Provera Desktop racunara

1

Provera Desktop racunara

online
  • Pridružio: 31 Dec 2015
  • Poruke: 1179

Pozdrav!
Od pre 2-3 dana sam poceo da imam FPS drop-ove u igrici League of Legends. Pripisao sam to Update-u igrice, ali mi se sad desilo da imam FPS drop i u Counter Strike 1.6. Skenirao sam racunar Zemanom i ona je pronasla RootKit Miner. Isao sam na korak "Dalje" i dobio poruku da su sve radnje uspesno izvrsene. Zato, sada, zelim da mi pomognete da proverim da li u mom racunaru postoje neki virusi, crvi itd.

+ Konfiguracija racunara

Hvala!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-12-2017
Ran by HOME (administrator) on MMDE (16-12-2017 22:02:08)
Running from C:\Users\HOME\Desktop
Loaded Profiles: HOME (Available Profiles: HOME)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-12-22] (Realtek Semiconductor)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-190208757-1166373759-4034608144-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-190208757-1166373759-4034608144-1001\...\Run: [DAEMON Tools Lite Automount] => E:\PROGRAMI\Daemon Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-190208757-1166373759-4034608144-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-190208757-1166373759-4034608144-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1053000 2017-12-12] ()
HKU\S-1-5-21-190208757-1166373759-4034608144-1001\...\Run: [Discord] => C:\Users\HOME\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-190208757-1166373759-4034608144-1001\...\Run: [KometaLaunchPanel] => C:\Users\HOME\AppData\Local\Kometa\Panel\KometaLaunchPanel.exe
Startup: C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GBUp.vbs [2017-03-21] ()
Startup: C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk [2017-12-16]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\settings.vbe [2017-03-21] ()
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 93.184.80.109 93.184.80.108
Tcpip\..\Interfaces\{57ecc1b8-8234-4e47-9d9c-6fe8a40b9adc}: [DhcpNameServer] 93.184.80.109 93.184.80.108

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_pivtsk_17_26&param1=1&param2=f%3D4%26b%3DIE%26cc%3Drs%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutC0CzzyBtB0CyCtAyD0EtDtD0BtAtC0FtN0D0Tzu0StBtDtDyCtN1L2XzutAtFtBzytFtAtFzztAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0D0A0AyB0EtD0EtGtAtAtDzztGzy0BzztBtGyCyEzy0FtGtBzzyD0EyEyC0EzytDyB0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DyB0AtByByCtAtG0E0CtBzztGyE0Dzy0AtG0BtCtA0FtGtDtCyE0FyE0EyEyB0A0BtD0B2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAtBtCtC%26cr%3D174614105%26a%3Dwbf_pivtsk_17_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_pivtsk_17_26&param1=1&param2=f%3D4%26b%3DIE%26cc%3Drs%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutC0CzzyBtB0CyCtAyD0EtDtD0BtAtC0FtN0D0Tzu0StBtDtDyCtN1L2XzutAtFtBzytFtAtFzztAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0D0A0AyB0EtD0EtGtAtAtDzztGzy0BzztBtGyCyEzy0FtGtBzzyD0EyEyC0EzytDyB0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DyB0AtByByCtAtG0E0CtBzztGyE0Dzy0AtG0BtCtA0FtGtDtCyE0FyE0EyEyB0A0BtD0B2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAtBtCtC%26cr%3D174614105%26a%3Dwbf_pivtsk_17_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-190208757-1166373759-4034608144-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-190208757-1166373759-4034608144-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-190208757-1166373759-4034608144-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-190208757-1166373759-4034608144-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\HOME\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll => No File

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-190208757-1166373759-4034608144-1001 -> hxxp://www.google.com/

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)

