Dosta problema, isključen windows update tokom 3 godine ...

Dosta problema, isključen windows update tokom 3 godine ...

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1231

Iz naslova teme se vidi o čemu se radi, u pitanju je računar sestre moga zeta koji je koristio njen sin a sad ona i na kome je windows update bio isključen nekih 3 godine, neažuriran i neaktivan ESET antivirus. C particija je bila puna pa je onda neko umesto da očisti programe i pobriše đubre instalirao programe i na D particiju. Počeo sam da sređujem računar pre dva dana i samo sam započeo i onda su me prekinuli, u međuvremenu je zetova sestra pobrisala neke stvari samostalno iz Program Files na D particiji tako što je samo obrisala foldere jer u suštini ne zna kako se deinstaliraju programi kao i neke druge stvari. Računar je po njenim rečima radio dosta sporo i bio je poprilično neupotrebljiv.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2015 01
Ran by Zoki (administrator) on ZOKI-PC on 26-02-2015 18:57:24
Running from C:\Users\Zoki\Desktop
Loaded Profiles: Zoki & UpdatusUser (Available profiles: Zoki & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
() C:\Windows\vsnpstd3.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-17] (Panda Security, S.L.)
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\Run: [VW100 Connection Manager] => [X]
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: {76141481-e6fc-11e1-b5f9-0019dbce5144} - F:\Autorun.exe
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: {9e675db6-de36-11e1-b1ab-806e6f6e6963} - F:\VW100_Modem_Installation.exe
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-638498753-3118534903-3762225936-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://google/
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.rs/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-638498753-3118534903-3762225936-1000 -> {4C282A5F-A51C-4B77-ACB0-BE1953F0CA8B} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-638498753-3118534903-3762225936-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Zoki\AppData\Roaming\Mozilla\Firefox\Profiles\is53k7t2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HKU\S-1-5-21-638498753-3118534903-3762225936-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Zoki\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-07]
CHR HKU\S-1-5-21-638498753-3118534903-3762225936-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-17] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-17] (Panda Security, S.L.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [86800 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202128 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109584 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126480 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [41744 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99856 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [61712 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [120592 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [281232 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [205456 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [108432 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [239888 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [94864 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [140048 2015-02-11] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105232 2015-02-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168208 2015-02-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113936 2015-02-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124688 2015-02-11] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100624 2015-02-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10252544 2007-03-27] (Sonix Co. Ltd.)
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [58320 2005-08-30] (MCCI)
S3 vwmfbus; C:\Windows\System32\DRIVERS\vwmfbus.sys [98560 2009-11-11] (MCCI Corporation)
S3 vwmfdiag; C:\Windows\System32\DRIVERS\vwmfdiag.sys [100224 2009-11-11] (MCCI Corporation)
S3 vwmfmdfl; C:\Windows\System32\DRIVERS\vwmfmdfl.sys [14848 2009-11-11] (MCCI Corporation)
S3 vwmfmdm; C:\Windows\System32\DRIVERS\vwmfmdm.sys [123776 2009-11-11] (MCCI Corporation)
S3 vwmfserd; C:\Windows\System32\DRIVERS\vwmfserd.sys [100224 2009-11-11] (MCCI Corporation)
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 18:57 - 2015-02-26 18:59 - 00012086 _____ () C:\Users\Zoki\Desktop\FRST.txt
2015-02-26 18:57 - 2015-02-26 18:57 - 00000000 ____D () C:\FRST
2015-02-26 18:51 - 2015-02-26 18:51 - 01127424 _____ (Farbar) C:\Users\Zoki\Desktop\FRST.exe
2015-02-26 18:49 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-26 18:25 - 2015-02-26 18:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-26 18:07 - 2015-02-26 18:07 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-26 18:07 - 2015-02-26 18:07 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-26 18:07 - 2015-02-26 18:07 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-02-26 18:07 - 2015-02-26 18:07 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-26 18:07 - 2015-02-26 18:07 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-02-26 18:07 - 2015-02-26 18:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-02-26 18:07 - 2015-02-26 18:07 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-26 18:07 - 2015-02-26 18:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-02-26 18:05 - 2015-02-26 18:05 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-02-26 18:02 - 2015-02-26 18:11 - 00009057 _____ () C:\Windows\IE11_main.log
2015-02-26 18:02 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 18:02 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 18:02 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 17:52 - 2015-02-26 17:52 - 00000000 ____D () C:\Users\Zoki\AppData\Local\Steam
2015-02-26 00:45 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 23:13 - 2015-02-25 23:13 - 00000769 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2015-02-25 23:13 - 2015-02-25 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-02-25 23:11 - 2015-02-25 23:11 - 05995160 _____ (Wargaming.net ) C:\Users\Zoki\Downloads\WoT_internet_install_eu (1).exe
