-07-09 16:46 - 2014-07-09 16:46 - 00000848 _____ () C:\Users\Dusan\AppData\Local\recently-used.xbel
2014-07-09 16:46 - 2014-07-09 16:46 - 00000000 ____D () C:\Users\Dusan\AppData\Local\gtk-2.0
2014-07-09 16:46 - 2014-07-09 16:46 - 00000000 ____D () C:\Users\Dusan\.thumbnails
2014-07-09 16:40 - 2014-07-09 16:49 - 00000000 ____D () C:\Users\Dusan\.gimp-2.8
2014-07-09 16:40 - 2014-07-09 16:40 - 00000000 ____D () C:\Users\Dusan\AppData\Local\gegl-0.2
2014-07-09 16:40 - 2014-07-09 16:40 - 00000000 ____D () C:\Users\Dusan\AppData\Local\fontconfig
2014-07-09 16:39 - 2014-07-09 16:39 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-07-09 16:39 - 2014-07-09 16:39 - 00001051 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-07-09 16:25 - 2014-07-09 16:36 - 00000000 ____D () C:\Program Files\GIMP 2
2014-07-09 13:32 - 2014-04-14 04:37 - 00865280 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-07-09 13:18 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 13:18 - 2014-06-06 15:20 - 03497472 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:18 - 2014-05-30 05:05 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 13:17 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 13:15 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 13:15 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 13:14 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 13:14 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 13:14 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 13:14 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 13:14 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 13:14 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 13:14 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 13:14 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 13:14 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 13:14 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 13:14 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 13:14 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 13:13 - 2014-05-29 11:30 - 00481400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-09 13:13 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-07-09 13:13 - 2014-05-29 06:38 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 13:12 - 2014-05-31 10:38 - 00049552 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-09 13:12 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-07-09 13:12 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 13:12 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-09 13:12 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-09 13:12 - 2014-05-31 04:39 - 02818048 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-09 13:12 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-07-09 13:12 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 12:52 - 2014-07-09 12:52 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-09 09:51 - 2014-07-09 09:51 - 00001148 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-09 09:51 - 2014-07-09 09:51 - 00001136 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-09 09:51 - 2014-07-09 09:51 - 00000000 ____D () C:\Program Files\TeamViewer
2014-07-06 09:15 - 2014-07-06 09:15 - 00001400 _____ () C:\Users\Dusan\Desktop\Core Temp.lnk
2014-07-05 17:50 - 2014-07-19 08:37 - 00001248 _____ () C:\Windows\setupact.log
2014-07-05 17:50 - 2014-07-05 17:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-05 11:01 - 2014-07-05 11:01 - 00007605 _____ () C:\Users\Dusan\AppData\Local\Resmon.ResmonCfg
2014-07-04 20:18 - 2014-07-04 20:18 - 00000710 _____ () C:\Users\Dusan\Desktop\OneDrive.lnk
2014-07-03 19:20 - 2014-07-03 19:20 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-07-03 19:19 - 2014-07-03 19:19 - 00001474 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-07-03 19:19 - 2014-07-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2
2014-07-03 19:15 - 2014-07-03 19:19 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-07-02 09:59 - 2014-07-02 09:59 - 00000000 ____D () C:\Users\Milica\AppData\Local\Wondershare
2014-07-02 09:58 - 2014-07-02 09:58 - 00001442 _____ () C:\Users\Milica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 09:58 - 2014-07-02 09:58 - 00000000 ____D () C:\Users\Milica\AppData\Roaming\Adobe
2014-07-02 09:58 - 2014-07-02 09:58 - 00000000 ____D () C:\Users\Milica\AppData\Local\VirtualStore
2014-07-02 09:58 - 2014-07-02 09:58 - 00000000 ____D () C:\Users\Milica\AppData\Local\Google
2014-07-02 09:57 - 2014-07-02 09:57 - 00000020 ___SH () C:\Users\Milica\ntuser.ini
2014-07-02 09:56 - 2014-07-17 21:39 - 00000000 ____D () C:\Users\Milica