Chrome:
=======
CHR NewTab: Default -> "chrome-extension:\/\/lhemechcanjmilllmccjbjldonmnnjjj\/visual-bookmarks.html"
CHR Profile: C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default [2017-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-10]
CHR Extension: (Chrome Media Router) - C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-10]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>
CHR HKU\S-1-5-21-190208757-1166373759-4034608144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhemechcanjmilllmccjbjldonmnnjjj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-12-22] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-14] ()
S3 Disc Soft Lite Bus Service; E:\PROGRAMI\Daemon Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395536 2016-12-27] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [File not signed]
S3 HnGService; C:\Program Files (x86)\Heroes & Generals\live\hngservice.exe [533288 2017-02-16] (Reto-Moto ApS)
S3 HnGService_prototype; C:\Program Files (x86)\Heroes & Generals prototype\prototype\hngservice.exe [538408 2017-02-16] (Reto-Moto ApS)
S3 HnGSteamService; E:\IGRE\Steam igre\steamapps\common\Heroes & Generals\hngservice.exe [777512 2017-11-30] (Reto-Moto ApS)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-12-12] (Overwolf LTD)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-07] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-07] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S2 mrupdsrv; "C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe" --s [X]
S2 SvcHost Service Host; "C:\Windows\Microsoft\svchost.exe" -k LocalService [X]
S2 Updater.Mail.Ru; C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe --s [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-12-22] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-12-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-12-25] (Disc Soft Ltd)
R1 MpKsl877fcebe; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB04C465-59FF-4594-BFBF-E265C04AFA93}\MpKsl877fcebe.sys [58120 2017-12-16] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-07] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-07] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-07-05] (Wellbia.com Co., Ltd.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-25] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-25] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-16 22:02 - 2017-12-16 22:02 - 000015038 _____ C:\Users\HOME\Desktop\FRST.txt
2017-12-16 22:01 - 2017-12-16 22:02 - 000000000 ____D C:\FRST
2017-12-16 22:00 - 2017-12-16 22:00 - 002392576 _____ (Farbar) C:\Users\HOME\Desktop\FRST64.exe
2017-12-14 17:10 - 2017-12-03 23:38 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-14 17:10 - 2017-12-03 23:38 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-14 17:09 - 2017-12-16 18:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2017-12-13 16:04 - 2017-12-13 16:04 - 000000052 _____ C:\Users\HOME\AppData\Local\HvpjdXLztn
2017-12-12 19:19 - 2017-12-08 07:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-12 19:19 - 2017-12-08 00:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-12 19:19 - 2017-12-08 00:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-12 19:19 - 2017-12-08 00:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-12 19:19 - 2017-12-08 00:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-12 19:19 - 2017-12-08 00:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-12 19:19 - 2017-12-08 00:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-12 19:19 - 2017-12-08 00:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-12 19:19 - 2017-12-08 00:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-12 19:19 - 2017-12-08 00:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-12 19:19 - 2017-12-08 00:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-12 19:19 - 2017-12-08 00:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-12 19:19 - 2017-12-08 00:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-12 19:19 - 2017-12-08 00:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-12 19:19 - 2017-12-08 00:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-12 19:19 - 2017-12-08 00:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-12 19:19 - 2017-12-08 00:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-12 19:19 - 2017-12-08 00:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-12 19:19 - 2017-12-08 00:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-12 19:19 - 2017-12-08 00:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-12 19:19 - 2017-12-08 00:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-12 19:19 - 2017-12-08 00:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-12 19:19 - 2017-12-08 00:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-12 19:19 - 2017-12-08 00:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-12 19:19 - 2017-12-08 00:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-12 19:19 - 2017-12-08 00:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-12 19:19 - 2017-12-08 00:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-12 19:19 - 2017-12-08 00:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-12 19:19 - 2017-12-08 00:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-12 19:19 - 2017-12-08 00:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-12 19:19 - 2017-12-08 00:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-12 19:19 - 2017-12-08 00:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-12 19:19 - 2017-12-08 00:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-12 19:19 - 2017-12-08 00:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-12 19:19 - 2017-12-08 00:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-12 19:19 - 2017-12-07 23:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-12 19:19 - 2017-12-07 23:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-12 19:19 - 2017-12-07 23:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-12 19:19 - 2017-12-07 23:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-12 19:19 - 2017-12-07 23:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-12 19:19 - 2017-12-07 23:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-12 19:19 - 2017-12-07 23:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-12 19:19 - 2017-12-07 23:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-12 19:19 - 2017-12-07 23:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-12 19:19 - 2017-12-07 23:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-12 19:19 - 2017-12-07 23:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-12 19:19 - 2017-12-07 23:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-12 19:19 - 2017-12-07 23:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-12 19:19 - 2017-12-07 23:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-12 19:19 - 2017-12-07 23:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-12 19:19 - 2017-12-07 23:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-12 19:19 - 2017-12-07 23:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-12 19:19 - 2017-12-07 23:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-12 19:19 - 2017-12-07 23:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-12 19:19 - 2017-12-07 23:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-12 19:19 - 2017-12-07 23:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-12 19:19 - 2017-12-07 23:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-12 19:19 - 2017-12-07 23:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-12 19:19 - 2017-12-07 23:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-12 19:19 - 2017-12-07 23:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-12 19:19 - 2017-12-07 23:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-12 19:19 - 2017-12-07 23:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-12 19:19 - 2017-12-07 23:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-12 19:19 - 2017-12-07 23:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-12 19:19 - 2017-12-07 23:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-12 19:19 - 2017-12-07 23:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-12 19:19 - 2017-12-07 23:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-12 19:19 - 2017-12-07 23:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-12 19:19 - 2017-12-07 23:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-12 19:19 - 2017-12-07 23:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-12 19:19 - 2017-12-07 23:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-12 19:19 - 2017-12-07 23:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-12 19:19 - 2017-12-07 23:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-12 19:19 - 2017-12-07 23:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-12 19:19 - 2017-12-07 23:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-12 19:19 - 2017-12-07 23:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-12 19:19 - 2017-12-07 23:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-12 19:19 - 2017-12-07 23:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-12 19:19 - 2017-12-07 23:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-12 19:19 - 2017-12-07 23:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-12 19:19 - 2017-12-07 23:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-12 19:19 - 2017-12-07 23:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-12 19:19 - 2017-12-07 23:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-12 19:19 - 2017-12-07 23:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-12 19:19 - 2017-12-07 23:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-12 19:19 - 2017-12-07 23:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-12 19:19 - 2017-12-07 23:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-12 19:19 - 2017-12-07 23:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-12 19:19 - 2017-12-07 23:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-12 19:19 - 2017-12-07 23:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-12 19:19 - 2017-12-07 23:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-12 19:19 - 2017-12-07 23:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-12 19:19 - 2017-12-07 23:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-12 19:19 - 2017-12-07 23:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-12 19:19 - 2017-12-07 23:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-12 19:19 - 2017-12-07 23:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-12 19:19 - 2017-12-07 23:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-12 19:19 - 2017-12-07 23:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-12 19:19 - 2017-12-07 23:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-12 19:19 - 2017-12-07 23:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-12 19:19 - 2017-12-07 23:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-12 19:19 - 2017-12-07 23:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-12 19:19 - 2017-12-07 23:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-12 19:19 - 2017-12-07 23:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-12 19:19 - 2017-12-07 23:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-12 19:19 - 2017-12-07 23:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-12 19:19 - 2017-12-07 23:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-12 19:19 - 2017-12-07 23:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-12 19:19 - 2017-12-07 23:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-12 19:19 - 2017-12-07 23:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-12 19:19 - 2017-12-07 23:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-12 19:19 - 2017-12-07 23:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-12 19:19 - 2017-12-07 22:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-12 19:19 - 2017-12-07 22:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-12 19:19 - 2017-12-07 22:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-12 19:19 - 2017-12-07 22:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-12 19:19 - 2017-12-07 22:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-12 19:19 - 2017-12-07 22:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-12 19:19 - 2017-12-07 22:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-12 19:19 - 2017-12-07 22:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-12 19:19 - 2017-12-07 22:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-12 19:19 - 2017-12-07 22:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-12 19:19 - 2017-12-07 22:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-12 19:19 - 2017-12-07 22:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-12 19:19 - 2017-12-07 22:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-12 19:19 - 2017-12-07 22:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-12 19:19 - 2017-12-07 22:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-12 19:19 - 2017-12-07 22:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-12 19:19 - 2017-12-07 22:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-12 19:19 - 2017-12-07 22:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-12 19:19 - 2017-11-26 21:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-12 19:19 - 2017-11-26 21:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-12 19:19 - 2017-11-26 21:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-12 19:19 - 2017-11-26 17:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-12 19:19 - 2017-11-26 14:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-12 19:19 - 2017-11-26 14:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-12 19:19 - 2017-11-26 14:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-12 19:19 - 2017-11-26 14:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-12 19:19 - 2017-11-26 14:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-12 19:19 - 2017-11-26 14:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-12 19:19 - 2017-11-26 14:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-12 19:19 - 2017-11-26 14:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-12 19:19 - 2017-11-26 14:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-12 19:19 - 2017-11-26 14:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-12 19:19 - 2017-11-26 14:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-12 19:19 - 2017-11-26 14:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-12 19:19 - 2017-11-26 14:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-12 19:19 - 2017-11-26 14:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-12 19:19 - 2017-11-26 14:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-12 19:19 - 2017-11-26 14:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-12 19:19 - 2017-11-26 14:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-12 19:19 - 2017-11-26 14:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-12 19:19 - 2017-11-26 14:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-12 19:19 - 2017-11-26 14:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-12 19:19 - 2017-11-26 14:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-12 19:19 - 2017-11-26 14:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-12 19:19 - 2017-11-26 14:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-12 19:19 - 2017-11-26 14:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-12 19:19 - 2017-11-26 14:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-12 19:19 - 2017-11-26 14:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-12 19:19 - 2017-11-26 14:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-12 19:19 - 2017-11-26 14:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-12 19:19 - 2017-11-26 14:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-12 19:19 - 2017-11-26 14:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-12 19:19 - 2017-11-26 14:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-12 19:19 - 2017-11-26 14:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-12 19:19 - 2017-11-26 14:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-12 19:19 - 2017-11-26 14:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-12 19:19 - 2017-11-26 14:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-12 19:19 - 2017-11-26 14:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-12 19:19 - 2017-11-26 14:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-12 19:19 - 2017-11-26 14:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-12 19:19 - 2017-11-26 14:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-12 19:19 - 2017-11-26 14:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-12 19:19 - 2017-11-26 14:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-12 19:19 - 2017-11-26 14:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-12 19:19 - 2017-11-26 14:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-12 19:19 - 2017-11-26 14:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-12 19:19 - 2017-11-26 14:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-12 19:19 - 2017-11-26 14:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-12 19:19 - 2017-11-26 14:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-12 19:19 - 2017-11-26 13:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-12 19:19 - 2017-11-26 13:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-12 19:19 - 2017-11-26 13:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-12 19:19 - 2017-11-26 13:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-12 19:19 - 2017-11-26 13:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-12 19:19 - 2017-11-26 13:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-12 19:19 - 2017-11-26 13:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-12 19:19 - 2017-11-26 13:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-12 19:19 - 2017-11-26 13:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-12 19:19 - 2017-11-26 13:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-12 19:19 - 2017-11-26 13:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-12 19:19 - 2017-11-26 13:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-12 19:19 - 2017-11-26 13:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-12 19:19 - 2017-11-26 13:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-12 19:19 - 2017-11-26 13:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-12 19:19 - 2017-11-26 13:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-12 19:19 - 2017-11-26 13:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-12 19:19 - 2017-11-26 13:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-12 19:19 - 2017-11-26 13:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-12 19:19 - 2017-11-26 13:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-12 19:19 - 2017-11-26 13:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-12 19:19 - 2017-11-26 13:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-12 19:19 - 2017-11-26 13:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-12 19:19 - 2017-11-26 13:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-12 19:19 - 2017-11-26 13:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-12 19:19 - 2017-11-26 13:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-12 19:19 - 2017-11-26 13:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-12 19:19 - 2017-11-26 13:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-12 19:19 - 2017-11-26 13:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-12 19:19 - 2017-11-26 13:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-12 19:19 - 2017-11-26 13:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-12 19:19 - 2017-11-26 13:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-12 19:19 - 2017-11-26 13:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-12 19:19 - 2017-11-26 13:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-12 19:19 - 2017-11-26 13:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-12 19:19 - 2017-11-26 13:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-12 19:19 - 2017-11-26 13:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-12 19:19 - 2017-11-26 13:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-12 19:19 - 2017-11-26 13:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-12 19:19 - 2017-11-26 13:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-12 19:19 - 2017-11-26 13:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-12 19:19 - 2017-11-26 13:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-12 19:19 - 2017-11-26 13:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-12 19:19 - 2017-11-26 13:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-12 19:19 - 2017-11-26 13:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-12 19:19 - 2017-11-26 13:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-12 19:19 - 2017-11-26 13:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-12 19:19 - 2017-11-26 13:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-12 19:19 - 2017-11-26 13:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-12 19:19 - 2017-11-26 13:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-12 19:19 - 2017-11-26 13:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-12 19:19 - 2017-11-26 13:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-12 19:19 - 2017-11-26 13:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-12 19:19 - 2017-11-26 13:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-12 19:19 - 2017-11-26 13:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-12 