2015-02-25 23:05 - 2015-02-25 23:06 - 05995160 _____ (Wargaming.net ) C:\Users\Zoki\Downloads\WoT_internet_install_eu.exe
2015-02-25 14:11 - 2015-02-25 14:11 - 00000000 ____D () C:\Users\Zoki\Desktop\New folder
2015-02-25 14:10 - 2015-02-25 14:10 - 01402251 _____ () C:\Users\Zoki\Desktop\spacesniffer_1_2_0_2.zip
2015-02-25 14:07 - 2015-01-29 18:21 - 00050320 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-02-25 11:27 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-02-25 11:27 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-02-25 11:27 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-02-25 11:27 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-02-25 11:27 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-02-25 11:27 - 2012-02-11 06:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-02-25 08:46 - 2015-02-25 08:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-25 08:46 - 2015-02-25 08:46 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-25 05:15 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-02-25 05:15 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-02-25 05:15 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-02-25 05:15 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-02-25 05:15 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-02-25 03:58 - 2012-07-26 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-02-25 03:58 - 2012-07-26 04:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-02-25 03:58 - 2012-07-26 04:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-02-25 03:58 - 2012-07-26 04:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-02-25 03:58 - 2012-07-26 04:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-02-25 03:58 - 2012-07-26 03:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-02-25 03:58 - 2012-07-26 03:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-02-25 03:58 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-02-25 03:56 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-02-25 03:56 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-02-25 03:56 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-02-25 03:56 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-02-25 03:54 - 2012-03-01 06:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-02-25 03:54 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-02-25 03:20 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-02-25 03:20 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-02-25 02:14 - 2015-02-25 16:57 - 00000000 ____D () C:\Windows\rescache
2015-02-24 19:54 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-02-24 19:54 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-02-24 19:54 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-02-24 19:54 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-02-24 19:54 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-02-24 19:54 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-02-24 19:54 - 2013-01-24 05:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-02-24 19:54 - 2012-08-22 18:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-02-24 19:54 - 2012-07-04 20:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-02-24 19:53 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-24 19:53 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-24 19:53 - 2012-08-21 21:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-02-24 19:53 - 2011-03-11 06:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-02-24 19:53 - 2011-03-11 06:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-02-24 19:53 - 2011-03-11 06:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-02-24 19:53 - 2011-03-11 06:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-02-24 19:53 - 2011-03-11 06:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-02-24 19:53 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-02-24 19:53 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-02-24 19:53 - 2011-03-11 05:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-02-24 19:52 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-02-24 19:51 - 2014-02-04 03:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-02-24 19:51 - 2014-02-04 03:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-02-24 19:51 - 2014-02-04 03:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-02-24 19:51 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-02-24 19:51 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-02-24 19:51 - 2013-08-29 02:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-24 19:51 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-02-24 19:51 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-02-24 19:51 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-02-24 19:51 - 2013-03-19 05:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-02-24 19:51 - 2013-03-19 04:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-02-24 19:51 - 2013-03-19 03:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-02-24 19:51 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-02-24 19:51 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-02-24 19:51 - 2012-10-03 17:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-02-24 19:51 - 2012-10-03 16:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-02-24 19:49 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-02-24 19:49 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-02-24 19:49 - 2014-01-24 03:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-02-24 19:49 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-02-24 19:49 - 2012-05-05 08:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-24 19:48 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-24 19:48 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-24 19:48 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-24 19:48 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-24 19:48 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-24 19:48 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-24 19:48 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-24 19:48 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-24 19:48 