2014-07-02 09:56 - 2014-06-21 11:56 - 00000000 ___RD () C:\Users\Milica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-02 09:56 - 2014-03-18 10:03 - 00000000 ___RD () C:\Users\Milica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-02 09:56 - 2014-03-18 09:56 - 00000369 _____ () C:\Users\Milica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-07-02 09:56 - 2014-03-18 09:56 - 00000369 _____ () C:\Users\Milica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-07-02 09:56 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Milica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-02 09:56 - 2013-08-22 10:17 - 00000000 ____D () C:\Users\Milica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-30 21:27 - 2014-06-30 21:27 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Oracle
2014-06-30 21:24 - 2014-06-30 21:24 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Macromedia
2014-06-30 21:24 - 2014-06-30 21:24 - 00000000 ____D () C:\Users\Marina\AppData\Local\Macromedia
2014-06-30 21:23 - 2014-06-30 21:23 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Mozilla
2014-06-30 21:23 - 2014-06-30 21:23 - 00000000 ____D () C:\Users\Marina\AppData\Local\Mozilla
2014-06-30 12:28 - 2014-07-23 14:37 - 01144243 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 10:40 - 2014-06-30 10:40 - 00094620 _____ () C:\Users\Dusan\Documents\cc_20140630_104032.reg
2014-06-30 10:12 - 2014-06-30 10:12 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-06-30 10:02 - 2014-06-30 10:01 - 00000258 _____ () C:\Windows\Restart_Explorer.bat
2014-06-30 09:34 - 2014-06-30 09:34 - 00000000 ____D () C:\Program Files\EaseUS
2014-06-30 08:56 - 2014-06-30 08:56 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Apple Computer
2014-06-30 08:54 - 2014-06-30 10:12 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-06-30 08:47 - 2014-06-30 08:57 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Apple Computer
2014-06-30 07:52 - 2014-06-30 07:52 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Macroplant,_LLC
2014-06-30 07:52 - 2014-06-30 07:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-30 07:51 - 2014-06-30 08:54 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-30 07:51 - 2014-06-30 07:52 - 00000000 ____D () C:\Program Files\QuickTime
2014-06-30 07:50 - 2014-06-30 07:50 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Apple
2014-06-30 07:49 - 2014-06-30 10:15 - 00000000 ____D () C:\ProgramData\Apple
2014-06-30 00:18 - 2014-06-30 00:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-29 23:12 - 2014-06-29 23:12 - 00000000 ____D () C:\Users\Marina\AppData\Local\Wondershare
2014-06-29 14:08 - 2014-06-29 14:09 - 00001500 _____ () C:\Users\Dusan\Desktop\Monkey's Audio.lnk
2014-06-29 14:03 - 2014-06-29 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
2014-06-29 14:03 - 2014-06-29 14:03 - 00000000 ____D () C:\Program Files\Monkey's Audio
2014-06-29 14:03 - 2013-06-26 22:38 - 00446976 _____ (Matthew T. Ashland) C:\Windows\system32\MACDll.dll
2014-06-29 13:15 - 2014-06-29 15:10 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\dBpoweramp
2014-06-29 12:49 - 2014-06-29 12:50 - 00001356 _____ () C:\Users\Dusan\Desktop\Spectro.lnk
2014-06-29 12:49 - 2014-06-29 12:50 - 00001336 _____ () C:\Users\Dusan\Desktop\Mp3tag.lnk
2014-06-29 12:49 - 2014-06-29 12:50 - 00001286 _____ () C:\Users\Dusan\Desktop\CUE_Splitter.lnk
2014-06-29 12:49 - 2014-06-29 12:49 - 00001461 _____ () C:\Users\Dusan\Desktop\IDTE.lnk
2014-06-29 12:47 - 2014-06-29 14:59 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\AccurateRip
2014-06-29 12:47 - 2014-06-29 12:47 - 04022504 _____ () C:\Windows\system32\SpoonUninstall.exe
2014-06-29 12:47 - 2014-06-29 12:47 - 00033846 _____ () C:\Windows\system32\SpoonUninstall-dBpoweramp DSP Effects.bmp
2014-06-29 12:47 - 2014-06-29 12:47 - 00017944 _____ () C:\Windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2014-06-29 12:47 - 2014-06-29 12:47 - 00013076 _____ () C:\Windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
2014-06-29 12:47 - 2014-06-29 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp Music Converter
2014-06-29 12:47 - 2014-06-29 12:46 - 00033846 _____ () C:\Windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp
2014-06-29 12:46 - 2014-06-29 12:46 - 00000000 ____D () C:\Program Files\Illustrate
2014-06-28 21:00 - 2014-05-09 01:08 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-28 21:00 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-06-28 21:00 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-06-28 21:00 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-28 13:54 - 2014-06-28 13:57 - 00002741 ____T () C:\Windows\system32\lic2tmp.xml29084