19:19 - 2017-11-26 13:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-12 19:19 - 2017-11-26 12:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-12 19:19 - 2017-11-26 12:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-12 19:19 - 2017-11-26 12:59 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-12 19:19 - 2017-11-26 12:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-12 19:19 - 2017-11-26 12:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-12 19:19 - 2017-11-26 12:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-12 19:19 - 2017-11-26 12:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-12 19:19 - 2017-11-26 12:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-12 19:19 - 2017-11-26 12:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-12 19:19 - 2017-11-26 12:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-12 19:19 - 2017-11-26 12:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-12 19:19 - 2017-11-26 12:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-12 19:19 - 2017-11-26 12:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-12 19:19 - 2017-11-26 12:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-12 19:19 - 2017-11-26 12:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-12 19:19 - 2017-11-26 12:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-12 19:19 - 2017-11-26 12:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-12 19:19 - 2017-11-26 12:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-12 19:19 - 2017-11-26 11:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-12 19:19 - 2017-11-26 11:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-12 19:19 - 2017-11-26 11:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-12 19:19 - 2017-11-26 11:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-12 19:19 - 2017-11-26 11:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-12 19:19 - 2017-11-26 11:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-12 19:19 - 2017-11-26 11:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-12 19:19 - 2017-11-26 11:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-12 19:19 - 2017-11-26 11:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-12 19:19 - 2017-11-26 11:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-12 19:19 - 2017-11-26 11:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-12 19:19 - 2017-11-26 11:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-12 19:19 - 2017-11-26 11:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-12 19:19 - 2017-11-26 11:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-12 19:19 - 2017-11-26 11:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-12 19:19 - 2017-11-26 11:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-12 19:19 - 2017-11-26 11:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-12 19:19 - 2017-11-26 11:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-12 19:19 - 2017-11-26 11:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-12 19:19 - 2017-11-26 11:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-12 19:19 - 2017-11-26 11:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-12 19:19 - 2017-11-26 11:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-12 19:19 - 2017-11-26 11:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-12 19:19 - 2017-11-26 11:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-12 19:19 - 2017-11-26 11:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-12 19:19 - 2017-11-26 11:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-12 19:19 - 2017-11-26 11:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-12 19:19 - 2017-11-26 11:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-12 19:19 - 2017-11-26 11:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-12 19:19 - 2017-11-26 11:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-12 19:19 - 2017-11-26 11:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-12 19:19 - 2017-11-19 08:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-12 19:19 - 2017-11-19 03:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-09 09:50 - 2017-12-09 09:50 - 000000952 _____ C:\Users\HOME\Desktop\Mafia II - Digital Deluxe Edition.lnk
2017-12-09 09:03 - 2017-12-09 09:03 - 000000000 ____D C:\Users\HOME\AppData\Local\2K Games
2017-12-09 08:16 - 2017-12-09 08:16 - 000000664 _____ C:\Users\HOME\Desktop\Ride 2.lnk
2017-12-09 08:16 - 2017-12-09 08:16 - 000000000 ____D C:\Users\HOME\AppData\Roaming\Steam
2017-12-09 08:16 - 2017-12-09 08:16 - 000000000 ____D C:\Users\HOME\AppData\Roaming\Milestone
2017-12-09 08:16 - 2017-12-09 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ride 2
2017-12-07 17:55 - 2017-12-07 17:55 - 000000000 ____D C:\Users\HOME\Documents\CPY_SAVES
2017-12-07 17:55 - 2017-12-07 17:55 - 000000000 ____D C:\ProgramData\KONAMI
2017-12-07 17:54 - 2017-12-07 17:54 - 000000000 ____D C:\Users\HOME\Documents\KONAMI
2017-12-07 17:53 - 2017-12-07 17:53 - 000001300 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2018.lnk
2017-12-07 17:53 - 2017-12-07 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2018
2017-12-04 18:50 - 2017-12-07 16:50 - 000000000 ____D C:\Users\HOME\Desktop\El kont
2017-12-03 21:15 - 2017-12-03 21:15 - 000002305 _____ C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kometa.lnk
2017-12-03 21:15 - 2017-12-03 21:15 - 000000000 ____D C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Боковая панель - Комета
2017-12-03 21:13 - 2017-12-03 21:21 - 000000000 ____D C:\Users\HOME\AppData\Local\nvfontcache
2017-12-03 21:12 - 2017-12-03 21:12 - 000000000 ____D C:\Users\HOME\AppData\Local\Поиcк в Интeрнете
2017-12-01 15:54 - 2017-12-03 14:24 - 000432128 _____ C:\Users\HOME\Desktop\Elektricna_otpornost.ppt
2017-11-25 12:14 - 2017-11-25 12:14 - 000000000 ____D C:\Users\HOME\AppData\Roaming\Affinity
2017-11-25 12:14 - 2017-11-25 12:14 - 000000000 ____D C:\ProgramData\Affinity
2017-11-25 12:14 - 2017-11-25 12:14 - 000000000 ____D C:\Program Files\Affinity Photo
2017-11-25 12:13 - 2017-07-03 14:13 - 000000000 ____D C:\Users\HOME\Desktop\AffPhoto152WIN
2017-11-23 16:04 - 2015-09-05 11:27 - 000000000 ____D C:\Users\HOME\Desktop\JC1997's STK
2017-11-18 23:03 - 2017-11-18 23:03 - 000001503 _____ C:\Users\HOME\Desktop\SaintsRowIV.exe.lnk
2017-11-18 21:56 - 2017-11-18 21:56 - 000000000 ____D C:\ProgramData\Steam
2017-11-18 21:54 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-11-18 08:37 - 2017-11-18 08:37 - 000001099 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2017-11-18 08:37 - 2017-11-18 08:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
2017-11-18 08:37 - 2017-11-18 08:37 - 000000000 ____D C:\Program Files (x86)\Pivot Animator
2017-11-17 19:41 - 2017-11-17 19:41 - 000001026 _____ C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Vegas Pro 13.0 (64-bit).lnk
2017-11-17 19:41 - 2017-11-17 19:41 - 000000000 ____D C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony
2017-11-17 19:41 - 2017-11-17 19:41 - 000000000 ____D C:\Users\HOME\AppData\Local\Sony
2017-11-17 19:41 - 2017-11-17 19:41 - 000000000 ____D C:\Program Files\Sony
2017-11-17 19:41 - 2017-11-17 19:41 - 000000000 ____D C:\Program Files (x86)\Sony