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-24 19:48 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-02-24 19:48 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-02-24 19:48 - 2013-08-05 02:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-02-24 19:48 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-02-24 19:48 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-02-24 19:48 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-02-24 19:48 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-02-24 19:48 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-02-24 19:48 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-02-24 19:48 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-02-24 19:47 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-02-24 19:47 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-02-24 19:47 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-02-24 19:44 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-02-24 19:44 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-02-24 19:44 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-02-24 19:44 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-02-24 19:44 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-02-24 19:44 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-02-24 19:44 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-02-24 19:44 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-02-24 19:44 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-02-24 19:43 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-24 19:43 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-02-24 19:43 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-02-24 19:43 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-02-24 19:43 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-02-24 19:43 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-02-24 19:43 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-24 19:43 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-24 19:43 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-02-24 19:37 - 2015-02-24 19:37 - 00001823 _____ () C:\Users\Zoki\Desktop\Defraggler.lnk
2015-02-24 19:37 - 2015-02-24 19:37 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-02-24 19:37 - 2015-02-24 19:37 - 00000000 ____D () C:\Program Files\Defraggler
2015-02-24 19:29 - 2015-02-24 19:29 - 00001835 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2015-02-24 19:29 - 2015-02-24 19:29 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\SumatraPDF
2015-02-24 19:29 - 2015-02-24 19:29 - 00000000 ____D () C:\Program Files\SumatraPDF
2015-02-24 18:47 - 2015-02-24 18:48 - 00000000 ____D () C:\Program Files\Panda Security
2015-02-24 18:47 - 2015-02-24 18:47 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Panda Security
2015-02-24 18:47 - 2015-02-24 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-02-24 18:45 - 2015-02-24 18:48 - 00000000 ____D () C:\ProgramData\Panda Security
2015-02-24 18:36 - 2015-02-25 08:59 - 00058880 _____ () C:\Users\Zoki\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-24 18:34 - 2015-02-24 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-24 18:24 - 2015-02-24 18:24 - 00001038 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
2015-02-24 18:24 - 2015-02-24 18:24 - 00001026 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2015-02-24 18:24 - 2015-02-24 18:24 - 00000000 ____D () C:\Program Files\Pale Moon
2015-02-24 18:21 - 2015-02-26 18:53 - 00000784 _____ () C:\Windows\setupact.log
2015-02-24 18:21 - 2015-02-26 18:41 - 00303584 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-24 18:21 - 2015-02-26 18:40 - 00079036 _____ () C:\Windows\PFRO.log
2015-02-24 18:21 - 2015-02-24 18:21 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-24 18:13 - 2015-02-24 18:13 - 00000172 _____ () C:\Users\Zoki\Documents\cc_20150224_181307.reg
2015-02-24 18:12 - 2015-02-24 18:12 - 00184398 _____ () C:\Users\Zoki\Documents\cc_20150224_181206.reg
2015-02-24 18:12 - 2015-02-24 18:12 - 00002170 _____ () C:\Users\Zoki\Documents\cc_20150224_181244.reg
2015-02-24 18:01 - 2012-07-05 21:06 - 00772544 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-02-24 18:01 - 2012-07-05 21:06 - 00687544 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-02-24 17:37 - 2015-02-24 17:37 - 00000230 _____ () C:\Users\Zoki\Documents\estan pa ako mozes o.txt
2015-02-24 16:06 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-24 16:06 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-02-24 16:06 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-02-24 16:06 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-02-24 16:05 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-24 16:02 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-24 16:02 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-24 16:02 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-24 16:02 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-24 16:02 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-24 16:02 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-24 16:02 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-24 16:02 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-24 16:02 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-24 16:02 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-24 16:02 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-24 16:02 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-24 15:58 - 2013-02-12 04:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-02-24 15:48 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-02-24 15:45 - 2014-07-14 02:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-02-24 15:42 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-02-24 15:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-24 15:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-24 15:40 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-24 15:37 - 2014-06-16 02:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-02-24 15:37 - 2014-06-16 02:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-02-24 15:37 - 2014-06-16 02:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-02-24 