2014-06-28 13:32 - 2014-06-28 13:32 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-28 13:31 - 2014-06-28 13:31 - 00001336 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-28 13:31 - 2014-06-28 13:31 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-06-28 13:30 - 2014-06-28 13:31 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-28 13:30 - 2014-06-28 13:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-28 13:26 - 2014-06-28 13:33 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Windows Live
2014-06-28 13:26 - 2014-06-28 13:26 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-06-28 12:06 - 2014-06-28 12:06 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Wondershare
2014-06-28 12:06 - 2014-06-28 12:06 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-28 12:04 - 2014-06-28 12:26 - 00000000 ____D () C:\Users\Dusan\Documents\Wondershare Video Editor
2014-06-28 12:04 - 2014-06-28 12:04 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-27 15:52 - 2014-06-27 15:52 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\NetSpeedMonitor
2014-06-27 15:51 - 2014-06-27 15:51 - 00000000 ____D () C:\Program Files\NetSpeedMonitor
2014-06-26 20:41 - 2014-06-26 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software
2014-06-26 20:41 - 2014-06-26 20:41 - 00000000 ____D () C:\Program Files\Medieval Software
2014-06-26 20:32 - 2014-06-26 20:33 - 00000000 ____D () C:\Program Files\Spectro
2014-06-26 20:32 - 2014-06-26 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spectro
2014-06-26 20:32 - 2008-09-21 22:31 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.dll
2014-06-26 20:32 - 2008-09-21 22:31 - 00505128 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2014-06-26 20:32 - 2008-09-21 22:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-06-26 20:32 - 2008-09-15 00:55 - 01008432 _____ (Microsoft Corporation) C:\Windows\system32\MSCHRT20.OCX
2014-06-26 20:32 - 2000-05-22 16:58 - 01066176 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX
2014-06-26 20:32 - 2000-05-22 16:58 - 00140488 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.ocx
2014-06-26 20:32 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\system32\VB5DB.DLL
2014-06-26 15:16 - 2014-06-26 15:16 - 00002741 ____T () C:\Windows\system32\lic2tmp.xml5225
2014-06-26 14:12 - 2014-06-26 14:12 - 03828937 _____ () C:\Users\Dusan\Documents\123.sh3d
2014-06-26 13:14 - 2014-06-26 13:14 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\eTeks
2014-06-26 13:00 - 2014-06-27 18:30 - 00000000 ____D () C:\Users\Dusan\Documents\IDTE_Data
2014-06-26 13:00 - 2014-06-26 13:00 - 00001030 _____ () C:\Users\Marina\Desktop\IDTE-ID3 Tag Editor.lnk
2014-06-26 13:00 - 2014-06-26 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDTE-ID3 Tag Editor
2014-06-26 13:00 - 2014-06-26 13:00 - 00000000 ____D () C:\Program Files\IDTE-ID3 Tag Editor
2014-06-26 13:00 - 2014-02-23 11:47 - 00001418 _____ () C:\Users\Dusan\Documents\IDTE_Configuration.ini
2014-06-25 16:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-06-25 16:19 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-06-25 16:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-06-25 16:19 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-06-25 16:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-06-25 16:19 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-06-25 16:19 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-06-25 16:19 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-06-25 16:19 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-06-25 16:19 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-06-25 16:19 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-06-25 16:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-06-25 16:19 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-06-25 16:19 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-06-25 16:19 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-06-25 16:19 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-06-25 16:19 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-06-25 16:19 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-06-25 16:19 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-06-25 16:19 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-06-25 16:19 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-06-25 16:19 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-06-25 16:19 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-06-25 16:19 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-06-25 16:19 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-06-25 16:19 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-06-25 16:19 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-06-25 16:19 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-06-25 16:19 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-06-25 