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-16 22:02 - 2017-09-07 17:50 - 000536724 _____ C:\WINDOWS\ZAM.krnl.trace
2017-12-16 22:02 - 2017-09-07 17:50 - 000501840 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-12-16 21:56 - 2017-10-19 14:20 - 000004142 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5CC66FCC-DAA0-4920-937B-05FB1F511775}
2017-12-16 21:52 - 2017-10-19 14:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-16 21:52 - 2017-06-29 22:04 - 000000000 ____D C:\ProgramData\{84F74194-0EB5-CB52-8873-55101231DEDE}
2017-12-16 15:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-16 15:26 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-16 15:26 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-14 23:20 - 2017-07-17 07:20 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-12-14 18:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-14 17:14 - 2017-10-19 14:24 - 001172330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-14 17:10 - 2017-09-24 13:07 - 000000000 ___RD C:\Users\HOME\3D Objects
2017-12-14 17:10 - 2016-12-22 21:19 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-14 17:09 - 2017-10-19 14:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-14 17:09 - 2017-10-19 14:15 - 000316312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-14 17:09 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-14 17:09 - 2016-12-27 14:28 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-14 17:08 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2017-12-14 17:08 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-12-14 17:08 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-14 17:08 - 2017-06-14 15:13 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-12-12 19:24 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-12 19:24 - 2016-12-22 22:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-12 19:22 - 2017-10-11 16:08 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-12 19:22 - 2016-12-22 22:06 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-12 19:20 - 2017-09-29 14:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-12-12 19:20 - 2017-09-29 14:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-12-12 19:20 - 2017-09-29 14:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-12-12 19:20 - 2017-09-29 14:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-12-12 16:23 - 2017-10-27 20:24 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-10 18:41 - 2016-12-25 09:45 - 000000000 ____D C:\Users\HOME\Desktop\Dane
2017-12-10 11:20 - 2017-10-08 18:03 - 000000000 ____D C:\Users\HOME\AppData\Local\UnrealEngine
2017-12-09 15:18 - 2016-12-24 09:04 - 000000000 ____D C:\Users\HOME\AppData\Roaming\uTorrent
2017-12-09 09:50 - 2017-02-16 12:15 - 000000000 ____D C:\Users\HOME\AppData\Roaming\Steinberg
2017-12-09 09:40 - 2017-07-27 19:00 - 000000000 ____D C:\Users\HOME\Desktop\Mapanje
2017-12-09 09:04 - 2016-12-23 16:43 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-09 07:40 - 2017-09-28 18:57 - 000000000 ____D C:\Users\HOME\Desktop\GM Game
2017-12-08 21:14 - 2017-10-05 19:25 - 000000000 ____D C:\Users\HOME\Desktop\Microsoft Game Competition
2017-12-08 14:48 - 2017-09-20 15:10 - 000000000 ____D C:\ProgramData\GameMakerStudio2
2017-12-03 21:08 - 2017-06-29 22:04 - 000000258 __RSH C:\ProgramData\ntuser.pol
2017-12-03 17:39 - 2017-01-08 19:48 - 000000000 ____D C:\Users\HOME\AppData\Roaming\TS3Client
2017-12-03 09:56 - 2017-04-26 15:38 - 000000000 ____D C:\Users\HOME\Desktop\MILOS
2017-12-03 07:16 - 2017-07-05 21:41 - 000000000 ____D C:\PDBaza
2017-11-30 15:20 - 2017-09-19 16:52 - 000000000 ____D C:\Users\HOME\Documents\Visual Studio 2017
2017-11-29 14:52 - 2017-01-15 18:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-27 13:12 - 2017-10-19 14:17 - 000000000 ____D C:\Users\HOME
2017-11-27 13:12 - 2016-12-27 18:22 - 000000000 ____D C:\Users\HOME\AppData\LocalLow\Heroes and Generals
2017-11-26 15:49 - 2017-02-03 07:16 - 000000000 ____D C:\Users\HOME\AppData\Local\ElevatedDiagnostics
2017-11-25 18:51 - 2016-12-22 21:21 - 000000000 ____D C:\Users\HOME\AppData\Roaming\Skype
2017-11-25 12:15 - 2016-12-24 11:40 - 000000000 ____D C:\Users\HOME\Desktop\PROGRAMI
2017-11-21 18:41 - 2016-12-22 22:07 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-21 17:22 - 2016-12-24 07:27 - 000000000 ____D C:\Users\HOME\BrawlhallaReplays
2017-11-18 15:19 - 2017-06-23 13:03 - 000000261 _____ C:\Users\HOME\Documents\ClownfishForTeamspeak.ini
2017-11-17 19:42 - 2016-12-31 09:55 - 000000000 ____D C:\Users\HOME\AppData\Roaming\obs-studio
2017-11-17 19:41 - 2017-03-13 19:02 - 000000000 ____D C:\Users\HOME\AppData\Roaming\Sony
2017-11-16 15:29 - 2017-10-19 14:20 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-16 09:16 - 2016-12-25 09:40 - 000000000 ____D C:\Users\HOME\AppData\Roaming\HpUpdate
2017-11-16 09:10 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-16 09:10 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-16 09:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-16 06:56 - 2017-10-28 14:48 - 000000000 ____D C:\Users\HOME\Desktop\Презентација