15:37 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-02-24 15:36 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-02-24 15:36 - 2014-03-04 10:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-02-24 15:35 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-02-24 15:35 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-02-24 15:35 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-02-24 15:35 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-02-24 15:35 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-02-24 15:35 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-02-24 15:34 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-02-24 15:33 - 2014-08-23 02:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-02-24 15:33 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-02-24 15:33 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-02-24 15:33 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-02-24 15:33 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-02-24 15:33 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-02-24 15:33 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-02-24 15:32 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-02-24 15:32 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-02-24 15:29 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-02-24 15:27 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-02-24 15:27 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-02-24 15:27 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-02-24 15:27 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-24 15:27 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-02-24 15:27 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-24 15:25 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-02-24 15:24 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-02-24 15:24 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-02-24 15:24 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-02-24 15:24 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-02-24 15:24 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-02-24 15:23 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-02-24 15:23 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-02-24 15:21 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-24 15:21 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-24 15:21 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-24 15:21 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-24 15:21 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-24 15:21 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-24 15:20 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-02-24 15:19 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-02-24 15:19 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-02-24 15:19 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-02-24 15:19 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-02-24 15:19 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-02-24 15:19 - 2012-07-04 22:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-02-24 15:19 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-02-24 15:19 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-02-24 15:18 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-02-24 15:18 - 2014-04-05 03:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-02-24 15:18 - 2014-04-05 03:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-02-24 15:18 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-02-24 15:17 - 2014-06-03 10:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-02-24 15:17 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-02-24 15:17 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-02-24 15:16 - 2014-05-30 07:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-02-24 15:13 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-02-24 15:13 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-02-24 15:13 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-02-24 15:10 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-24 15:10 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-02-24 15:10 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-02-24 15:09 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-02-24 15:08 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-02-24 15:08 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-02-24 15:08 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-02-24 14:43 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-02-24 14:40 - 2012-03-17 08:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-02-24 14:39 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-02-24 14:37 - 2012-05-14 05:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-02-24 14:27 - 2015-02-24 14:27 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-24 14:27 - 2015-02-24 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-24 14:26 - 2015-02-24 14:27 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-24 14:26 - 2014-11-21 06:23 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-24 14:26 - 2014-11-21 06:23 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-24 14:23 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-02-24 14:23 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-24 14:23 - 2014-07-17 02:39 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-24 14:23 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-02-24 14:23 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-02-24 14:23 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-02-24 14:23 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-02-24 14:23 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-24 14:23 - 2012-04-26 05:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-02-24 14:23 - 2012-04-26 05:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-02-24 14:16 - 2012-11-23 03:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-02-24 14:11 - 2014-03-04 10:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-02-24 14:11 - 2013-08-02 02:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-02-24 14:11 - 2013-08-02 01:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-02-24 14:11 - 2013-07-12 11:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-02-24 14:11 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-02-24 14:11 - 2013-07-12 11:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-02-24 14:10 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-02-24 14:10 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-02-24 14:09 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-24 14:09 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-24 14:09 - 2012-10-03 17:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-24 14:07 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-02-24 14:07 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-02-24 14:06 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-24 14:06 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-02-24 14:05 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-02-24 14:05 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-02-24 14:05 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-02-24 14:05 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-02-24 14:05 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-02-24 13:58 - 2015-02-24 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-24 13:57 - 2015-02-25 22:49 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-24 13:57 - 2015-02-24 14:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-24 13:57 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-24 13:56 - 2014-11-21 06:23 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-24 13:49 - 2013-02-27 05:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-02-24 13:44 - 2015-02-24 13:51 - 00000000 ____D () C:\AdwCleaner
2015-02-24 13:28 - 2015-02-24 13:28 - 00000279 _____ () C:\Users\Zoki\Documents\vinipogresih.txt
2015-02-24 13:23 - 2014-05-14 17:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-02-24 13:23 - 2014-05-14 17:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-02-24 13:23 - 2014-05-14 17:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-02-24 13:23 - 2014-05-14 17:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-02-24 13:22 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-02-24 13:22 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-02-24 13:22 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-02-24 13:22 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-02-24 13:22 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-02-24 13:14 - 2015-02-24 13:14 - 00000000 ____D () C:\Users\Zoki\AppData\Local\TeamViewer
2015-02-24 12:43 - 2015-02-24 12:43 - 00000925 _____ () C:\Users\Zoki\Desktop\CCleaner.lnk
2015-02-24 12:43 - 2015-02-24 12:43 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-24 12:43 - 2015-02-24 12:43 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-24 12:35 - 2015-02-24 12:35 - 00016896 ___SH () C:\Users\Zoki\Thumbs.db
2015-02-24 12:06 - 2015-02-24 12:06 - 00001853 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2015-02-24 12:06 - 2015-02-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-02-24 12:06 - 2015-02-24 12:06 - 00000000 ____D () C:\Program Files\HitmanPro
2015-02-24 12:05 - 2015-02-24 12:36 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-24 11:36 - 2015-02-24 13:15 - 00000000 ____D () C:\Program Files\TeamViewer
2015-02-24 11:36 - 2015-02-24 11:36 - 00000961 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-24 11:36 - 2015-02-24 11:36 - 00000949 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-02-24 11:19 - 2015-02-24 18:25 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Moonchild Productions
2015-02-24 11:19 - 2015-02-24 11:19 - 00000000 ____D () C:\Users\Zoki\AppData\Local\Moonchild Productions
2015-02-24 11:19 - 2015-02-24 11:18 - 21420048 _____ (Moonchild Productions) C:\Users\Zoki\Downloads\palemoon-25.2.1 x86 (32-bit)-installer.exe
2015-02-23 12:06 - 2015-02-23 12:06 - 00750485 _____ () C:\Users\Zoki\Documents\video (1).htm
2015-02-23 11:58 - 2015-02-23 11:58 - 00720929 _____ () C:\Users\Zoki\Desktop\video.htm
2015-02-16 23:16 - 2015-02-16 23:16 - 00000000 ____D () C:\Users\Zoki\AppData\Local\Macromedia
2015-02-12 11:05 - 2015-02-24 18:25 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Mozilla
2015-02-12 11:05 - 2015-02-12 11:05 - 00000000 ____D () C:\Users\Zoki\AppData\Local\Mozilla
2015-02-12 11:04 - 2015-02-24 18:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-12 11:04 - 2015-02-12 11:04 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-11 23:39 - 2015-02-11 23:39 - 00140048 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINAflt.sys
2015-02-11 23:39 - 2015-02-11 23:39 - 00124688 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProt.sys
2015-02-11 23:39 - 2015-02-11 23:39 - 00113936 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProc.sys
2015-02-11 23:39 - 2015-02-11 23:39 - 00105232 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINFile.sys
2015-02-11 23:39 - 2015-02-11 23:39 - 00100624 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINReg.sys
2015-02-10 03:02 - 2015-02-10 03:02 - 00168208 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINKNC.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00281232 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSProt.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00239888 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSStrm.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00205456 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSPrv.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00202128 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSHttp.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00126480 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSIds.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00120592 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSPop3.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00109584 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSHttps.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00108432 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSSmtp.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00099856 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSpicc.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00094864 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNStlsc.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00086800 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSAlpc.sys