16:19 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-06-25 16:19 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-06-25 16:19 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-06-25 16:19 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-06-25 16:19 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-06-25 16:19 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-06-25 16:19 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-06-25 16:19 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-25 16:19 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-25 16:19 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-25 16:19 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-06-25 16:19 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-06-25 16:19 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-06-25 16:19 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-06-25 16:19 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-06-25 16:19 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-06-25 16:19 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-06-25 16:19 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-06-25 16:19 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-06-25 16:19 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-06-25 16:19 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-06-25 16:19 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-06-25 16:19 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-06-25 16:19 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-06-25 16:19 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-06-25 16:19 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-06-25 16:19 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-06-25 16:19 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-06-25 16:19 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-06-25 16:19 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-06-25 16:19 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-06-25 16:19 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-06-25 16:19 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-06-25 16:19 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-06-25 16:19 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-06-25 16:19 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-06-25 16:19 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-06-25 16:19 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-06-25 16:19 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-06-25 16:19 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-06-25 16:19 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-06-25 16:19 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-06-25 16:19 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-06-25 16:19 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-06-25 16:19 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-06-25 16:19 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-06-25 16:19 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-06-25 16:19 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-06-25 16:19 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-06-25 16:19 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-06-25 16:19 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-06-25 16:19 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-06-25 16:19 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-06-25 16:19 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-06-25 16:19 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-06-25 16:19 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-06-25 16:19 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-06-25 16:19 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-06-25 16:19 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-06-25 16:19 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-06-25 16:19 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-06-25 16:19 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-06-25 16:17 - 2014-06-25 16:19 - 00000000 ____D () C:\Windows\system32\directx
2014-06-25 10:49 - 2014-06-25 10:49 - 00000749 _____ () C:\Users\Public\Desktop\Counter-Strike 1.6 p48.lnk
2014-06-25 10:49 - 2014-06-25 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 p48
2014-06-24 15:12 - 2014-06-24 15:12 - 00000000 ____D () C:\ProgramData\GRETECH
2014-06-23 20:14 - 2014-07-18 21:48 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Mp3tag

==================== One Month Modified Files and Folders =======

2014-07-23 20:48 - 2014-06-18 13:10 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\BitTorrent