==================== Files in the root of some directories =======

2017-02-01 15:07 - 2017-10-28 14:51 - 000000132 _____ () C:\Users\HOME\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-12-30 15:03 - 2017-04-27 14:09 - 000007680 _____ () C:\Users\HOME\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-13 16:04 - 2017-12-13 16:04 - 000000052 _____ () C:\Users\HOME\AppData\Local\HvpjdXLztn
2017-01-30 17:54 - 2017-01-30 17:54 - 000000003 _____ () C:\Users\HOME\AppData\Local\updater.log
2017-01-30 17:54 - 2017-05-07 16:31 - 000000425 _____ () C:\Users\HOME\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-12 00:09

==================== End of FRST.txt ============================


https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

Startup: C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GBUp.vbs [2017-03-21] ()
Startup: C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\settings.vbe [2017-03-21] ()
CHR NewTab: Default -> "chrome-extension:\/\/lhemechcanjmilllmccjbjldonmnnjjj\/visual-bookmarks.html"
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>
CHR HKU\S-1-5-21-190208757-1166373759-4034608144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhemechcanjmilllmccjbjldonmnnjjj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>
S2 SvcHost Service Host; "C:\Windows\Microsoft\svchost.exe" -k LocalService [X]
C:\Users\HOME\AppData\Local\HvpjdXLztn
Task: {453807C1-D45C-478B-B7C7-22AD9A7773A7} - System32\Tasks\Yahoo! Powered casar => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{84F74194-0EB5-CB52-8873-55101231DEDE}\lami.txt" "68747470733a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b38344637343139342d304542352d434235322d383837332d3535313031323331444544457d5c646564616661" "433a5c50726f6772616d446174615c7b38344637343139342d304542352d434235322d3838 (the data entry has 80 more characters). <==== ATTENTION
Task: {614C2D5A-3A28-4D14-9A22-0A9ED8080ADA} - \OneSystemCare Task -> No File <==== ATTENTION
Task: {64DDBCC6-DE6F-4F74-840A-8866A1C202D5} - \MailRuUpdater -> No File <==== ATTENTION
Task: {967F3B8E-F506-461D-A731-3946C6FA0491} - \space(title, t_delayed) -> No File <==== ATTENTION
Task: {BD71E1F8-7C00-4E41-9E2E-89AC382E61EB} - \{05080847-0F0F-080E-0B11-0E7E0D0E1108} -> No File <==== ATTENTION
Task: {D1628281-AF1F-465B-91FF-3641F73550C3} - \nvfontcache -> No File <==== ATTENTION
Task: {D9E89C15-105B-4DB8-8DCE-BF9F040647C0} - \Windows Defender User Interface -> No File <==== ATTENTION
Task: {DACD9231-2786-4F2E-A09F-65686699BB0F} - \space(title, t_monitor) -> No File <==== ATTENTION
Task: {FDFC06B7-A295-46E6-9006-CC4F5D88396E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Yahoo! Powered casar.job => Wscript.exe  C:\ProgramData\{84F74194-0EB5-CB52-8873-55101231DEDE}\lami.txt <==== ATTENTION
C:\Windows\Microsoft
C:\ProgramData\{84F74194-0EB5-CB52-8873-55101231DEDE}


U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi UTF-8.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

online
  • Pridružio: 31 Dec 2015
  • Poruke: 1179

Zao mi je sto kasnim. Evo ga Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-12-2017
Ran by HOME (17-12-2017 08:40:09) Run:1
Running from C:\Users\HOME\Desktop
Loaded Profiles: HOME (Available Profiles: HOME)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Startup: C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GBUp.vbs [2017-03-21] ()
Startup: C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\settings.vbe [2017-03-21] ()
CHR NewTab: Default -> "chrome-extension:\/\/lhemechcanjmilllmccjbjldonmnnjjj\/visual-bookmarks.html"
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>
CHR HKU\S-1-5-21-190208757-1166373759-4034608144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhemechcanjmilllmccjbjldonmnnjjj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - <no Path/update_url>
S2 SvcHost Service Host; "C:\Windows\Microsoft\svchost.exe" -k LocalService [X]
C:\Users\HOME\AppData\Local\HvpjdXLztn
Task: {453807C1-D45C-478B-B7C7-22AD9A7773A7} - System32\Tasks\Yahoo! Powered casar => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{84F74194-0EB5-CB52-8873-55101231DEDE}\lami.txt" "68747470733a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b38344637343139342d304542352d434235322d383837332d3535313031323331444544457d5c646564616661" "433a5c50726f6772616d446174615c7b38344637343139342d304542352d434235322d3838 (the data entry has 80 more characters). <==== ATTENTION
Task: {614C2D5A-3A28-4D14-9A22-0A9ED8080ADA} - \OneSystemCare Task -> No File <==== ATTENTION
Task: {64DDBCC6-DE6F-4F74-840A-8866A1C202D5} - \MailRuUpdater -> No File <==== ATTENTION
Task: {967F3B8E-F506-461D-A731-3946C6FA0491} - \space(title, t_delayed) -> No File <==== ATTENTION
Task: {BD71E1F8-7C00-4E41-9E2E-89AC382E61EB} - \{05080847-0F0F-080E-0B11-0E7E0D0E1108} -> No File <==== ATTENTION
Task: {D1628281-AF1F-465B-91FF-3641F73550C3} - \nvfontcache -> No File <==== ATTENTION
Task: {D9E89C15-105B-4DB8-8DCE-BF9F040647C0} - \Windows Defender User Interface -> No File <==== ATTENTION
Task: {DACD9231-2786-4F2E-A09F-65686699BB0F} - \space(title, t_monitor) -> No File <==== ATTENTION
Task: {FDFC06B7-A295-46E6-9006-CC4F5D88396E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Yahoo! Powered casar.job => Wscript.exe C:\ProgramData\{84F74194-0EB5-CB52-8873-55101231DEDE}\lami.txt <==== ATTENTION
C:\Windows\Microsoft
C:\ProgramData\{84F74194-0EB5-CB52-8873-55101231DEDE}
*****************