2015-02-09 22:02 - 2015-02-09 22:02 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NNSPihsw.sys
2015-02-08 15:49 - 2015-02-24 18:06 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-31 13:51 - 2015-01-31 13:51 - 00880784 _____ (Google Inc.) C:\Users\Zoki\Downloads\GoogleEarthSetup (2).exe
2015-01-31 13:35 - 2015-01-31 13:35 - 00002130 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2015-01-31 13:35 - 2015-01-31 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-01-31 13:33 - 2015-01-31 13:33 - 00880784 _____ (Google Inc.) C:\Users\Zoki\Downloads\GoogleEarthSetup (1).exe
2015-01-31 13:32 - 2015-01-31 13:32 - 00880784 _____ (Google Inc.) C:\Users\Zoki\Downloads\GoogleEarthSetup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 18:58 - 2014-04-02 16:30 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4e88712c09c0.job
2015-02-26 18:57 - 2012-03-16 00:23 - 01052706 _____ () C:\Windows\WindowsUpdate.log
2015-02-26 18:55 - 2009-07-14 05:34 - 00023904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-26 18:55 - 2009-07-14 05:34 - 00023904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-26 18:54 - 2014-04-02 16:30 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4e887025bd50.job
2015-02-26 18:54 - 2012-10-31 03:27 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-02-26 18:53 - 2013-11-03 21:35 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-26 18:53 - 2012-03-16 00:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-26 18:53 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-26 18:48 - 2010-11-20 22:01 - 00795754 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-26 18:42 - 2012-03-16 09:15 - 00000000 ____D () C:\Windows\Panther
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\it-IT
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\el-GR
2015-02-26 18:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-02-26 18:34 - 2012-04-16 21:56 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-26 18:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-26 18:04 - 2014-11-20 21:53 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00503fe4ab4f0.job
2015-02-26 17:59 - 2015-01-18 13:17 - 00000000 ____D () C:\Users\Zoki\AppData\Local\Viber
2015-02-26 17:53 - 2013-09-03 17:13 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-02-26 17:53 - 2012-10-15 23:54 - 00000000 ____D () C:\Program Files\The KMPlayer
2015-02-26 17:49 - 2012-10-12 08:44 - 00000000 ____D () C:\Program Files\Google
2015-02-26 17:49 - 2012-05-25 22:39 - 00000000 ____D () C:\Users\Zoki\AppData\Local\Google
2015-02-26 17:25 - 2012-04-02 10:14 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-638498753-3118534903-3762225936-1000UA.job
2015-02-26 16:31 - 2012-03-17 23:28 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Skype
2015-02-26 16:26 - 2015-01-18 13:20 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\ViberPC
2015-02-25 23:25 - 2012-04-02 10:14 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-638498753-3118534903-3762225936-1000Core.job
2015-02-25 23:13 - 2014-08-29 12:17 - 00000000 ____D () C:\Games
2015-02-25 23:13 - 2012-12-23 21:53 - 00000000 ____D () C:\Windows\system32\directx
2015-02-25 23:09 - 2012-12-15 20:47 - 00691712 ___SH () C:\Users\Zoki\Desktop\Thumbs.db
2015-02-25 08:58 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-25 08:46 - 2011-04-12 03:24 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-25 08:46 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-25 08:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-02-25 08:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-25 08:00 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-02-24 18:41 - 2013-11-03 13:55 - 00000000 ____D () C:\Program Files\ESET
2015-02-24 18:34 - 2012-03-16 00:34 - 00000000 ____D () C:\Program Files\7-Zip
2015-02-24 18:21 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\schemas
2015-02-24 18:09 - 2012-07-29 21:20 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Azureus
2015-02-24 18:06 - 2012-10-12 17:43 - 00000000 ____D () C:\Program Files\Ahead
2015-02-24 18:05 - 2012-10-12 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-02-24 17:58 - 2012-03-16 00:32 - 00000000 ____D () C:\Windows\system32\Macromed
2015-02-24 17:56 - 2012-03-16 00:34 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-24 13:31 - 2012-10-05 23:28 - 00000000 ____D () C:\Program Files\Vuze
2015-02-24 13:30 - 2012-03-18 00:09 - 00000000 ____D () C:\Program Files\Garena Plus
2015-02-24 13:16 - 2012-03-16 00:35 - 00000000 ____D () C:\Program Files\WinRAR
2015-02-24 13:10 - 2012-07-28 11:54 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Media Player Classic
2015-02-24 13:09 - 2012-03-18 00:50 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Actual Keylogger
2015-02-24 12:39 - 2013-07-23 09:08 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Nico Mak Computing
2015-02-24 12:35 - 2012-03-16 00:44 - 00000000 ____D () C:\Users\Zoki
2015-02-24 11:28 - 2012-10-12 08:45 - 00000000 ___RD () C:\Users\Zoki\Google Drive
2015-02-22 15:32 - 2013-09-11 08:10 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-22 11:01 - 2014-11-26 19:09 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-22 11:01 - 2014-11-26 19:09 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-19 17:51 - 2015-01-18 12:22 - 00000000 ___RD () C:\Program Files\Skype
2015-02-19 17:51 - 2012-03-16 00:35 - 00000000 ____D () C:\ProgramData\Skype
2015-02-12 10:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-08 15:40 - 2012-03-17 22:25 - 00000000 ____D () C:\Users\Zoki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-04 23:34 - 2012-04-16 21:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-04 23:34 - 2012-03-16 00:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-29 17:49 - 2012-03-16 00:25 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-29 17:01 - 2012-10-12 08:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