2014-07-23 20:47 - 2014-07-23 20:41 - 00012094 _____ () C:\Users\Dusan\Downloads\FRST.txt
2014-07-23 20:47 - 2014-07-23 20:40 - 00000000 ____D () C:\FRST
2014-07-23 20:46 - 2014-07-23 20:45 - 00176960 _____ () C:\Users\Dusan\Downloads\Addition.txt
2014-07-23 20:44 - 2014-06-18 12:33 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-23 20:40 - 2014-07-23 20:40 - 01082368 _____ (Farbar) C:\Users\Dusan\Downloads\FRST.exe
2014-07-23 20:17 - 2014-06-19 14:02 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\foobar2000
2014-07-23 20:02 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\system32\sru
2014-07-23 19:52 - 2014-06-18 14:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-23 14:37 - 2014-06-30 12:28 - 01144243 _____ () C:\Windows\WindowsUpdate.log
2014-07-23 14:16 - 2014-06-21 16:33 - 00025212 _____ () C:\Windows\system32\lvcoinst.log
2014-07-23 12:13 - 2014-07-23 12:09 - 00000000 ____D () C:\Users\Dusan\Downloads\Robert Cray Band Nothin But Love (2012)(blues)(flac)[rogercc][h33t]
2014-07-23 04:31 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-23 03:44 - 2014-06-18 12:33 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 23:46 - 2014-06-18 12:58 - 00000000 ____D () C:\ProgramData\MCShield
2014-07-22 22:23 - 2014-03-18 09:57 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 19:26 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-22 19:10 - 2014-06-18 14:18 - 00000000 __RDO () C:\Users\Dusan\OneDrive
2014-07-22 10:54 - 2014-07-16 10:52 - 00000000 ____D () C:\Program Files\Opera
2014-07-21 21:50 - 2014-07-21 21:39 - 00070656 ____H () C:\Users\Marina\Downloads\photothumb.db
2014-07-21 21:50 - 2014-07-21 21:38 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\PhotoScape
2014-07-21 21:39 - 2014-07-21 21:39 - 00009216 ____H () C:\Users\Marina\Documents\photothumb.db
2014-07-21 21:36 - 2014-07-21 21:36 - 00000000 ____D () C:\Users\Marina\AppData\Local\gegl-0.2
2014-07-21 21:36 - 2014-07-21 21:36 - 00000000 ____D () C:\Users\Marina\.gimp-2.8
2014-07-21 21:36 - 2014-06-18 16:30 - 00000000 ____D () C:\Users\Marina
2014-07-20 15:22 - 2014-07-20 15:22 - 00000000 ____D () C:\Windows\LastGood
2014-07-20 15:21 - 2014-06-18 12:54 - 00000000 ____D () C:\Program Files\SiS VGA Utilities
2014-07-20 12:04 - 2014-07-20 12:04 - 00000000 ____D () C:\Users\Dusan\Downloads\R529_Logo
2014-07-20 12:03 - 2010-12-15 23:12 - 03653120 _____ (Silicon Integrated Systems Corporation) C:\Windows\system32\SISGRUMD.dll
2014-07-20 12:03 - 2009-12-16 15:53 - 00655360 _____ (Silicon Integrated Systems Corporation) C:\Windows\system32\SiSClone.dll
2014-07-20 12:03 - 2009-12-16 15:53 - 00212992 _____ (Silicon Integrated Systems Corporation) C:\Windows\system32\SiSFunc.dll
2014-07-20 12:03 - 2009-12-16 15:53 - 00006656 _____ (Silicon Integrated Systems Corporation) C:\Windows\system32\SiSCo.dll
2014-07-20 12:03 - 2009-12-16 15:53 - 00005632 _____ (Silicon Integrated Systems Corporation) C:\Windows\system32\SiSKrl.dll
2014-07-20 12:03 - 2009-12-16 15:51 - 04080128 _____ (Silicon Integrated Systems Corporation) C:\Windows\system32\SiSGlv.dll
2014-07-20 12:03 - 2009-12-16 15:45 - 00465920 _____ (Silicon Integrated Systems Corporation) C:\Windows\system32\Drivers\SISGRKMD.sys
2014-07-20 01:18 - 2014-07-10 23:49 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\foobar2000
2014-07-19 17:42 - 2014-07-21 12:44 - 34284030 _____ () C:\Users\Dusan\Downloads\02. Gyongyhaju lany.flac
2014-07-19 08:44 - 2014-06-18 13:16 - 00000000 ____D () C:\Program Files\Core Temp
2014-07-19 08:40 - 2013-08-22 09:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-19 08:39 - 2013-08-22 08:13 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-19 08:37 - 2014-07-05 17:50 - 00001248 _____ () C:\Windows\setupact.log
2014-07-19 08:37 - 2014-06-18 14:37 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-07-18 22:04 - 2014-07-18 22:04 - 00242504 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-07-18 22:02 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-07-18 21:57 - 2014-07-12 05:05 - 00002960 _____ () C:\Windows\PFRO.log
2014-07-18 21:56 - 2014-06-18 20:53 - 00000000 ____D () C:\Users\Dusan
2014-07-18 21:55 - 2014-06-18 14:37 - 00000000 ___HD () C:\Program Files\Temp
2014-07-18 21:53 - 2014-06-18 20:37 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-18 21:52 - 2014-07-18 21:45 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-07-18 21:48 - 2014-06-23 20:14 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Mp3tag
2014-07-18 21:48 - 2014-06-18 21:42 - 00000000 ____D () C:\Windows\Panther
2014-07-18 21:47 - 2014-06-19 12:19 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Skype
2014-07-18 21:46 - 2014-07-18 21:42 - 00000000 ____D () C:\Users\Dusan\AppData\Local\SlimWare Utilities Inc