C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GBUp.vbs => moved successfully
C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\settings.vbe => moved successfully
"Chrome NewTab" => removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce" => removed successfully
"HKU\S-1-5-21-190208757-1166373759-4034608144-1001\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lhemechcanjmilllmccjbjldonmnnjjj" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce" => removed successfully
"HKLM\System\CurrentControlSet\Services\SvcHost Service Host" => removed successfully
SvcHost Service Host => service removed successfully
C:\Users\HOME\AppData\Local\HvpjdXLztn => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{453807C1-D45C-478B-B7C7-22AD9A7773A7} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{453807C1-D45C-478B-B7C7-22AD9A7773A7}" => removed successfully
C:\WINDOWS\System32\Tasks\Yahoo! Powered casar => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Powered casar" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{614C2D5A-3A28-4D14-9A22-0A9ED8080ADA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{614C2D5A-3A28-4D14-9A22-0A9ED8080ADA}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneSystemCare Task => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{64DDBCC6-DE6F-4F74-840A-8866A1C202D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64DDBCC6-DE6F-4F74-840A-8866A1C202D5}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MailRuUpdater => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{967F3B8E-F506-461D-A731-3946C6FA0491}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{967F3B8E-F506-461D-A731-3946C6FA0491}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\space(title, t_delayed) => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD71E1F8-7C00-4E41-9E2E-89AC382E61EB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD71E1F8-7C00-4E41-9E2E-89AC382E61EB}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05080847-0F0F-080E-0B11-0E7E0D0E1108} => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1628281-AF1F-465B-91FF-3641F73550C3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1628281-AF1F-465B-91FF-3641F73550C3}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nvfontcache => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D9E89C15-105B-4DB8-8DCE-BF9F040647C0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9E89C15-105B-4DB8-8DCE-BF9F040647C0}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows Defender User Interface => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DACD9231-2786-4F2E-A09F-65686699BB0F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DACD9231-2786-4F2E-A09F-65686699BB0F}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\space(title, t_monitor) => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDFC06B7-A295-46E6-9006-CC4F5D88396E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDFC06B7-A295-46E6-9006-CC4F5D88396E}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
C:\WINDOWS\Tasks\Yahoo! Powered casar.job => moved successfully
C:\Windows\Microsoft => moved successfully
C:\ProgramData\{84F74194-0EB5-CB52-8873-55101231DEDE} => moved successfully

==== End of Fixlog 08:40:10 ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Potrebno je da spakuješ folder C:\FRST\Quarantine u arhivu i pošalješ nam ga.

Uđi u folder C:\FRST
Desnim tasterom miša klini na folder Quarantine i izaberi opciju Add to archive... kao na slici



Kao Archive format izaberi RAR5 ili RAR
Za Compression method odaberi Best
U polje Split to volumes, bytes unesi 5000000 (slovima: pet miliona)
Na desnoj strani označi opciju Create Solid Archive (pogledaj sliku dole)



Klikni na OK
Kada WinRAR završi sa kompresovanjem, dobijene fajlove uploaduj (jedan po jedan) na:
https://www.mycity.rs/ambulanta-upload.php

online
  • Pridružio: 31 Dec 2015
  • Poruke: 1179

Napisano: 17 Dec 2017 15:05

Dobijam ovu poruku:



Nisam siguran sta da kliknem. I da li ce da sve bude kako treba ako upload-am,a prethodno sam kliknuo na Close ili Break operation. Kliknucu na close pa cu da upload-am.

Dopuna: 17 Dec 2017 15:06

Upload sam RAR fajl.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish

Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.

• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.

Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.

Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.



• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.

online
  • Pridružio: 31 Dec 2015
  • Poruke: 1179

Sve sam uradio po uputstvu. Evo izvestaja:

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje?

online
  • Pridružio: 31 Dec 2015
  • Poruke: 1179

Sada mi se javio jedan problem. Ne mogu da odem ni na jedan sajt preko Microsoft Edge pretrazivaca. Mbam izvestaj sam poslao preko racunara i Internet Explorera, a sada ovo pisem preko telefona. Ovo dobijam kada pokusam da odem na neki sajt na Microsoft Edge:

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Napisano: 17 Dec 2017 21:22

Da li isti problem imaš sa Firefoxom ili Chromeom?

Dopuna: 17 Dec 2017 21:24

Restartuj računar. Ako ni tad ne bude htjelo provjeri podešavanja IP adrese. U MBAM izvještaju se vidi da je nešto uklonio od tih stavki.

Ko je trenutno na forumu
 

Ukupno su 1347 korisnika na forumu :: 31 registrovanih, 3 sakrivenih i 1313 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: bojank, bojcistv, ccoogg123, CikaKURE, darkangel, dekir, DonRumataEstorski, dragoljub11987, drimer, Excalibur13, galijot, hyla, ikan, jackreacher011011, janbo, Kruger, Kubovac, Lazarus, Leonov, Mcdado, Milometer, Milos ZA, milutin134, mnn2, nenad81, novator, sasa87, Srle993, Trpe Grozni, Vlada1389, VP6919