==================== Files in the root of some directories =======

2012-03-18 00:32 - 2013-10-21 20:17 - 0045270 _____ () C:\Users\Zoki\AppData\Roaming\room_v3.dat
2013-02-22 18:35 - 2013-10-23 22:14 - 0007597 _____ () C:\Users\Zoki\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Zoki\AppData\Local\Temp\{BD445B32-6046-41DD-8DC8-18C50AB22F46}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 11:13

==================== End Of Log ============================


https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

Pandora Service



Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: {76141481-e6fc-11e1-b5f9-0019dbce5144} - F:\Autorun.exe
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: {9e675db6-de36-11e1-b1ab-806e6f6e6963} - F:\VW100_Modem_Installation.exe
Task: {38CF1DD5-17BA-4D86-8AD1-6D6BA959E7B4} - \{AF51D1B2-DC00-4D5D-A309-419062AE7DEE} No Task File <==== ATTENTION
Task: {B855EAF7-C8BF-4663-A1A5-0A491F20EDFE} - \{79C37BB1-8D35-4823-839C-7917513AB03E} No Task File <==== ATTENTION
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1231

Nisu imali struje i internet konekcija im je bila prilično loša ovih dana pa se izvinjavam na kašnjenju.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-03-2015
Ran by Zoki at 2015-03-02 18:53:28 Run:1
Running from C:\Users\Zoki\Desktop
Loaded Profiles: Zoki & UpdatusUser (Available profiles: Zoki & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: {76141481-e6fc-11e1-b5f9-0019dbce5144} - F:\Autorun.exe
HKU\S-1-5-21-638498753-3118534903-3762225936-1000\...\MountPoints2: {9e675db6-de36-11e1-b1ab-806e6f6e6963} - F:\VW100_Modem_Installation.exe
Task: {38CF1DD5-17BA-4D86-8AD1-6D6BA959E7B4} - \{AF51D1B2-DC00-4D5D-A309-419062AE7DEE} No Task File <==== ATTENTION
Task: {B855EAF7-C8BF-4663-A1A5-0A491F20EDFE} - \{79C37BB1-8D35-4823-839C-7917513AB03E} No Task File <==== ATTENTION
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
EmptyTemp:
*****************

"HKU\S-1-5-21-638498753-3118534903-3762225936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => Key deleted successfully.
"HKU\S-1-5-21-638498753-3118534903-3762225936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76141481-e6fc-11e1-b5f9-0019dbce5144}" => Key deleted successfully.
HKCR\CLSID\{76141481-e6fc-11e1-b5f9-0019dbce5144} => Key not found.
"HKU\S-1-5-21-638498753-3118534903-3762225936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e675db6-de36-11e1-b1ab-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{9e675db6-de36-11e1-b1ab-806e6f6e6963} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38CF1DD5-17BA-4D86-8AD1-6D6BA959E7B4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38CF1DD5-17BA-4D86-8AD1-6D6BA959E7B4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AF51D1B2-DC00-4D5D-A309-419062AE7DEE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B855EAF7-C8BF-4663-A1A5-0A491F20EDFE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B855EAF7-C8BF-4663-A1A5-0A491F20EDFE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79C37BB1-8D35-4823-839C-7917513AB03E}" => Key deleted successfully.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
EmptyTemp: => Removed 1 GB temporary data.


The system needed a reboot.

==== End of Fixlog 18:54:06 ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje sistema?

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1231

Kaže da je poprilično bolje u odnosu na pre.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1231

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
main: v2015.03.03.03
rootkit: v2015.02.25.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17633
Zoki :: ZOKI-PC [administrator]

3/3/2015 3:41:54 PM
mbar-log-2015-03-03 (15-41-54).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 347484
Time elapsed: 17 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)


https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

To bi bilo to onda.


Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 12 Feb 2007
  • Poruke: 1231

OK, hvala.

Ko je trenutno na forumu
 

Ukupno su 509 korisnika na forumu :: 20 registrovanih, 1 sakriven i 488 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: acatomic, Bobrock1, dane007, dekao, Dostanic09, DucicM, goxin, Konda, laurusri, Lazarus, Mixelotti, nemkea71, samsung, shaja1, suton, uruk, Van, voja64, Živković, 18101