2014-07-18 21:44 - 2014-07-18 21:40 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-07-18 21:29 - 2014-07-18 21:29 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy
2014-07-18 21:29 - 2014-07-18 21:29 - 00000000 ____D () C:\Program Files\Speccy
2014-07-18 20:51 - 2014-07-18 20:51 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-18 20:45 - 2010-12-15 23:12 - 03653632 _____ (Silicon Integrated Systems Corporation) C:\Windows\system32\SETBE96.tmp
2014-07-18 16:46 - 2014-06-19 12:49 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Telegram Win (Unofficial)
2014-07-18 09:49 - 2014-07-18 09:49 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Oracle
2014-07-18 09:47 - 2014-06-18 12:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-18 09:34 - 2014-07-18 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-18 09:34 - 2014-07-18 09:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-18 09:34 - 2014-06-18 12:58 - 00000000 ____D () C:\Program Files\Java
2014-07-18 06:00 - 2014-06-18 12:32 - 00000428 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2014-07-17 21:39 - 2014-07-02 09:56 - 00000000 ____D () C:\Users\Milica
2014-07-16 13:04 - 2014-06-18 12:31 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-16 13:01 - 2014-07-16 13:00 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\SumatraPDF
2014-07-16 13:00 - 2014-07-16 13:00 - 00001887 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2014-07-16 13:00 - 2014-07-16 13:00 - 00000000 ____D () C:\Program Files\SumatraPDF
2014-07-16 11:55 - 2014-07-16 11:55 - 00002003 _____ () C:\Users\Dusan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Mail.lnk
2014-07-16 11:55 - 2014-07-16 11:55 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Opera Mail
2014-07-16 11:55 - 2014-07-16 11:55 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Opera Mail
2014-07-16 10:53 - 2014-07-16 10:53 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Opera Software
2014-07-16 10:53 - 2014-07-16 10:53 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Opera Software
2014-07-16 10:52 - 2014-07-16 10:52 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-13 04:35 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\rescache
2014-07-12 05:06 - 2013-08-22 09:22 - 00360208 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-12 05:02 - 2014-06-21 11:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-12 05:02 - 2014-03-18 09:39 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 05:02 - 2013-08-22 10:17 - 00000000 ___RD () C:\Windows\ToastData
2014-07-12 05:02 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 05:02 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 05:02 - 2013-08-22 10:17 - 00000000 ____D () C:\Windows\WinStore
2014-07-12 04:58 - 2014-06-21 11:40 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-12 04:58 - 2013-08-22 08:13 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-11 03:02 - 2014-07-18 09:34 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-11 02:56 - 2014-07-18 09:34 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-11 02:56 - 2014-07-18 09:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-11 02:55 - 2014-07-18 09:34 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-09 20:58 - 2014-07-09 20:58 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\TeamViewer
2014-07-09 16:49 - 2014-07-09 16:40 - 00000000 ____D () C:\Users\Dusan\.gimp-2.8
2014-07-09 16:46 - 2014-07-09 16:46 - 00000848 _____ () C:\Users\Dusan\AppData\Local\recently-used.xbel
2014-07-09 16:46 - 2014-07-09 16:46 - 00000000 ____D () C:\Users\Dusan\AppData\Local\gtk-2.0
2014-07-09 16:46 - 2014-07-09 16:46 - 00000000 ____D () C:\Users\Dusan\.thumbnails
2014-07-09 16:40 - 2014-07-09 16:40 - 00000000 ____D () C:\Users\Dusan\AppData\Local\gegl-0.2
2014-07-09 16:39 - 2014-07-09 16:39 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-07-09 16:39 - 2014-07-09 16:39 - 00001051 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-07-09 16:36 - 2014-07-09 16:25 - 00000000 ____D () C:\Program Files\GIMP 2
2014-07-09 13:34 - 2013-08-22 10:05 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-09 12:52 - 2014-07-09 12:52 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-09 09:51 - 2014-07-09 09:51 - 00001148 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-09 09:51 - 2014-07-09 09:51 - 00001136 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-09 09:51 - 2014-07-09 09:51 - 00000000 ____D () C:\Program Files\TeamViewer
2014-07-09 01:03 - 2014-06-20 20:49 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Skype
2014-07-06 09:15 - 2014-07-06 09:15 - 00001400 _____ () C:\Users\Dusan\Desktop\Core Temp.lnk
2014-07-05 17:50 - 2014-07-05 17:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-05 11:01 - 2014-07-05 11:01 - 00007605 _____ () C:\Users\Dusan\AppData\Local\Resmon.ResmonCfg
2014-07-04 20:18 - 2014-07-04 20:18 - 00000710 _____ () C:\Users\Dusan\Desktop\OneDrive.lnk
2014-07-03 19:20 - 2014-07-03 19:20 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-07-03 19:19 - 2014-07-03 19:19 - 00001474 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-07-03 19:19 - 2014-07-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2
2014-07-03 19:19 - 2014-07-03 19:15 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-07-02 09:59 - 2014-07-02 09:59 - 00000000 ____D () C:\Users\Milica\AppData\Local\Wondershare
2014-07-02 09:58 - 2014-07-02 09:58 - 00001442 _____ () C:\Users\Milica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 09:58 - 2014-07-02 09:58 - 00000000 ____D () C:\Users\Milica\AppData\Roaming\Adobe
2014-07-02 09:58 - 2014-07-02 09:58 - 00000000 ____D () C:\Users\Milica\AppData\Local\VirtualStore
2014-07-02 09:58 - 2014-07-02 09:58 - 00000000 ____D () C:\Users\Milica\AppData\Local\Google
2014-07-02 09:57 - 2014-07-02 09:57 - 00000020 ___SH () C:\Users\Milica\ntuser.ini
2014-06-30 21:27 - 2014-06-30 21:27 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Oracle
2014-06-30 21:24 - 2014-06-30 21:24 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Macromedia
2014-06-30 21:24 - 2014-06-30 21:24 - 00000000 ____D () C:\Users\Marina\AppData\Local\Macromedia
2014-06-30 21:23 - 2014-06-30 21:23 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Mozilla
2014-06-30 21:23 - 2014-06-30 21:23 - 00000000 ____D () C:\Users\Marina\AppData\Local\Mozilla
2014-06-30 10:40 - 2014-06-30 10:40 - 00094620 _____ () C:\Users\Dusan\Documents\cc_20140630_104032.reg
2014-06-30 10:36 - 2014-06-18 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-30 10:36 - 2014-06-18 13:12 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-30 10:15 - 2014-06-30 07:49 - 00000000 ____D () C:\ProgramData\Apple
2014-06-30 10:12 - 2014-06-30 10:12 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-06-30 10:12 - 2014-06-30 08:54 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-06-30 10:08 - 2014-06-18 20:53 - 00000000 ____D () C:\ProgramData\KMSAutoS
2014-06-30 10:01 - 2014-06-30 10:02 - 00000258 _____ () C:\Windows\Restart_Explorer.bat
2014-06-30 09:34 - 2014-06-30 09:34 - 00000000 ____D () C:\Program Files\EaseUS
2014-06-30 08:57 - 2014-06-30 08:47 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\Apple Computer
2014-06-30 08:56 - 2014-06-30 08:56 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Apple Computer
2014-06-30 08:54 - 2014-06-30 07:51 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-30 07:52 - 2014-06-30 07:52 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Macroplant,_LLC
2014-06-30 07:52 - 2014-06-30 07:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-30 07:52 - 2014-06-30 07:51 - 00000000 ____D () C:\Program Files\QuickTime
2014-06-30 07:50 - 2014-06-30 07:50 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Apple
2014-06-30 00:18 - 2014-06-30 00:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-29 23:12 - 2014-06-29 23:12 - 00000000 ____D () C:\Users\Marina\AppData\Local\Wondershare
2014-06-29 15:10 - 2014-06-29 13:15 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\dBpoweramp
2014-06-29 14:59 - 2014-06-29 12:47 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\AccurateRip
2014-06-29 14:09 - 2014-06-29 14:08 - 00001500 _____ () C:\Users\Dusan\Desktop\Monkey's Audio.lnk
2014-06-29 14:03 - 2014-06-29 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
2014-06-29 14:03 - 2014-06-29 14:03 - 00000000 ____D () C:\Program Files\Monkey's Audio
2014-06-29 12:50 - 2014-06-29 12:49 - 00001356 _____ () C:\Users\Dusan\Desktop\Spectro.lnk
2014-06-29 12:50 - 2014-06-29 12:49 - 00001336 _____ () C:\Users\Dusan\Desktop\Mp3tag.lnk
2014-06-29 12:50 - 2014-06-29 12:49 - 00001286 _____ () C:\Users\Dusan\Desktop\CUE_Splitter.lnk
2014-06-29 12:49 - 2014-06-29 12:49 - 00001461 _____ () C:\Users\Dusan\Desktop\IDTE.lnk
2014-06-29 12:47 - 2014-06-29 12:47 - 04022504 _____ () C:\Windows\system32\SpoonUninstall.exe
2014-06-29 12:47 - 2014-06-29 12:47 - 00033846 _____ () C:\Windows\system32\SpoonUninstall-dBpoweramp DSP Effects.bmp
2014-06-29 12:47 - 2014-06-29 12:47 - 00017944 _____ () C:\Windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2014-06-29 12:47 - 2014-06-29 12:47 - 00013076 _____ () C:\Windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
2014-06-29 12:47 - 2014-06-29 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp Music Converter
2014-06-29 12:46 - 2014-06-29 12:47 - 00033846 _____ () C:\Windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp
2014-06-29 12:46 - 2014-06-29 12:46 - 00000000 ____D () C:\Program Files\Illustrate
2014-06-29 01:01 - 2013-08-22 10:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-28 13:57 - 2014-06-28 13:54 - 00002741 ____T () C:\Windows\system32\lic2tmp.xml29084
2014-06-28 13:33 - 2014-06-28 13:26 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Windows Live
2014-06-28 13:32 - 2014-06-28 13:32 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-28 13:31 - 2014-06-28 13:31 - 00001336 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-28 13:31 - 2014-06-28 13:31 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-06-28 13:31 - 2014-06-28 13:30 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-28 13:30 - 2014-06-28 13:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-28 13:26 - 2014-06-28 13:26 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-06-28 12:26 - 2014-06-28 12:04 - 00000000 ____D () C:\Users\Dusan\Documents\Wondershare Video Editor
2014-06-28 12:06 - 2014-06-28 12:06 - 00000000 ____D () C:\Users\Dusan\AppData\Local\Wondershare
2014-06-28 12:06 - 2014-06-28 12:06 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-28 12:04 - 2014-06-28 12:04 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-27 18:30 - 2014-06-26 13:00 - 00000000 ____D () C:\Users\Dusan\Documents\IDTE_Data
2014-06-27 15:52 - 2014-06-27 15:52 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\NetSpeedMonitor
2014-06-27 15:51 - 2014-06-27 15:51 - 00000000 ____D () C:\Program Files\NetSpeedMonitor
2014-06-26 22:55 - 2014-06-21 11:59 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-26 22:55 - 2014-06-21 11:59 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-26 20:41 - 2014-06-26 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software
2014-06-26 20:41 - 2014-06-26 20:41 - 00000000 ____D () C:\Program Files\Medieval Software
2014-06-26 20:33 - 2014-06-26 20:32 - 00000000 ____D () C:\Program Files\Spectro
2014-06-26 20:32 - 2014-06-26 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spectro
2014-06-26 15:16 - 2014-06-26 15:16 - 00002741 ____T () C:\Windows\system32\lic2tmp.xml5225
2014-06-26 14:12 - 2014-06-26 14:12 - 03828937 _____ () C:\Users\Dusan\Documents\123.sh3d
2014-06-26 13:14 - 2014-06-26 13:14 - 00000000 ____D () C:\Users\Dusan\AppData\Roaming\eTeks
2014-06-26 13:13 - 2014-06-18 20:53 - 00000000 ____D () C:\Users\Dusan\AppData\Local\VirtualStore
2014-06-26 13:00 - 2014-06-26 13:00 - 00001030 _____ () C:\Users\Marina\Desktop\IDTE-ID3 Tag Editor.lnk
2014-06-26 13:00 - 2014-06-26 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDTE-ID3 Tag Editor
2014-06-26 13:00 - 2014-06-26 13:00 - 00000000 ____D () C:\Program Files\IDTE-ID3 Tag Editor
2014-06-25 16:19 - 2014-06-25 16:17 - 00000000 ____D () C:\Windows\system32\directx
2014-06-25 10:49 - 2014-06-25 10:49 - 00000749 _____ () C:\Users\Public\Desktop\Counter-Strike 1.6 p48.lnk
2014-06-25 10:49 - 2014-06-25 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 p48
2014-06-24 15:12 - 2014-06-24 15:12 - 00000000 ____D () C:\ProgramData\GRETECH

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-17 03:16

==================== End Of Log ============================
mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 23 Jul 2014
  • Poruke: 8

Nikako ne može da završi skeniranje. Ovo mi iskoči.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Da probamo drugi alat...


Arrow Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 23 Jul 2014
  • Poruke: 8

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
malwarebytes.org

Database version: v2014.07.24.01

Windows 8.1 x86 NTFS
Internet Explorer 11.0.9600.17207
Dusan :: LAPTOP [administrator]

7/24/2014 8:35:15 AM
mbar-log-2014-07-24 (08-35-15).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 327192
Time elapsed: 15 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)


mycity.rs/must-login.png

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow Tvoj kompjuter je čist što se malware-a tiče. Možeš da nastaviš u temu u Windows potforumu.



Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Ko je trenutno na forumu
 

Ukupno su 957 korisnika na forumu :: 48 registrovanih, 8 sakrivenih i 901 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: airsuba, ajo baba, Apok, Atomski čoban, babaroga, bigfoot, bojank, Boris BM, Brana01, CikaKURE, DPera, draganl, Duh sa sekirom, dushan, Excalibur13, FileFinder, FOX, herrDule, Jahorina, Kibice, Kruger, laurusri, Leonov, LUDI, maiden6657, milos.cbr, milutin134, MiroslavD, Mixelotti, naki011, nemkea71, nenad81, nextyamb, Panter, pein, procesor, Romibrat, Sirius, slonic_tonic, Srky Boy, stegonosa, tmanda323, Toper, Trpe Grozni, vathra, W123, šumar bk2, 125